From 264ef66c5c5b5498df2a04e011ed0127c6fe4324 Mon Sep 17 00:00:00 2001 From: Chris Smith Date: Sat, 6 Mar 2010 18:15:55 +0000 Subject: [ticket/8935] Prevent setting maximum avatar dimensions less than the minimums. This change actually applies to any configruation setting that is a pair of values one representing the maximum and one minimum. This change enforces that the maximum value cannot be less than the minimum value. PHPBB3-8935 --- phpBB/adm/index.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'phpBB/adm/index.php') diff --git a/phpBB/adm/index.php b/phpBB/adm/index.php index 4c568cf441..92bcf90039 100644 --- a/phpBB/adm/index.php +++ b/phpBB/adm/index.php @@ -432,6 +432,20 @@ function validate_config_vars($config_vars, &$cfg_array, &$error) { $error[] = sprintf($user->lang['SETTING_TOO_BIG'], $user->lang[$config_definition['lang']], $validator[$max]); } + + if (strpos($config_name, '_max') !== false) + { + // Min/max pairs of settings should ensure that min <= max + // Replace _max with _min to find the name of the minimum + // corresponding configuration variable + $min_name = str_replace('_max', '_min', $config_name); + + if (isset($cfg_array[$min_name]) && is_numeric($cfg_array[$min_name]) && $cfg_array[$config_name] < $cfg_array[$min_name]) + { + // A minimum value exists and the maximum value is less than it + $error[] = sprintf($user->lang['SETTING_TOO_LOW'], $user->lang[$config_definition['lang']], (int) $cfg_array[$min_name]); + } + } break; // Absolute path -- cgit v1.2.1