/* Read in the preferences. */
$highlight_num = 0;
while (! feof($file)) {
- $pref = trim(fgets($file, 1024));
+ // Make sure that this fgets is larger than any of the pref strings
+ // could ever be. 1024 is too short
+ $pref = trim(fgets($file, 65536));
$equalsAt = strpos($pref, '=');
if ($equalsAt > 0) {
$key = substr($pref, 0, $equalsAt);
$value = substr($pref, $equalsAt + 1);
+ /* this is to 'rescue' old-style highlighting rules. */
if (substr($key, 0, 9) == 'highlight') {
$key = 'highlight' . $highlight_num;
$highlight_num ++;
*/
function getPref($data_dir, $username, $string, $default = '') {
global $prefs_cache;
- $result = '';
- $result = do_hook_function('get_pref_override', array($username, $string));
-
- if ($result == '') {
- cachePrefValues($data_dir, $username);
-
- if (isset($prefs_cache[$string])) {
- $result = $prefs_cache[$string];
- } else {
- $result = do_hook_function('get_pref', array($username, $string));
- if ($result == '') {
- $result = $default;
- }
- }
+ $result = do_hook_function('get_pref_override',array($username,$string));
+ if (!$result) {
+ cachePrefValues($data_dir, $username);
+ if (isset($prefs_cache[$string])) {
+ $result = $prefs_cache[$string];
+ } else {
+ $result = do_hook_function('get_pref', array($username,$string));
+ if (!$result) {
+ $result = $default;
+ }
+ }
}
-
return ($result);
}
logout_error( sprintf( _("Preference file, %s, could not be opened. Contact your system administrator to resolve this issue."), $filename.'.tmp') );
exit;
}
-
foreach ($prefs_cache as $Key => $Value) {
if (isset($Value)) {
- fwrite($file, $Key . '=' . $Value . "\n");
+ $tmpwrite = @fwrite($file, $Key . '=' . $Value . "\n");
+ if ($tmpwrite == -1) {
+ logout_error( sprintf( _("Preference file, %s, could not be written. Contact your system administrator to resolve this issue.") , $filename . '.tmp') );
+ exit;
+ }
}
}
fclose($file);
- copy($filename.'.tmp', $filename);
- unlink($filename.'.tmp');
+ @copy($filename . '.tmp',$filename);
+ @unlink($filename . '.tmp');
chmod($filename, 0600);
}
/* Otherwise, report an error. */
$errTitle = sprintf( _("Error opening %s"), $default_pref );
- if (!file_exists($default_pref)) {
+ if (!is_readable($default_pref)) {
$errString = $errTitle . "<br>\n" .
- _("Default preference file not found!") . "<br>\n" .
+ _("Default preference file not found or not readable!") . "<br>\n" .
_("Please contact your system administrator and report this error.") . "<br>\n";
include_once(SM_PATH . 'functions/display_messages.php' );
logout_error( $errString, $errTitle );
function setSig($data_dir, $username, $number, $value) {
$filename = getHashedFile($username, $data_dir, "$username.si$number");
/* Open the file for writing, or else display an error to the user. */
- if(!$file = @fopen($filename.'.tmp', 'w'))
- {
- include_once(SM_PATH . '/functions/display_messages.php' );
- logout_error( sprintf( _("Signature file, %s, could not be opened. Contact your system administrator to resolve this issue."), $filename.'.tmp') );
+ if(!$file = @fopen("$filename.tmp", 'w')) {
+ include_once( '../functions/display_messages.php' );
+ logout_error( sprintf( _("Signature file, %s, could not be opened. Contact your system administrator to resolve this issue."), $filename . '.tmp') );
exit;
}
- fwrite($file, $value);
+ $tmpwrite = @fwrite($file, $value);
+ if ($tmpwrite == -1) {
+ include_once( '../functions/display_messages.php' );
+ logout_error( sprintf( _("Signature file, %s, could not be written. Contact your system administrator to resolve this issue.") , $filename . '.tmp'));
+ exit;
+ }
fclose($file);
- copy($filename.'.tmp',$filename);
- unlink($filename.'.tmp');
+ @copy($filename . '.tmp',$filename);
+ @unlink($filename . '.tmp');
+ chmod($filename, 0600);
+
}
/**