diff options
Diffstat (limited to 'program/lib')
-rw-r--r-- | program/lib/Roundcube/bootstrap.php | 3 | ||||
-rw-r--r-- | program/lib/Roundcube/rcube.php | 2 | ||||
-rw-r--r-- | program/lib/Roundcube/rcube_utils.php | 6 |
3 files changed, 4 insertions, 7 deletions
diff --git a/program/lib/Roundcube/bootstrap.php b/program/lib/Roundcube/bootstrap.php index 68d314270..182ea1232 100644 --- a/program/lib/Roundcube/bootstrap.php +++ b/program/lib/Roundcube/bootstrap.php @@ -44,7 +44,8 @@ if (php_sapi_name() != 'cli') { } foreach ($config as $optname => $optval) { - if ($optval != ini_get($optname) && @ini_set($optname, $optval) === false) { + $ini_optval = filter_var(ini_get($optname), FILTER_VALIDATE_BOOLEAN); + if ($optval != $ini_optval && @ini_set($optname, $optval) === false) { $error = "ERROR: Wrong '$optname' option value and it wasn't possible to set it to required value ($optval).\n" . "Check your PHP configuration (including php_admin_flag)."; if (defined('STDERR')) fwrite(STDERR, $error); else echo $error; diff --git a/program/lib/Roundcube/rcube.php b/program/lib/Roundcube/rcube.php index 21b49f49b..6543a399c 100644 --- a/program/lib/Roundcube/rcube.php +++ b/program/lib/Roundcube/rcube.php @@ -1487,7 +1487,7 @@ class rcube $subject = str_replace("\r\n", $delim, $subject); } - if (ini_get('safe_mode')) + if (filter_var(ini_get('safe_mode'), FILTER_VALIDATE_BOOLEAN)) $sent = mail($to, $subject, $msg_body, $header_str); else $sent = mail($to, $subject, $msg_body, $header_str, "-f$from"); diff --git a/program/lib/Roundcube/rcube_utils.php b/program/lib/Roundcube/rcube_utils.php index 29baa82f3..6c3bd2143 100644 --- a/program/lib/Roundcube/rcube_utils.php +++ b/program/lib/Roundcube/rcube_utils.php @@ -360,12 +360,8 @@ class rcube_utils return $value; } - // strip single quotes if magic_quotes_sybase is enabled - if (ini_get('magic_quotes_sybase')) { - $value = str_replace("''", "'", $value); - } // strip slashes if magic_quotes enabled - else if (get_magic_quotes_gpc() || get_magic_quotes_runtime()) { + if (get_magic_quotes_gpc() || get_magic_quotes_runtime()) { $value = stripslashes($value); } |