summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAleksander Machniak <alec@alec.pl>2012-07-23 10:40:48 +0200
committerAleksander Machniak <alec@alec.pl>2012-07-23 10:40:48 +0200
commitc9dcb83132da6df4e601f5991727b010a08766d6 (patch)
tree2acf9007a167a322592d653a68910aab8ec5b423
parent7eba08592d7e4cf03b850bf47f80201304487a89 (diff)
Fixed PHP warning, added check for allowed characters in variable name
-rw-r--r--plugins/managesieve/managesieve.php17
1 files changed, 11 insertions, 6 deletions
diff --git a/plugins/managesieve/managesieve.php b/plugins/managesieve/managesieve.php
index b3be9c72c..70b280d4b 100644
--- a/plugins/managesieve/managesieve.php
+++ b/plugins/managesieve/managesieve.php
@@ -854,17 +854,22 @@ class managesieve extends rcube_plugin
break;
case 'set':
+ $this->form['actions'][$i]['name'] = $varnames[$idx];
+ $this->form['actions'][$i]['value'] = $varvalues[$idx];
+ foreach ((array)$varmods[$idx] as $v_m) {
+ $this->form['actions'][$i][$v_m] = true;
+ }
+
if (empty($varnames[$idx])) {
$this->errors['actions'][$i]['name'] = $this->gettext('cannotbeempty');
}
- if (empty($varvalues[$idx])) {
- $this->errors['actions'][$i]['value'] = $this->gettext('cannotbeempty');
+ else if (!preg_match('/^[0-9a-z_]+$/i', $varnames[$idx])) {
+ $this->errors['actions'][$i]['name'] = $this->gettext('forbiddenchars');
}
- foreach ($varmods[$idx] as $v_m) {
- $this->form['actions'][$i][$v_m] = true;
+
+ if (!isset($varvalues[$idx]) || $varvalues[$idx] === '') {
+ $this->errors['actions'][$i]['value'] = $this->gettext('cannotbeempty');
}
- $this->form['actions'][$i]['name'] = $varnames[$idx];
- $this->form['actions'][$i]['value'] = $varvalues[$idx];
break;
}