From 39b905b7a8abafe57f5429952db390a97ffa047f Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Thu, 20 Jun 2013 15:08:10 +0200
Subject: Canonize boolean ini_get() results (#1489189)

---
 CHANGELOG                              | 1 +
 installer/check.php                    | 4 ++--
 program/include/rcmail.php             | 3 ++-
 program/include/rcmail_output_html.php | 2 +-
 program/lib/Roundcube/bootstrap.php    | 3 ++-
 program/lib/Roundcube/rcube.php        | 2 +-
 program/lib/Roundcube/rcube_utils.php  | 6 +-----
 7 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 3d0d60cc1..6926de5cb 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Canonize boolean ini_get() results (#1489189)
 - Cache LDAP's user_specific search and use vlv for better performance (#1489186)
 - LDAP: auto-detect and use VLV indices for all search operations
 - LDAP: additional group configuration options for  address books
diff --git a/installer/check.php b/installer/check.php
index bea8c42e0..122437b9b 100644
--- a/installer/check.php
+++ b/installer/check.php
@@ -203,7 +203,7 @@ foreach ($ini_checks as $var => $val) {
         echo '<br />';
         continue;
     }
-    if ($status == $val) {
+    if (filter_var($status, FILTER_VALIDATE_BOOLEAN) == $val) {
         $RCI->pass($var);
     } else {
       $RCI->fail($var, "is '$status', should be '$val'");
@@ -227,7 +227,7 @@ foreach ($optional_checks as $var => $val) {
         echo '<br />';
         continue;
     }
-    if ($status == $val) {
+    if (filter_var($status, FILTER_VALIDATE_BOOLEAN) == $val) {
         $RCI->pass($var);
     } else {
       $RCI->optfail($var, "is '$status', could be '$val'");
diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index eff0425c8..a0027ec54 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -1760,7 +1760,8 @@ class rcmail extends rcube
     public function upload_init()
     {
         // Enable upload progress bar
-        if (($seconds = $this->config->get('upload_progress')) && ini_get('apc.rfc1867')) {
+        $rfc1867 = filter_var(ini_get('apc.rfc1867'), FILTER_VALIDATE_BOOLEAN);
+        if ($rfc1867 && ($seconds = $this->config->get('upload_progress'))) {
             if ($field_name = ini_get('apc.rfc1867_name')) {
                 $this->output->set_env('upload_progress_name', $field_name);
                 $this->output->set_env('upload_progress_time', (int) $seconds);
diff --git a/program/include/rcmail_output_html.php b/program/include/rcmail_output_html.php
index 29a86b9f7..656da6bc9 100644
--- a/program/include/rcmail_output_html.php
+++ b/program/include/rcmail_output_html.php
@@ -72,7 +72,7 @@ class rcmail_output_html extends rcmail_output
         // add cookie info
         $this->set_env('cookie_domain', ini_get('session.cookie_domain'));
         $this->set_env('cookie_path', ini_get('session.cookie_path'));
-        $this->set_env('cookie_secure', ini_get('session.cookie_secure'));
+        $this->set_env('cookie_secure', filter_var(ini_get('session.cookie_secure'), FILTER_VALIDATE_BOOLEAN));
 
         // load the correct skin (in case user-defined)
         $skin = $this->config->get('skin');
diff --git a/program/lib/Roundcube/bootstrap.php b/program/lib/Roundcube/bootstrap.php
index 68d314270..182ea1232 100644
--- a/program/lib/Roundcube/bootstrap.php
+++ b/program/lib/Roundcube/bootstrap.php
@@ -44,7 +44,8 @@ if (php_sapi_name() != 'cli') {
 }
 
 foreach ($config as $optname => $optval) {
-    if ($optval != ini_get($optname) && @ini_set($optname, $optval) === false) {
+    $ini_optval = filter_var(ini_get($optname), FILTER_VALIDATE_BOOLEAN);
+    if ($optval != $ini_optval && @ini_set($optname, $optval) === false) {
         $error = "ERROR: Wrong '$optname' option value and it wasn't possible to set it to required value ($optval).\n"
             . "Check your PHP configuration (including php_admin_flag).";
         if (defined('STDERR')) fwrite(STDERR, $error); else echo $error;
diff --git a/program/lib/Roundcube/rcube.php b/program/lib/Roundcube/rcube.php
index 21b49f49b..6543a399c 100644
--- a/program/lib/Roundcube/rcube.php
+++ b/program/lib/Roundcube/rcube.php
@@ -1487,7 +1487,7 @@ class rcube
                     $subject    = str_replace("\r\n", $delim, $subject);
                 }
 
-                if (ini_get('safe_mode'))
+                if (filter_var(ini_get('safe_mode'), FILTER_VALIDATE_BOOLEAN))
                     $sent = mail($to, $subject, $msg_body, $header_str);
                 else
                     $sent = mail($to, $subject, $msg_body, $header_str, "-f$from");
diff --git a/program/lib/Roundcube/rcube_utils.php b/program/lib/Roundcube/rcube_utils.php
index 29baa82f3..6c3bd2143 100644
--- a/program/lib/Roundcube/rcube_utils.php
+++ b/program/lib/Roundcube/rcube_utils.php
@@ -360,12 +360,8 @@ class rcube_utils
             return $value;
         }
 
-        // strip single quotes if magic_quotes_sybase is enabled
-        if (ini_get('magic_quotes_sybase')) {
-            $value = str_replace("''", "'", $value);
-        }
         // strip slashes if magic_quotes enabled
-        else if (get_magic_quotes_gpc() || get_magic_quotes_runtime()) {
+        if (get_magic_quotes_gpc() || get_magic_quotes_runtime()) {
             $value = stripslashes($value);
         }
 
-- 
cgit v1.2.3