diff options
| -rw-r--r-- | CHANGELOG | 1 | ||||
| -rw-r--r-- | installer/check.php | 4 | ||||
| -rw-r--r-- | program/include/rcmail.php | 5 | ||||
| -rw-r--r-- | program/include/rcmail_output_html.php | 2 | ||||
| -rw-r--r-- | program/lib/Roundcube/bootstrap.php | 3 | ||||
| -rw-r--r-- | program/lib/Roundcube/rcube_utils.php | 6 |
6 files changed, 10 insertions, 11 deletions
@@ -1,6 +1,7 @@ CHANGELOG Roundcube Webmail =========================== +- Canonize boolean ini_get() results (#1489189) - Fix so install do not fail when one of DB driver checks fails but other drivers exist (#1489178) - Fix so exported vCard specifies encoding in v3-compatible format (#1489183) diff --git a/installer/check.php b/installer/check.php index bea8c42e0..122437b9b 100644 --- a/installer/check.php +++ b/installer/check.php @@ -203,7 +203,7 @@ foreach ($ini_checks as $var => $val) { echo '<br />'; continue; } - if ($status == $val) { + if (filter_var($status, FILTER_VALIDATE_BOOLEAN) == $val) { $RCI->pass($var); } else { $RCI->fail($var, "is '$status', should be '$val'"); @@ -227,7 +227,7 @@ foreach ($optional_checks as $var => $val) { echo '<br />'; continue; } - if ($status == $val) { + if (filter_var($status, FILTER_VALIDATE_BOOLEAN) == $val) { $RCI->pass($var); } else { $RCI->optfail($var, "is '$status', could be '$val'"); diff --git a/program/include/rcmail.php b/program/include/rcmail.php index 19a89b84c..675a2c057 100644 --- a/program/include/rcmail.php +++ b/program/include/rcmail.php @@ -1054,7 +1054,7 @@ class rcmail extends rcube $subject = str_replace("\r\n", $delim, $subject); } - if (ini_get('safe_mode')) + if (filter_var(ini_get('safe_mode'), FILTER_VALIDATE_BOOLEAN)) $sent = mail($to, $subject, $msg_body, $header_str); else $sent = mail($to, $subject, $msg_body, $header_str, "-f$from"); @@ -1934,7 +1934,8 @@ class rcmail extends rcube public function upload_init() { // Enable upload progress bar - if (($seconds = $this->config->get('upload_progress')) && ini_get('apc.rfc1867')) { + $rfc1867 = filter_var(ini_get('apc.rfc1867'), FILTER_VALIDATE_BOOLEAN); + if ($rfc1867 && ($seconds = $this->config->get('upload_progress'))) { if ($field_name = ini_get('apc.rfc1867_name')) { $this->output->set_env('upload_progress_name', $field_name); $this->output->set_env('upload_progress_time', (int) $seconds); diff --git a/program/include/rcmail_output_html.php b/program/include/rcmail_output_html.php index e96726236..577a2c848 100644 --- a/program/include/rcmail_output_html.php +++ b/program/include/rcmail_output_html.php @@ -71,7 +71,7 @@ class rcmail_output_html extends rcmail_output // add cookie info $this->set_env('cookie_domain', ini_get('session.cookie_domain')); $this->set_env('cookie_path', ini_get('session.cookie_path')); - $this->set_env('cookie_secure', ini_get('session.cookie_secure')); + $this->set_env('cookie_secure', filter_var(ini_get('session.cookie_secure'), FILTER_VALIDATE_BOOLEAN)); // load the correct skin (in case user-defined) $skin = $this->config->get('skin'); diff --git a/program/lib/Roundcube/bootstrap.php b/program/lib/Roundcube/bootstrap.php index db61dc21f..b659955c8 100644 --- a/program/lib/Roundcube/bootstrap.php +++ b/program/lib/Roundcube/bootstrap.php @@ -45,7 +45,8 @@ if (php_sapi_name() != 'cli') { } foreach ($config as $optname => $optval) { - if ($optval != ini_get($optname) && @ini_set($optname, $optval) === false) { + $ini_optval = filter_var(ini_get($optname), FILTER_VALIDATE_BOOLEAN); + if ($optval != $ini_optval && @ini_set($optname, $optval) === false) { $error = "ERROR: Wrong '$optname' option value and it wasn't possible to set it to required value ($optval).\n" . "Check your PHP configuration (including php_admin_flag)."; if (defined('STDERR')) fwrite(STDERR, $error); else echo $error; diff --git a/program/lib/Roundcube/rcube_utils.php b/program/lib/Roundcube/rcube_utils.php index 1ae782a25..f252fd9b9 100644 --- a/program/lib/Roundcube/rcube_utils.php +++ b/program/lib/Roundcube/rcube_utils.php @@ -360,12 +360,8 @@ class rcube_utils return $value; } - // strip single quotes if magic_quotes_sybase is enabled - if (ini_get('magic_quotes_sybase')) { - $value = str_replace("''", "'", $value); - } // strip slashes if magic_quotes enabled - else if (get_magic_quotes_gpc() || get_magic_quotes_runtime()) { + if (get_magic_quotes_gpc() || get_magic_quotes_runtime()) { $value = stripslashes($value); } |