mirror of
https://github.com/phpbb/phpbb.git
synced 2025-08-11 19:24:01 +02:00
implement bare-bone validation for config variables...
git-svn-id: file:///svn/phpbb/trunk@6367 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
@@ -376,4 +376,82 @@ function build_cfg_template($tpl_type, $key, &$new, $config_key, $vars)
|
||||
return $tpl;
|
||||
}
|
||||
|
||||
/**
|
||||
* Going through a config array and validate values, writing errors to $error.
|
||||
*/
|
||||
function validate_config_vars($config_vars, &$cfg_array, &$error)
|
||||
{
|
||||
global $phpbb_root_path, $user;
|
||||
|
||||
foreach ($config_vars as $config_name => $config_definition)
|
||||
{
|
||||
if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false)
|
||||
{
|
||||
continue;
|
||||
}
|
||||
|
||||
if (!isset($config_definition['validate']))
|
||||
{
|
||||
continue;
|
||||
}
|
||||
|
||||
// Validate a bit. ;) String is already checked through request_var(), therefore we do not check this again
|
||||
switch ($config_definition['validate'])
|
||||
{
|
||||
case 'bool':
|
||||
$cfg_array[$config_name] = ($cfg_array[$config_name]) ? 1 : 0;
|
||||
break;
|
||||
|
||||
case 'int':
|
||||
$cfg_array[$config_name] = (int) $cfg_array[$config_name];
|
||||
break;
|
||||
|
||||
case 'rpath':
|
||||
if (!$cfg_array[$config_name])
|
||||
{
|
||||
break;
|
||||
}
|
||||
|
||||
$destination = $cfg_array[$config_name];
|
||||
|
||||
// Adjust destination path (no trailing slash)
|
||||
if ($destination{(sizeof($destination)-1)} == '/' || $destination{(sizeof($destination)-1)} == '\\')
|
||||
{
|
||||
$destination = substr($destination, 0, sizeof($destination)-2);
|
||||
}
|
||||
|
||||
$destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination);
|
||||
if ($destination && ($destination{0} == '/' || $destination{0} == "\\"))
|
||||
{
|
||||
$destination = '';
|
||||
}
|
||||
|
||||
$cfg_array[$config_name] = $destination;
|
||||
|
||||
case 'path':
|
||||
|
||||
if (!$cfg_array[$config_name])
|
||||
{
|
||||
break;
|
||||
}
|
||||
|
||||
$cfg_array[$config_name] = trim($cfg_array[$config_name]);
|
||||
|
||||
if (!file_exists($phpbb_root_path . $cfg_array[$config_name]))
|
||||
{
|
||||
$error[] = sprintf($user->lang['DIRECTORY_DOES_NOT_EXIST'], $cfg_array[$config_name]);
|
||||
}
|
||||
|
||||
if (file_exists($phpbb_root_path . $cfg_array[$config_name]) && !is_dir($phpbb_root_path . $cfg_array[$config_name]))
|
||||
{
|
||||
$error[] = sprintf($user->lang['DIRECTORY_NOT_DIR'], $cfg_array[$config_name]);
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
?>
|
||||
Reference in New Issue
Block a user