Merge branch 'master' into stable

Conflicts: data/deleted.files doku.php lib/exe/xmlrpc.php
author: Adrian Lang <mail@adrianlang.de> 2011-04-22 22:35:43 +0200
committer: Adrian Lang <mail@adrianlang.de> 2011-04-22 22:35:43 +0200
commit: 8ccf9c9785ec2b626bad30a88a21f02886845418 (patch)
tree: 0ecd6103880e3350bd37ba11ae3872805ede1755 /lib/plugins/config/settings/config.class.php
parent: e2092379b1c3200832cb569781ec647db5aeef0f (diff)
parent: 23d27376b2a2f6a1ccf0777c48435717494d85b1 (diff)
download: rpg-8ccf9c9785ec2b626bad30a88a21f02886845418.tar.gz
rpg-8ccf9c9785ec2b626bad30a88a21f02886845418.tar.bz2
1 files changed, 21 insertions, 4 deletions
diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php
index 4f2129c70..01f15a54e 100644
--- a/lib/plugins/config/settings/config.class.php
+++ b/lib/plugins/config/settings/config.class.php
@@ -342,8 +342,8 @@ if (!class_exists('setting')) {
 
     var $_cautionList = array(
         'basedir' => 'danger', 'baseurl' => 'danger', 'savedir' => 'danger', 'useacl' => 'danger', 'authtype' => 'danger', 'superuser' => 'danger', 'userewrite' => 'danger',
-        'start' => 'warning', 'camelcase' => 'warning', 'deaccent' => 'warning', 'sepchar' => 'warning', 'compression' => 'warning', 'xsendfile' => 'warning', 'renderer_xhtml' => 'warning',
-        'allowdebug' => 'security', 'htmlok' => 'security', 'phpok' => 'security', 'iexssprotect' => 'security', 'xmlrpc' => 'security', 'fnencode' => 'warning'
+        'start' => 'warning', 'camelcase' => 'warning', 'deaccent' => 'warning', 'sepchar' => 'warning', 'compression' => 'warning', 'xsendfile' => 'warning', 'renderer_xhtml' => 'warning', 'fnencode' => 'warning',
+        'allowdebug' => 'security', 'htmlok' => 'security', 'phpok' => 'security', 'iexssprotect' => 'security', 'xmlrpc' => 'security', 'fullpath' => 'security'
     );
 
     function setting($key, $params=NULL) {
@@ -616,8 +616,25 @@ if (!class_exists('setting_numeric')) {
     // This allows for many PHP syntax errors...
     // var $_pattern = '/^[-+\/*0-9 ]*$/';
     // much more restrictive, but should eliminate syntax errors.
-    var $_pattern = '/^[-]?[0-9]+(?:[-+*][0-9]+)*$/';
-    //FIXME - make the numeric error checking better.
+    var $_pattern = '/^[-+]? *[0-9]+ *(?:[-+*] *[0-9]+ *)*$/';
+    var $_min = null;
+    var $_max = null;
+
+    function update($input) {
+        $local = $this->_local;
+        $valid = parent::update($input);
+        if ($valid && !(is_null($this->_min) && is_null($this->_max))) {
+            $numeric_local = (int) eval('return '.$this->_local.';');
+            if ((!is_null($this->_min) && $numeric_local < $this->_min) ||
+                (!is_null($this->_max) && $numeric_local > $this->_max)) {
+                $this->_error = true;
+                $this->_input = $input;
+                $this->_local = $local;
+                $valid = false;
+            }
+        }
+        return $valid;
+    }
 
     function out($var, $fmt='php') {
author	Adrian Lang <mail@adrianlang.de>	2011-04-22 22:35:43 +0200
committer	Adrian Lang <mail@adrianlang.de>	2011-04-22 22:35:43 +0200
commit	8ccf9c9785ec2b626bad30a88a21f02886845418 (patch)
tree	0ecd6103880e3350bd37ba11ae3872805ede1755 /lib/plugins/config/settings/config.class.php
parent	e2092379b1c3200832cb569781ec647db5aeef0f (diff)
parent	23d27376b2a2f6a1ccf0777c48435717494d85b1 (diff)
download	rpg-8ccf9c9785ec2b626bad30a88a21f02886845418.tar.gz rpg-8ccf9c9785ec2b626bad30a88a21f02886845418.tar.bz2