diff options
author | Meik Sievertsen <acydburn@phpbb.com> | 2006-09-15 14:08:48 +0000 |
---|---|---|
committer | Meik Sievertsen <acydburn@phpbb.com> | 2006-09-15 14:08:48 +0000 |
commit | f9297794b644dc58d392932c5494e3e22a10b0fd (patch) | |
tree | b8bd890554711cbe091b6fb4f42f812a8e3db9ac /phpBB/adm/index.php | |
parent | 79137c312c15638a380adacb18a2d7194f42f09d (diff) | |
download | forums-f9297794b644dc58d392932c5494e3e22a10b0fd.tar forums-f9297794b644dc58d392932c5494e3e22a10b0fd.tar.gz forums-f9297794b644dc58d392932c5494e3e22a10b0fd.tar.bz2 forums-f9297794b644dc58d392932c5494e3e22a10b0fd.tar.xz forums-f9297794b644dc58d392932c5494e3e22a10b0fd.zip |
implement bare-bone validation for config variables...
git-svn-id: file:///svn/phpbb/trunk@6367 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/adm/index.php')
-rw-r--r-- | phpBB/adm/index.php | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/phpBB/adm/index.php b/phpBB/adm/index.php index e84e1c5e36..5576098cef 100644 --- a/phpBB/adm/index.php +++ b/phpBB/adm/index.php @@ -376,4 +376,82 @@ function build_cfg_template($tpl_type, $key, &$new, $config_key, $vars) return $tpl; } +/** +* Going through a config array and validate values, writing errors to $error. +*/ +function validate_config_vars($config_vars, &$cfg_array, &$error) +{ + global $phpbb_root_path, $user; + + foreach ($config_vars as $config_name => $config_definition) + { + if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false) + { + continue; + } + + if (!isset($config_definition['validate'])) + { + continue; + } + + // Validate a bit. ;) String is already checked through request_var(), therefore we do not check this again + switch ($config_definition['validate']) + { + case 'bool': + $cfg_array[$config_name] = ($cfg_array[$config_name]) ? 1 : 0; + break; + + case 'int': + $cfg_array[$config_name] = (int) $cfg_array[$config_name]; + break; + + case 'rpath': + if (!$cfg_array[$config_name]) + { + break; + } + + $destination = $cfg_array[$config_name]; + + // Adjust destination path (no trailing slash) + if ($destination{(sizeof($destination)-1)} == '/' || $destination{(sizeof($destination)-1)} == '\\') + { + $destination = substr($destination, 0, sizeof($destination)-2); + } + + $destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination); + if ($destination && ($destination{0} == '/' || $destination{0} == "\\")) + { + $destination = ''; + } + + $cfg_array[$config_name] = $destination; + + case 'path': + + if (!$cfg_array[$config_name]) + { + break; + } + + $cfg_array[$config_name] = trim($cfg_array[$config_name]); + + if (!file_exists($phpbb_root_path . $cfg_array[$config_name])) + { + $error[] = sprintf($user->lang['DIRECTORY_DOES_NOT_EXIST'], $cfg_array[$config_name]); + } + + if (file_exists($phpbb_root_path . $cfg_array[$config_name]) && !is_dir($phpbb_root_path . $cfg_array[$config_name])) + { + $error[] = sprintf($user->lang['DIRECTORY_NOT_DIR'], $cfg_array[$config_name]); + } + + break; + } + } + + return; +} + ?>
\ No newline at end of file |