[prev in list] [next in list] [prev in thread] [next in thread] 

List:       squirrelmail-cvs
Subject:    [SM-CVS] SF.net SVN: squirrelmail:[14246]
From:       pdontthink () users ! sourceforge ! net
Date:       2011-12-29 6:54:58
Message-ID: E1Rg9tC-0002HM-9o () sfp-svn-6 ! v30 ! ch3 ! sourceforge ! com
[Download RAW message or body]

Revision: 14246
          http://squirrelmail.svn.sourceforge.net/squirrelmail/?rev=14246&view=rev
Author:   pdontthink
Date:     2011-12-29 06:54:57 +0000 (Thu, 29 Dec 2011)
Log Message:
-----------
Sanitize integer option fields - only digits allowed

Modified Paths:
--------------
    branches/SM-1_4-STABLE/squirrelmail/functions/options.php

Modified: branches/SM-1_4-STABLE/squirrelmail/functions/options.php
===================================================================
--- branches/SM-1_4-STABLE/squirrelmail/functions/options.php	2011-12-29 03:02:56 UTC \
                (rev 14245)
+++ branches/SM-1_4-STABLE/squirrelmail/functions/options.php	2011-12-29 06:54:57 UTC \
(rev 14246) @@ -915,6 +915,15 @@
           && empty($option->new_value)) 
         setPref($data_dir, $username, $option->name, SMPREF_OFF);
 
+    // For integer fields, make sure we only have digits...
+    // We'll be nice and instead of just converting to an integer,
+    // we'll physically remove each non-digit in the string.
+    //
+    else if ($option->type == SMOPT_TYPE_INTEGER) {
+        $option->new_value = preg_replace('/[^0-9]/', '', $option->new_value);
+        setPref($data_dir, $username, $option->name, $option->new_value);
+    }
+
     else
         setPref($data_dir, $username, $option->name, $option->new_value);
 

This was sent by the SourceForge.net collaborative development platform, the world's \
largest Open Source development site.


------------------------------------------------------------------------------
Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
infrastructure or vast IT resources to deliver seamless, secure access to
virtual desktops. With this all-in-one solution, easily deploy virtual 
desktops for less than the cost of PCs and save 60% on VDI infrastructure 
costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
-----
squirrelmail-cvs mailing list
List address: squirrelmail-cvs@lists.sourceforge.net
List info (subscribe/unsubscribe/change options): \
                https://lists.sourceforge.net/lists/listinfo/squirrelmail-cvs
Repository: http://squirrelmail.org/svn


[prev in list] [next in list] [prev in thread] [next in thread]