[prev in list] [next in list] [prev in thread] [next in thread]
List: squirrelmail-cvs
Subject: [SM-CVS] SF.net SVN: squirrelmail:[14247]
From: pdontthink () users ! sourceforge ! net
Date: 2011-12-29 6:56:03
Message-ID: E1Rg9uF-0002wF-Q6 () sfp-svn-5 ! v30 ! ch3 ! sourceforge ! com
[Download RAW message or body]
Revision: 14247
http://squirrelmail.svn.sourceforge.net/squirrelmail/?rev=14247&view=rev
Author: pdontthink
Date: 2011-12-29 06:56:03 +0000 (Thu, 29 Dec 2011)
Log Message:
-----------
Sanitize integer option fields - only digits allowed
Modified Paths:
--------------
trunk/squirrelmail/functions/options.php
Modified: trunk/squirrelmail/functions/options.php
===================================================================
--- trunk/squirrelmail/functions/options.php 2011-12-29 06:54:57 UTC (rev 14246)
+++ trunk/squirrelmail/functions/options.php 2011-12-29 06:56:03 UTC (rev 14247)
@@ -894,6 +894,15 @@
&& empty($option->new_value))
setPref($data_dir, $username, $option->name, SMPREF_OFF);
+ // For integer fields, make sure we only have digits...
+ // We'll be nice and instead of just converting to an integer,
+ // we'll physically remove each non-digit in the string.
+ //
+ else if ($option->type == SMOPT_TYPE_INTEGER) {
+ $option->new_value = preg_replace('/[^0-9]/', '', $option->new_value);
+ setPref($data_dir, $username, $option->name, $option->new_value);
+ }
+
else
setPref($data_dir, $username, $option->name, $option->new_value);
This was sent by the SourceForge.net collaborative development platform, the world's \
largest Open Source development site.
------------------------------------------------------------------------------
Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex
infrastructure or vast IT resources to deliver seamless, secure access to
virtual desktops. With this all-in-one solution, easily deploy virtual
desktops for less than the cost of PCs and save 60% on VDI infrastructure
costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
-----
squirrelmail-cvs mailing list
List address: squirrelmail-cvs@lists.sourceforge.net
List info (subscribe/unsubscribe/change options): \
https://lists.sourceforge.net/lists/listinfo/squirrelmail-cvs
Repository: http://squirrelmail.org/svn
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic