X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;ds=sidebyside;f=functions%2Ffile_prefs.php;h=eadf3fad7ef75c08d474d10b09cae653742da0fc;hb=673f935035f4872437d24a4ce4fabb305dad9696;hp=8dacc32af1422d4e54f352877b9a0d20b4cbb736;hpb=45df3062c96fb474ea804b444da1857782c999aa;p=squirrelmail.git

diff --git a/functions/file_prefs.php b/functions/file_prefs.php
index 8dacc32a..eadf3fad 100644
--- a/functions/file_prefs.php
+++ b/functions/file_prefs.php
@@ -49,11 +49,14 @@ function cachePrefValues($data_dir, $username) {
     /* Read in the preferences. */
     $highlight_num = 0;
     while (! feof($file)) {
-        $pref = trim(fgets($file, 1024));
+        // Make sure that this fgets is larger than any of the pref strings
+        // could ever be.  1024 is too short
+        $pref = trim(fgets($file, 65536));
         $equalsAt = strpos($pref, '=');
         if ($equalsAt > 0) {
             $key = substr($pref, 0, $equalsAt);
             $value = substr($pref, $equalsAt + 1);
+            /* this is to 'rescue' old-style highlighting rules. */
             if (substr($key, 0, 9) == 'highlight') {
                 $key = 'highlight' . $highlight_num;
                 $highlight_num ++;
@@ -77,23 +80,19 @@ function cachePrefValues($data_dir, $username) {
  */
 function getPref($data_dir, $username, $string, $default = '') {
     global $prefs_cache;
-    $result = '';
 
-    $result = do_hook_function('get_pref_override', array($username, $string));
-
-    if ($result == '') {
-        cachePrefValues($data_dir, $username);
-
-        if (isset($prefs_cache[$string])) {
-            $result = $prefs_cache[$string];
-        } else {
-            $result = do_hook_function('get_pref', array($username, $string));
-            if ($result == '') {
-                $result = $default;
-            }
-        }
+    $result = do_hook_function('get_pref_override',array($username,$string));
+    if (!$result) {
+	cachePrefValues($data_dir, $username);
+	if (isset($prefs_cache[$string])) {
+    	    $result = $prefs_cache[$string];
+	} else {
+	    $result = do_hook_function('get_pref', array($username,$string));
+	    if (!$result) {	    
+    		$result = $default;
+	    }
+	}
     }
-
     return ($result);
 }
 
@@ -112,15 +111,18 @@ function savePrefValues($data_dir, $username) {
         logout_error( sprintf( _("Preference file, %s, could not be opened. Contact your system administrator to resolve this issue."), $filename.'.tmp') );
         exit;
     }
-
     foreach ($prefs_cache as $Key => $Value) {
         if (isset($Value)) {
-            fwrite($file, $Key . '=' . $Value . "\n");
+            $tmpwrite = @fwrite($file, $Key . '=' . $Value . "\n");
+            if ($tmpwrite == -1) {
+               logout_error( sprintf( _("Preference file, %s, could not be written. Contact your system administrator to resolve this issue.") , $filename . '.tmp') );
+               exit;
+            }
         }
     }
     fclose($file);
-    copy($filename.'.tmp', $filename);
-    unlink($filename.'.tmp');
+    @copy($filename . '.tmp',$filename);
+    @unlink($filename . '.tmp');
     chmod($filename, 0600);
 }
 
@@ -180,9 +182,9 @@ function checkForPrefs($data_dir, $username, $filename = '') {
 
         /* Otherwise, report an error. */
         $errTitle = sprintf( _("Error opening %s"), $default_pref );
-        if (!file_exists($default_pref)) {
+        if (!is_readable($default_pref)) {
             $errString = $errTitle . "<br>\n" .
-                         _("Default preference file not found!") . "<br>\n" .
+                         _("Default preference file not found or not readable!") . "<br>\n" .
                          _("Please contact your system administrator and report this error.") . "<br>\n";
             include_once(SM_PATH . 'functions/display_messages.php' );
             logout_error( $errString, $errTitle );
@@ -210,16 +212,22 @@ function checkForPrefs($data_dir, $username, $filename = '') {
 function setSig($data_dir, $username, $number, $value) {
     $filename = getHashedFile($username, $data_dir, "$username.si$number");
     /* Open the file for writing, or else display an error to the user. */
-    if(!$file = @fopen($filename.'.tmp', 'w'))
-    {
-        include_once(SM_PATH . '/functions/display_messages.php' );
-        logout_error( sprintf( _("Signature file, %s, could not be opened. Contact your system administrator to resolve this issue."), $filename.'.tmp') );
+    if(!$file = @fopen("$filename.tmp", 'w')) {
+        include_once( '../functions/display_messages.php' );
+        logout_error( sprintf( _("Signature file, %s, could not be opened. Contact your system administrator to resolve this issue."), $filename . '.tmp') );
         exit;
     }
-    fwrite($file, $value);
+    $tmpwrite = @fwrite($file, $value);
+    if ($tmpwrite == -1) {
+       include_once( '../functions/display_messages.php' );
+       logout_error( sprintf( _("Signature file, %s, could not be written. Contact your system administrator to resolve this issue.") , $filename . '.tmp'));
+       exit;
+    }
     fclose($file);
-    copy($filename.'.tmp',$filename);
-    unlink($filename.'.tmp');
+    @copy($filename . '.tmp',$filename);
+    @unlink($filename . '.tmp');
+    chmod($filename, 0600);
+
 }
 
 /**