From: ebullient Date: Fri, 3 Jan 2003 00:12:07 +0000 (+0000) Subject: fixes for the admin plugin for 1.4.0 RC1 X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=commitdiff_plain;h=a28a56da34d2b30fcc5fd139f8187b4fe1105433 fixes for the admin plugin for 1.4.0 RC1 git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@4355 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- diff --git a/config/conf.pl b/config/conf.pl index dc9f20c9..7502fb98 100755 --- a/config/conf.pl +++ b/config/conf.pl @@ -2989,10 +2989,8 @@ sub change_to_SM_path() { # If the path is absolute, don't bother. return "\'" . $old_path . "\'" if ( $old_path eq ''); - return "\'" . $old_path . "\'" if ( $old_path =~ /^\// ); - return "\'" . $old_path . "\'" if ( $old_path =~ /^http/ ); - return $old_path if ( $old_path =~ /^\$/); - return $old_path if ( $old_path =~ /^SM_PATH/ ); + return "\'" . $old_path . "\'" if ( $old_path =~ /^(\/|http)/ ); + return $old_path if ( $old_path =~ /^(\$|SM_PATH)/); # For relative paths, split on '../' @rel_path = split(/\.\.\//, $old_path); diff --git a/plugins/administrator/auth.php b/plugins/administrator/auth.php index 4026aaf6..58350fa9 100644 --- a/plugins/administrator/auth.php +++ b/plugins/administrator/auth.php @@ -10,8 +10,10 @@ */ function adm_check_user() { - GLOBAL $username, $PHP_SELF; - + global $PHP_SELF; + + $username = ( !isset($_SESSION['username']) ? '' : $_SESSION['username'] ); + /* This needs to be first, for all non_options pages */ if (strpos('options.php', $PHP_SELF)) { $auth = FALSE; } else if (file_exists(SM_PATH . 'plugins/administrator/admins')) { diff --git a/plugins/administrator/defines.php b/plugins/administrator/defines.php index ce0aec13..d6d4b79b 100644 --- a/plugins/administrator/defines.php +++ b/plugins/administrator/defines.php @@ -29,6 +29,7 @@ define('SMOPT_TYPE_THEME', 10); define('SMOPT_TYPE_PLUGINS', 11); define('SMOPT_TYPE_LDAP', 12); define('SMOPT_TYPE_EXTERNAL', 32); +define('SMOPT_TYPE_PATH',33); global $languages; @@ -61,8 +62,9 @@ $defcfg = array( '$config_version' => array( 'name' => _("Config File Version"), 'type' => SMOPT_TYPE_STRING, 'size' => 40 ), '$org_logo' => array( 'name' => _("Organization Logo"), - 'type' => SMOPT_TYPE_STRING, - 'size' => 40 ), + 'type' => SMOPT_TYPE_PATH, + 'size' => 40, + 'default' => '../images/sm_logo.png'), '$org_logo_width' => array( 'name' => _("Organization Logo Width"), 'type' => SMOPT_TYPE_INTEGER, 'size' => 5, @@ -75,7 +77,7 @@ $defcfg = array( '$config_version' => array( 'name' => _("Config File Version"), 'type' => SMOPT_TYPE_STRING, 'size' => 40 ), '$signout_page' => array( 'name' => _("Signout Page"), - 'type' => SMOPT_TYPE_STRING, + 'type' => SMOPT_TYPE_PATH, 'size' => 40 ), '$squirrelmail_default_language' => array( 'name' => _("Default Language"), 'type' => SMOPT_TYPE_STRLIST, @@ -188,10 +190,10 @@ $defcfg = array( '$config_version' => array( 'name' => _("Config File Version"), 'windows-1251' => 'windows-1251', 'ISO-2022-JP' => 'ISO-2022-JP' ) ), '$data_dir' => array( 'name' => _("Data Directory"), - 'type' => SMOPT_TYPE_STRING, + 'type' => SMOPT_TYPE_PATH, 'size' => 40 ), '$attachment_dir' => array( 'name' => _("Temp Directory"), - 'type' => SMOPT_TYPE_STRING, + 'type' => SMOPT_TYPE_PATH, 'size' => 40 ), '$dir_hash_level' => array( 'name' => _("Hash Level"), 'type' => SMOPT_TYPE_NUMLIST, @@ -254,7 +256,7 @@ $defcfg = array( '$config_version' => array( 'name' => _("Config File Version"), 'Group7' => array( 'name' => _("Themes"), 'type' => SMOPT_TYPE_TITLE ), '$theme_css' => array( 'name' => _("Style Sheet URL (css)"), - 'type' => SMOPT_TYPE_STRING, + 'type' => SMOPT_TYPE_PATH, 'size' => 40 ), /* --------------------------------------------------------*/ '$config_use_color' => array( 'name' => '', diff --git a/plugins/administrator/options.php b/plugins/administrator/options.php index f61cf8b3..ff054817 100644 --- a/plugins/administrator/options.php +++ b/plugins/administrator/options.php @@ -127,9 +127,72 @@ function parseConfig( $cfg_file ) { } } } +} + +/* Change paths containing SM_PATH to admin-friendly paths + relative to the config dir, i.e.: + '' --> + SM_PATH . 'images/logo.gif' --> ../images/logo.gif + '/absolute/path/logo.gif' --> /absolute/path/logo.gif + 'http://whatever/' --> http://whatever + Note removal of quotes in returned value +*/ +function change_to_rel_path($old_path) { + $new_path = str_replace("SM_PATH . '", "../", $old_path); + $new_path = str_replace("../config/","", $new_path); + $new_path = str_replace("'","", $new_path); + return $new_path; +} +/* Change relative path (relative to config dir) to + internal SM_PATH, i.e.: + empty_string --> '' + ../images/logo.gif --> SM_PATH . 'images/logo.gif' + images/logo.gif --> SM_PATH . 'config/images/logo.gif' + /absolute/path/logo.gif --> '/absolute/path/logo.gif' + http://whatever/ --> 'http://whatever' +*/ +function change_to_sm_path($old_path) { + if ( $old_path === '' || $old_path == "''" ) { + return "''"; + } elseif ( preg_match("/^(\/|http)/", $old_path) ) { + return "'" . $old_path . "'"; + } elseif ( preg_match("/^(\$|SM_PATH)/", $old_path) ) { + return $old_path; + } + + $new_path = ''; + $rel_path = explode("../", $old_path); + if ( count($rel_path) > 2 ) { + // Since we're relative to the config dir, + // more than 1 ../ puts us OUTSIDE the SM tree. + // get full path to config.php, then pop the filename + $abs_path = explode('/', realpath (SM_PATH . 'config/config.php')); + array_pop ($abs_path); + foreach ( $rel_path as $subdir ) { + if ( $subdir === '' ) { + array_pop ($abs_path); + } else { + array_push($abs_path, $subdir); + } + } + foreach ($abs_path as $subdir) { + $new_path .= $subdir . '/'; + } + $new_path = "'$new_path'"; + } elseif ( count($rel_path) > 1 ) { + // we're within the SM tree, prepend SM_PATH + $new_path = str_replace('../',"SM_PATH . '", $old_path . "'"); + } else { + // Last, if it's a relative path without a .. prefix, + // we're somewhere within the config dir, so prepend + // SM_PATH . 'config/ + $new_path = "SM_PATH . 'config/" . $old_path . "'"; + } + return $new_path; } + /* ---------------------- main -------------------------- */ define('SM_PATH','../../'); @@ -145,7 +208,7 @@ require_once(SM_PATH . 'plugins/administrator/auth.php'); GLOBAL $data_dir, $username; if ( !adm_check_user() ) { - header("Location: ../../src/options.php") ; + header('Location: ' . SM_PATH . 'src/options.php') ; exit; } @@ -171,15 +234,14 @@ $colapse = array( 'Titles' => 'off', 'Group7' => getPref($data_dir, $username, 'adm_Group7', 'on' ), 'Group8' => getPref($data_dir, $username, 'adm_Group8', 'on' ) ); -if ( isset( $switch ) ) { - +if ( isset( $_GET['switch'] ) ) { + $switch = $_GET['switch']; if ( $colapse[$switch] == 'on' ) { $colapse[$switch] = 'off'; } else { $colapse[$switch] = 'on'; } setPref($data_dir, $username, "adm_$switch", $colapse[$switch] ); - } echo "
" . @@ -363,6 +425,22 @@ foreach ( $newcfg as $k => $v ) { } echo "\n"; break; + case SMOPT_TYPE_PATH: + if ( isset( $HTTP_POST_VARS[$e] ) ) { + $v = change_to_sm_path($HTTP_POST_VARS[$e]); + $newcfg[$k] = $v; + } + if ( $v == "''" && isset( $defcfg[$k]['default'] ) ) { + $v = change_to_sm_path($defcfg[$k]['default']); + $newcfg[$k] = $v; + } + echo "$name". + ""; + if ( isset( $defcfg[$k]['comment'] ) ) { + echo '   ' . $defcfg[$k]['comment']; + } + echo "\n"; + break; default: echo "$name" . "$v"; @@ -372,7 +450,6 @@ foreach ( $newcfg as $k => $v ) { echo "\n"; } } - } /* Special Themes Block */ @@ -394,14 +471,13 @@ if ( $colapse['Group7'] == 'off' ) { $k2 = "\$theme[$i]['PATH']"; $e2 = "theme_path_$i"; if ( isset( $HTTP_POST_VARS[$e2] ) ) { - $v2 = '"' . str_replace( '\"', '"', $HTTP_POST_VARS[$e2] ) . '"'; - $v2 = '"' . str_replace( '"', '\"', $v2 ) . '"'; - $newcfg[$k2] = $v2; + $v2 = change_to_sm_path($HTTP_POST_VARS[$e2]); + $newcfg[$k2] = $v2; } else { $v2 = $newcfg[$k2]; } $name = substr( $v1, 1, strlen( $v1 ) - 2 ); - $path = substr( $v2, 1, strlen( $v2 ) - 2 ); + $path = change_to_rel_path($v2); echo ''. "$i. ". "".