Code Coverage for /data/phpBB/includes/functions

	Code Coverage
	Classes and Traits		Functions and Methods				Lines
Total	100.00% covered (success)	0 / 0	100.00% covered (success)	100.00%	0 / 0	CRAP	53.58% covered (warning)	53.58%	217 / 405
adm_page_header			0.00% covered (danger)	0.00%	0 / 1	0	0.00% covered (danger)	0.00%	0 / 69
adm_page_footer			0.00% covered (danger)	0.00%	0 / 1	0	0.00% covered (danger)	0.00%	0 / 22
adm_back_link			0.00% covered (danger)	0.00%	0 / 1	0	0.00% covered (danger)	0.00%	0 / 2
build_select			100.00% covered (success)	100.00%	1 / 1	0	100.00% covered (success)	100.00%	7 / 7
h_radio			100.00% covered (success)	100.00%	1 / 1	0	100.00% covered (success)	100.00%	9 / 9
build_cfg_template			0.00% covered (danger)	0.00%	0 / 1	0	81.08% covered (warning)	81.08%	90 / 111
validate_config_vars			0.00% covered (danger)	0.00%	0 / 1	0	47.10% covered (danger)	47.10%	65 / 138
validate_range			0.00% covered (danger)	0.00%	0 / 1	0	97.30% covered (success)	97.30%	36 / 37
phpbb_insert_config_array			100.00% covered (success)	100.00%	1 / 1	0	100.00% covered (success)	100.00%	10 / 10

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	/**
15	* @ignore
16	*/
17	if (!defined('IN_PHPBB'))
18	{
19	exit;
20	}
21
22	/**
23	* Header for acp pages
24	*/
25	function adm_page_header($page_title)
26	{
27	global $config, $user, $template;
28	global $phpbb_root_path, $phpbb_admin_path, $phpEx, $SID, $_SID;
29	global $phpbb_dispatcher, $phpbb_container;
30
31	if (defined('HEADER_INC'))
32	{
33	return;
34	}
35
36	define('HEADER_INC', true);
37
38	// A listener can set this variable to `true` when it overrides this function
39	$adm_page_header_override = false;
40
41	/**
42	* Execute code and/or overwrite adm_page_header()
43	*
44	* @event core.adm_page_header
45	* @var string page_title Page title
46	* @var bool adm_page_header_override Shall we return instead of
47	* running the rest of adm_page_header()
48	* @since 3.1.0-a1
49	*/
50	$vars = array('page_title', 'adm_page_header_override');
51	extract($phpbb_dispatcher->trigger_event('core.adm_page_header', compact($vars)));
52
53	if ($adm_page_header_override)
54	{
55	return;
56	}
57
58	$user->update_session_infos();
59
60	// gzip_compression
61	if ($config['gzip_compress'])
62	{
63	if (@extension_loaded('zlib') && !headers_sent())
64	{
65	ob_start('ob_gzhandler');
66	}
67	}
68
69	$template->assign_vars(array(
70	'PAGE_TITLE' => $page_title,
71	'USERNAME' => $user->data['username'],
72
73	'SID' => $SID,
74	'_SID' => $_SID,
75	'SESSION_ID' => $user->session_id,
76	'ROOT_PATH' => $phpbb_root_path,
77	'ADMIN_ROOT_PATH' => $phpbb_admin_path,
78
79	'U_LOGOUT' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=logout'),
80	'U_ADM_LOGOUT' => append_sid("{$phpbb_admin_path}index.$phpEx", 'action=admlogout'),
81	'U_ADM_INDEX' => append_sid("{$phpbb_admin_path}index.$phpEx"),
82	'U_INDEX' => append_sid("{$phpbb_root_path}index.$phpEx"),
83
84	'T_IMAGES_PATH' => "{$phpbb_root_path}images/",
85	'T_SMILIES_PATH' => "{$phpbb_root_path}{$config['smilies_path']}/",
86	'T_AVATAR_PATH' => "{$phpbb_root_path}{$config['avatar_path']}/",
87	'T_AVATAR_GALLERY_PATH' => "{$phpbb_root_path}{$config['avatar_gallery_path']}/",
88	'T_ICONS_PATH' => "{$phpbb_root_path}{$config['icons_path']}/",
89	'T_RANKS_PATH' => "{$phpbb_root_path}{$config['ranks_path']}/",
90	'T_UPLOAD_PATH' => "{$phpbb_root_path}{$config['upload_path']}/",
91	'T_FONT_AWESOME_LINK' => !empty($config['allow_cdn']) && !empty($config['load_font_awesome_url']) ? $config['load_font_awesome_url'] : "{$phpbb_root_path}assets/css/font-awesome.min.css?assets_version=" . $config['assets_version'],
92
93	'T_ASSETS_VERSION' => $config['assets_version'],
94
95	'ICON_MOVE_UP' => '<img src="' . htmlspecialchars($phpbb_admin_path) . 'images/icon_up.gif" alt="' . $user->lang['MOVE_UP'] . '" title="' . $user->lang['MOVE_UP'] . '" />',
96	'ICON_MOVE_UP_DISABLED' => '<img src="' . htmlspecialchars($phpbb_admin_path) . 'images/icon_up_disabled.gif" alt="' . $user->lang['MOVE_UP'] . '" title="' . $user->lang['MOVE_UP'] . '" />',
97	'ICON_MOVE_DOWN' => '<img src="' . htmlspecialchars($phpbb_admin_path) . 'images/icon_down.gif" alt="' . $user->lang['MOVE_DOWN'] . '" title="' . $user->lang['MOVE_DOWN'] . '" />',
98	'ICON_MOVE_DOWN_DISABLED' => '<img src="' . htmlspecialchars($phpbb_admin_path) . 'images/icon_down_disabled.gif" alt="' . $user->lang['MOVE_DOWN'] . '" title="' . $user->lang['MOVE_DOWN'] . '" />',
99	'ICON_EDIT' => '<img src="' . htmlspecialchars($phpbb_admin_path) . 'images/icon_edit.gif" alt="' . $user->lang['EDIT'] . '" title="' . $user->lang['EDIT'] . '" />',
100	'ICON_EDIT_DISABLED' => '<img src="' . htmlspecialchars($phpbb_admin_path) . 'images/icon_edit_disabled.gif" alt="' . $user->lang['EDIT'] . '" title="' . $user->lang['EDIT'] . '" />',
101	'ICON_DELETE' => '<img src="' . htmlspecialchars($phpbb_admin_path) . 'images/icon_delete.gif" alt="' . $user->lang['DELETE'] . '" title="' . $user->lang['DELETE'] . '" />',
102	'ICON_DELETE_DISABLED' => '<img src="' . htmlspecialchars($phpbb_admin_path) . 'images/icon_delete_disabled.gif" alt="' . $user->lang['DELETE'] . '" title="' . $user->lang['DELETE'] . '" />',
103	'ICON_SYNC' => '<img src="' . htmlspecialchars($phpbb_admin_path) . 'images/icon_sync.gif" alt="' . $user->lang['RESYNC'] . '" title="' . $user->lang['RESYNC'] . '" />',
104	'ICON_SYNC_DISABLED' => '<img src="' . htmlspecialchars($phpbb_admin_path) . 'images/icon_sync_disabled.gif" alt="' . $user->lang['RESYNC'] . '" title="' . $user->lang['RESYNC'] . '" />',
105
106	'S_USER_LANG' => $user->lang['USER_LANG'],
107	'S_CONTENT_DIRECTION' => $user->lang['DIRECTION'],
108	'S_CONTENT_ENCODING' => 'UTF-8',
109	'S_CONTENT_FLOW_BEGIN' => ($user->lang['DIRECTION'] == 'ltr') ? 'left' : 'right',
110	'S_CONTENT_FLOW_END' => ($user->lang['DIRECTION'] == 'ltr') ? 'right' : 'left',
111
112	'CONTAINER_EXCEPTION' => $phpbb_container->hasParameter('container_exception') ? $phpbb_container->getParameter('container_exception') : false,
113	));
114
115	// An array of http headers that phpBB will set. The following event may override these.
116	$http_headers = array(
117	// application/xhtml+xml not used because of IE
118	'Content-type' => 'text/html; charset=UTF-8',
119	'Cache-Control' => 'private, no-cache="set-cookie"',
120	'Expires' => gmdate('D, d M Y H:i:s', time()) . ' GMT',
121	'Referrer-Policy' => 'strict-origin-when-cross-origin',
122	);
123
124	/**
125	* Execute code and/or overwrite _common_ template variables after they have been assigned.
126	*
127	* @event core.adm_page_header_after
128	* @var string page_title Page title
129	* @var array http_headers HTTP headers that should be set by phpbb
130	*
131	* @since 3.1.0-RC3
132	*/
133	$vars = array('page_title', 'http_headers');
134	extract($phpbb_dispatcher->trigger_event('core.adm_page_header_after', compact($vars)));
135
136	foreach ($http_headers as $hname => $hval)
137	{
138	header((string) $hname . ': ' . (string) $hval);
139	}
140
141	return;
142	}
143
144	/**
145	* Page footer for acp pages
146	*/
147	function adm_page_footer($copyright_html = true)
148	{
149	global $db, $config, $template, $user, $auth;
150	global $phpbb_root_path;
151	global $request, $phpbb_dispatcher;
152
153	// A listener can set this variable to `true` when it overrides this function
154	$adm_page_footer_override = false;
155
156	/**
157	* Execute code and/or overwrite adm_page_footer()
158	*
159	* @event core.adm_page_footer
160	* @var bool copyright_html Shall we display the copyright?
161	* @var bool adm_page_footer_override Shall we return instead of
162	* running the rest of adm_page_footer()
163	* @since 3.1.0-a1
164	*/
165	$vars = array('copyright_html', 'adm_page_footer_override');
166	extract($phpbb_dispatcher->trigger_event('core.adm_page_footer', compact($vars)));
167
168	if ($adm_page_footer_override)
169	{
170	return;
171	}
172
173	phpbb_check_and_display_sql_report($request, $auth, $db);
174
175	$template->assign_vars(array(
176	'DEBUG_OUTPUT' => phpbb_generate_debug_output($db, $config, $auth, $user, $phpbb_dispatcher),
177	'TRANSLATION_INFO' => (!empty($user->lang['TRANSLATION_INFO'])) ? $user->lang['TRANSLATION_INFO'] : '',
178	'S_COPYRIGHT_HTML' => $copyright_html,
179	'CREDIT_LINE' => $user->lang('POWERED_BY', '<a href="https://www.phpbb.com/">phpBB</a>® Forum Software © phpBB Limited'),
180	'T_JQUERY_LINK' => !empty($config['allow_cdn']) && !empty($config['load_jquery_url']) ? $config['load_jquery_url'] : "{$phpbb_root_path}assets/javascript/jquery.min.js",
181	'S_ALLOW_CDN' => !empty($config['allow_cdn']),
182	'VERSION' => $config['version'])
183	);
184
185	$template->display('body');
186
187	garbage_collection();
188	exit_handler();
189	}
190
191	/**
192	* Generate back link for acp pages
193	*/
194	function adm_back_link($u_action)
195	{
196	global $user;
197	return '<br /><br /><a href="' . $u_action . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>';
198	}
199
200	/**
201	* Build select field options in acp pages
202	*/
203	function build_select($option_ary, $option_default = false)
204	{
205	global $user;
206
207	$html = '';
208	foreach ($option_ary as $value => $title)
209	{
210	$selected = ($option_default !== false && $value == $option_default) ? ' selected="selected"' : '';
211	$html .= '<option value="' . $value . '"' . $selected . '>' . $user->lang[$title] . '</option>';
212	}
213
214	return $html;
215	}
216
217	/**
218	* Build radio fields in acp pages
219	*/
220	function h_radio($name, $input_ary, $input_default = false, $id = false, $key = false, $separator = '')
221	{
222	global $user;
223
224	$html = '';
225	$id_assigned = false;
226	foreach ($input_ary as $value => $title)
227	{
228	$selected = ($input_default !== false && $value == $input_default) ? ' checked="checked"' : '';
229	$html .= '<label><input type="radio" name="' . $name . '"' . (($id && !$id_assigned) ? ' id="' . $id . '"' : '') . ' value="' . $value . '"' . $selected . (($key) ? ' accesskey="' . $key . '"' : '') . ' class="radio" /> ' . $user->lang[$title] . '</label>' . $separator;
230	$id_assigned = true;
231	}
232
233	return $html;
234	}
235
236	/**
237	* Build configuration template for acp configuration pages
238	*/
239	function build_cfg_template($tpl_type, $key, &$new_ary, $config_key, $vars)
240	{
241	global $user, $module, $phpbb_dispatcher;
242
243	$tpl = '';
244	$name = 'config[' . $config_key . ']';
245
246	// Make sure there is no notice printed out for non-existent config options (we simply set them)
247	if (!isset($new_ary[$config_key]))
248	{
249	$new_ary[$config_key] = '';
250	}
251
252	switch ($tpl_type[0])
253	{
254	case 'password':
255	if ($new_ary[$config_key] !== '')
256	{
257	// replace passwords with asterixes
258	$new_ary[$config_key] = '********';
259	}
260	case 'text':
261	case 'url':
262	case 'email':
263	case 'tel':
264	case 'search':
265	// maxlength and size are only valid for these types and will be
266	// ignored for other input types.
267	$size = (int) $tpl_type[1];
268	$maxlength = (int) $tpl_type[2];
269
270	$tpl = '<input id="' . $key . '" type="' . $tpl_type[0] . '"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="' . $name . '" value="' . $new_ary[$config_key] . '"' . (($tpl_type[0] === 'password') ? ' autocomplete="off"' : '') . ' />';
271	break;
272
273	case 'color':
274	case 'datetime':
275	case 'datetime-local':
276	case 'month':
277	case 'week':
278	$tpl = '<input id="' . $key . '" type="' . $tpl_type[0] . '" name="' . $name . '" value="' . $new_ary[$config_key] . '" />';
279	break;
280
281	case 'date':
282	case 'time':
283	case 'number':
284	case 'range':
285	$max = '';
286	$min = ( isset($tpl_type[1]) ) ? (int) $tpl_type[1] : false;
287	if ( isset($tpl_type[2]) )
288	{
289	$max = (int) $tpl_type[2];
290	}
291
292	$tpl = '<input id="' . $key . '" type="' . $tpl_type[0] . '"' . (( $min != '' ) ? ' min="' . $min . '"' : '') . (( $max != '' ) ? ' max="' . $max . '"' : '') . ' name="' . $name . '" value="' . $new_ary[$config_key] . '" />';
293	break;
294
295	case 'dimension':
296	$max = '';
297
298	$min = (int) $tpl_type[1];
299
300	if ( isset($tpl_type[2]) )
301	{
302	$max = (int) $tpl_type[2];
303	}
304
305	$tpl = '<input id="' . $key . '" type="number"' . (( $min !== '' ) ? ' min="' . $min . '"' : '') . (( $max != '' ) ? ' max="' . $max . '"' : '') . ' name="config[' . $config_key . '_width]" value="' . $new_ary[$config_key . '_width'] . '" /> x <input type="number"' . (( $min !== '' ) ? ' min="' . $min . '"' : '') . (( $max != '' ) ? ' max="' . $max . '"' : '') . ' name="config[' . $config_key . '_height]" value="' . $new_ary[$config_key . '_height'] . '" />';
306	break;
307
308	case 'textarea':
309	$rows = (int) $tpl_type[1];
310	$cols = (int) $tpl_type[2];
311
312	$tpl = '<textarea id="' . $key . '" name="' . $name . '" rows="' . $rows . '" cols="' . $cols . '">' . $new_ary[$config_key] . '</textarea>';
313	break;
314
315	case 'radio':
316	$key_yes = ($new_ary[$config_key]) ? ' checked="checked"' : '';
317	$key_no = (!$new_ary[$config_key]) ? ' checked="checked"' : '';
318
319	$tpl_type_cond = explode('_', $tpl_type[1]);
320	$type_no = ($tpl_type_cond[0] == 'disabled' \|\| $tpl_type_cond[0] == 'enabled') ? false : true;
321
322	$tpl_no = '<label><input type="radio" name="' . $name . '" value="0"' . $key_no . ' class="radio" /> ' . (($type_no) ? $user->lang['NO'] : $user->lang['DISABLED']) . '</label>';
323	$tpl_yes = '<label><input type="radio" id="' . $key . '" name="' . $name . '" value="1"' . $key_yes . ' class="radio" /> ' . (($type_no) ? $user->lang['YES'] : $user->lang['ENABLED']) . '</label>';
324
325	$tpl = ($tpl_type_cond[0] == 'yes' \|\| $tpl_type_cond[0] == 'enabled') ? $tpl_yes . $tpl_no : $tpl_no . $tpl_yes;
326	break;
327
328	case 'select':
329	case 'custom':
330
331	if (isset($vars['method']))
332	{
333	$call = array($module->module, $vars['method']);
334	}
335	else if (isset($vars['function']))
336	{
337	$call = $vars['function'];
338	}
339	else
340	{
341	break;
342	}
343
344	if (isset($vars['params']))
345	{
346	$args = array();
347	foreach ($vars['params'] as $value)
348	{
349	switch ($value)
350	{
351	case '{CONFIG_VALUE}':
352	$value = $new_ary[$config_key];
353	break;
354
355	case '{KEY}':
356	$value = $key;
357	break;
358	}
359
360	$args[] = $value;
361	}
362	}
363	else
364	{
365	$args = array($new_ary[$config_key], $key);
366	}
367
368	$return = call_user_func_array($call, $args);
369
370	if ($tpl_type[0] == 'select')
371	{
372	$size = (isset($tpl_type[1])) ? (int) $tpl_type[1] : 1;
373	$data_toggle = (!empty($tpl_type[2])) ? ' data-togglable-settings="true"' : '';
374
375	$tpl = '<select id="' . $key . '" name="' . $name . '"' . (($size > 1) ? ' size="' . $size . '"' : '') . $data_toggle . '>' . $return . '</select>';
376	}
377	else
378	{
379	$tpl = $return;
380	}
381
382	break;
383
384	default:
385	break;
386	}
387
388	if (isset($vars['append']))
389	{
390	$tpl .= $vars['append'];
391	}
392
393	$new = $new_ary;
394	/**
395	* Overwrite the html code we display for the config value
396	*
397	* @event core.build_config_template
398	* @var array tpl_type Config type array:
399	* 0 => data type
400	* 1 [optional] => string: size, int: minimum
401	* 2 [optional] => string: max. length, int: maximum
402	* @var string key Should be used for the id attribute in html
403	* @var array new Array with the config values we display
404	* @var string name Should be used for the name attribute
405	* @var array vars Array with the options for the config
406	* @var string tpl The resulting html code we display
407	* @since 3.1.0-a1
408	*/
409	$vars = array('tpl_type', 'key', 'new', 'name', 'vars', 'tpl');
410	extract($phpbb_dispatcher->trigger_event('core.build_config_template', compact($vars)));
411	$new_ary = $new;
412	unset($new);
413
414	return $tpl;
415	}
416
417	/**
418	* Going through a config array and validate values, writing errors to $error. The validation method accepts parameters separated by ':' for string and int.
419	* The first parameter defines the type to be used, the second the lower bound and the third the upper bound. Only the type is required.
420	*/
421	function validate_config_vars($config_vars, &$cfg_array, &$error)
422	{
423	global $phpbb_root_path, $user, $phpbb_dispatcher, $phpbb_filesystem, $language;
424
425	$type = 0;
426	$min = 1;
427	$max = 2;
428
429	foreach ($config_vars as $config_name => $config_definition)
430	{
431	if (!isset($cfg_array[$config_name]) \|\| strpos($config_name, 'legend') !== false)
432	{
433	continue;
434	}
435
436	if (!isset($config_definition['validate']))
437	{
438	continue;
439	}
440
441	$validator = explode(':', $config_definition['validate']);
442
443	// Validate a bit. ;) (0 = type, 1 = min, 2= max)
444	switch ($validator[$type])
445	{
446	case 'url':
447	$cfg_array[$config_name] = trim($cfg_array[$config_name]);
448
449	if (!empty($cfg_array[$config_name]) && !preg_match('#^' . get_preg_expression('url') . '$#iu', $cfg_array[$config_name]))
450	{
451	$error[] = $language->lang('URL_INVALID', $language->lang($config_definition['lang']));
452	}
453
454	// no break here
455
456	case 'string':
457	$length = utf8_strlen($cfg_array[$config_name]);
458
459	// the column is a VARCHAR
460	$validator[$max] = (isset($validator[$max])) ? min(255, $validator[$max]) : 255;
461
462	if (isset($validator[$min]) && $length < $validator[$min])
463	{
464	$error[] = sprintf($user->lang['SETTING_TOO_SHORT'], $user->lang[$config_definition['lang']], $validator[$min]);
465	}
466	else if (isset($validator[$max]) && $length > $validator[2])
467	{
468	$error[] = sprintf($user->lang['SETTING_TOO_LONG'], $user->lang[$config_definition['lang']], $validator[$max]);
469	}
470	break;
471
472	case 'bool':
473	$cfg_array[$config_name] = ($cfg_array[$config_name]) ? 1 : 0;
474	break;
475
476	case 'int':
477	$cfg_array[$config_name] = (int) $cfg_array[$config_name];
478
479	if (isset($validator[$min]) && $cfg_array[$config_name] < $validator[$min])
480	{
481	$error[] = sprintf($user->lang['SETTING_TOO_LOW'], $user->lang[$config_definition['lang']], $validator[$min]);
482	}
483	else if (isset($validator[$max]) && $cfg_array[$config_name] > $validator[$max])
484	{
485	$error[] = sprintf($user->lang['SETTING_TOO_BIG'], $user->lang[$config_definition['lang']], $validator[$max]);
486	}
487
488	if (strpos($config_name, '_max') !== false)
489	{
490	// Min/max pairs of settings should ensure that min <= max
491	// Replace _max with _min to find the name of the minimum
492	// corresponding configuration variable
493	$min_name = str_replace('_max', '_min', $config_name);
494
495	if (isset($cfg_array[$min_name]) && is_numeric($cfg_array[$min_name]) && $cfg_array[$config_name] < $cfg_array[$min_name])
496	{
497	// A minimum value exists and the maximum value is less than it
498	$error[] = sprintf($user->lang['SETTING_TOO_LOW'], $user->lang[$config_definition['lang']], (int) $cfg_array[$min_name]);
499	}
500	}
501	break;
502
503	case 'email':
504	if (!preg_match('/^' . get_preg_expression('email') . '$/i', $cfg_array[$config_name]))
505	{
506	$error[] = $user->lang['EMAIL_INVALID_EMAIL'];
507	}
508	break;
509
510	// Absolute path
511	case 'script_path':
512	if (!$cfg_array[$config_name])
513	{
514	break;
515	}
516
517	$destination = str_replace('\\', '/', $cfg_array[$config_name]);
518
519	if ($destination !== '/')
520	{
521	// Adjust destination path (no trailing slash)
522	if (substr($destination, -1, 1) == '/')
523	{
524	$destination = substr($destination, 0, -1);
525	}
526
527	$destination = str_replace(array('../', './'), '', $destination);
528
529	if ($destination[0] != '/')
530	{
531	$destination = '/' . $destination;
532	}
533	}
534
535	$cfg_array[$config_name] = trim($destination);
536
537	break;
538
539	// Absolute path
540	case 'lang':
541	if (!$cfg_array[$config_name])
542	{
543	break;
544	}
545
546	$cfg_array[$config_name] = basename($cfg_array[$config_name]);
547
548	if (!file_exists($phpbb_root_path . 'language/' . $cfg_array[$config_name] . '/'))
549	{
550	$error[] = $user->lang['WRONG_DATA_LANG'];
551	}
552	break;
553
554	// Relative path (appended $phpbb_root_path)
555	case 'rpath':
556	case 'rwpath':
557	if (!$cfg_array[$config_name])
558	{
559	break;
560	}
561
562	$destination = $cfg_array[$config_name];
563
564	// Adjust destination path (no trailing slash)
565	if (substr($destination, -1, 1) == '/' \|\| substr($destination, -1, 1) == '\\')
566	{
567	$destination = substr($destination, 0, -1);
568	}
569
570	$destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination);
571	if ($destination && ($destination[0] == '/' \|\| $destination[0] == "\\"))
572	{
573	$destination = '';
574	}
575
576	$cfg_array[$config_name] = trim($destination);
577
578	// Path being relative (still prefixed by phpbb_root_path), but with the ability to escape the root dir...
579	case 'path':
580	case 'wpath':
581
582	if (!$cfg_array[$config_name])
583	{
584	break;
585	}
586
587	$cfg_array[$config_name] = trim($cfg_array[$config_name]);
588
589	// Make sure no NUL byte is present...
590	if (strpos($cfg_array[$config_name], "\0") !== false \|\| strpos($cfg_array[$config_name], '%00') !== false)
591	{
592	$cfg_array[$config_name] = '';
593	break;
594	}
595
596	$path = $phpbb_root_path . $cfg_array[$config_name];
597
598	if (!file_exists($path))
599	{
600	$error[] = sprintf($user->lang['DIRECTORY_DOES_NOT_EXIST'], $cfg_array[$config_name]);
601	}
602
603	if (file_exists($path) && !is_dir($path))
604	{
605	$error[] = sprintf($user->lang['DIRECTORY_NOT_DIR'], $cfg_array[$config_name]);
606	}
607
608	// Check if the path is writable
609	if ($config_definition['validate'] == 'wpath' \|\| $config_definition['validate'] == 'rwpath')
610	{
611	if (file_exists($path) && !$phpbb_filesystem->is_writable($path))
612	{
613	$error[] = sprintf($user->lang['DIRECTORY_NOT_WRITABLE'], $cfg_array[$config_name]);
614	}
615	}
616
617	break;
618
619	default:
620	/**
621	* Validate a config value
622	*
623	* @event core.validate_config_variable
624	* @var array cfg_array Array with config values
625	* @var string config_name Name of the config we validate
626	* @var array config_definition Array with the options for
627	* this config
628	* @var array error Array of errors, the errors should
629	* be strings only, language keys are
630	* not replaced afterwards
631	* @since 3.1.0-a1
632	*/
633	$vars = array('cfg_array', 'config_name', 'config_definition', 'error');
634	extract($phpbb_dispatcher->trigger_event('core.validate_config_variable', compact($vars)));
635	break;
636	}
637	}
638
639	return;
640	}
641
642	/**
643	* Checks whatever or not a variable is OK for use in the Database
644	* param mixed $value_ary An array of the form array(array('lang' => ..., 'value' => ..., 'column_type' =>))'
645	* param mixed $error The error array
646	*/
647	function validate_range($value_ary, &$error)
648	{
649	global $user;
650
651	$column_types = array(
652	'BOOL' => array('php_type' => 'int', 'min' => 0, 'max' => 1),
653	'USINT' => array('php_type' => 'int', 'min' => 0, 'max' => 65535),
654	'UINT' => array('php_type' => 'int', 'min' => 0, 'max' => (int) 0x7fffffff),
655	// Do not use (int) 0x80000000 - it evaluates to different
656	// values on 32-bit and 64-bit systems.
657	// Apparently -2147483648 is a float on 32-bit systems,
658	// despite fitting in an int, thus explicit cast is needed.
659	'INT' => array('php_type' => 'int', 'min' => (int) -2147483648, 'max' => (int) 0x7fffffff),
660	'TINT' => array('php_type' => 'int', 'min' => -128, 'max' => 127),
661
662	'VCHAR' => array('php_type' => 'string', 'min' => 0, 'max' => 255),
663	);
664	foreach ($value_ary as $value)
665	{
666	$column = explode(':', $value['column_type']);
667	if (!isset($column_types[$column[0]]))
668	{
669	continue;
670	}
671	else
672	{
673	$type = $column_types[$column[0]];
674	}
675
676	switch ($type['php_type'])
677	{
678	case 'string' :
679	$max = (isset($column[1])) ? min($column[1],$type['max']) : $type['max'];
680	if (utf8_strlen($value['value']) > $max)
681	{
682	$error[] = sprintf($user->lang['SETTING_TOO_LONG'], $user->lang[$value['lang']], $max);
683	}
684	break;
685
686	case 'int':
687	$min = (isset($column[1])) ? max($column[1],$type['min']) : $type['min'];
688	$max = (isset($column[2])) ? min($column[2],$type['max']) : $type['max'];
689	if ($value['value'] < $min)
690	{
691	$error[] = sprintf($user->lang['SETTING_TOO_LOW'], $user->lang[$value['lang']], $min);
692	}
693	else if ($value['value'] > $max)
694	{
695	$error[] = sprintf($user->lang['SETTING_TOO_BIG'], $user->lang[$value['lang']], $max);
696	}
697	break;
698	}
699	}
700	}
701
702	/**
703	* Inserts new config display_vars into an exisiting display_vars array
704	* at the given position.
705	*
706	* @param array $display_vars An array of existing config display vars
707	* @param array $add_config_vars An array of new config display vars
708	* @param array $where Where to place the new config vars,
709	* before or after an exisiting config, as an array
710	* of the form: array('after' => 'config_name') or
711	* array('before' => 'config_name').
712	* @return array The array of config display vars
713	*/
714	function phpbb_insert_config_array($display_vars, $add_config_vars, $where)
715	{
716	if (is_array($where) && array_key_exists(current($where), $display_vars))
717	{
718	$position = array_search(current($where), array_keys($display_vars)) + ((key($where) == 'before') ? 0 : 1);
719	$display_vars = array_merge(
720	array_slice($display_vars, 0, $position),
721	$add_config_vars,
722	array_slice($display_vars, $position)
723	);
724	}
725
726	return $display_vars;
727	}