From 38dc5fa6df9a0cd5afd16dc95600d7cf11b08877 Mon Sep 17 00:00:00 2001
From: Michael Hamann <michael@content-space.de>
Date: Tue, 30 Nov 2010 18:27:04 +0100
Subject: Added min and max options for configuration metadata

---
 lib/plugins/config/settings/config.class.php    | 18 ++++++++++++++++++
 lib/plugins/config/settings/config.metadata.php |  3 +++
 2 files changed, 21 insertions(+)

(limited to 'lib/plugins/config/settings')

diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php
index 4f2129c70..252bc79a9 100644
--- a/lib/plugins/config/settings/config.class.php
+++ b/lib/plugins/config/settings/config.class.php
@@ -618,6 +618,24 @@ if (!class_exists('setting_numeric')) {
     // much more restrictive, but should eliminate syntax errors.
     var $_pattern = '/^[-]?[0-9]+(?:[-+*][0-9]+)*$/';
     //FIXME - make the numeric error checking better.
+    var $_min = null;
+    var $_max = null;
+
+    function update($input) {
+        $local = $this->_local;
+        $valid = parent::update($input);
+        if ($valid && !(is_null($this->_min) && is_null($this->_max))) {
+            $numeric_local = (int) eval('return '.$this->_local.';');
+            if ((!is_null($this->_min) && $numeric_local < $this->_min) ||
+                (!is_null($this->_max) && $numeric_local > $this->_max)) {
+                $this->_error = true;
+                $this->_input = $input;
+                $this->_local = $local;
+                $valid = false;
+            }
+        }
+        return $valid;
+    }
 
     function out($var, $fmt='php') {
 
diff --git a/lib/plugins/config/settings/config.metadata.php b/lib/plugins/config/settings/config.metadata.php
index edba65262..127017624 100644
--- a/lib/plugins/config/settings/config.metadata.php
+++ b/lib/plugins/config/settings/config.metadata.php
@@ -16,6 +16,7 @@
  *   ''             - default class ('setting'), textarea, minimal input validation, setting output in quotes
  *   'string'       - single line text input, minimal input validation, setting output in quotes
  *   'numeric'      - text input, accepts numbers and arithmetic operators, setting output without quotes
+ *                    if given the '_min' and '_max' parameters are used for validation
  *   'numericopt'   - like above, but accepts empty values
  *   'onoff'        - checkbox input, setting output  0|1
  *   'multichoice'  - select input (single choice), setting output with quotes, required _choices parameter
@@ -54,6 +55,8 @@
  *   '_combine'    - complimentary output setting values which can be combined into a single display checkbox
  *                   optional for 'multicheckbox', ignored by other classes
  *   '_code'       - encoding method to use, accepted values: 'base64','uuencode','plain'.  defaults to plain.
+ *   '_min'        - minimum numeric value, optional for 'numeric' and 'numericopt', ignored by others
+ *   '_max'        - maximum numeric value, optional for 'numeric' and 'numericopt', ignored by others
  *
  * @author    Chris Smith <chris@jalakai.co.uk>
  */
-- 
cgit v1.2.3


From 359fab8b2f7d0847ef0cf9b669e6c8ffb0687525 Mon Sep 17 00:00:00 2001
From: Michael Hamann <michael@content-space.de>
Date: Tue, 30 Nov 2010 18:34:10 +0100
Subject: Revert "Fix for $conf['breadcrumbs'] < 0, FS#2107", new fix

This reverts commit 4871414204799044c31aa2764c4b4ca020e2331d.
Additionally there is a new fix for FS#2107 that doesn't introduce a lot
of checks but instead ensures that the configuration option can't be set
to negative values when the configuration manager is used.
---
 lib/plugins/config/settings/config.metadata.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/plugins/config/settings')

diff --git a/lib/plugins/config/settings/config.metadata.php b/lib/plugins/config/settings/config.metadata.php
index 127017624..c2c3a2d0c 100644
--- a/lib/plugins/config/settings/config.metadata.php
+++ b/lib/plugins/config/settings/config.metadata.php
@@ -101,7 +101,7 @@ $meta['allowdebug']  = array('onoff');
 
 $meta['_display']    = array('fieldset');
 $meta['recent']      = array('numeric');
-$meta['breadcrumbs'] = array('numeric');
+$meta['breadcrumbs'] = array('numeric','_min' => 0);
 $meta['youarehere']  = array('onoff');
 $meta['fullpath']    = array('onoff');
 $meta['typography']  = array('multichoice','_choices' => array(0,1,2));
-- 
cgit v1.2.3


From 68a535905a1a45108d0a11ca1c8a0b78b50cddba Mon Sep 17 00:00:00 2001
From: Michael Hamann <michael@content-space.de>
Date: Tue, 30 Nov 2010 18:37:04 +0100
Subject: Allow spaces in numeric configuration values

---
 lib/plugins/config/settings/config.class.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'lib/plugins/config/settings')

diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php
index 252bc79a9..887f373bd 100644
--- a/lib/plugins/config/settings/config.class.php
+++ b/lib/plugins/config/settings/config.class.php
@@ -616,8 +616,7 @@ if (!class_exists('setting_numeric')) {
     // This allows for many PHP syntax errors...
     // var $_pattern = '/^[-+\/*0-9 ]*$/';
     // much more restrictive, but should eliminate syntax errors.
-    var $_pattern = '/^[-]?[0-9]+(?:[-+*][0-9]+)*$/';
-    //FIXME - make the numeric error checking better.
+    var $_pattern = '/^[-+]? *[0-9]+ *(?:[-+*] *[0-9]+ *)*$/';
     var $_min = null;
     var $_max = null;
 
-- 
cgit v1.2.3


From 6a7df0a2b9ffacc9644700f5a6be74750225b8d3 Mon Sep 17 00:00:00 2001
From: Anika Henke <anika@selfthinker.org>
Date: Mon, 6 Dec 2010 19:57:24 +0000
Subject: added security warning to fullpath config option (FS#2113)

---
 lib/plugins/config/settings/config.class.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'lib/plugins/config/settings')

diff --git a/lib/plugins/config/settings/config.class.php b/lib/plugins/config/settings/config.class.php
index 887f373bd..01f15a54e 100644
--- a/lib/plugins/config/settings/config.class.php
+++ b/lib/plugins/config/settings/config.class.php
@@ -342,8 +342,8 @@ if (!class_exists('setting')) {
 
     var $_cautionList = array(
         'basedir' => 'danger', 'baseurl' => 'danger', 'savedir' => 'danger', 'useacl' => 'danger', 'authtype' => 'danger', 'superuser' => 'danger', 'userewrite' => 'danger',
-        'start' => 'warning', 'camelcase' => 'warning', 'deaccent' => 'warning', 'sepchar' => 'warning', 'compression' => 'warning', 'xsendfile' => 'warning', 'renderer_xhtml' => 'warning',
-        'allowdebug' => 'security', 'htmlok' => 'security', 'phpok' => 'security', 'iexssprotect' => 'security', 'xmlrpc' => 'security', 'fnencode' => 'warning'
+        'start' => 'warning', 'camelcase' => 'warning', 'deaccent' => 'warning', 'sepchar' => 'warning', 'compression' => 'warning', 'xsendfile' => 'warning', 'renderer_xhtml' => 'warning', 'fnencode' => 'warning',
+        'allowdebug' => 'security', 'htmlok' => 'security', 'phpok' => 'security', 'iexssprotect' => 'security', 'xmlrpc' => 'security', 'fullpath' => 'security'
     );
 
     function setting($key, $params=NULL) {
-- 
cgit v1.2.3


From 5526795c71a703486ddd19bf986e6a0cf7309945 Mon Sep 17 00:00:00 2001
From: Guy Brand <gb@unistra.fr>
Date: Fri, 31 Dec 2010 15:46:43 +0100
Subject: Allow a prefix for subject of sent mails (Close FS#2021)

---
 lib/plugins/config/settings/config.metadata.php | 1 +
 1 file changed, 1 insertion(+)

(limited to 'lib/plugins/config/settings')

diff --git a/lib/plugins/config/settings/config.metadata.php b/lib/plugins/config/settings/config.metadata.php
index c2c3a2d0c..f5eb1da18 100644
--- a/lib/plugins/config/settings/config.metadata.php
+++ b/lib/plugins/config/settings/config.metadata.php
@@ -177,6 +177,7 @@ $meta['canonical']   = array('onoff');
 $meta['fnencode']    = array('multichoice','_choices' => array('url','safe','utf-8'));
 $meta['autoplural']  = array('onoff');
 $meta['mailfrom']    = array('richemail');
+$meta['mailprefix']  = array('string');
 $meta['compress']    = array('onoff');
 $meta['gzip_output'] = array('onoff');
 $meta['hidepages']   = array('string');
-- 
cgit v1.2.3


From 0c94c420c9dc14fc16700de5cca04959ca38e2c1 Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Sat, 15 Jan 2011 12:25:58 +0100
Subject: Added hmd5 and pmd5 as passcrypt choices in config manager

---
 lib/plugins/config/settings/config.metadata.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/plugins/config/settings')

diff --git a/lib/plugins/config/settings/config.metadata.php b/lib/plugins/config/settings/config.metadata.php
index f5eb1da18..af7e63a61 100644
--- a/lib/plugins/config/settings/config.metadata.php
+++ b/lib/plugins/config/settings/config.metadata.php
@@ -122,7 +122,7 @@ $meta['_authentication'] = array('fieldset');
 $meta['useacl']      = array('onoff');
 $meta['autopasswd']  = array('onoff');
 $meta['authtype']    = array('authtype');
-$meta['passcrypt']   = array('multichoice','_choices' => array('smd5','md5','apr1','sha1','ssha','crypt','mysql','my411','kmd5'));
+$meta['passcrypt']   = array('multichoice','_choices' => array('smd5','md5','apr1','sha1','ssha','crypt','mysql','my411','kmd5','pmd5','hmd5'));
 $meta['defaultgroup']= array('string');
 $meta['superuser']   = array('string');
 $meta['manager']     = array('string');
-- 
cgit v1.2.3