Fixed bug #4272: Inconsistent return values of ini_get() produce false positives...
authorChristian Kuhn <lolli@schwarzbu.ch>
Fri, 29 Oct 2010 12:30:37 +0000 (12:30 +0000)
committerChristian Kuhn <lolli@schwarzbu.ch>
Fri, 29 Oct 2010 12:30:37 +0000 (12:30 +0000)
git-svn-id: https://svn.typo3.org/TYPO3v4/Core/trunk@9221 709f56b5-9817-0410-a4d7-c38de5d9e867

ChangeLog
t3lib/class.t3lib_htmlmail.php
t3lib/core_autoload.php
t3lib/utility/class.t3lib_utility_phpoptions.php [new file with mode: 0644]
typo3/sysext/indexed_search/class.external_parser.php
typo3/sysext/install/mod/class.tx_install.php
typo3/sysext/rtehtmlarea/extensions/SpellChecker/class.tx_rtehtmlarea_spellchecker.php
typo3/sysext/rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php

index d6dbc41..8d474c2 100755 (executable)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2010-10-29  Christian Kuhn  <lolli@schwarzbu.ch>
+
+       * Fixed bug #4272: Inconsistent return values of ini_get() produce false positives for safe_mode detection (Thanks to Peter Beernink)
+
 2010-10-29  Ernesto Baschny  <ernst@cron-it.de>
 
        * Fixed bug #16155: t3lib_db::INSERTquery misses a space when generering the INSERT INTO statement
index 0fcecd5..3c5e649 100644 (file)
@@ -732,7 +732,7 @@ class t3lib_htmlmail {
                $recipient = t3lib_div::normalizeMailAddress($this->recipient);
 
                // If safe mode is on, the fifth parameter to mail is not allowed, so the fix wont work on unix with safe_mode=On
-               $returnPathPossible = (!ini_get('safe_mode') && $this->forceReturnPath);
+               $returnPathPossible = (!t3lib_utility_PhpOptions::isSafeModeEnabled() && $this->forceReturnPath);
                if ($returnPathPossible) {
                        $mailWasSent = t3lib_utility_Mail::mail($recipient,
                                  $this->subject,
index b717b0f..16d08fc 100644 (file)
@@ -137,6 +137,7 @@ $t3libClasses = array(
        't3lib_utility_client' => PATH_t3lib . 'utility/class.t3lib_utility_client.php',
        't3lib_utility_http' => PATH_t3lib . 'utility/class.t3lib_utility_http.php',
        't3lib_utility_mail' => PATH_t3lib . 'utility/class.t3lib_utility_mail.php',
+       't3lib_utility_phpoptions' => PATH_t3lib . 'utility/class.t3lib_utility_phpoptions.php',
        't3lib_utility_debug' => PATH_t3lib . 'utility/class.t3lib_utility_debug.php',
        't3lib_spritemanager' => PATH_t3lib . 'class.t3lib_spritemanager.php',
        't3lib_spritemanager_spritegenerator' => PATH_t3lib . 'spritemanager/class.t3lib_spritemanager_spritegenerator.php',
diff --git a/t3lib/utility/class.t3lib_utility_phpoptions.php b/t3lib/utility/class.t3lib_utility_phpoptions.php
new file mode 100644 (file)
index 0000000..760a29e
--- /dev/null
@@ -0,0 +1,65 @@
+<?php
+/***************************************************************
+ * Copyright notice
+ *
+ * (c) 2010 Christian Kuhn <lolli@schwarzbu.ch>
+ * All rights reserved
+ *
+ * This script is part of the TYPO3 project. The TYPO3 project is
+ * free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * The GNU General Public License can be found at
+ * http://www.gnu.org/copyleft/gpl.html.
+ * A copy is found in the textfile GPL.txt and important notices to the license
+ * from the author is found in LICENSE.txt distributed with these scripts.
+ *
+ *
+ * This script is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * This copyright notice MUST APPEAR in all copies of the script!
+ ***************************************************************/
+
+/**
+ * Class to handle php environment specific options / functions
+ *
+ * $Id$
+ *
+ * @author      Christian Kuhn <lolli@schwarzbu.ch>
+ * @package TYPO3
+ * @subpackage t3lib
+ */
+final class t3lib_utility_PhpOptions {
+       /**
+        * Check if php safe_mode is enabled
+        *
+        * @return boolean TRUE if safe_mode is enabled, FALSE if disabled
+        */
+       public static function isSafeModeEnabled() {
+               return self::getIniValueBoolean('safe_mode');
+       }
+
+       /**
+        * Check if php sql.safe_mode is enabled
+        *
+        * @return boolean TRUE if sql.safe_mode is enabled, FALSE if disabled
+        */
+       public static function isSqlSafeModeEnabled() {
+               return self::getIniValueBoolean('sql.safe_mode');
+       }
+
+       /**
+        * Cast a on/off php ini value to boolean
+        *
+        * @return boolean TRUE if the given option is enabled, FALSE if disabled
+        */
+       public static function getIniValueBoolean($configOption) {
+               return filter_var(ini_get($configOption), FILTER_VALIDATE_BOOLEAN, array(FILTER_REQUIRE_SCALAR, FILTER_NULL_ON_FAILURE));
+       }
+}
+?>
index 7621c98..e949ebe 100755 (executable)
@@ -116,13 +116,15 @@ class tx_indexed_search_extparse {
                        return FALSE;
                }
 
+               $safeModeEnabled = t3lib_utility_PhpOptions::isSafeModeEnabled();
+
                        // Switch on file extension:
                switch($extension)      {
                        case 'pdf':
                                        // PDF
                                if ($indexerConfig['pdftools']) {
                                        $pdfPath = rtrim($indexerConfig['pdftools'], '/').'/';
-                                       if (ini_get('safe_mode') || (@is_file($pdfPath.'pdftotext'.$exe) && @is_file($pdfPath.'pdfinfo'.$exe))) {
+                                       if ($safeModeEnabled || (@is_file($pdfPath . 'pdftotext' . $exe) && @is_file($pdfPath . 'pdfinfo' . $exe))) {
                                                $this->app['pdfinfo'] = $pdfPath.'pdfinfo'.$exe;
                                                $this->app['pdftotext'] = $pdfPath.'pdftotext'.$exe;
                                                        // PDF mode:
@@ -135,7 +137,7 @@ class tx_indexed_search_extparse {
                                        // Catdoc
                                if ($indexerConfig['catdoc'])   {
                                        $catdocPath = rtrim($indexerConfig['catdoc'], '/').'/';
-                                       if (ini_get('safe_mode') || @is_file($catdocPath.'catdoc'.$exe))        {
+                                       if ($safeModeEnabled || @is_file($catdocPath . 'catdoc' . $exe)) {
                                                $this->app['catdoc'] = $catdocPath.'catdoc'.$exe;
                                                $extOK = TRUE;
                                        } else $this->pObj->log_setTSlogMessage(sprintf($this->sL('LLL:EXT:indexed_search/locallang.xml:catdocNotFound'), $catdocPath), 3);
@@ -146,7 +148,7 @@ class tx_indexed_search_extparse {
                                        // ppthtml
                                if ($indexerConfig['ppthtml'])  {
                                        $ppthtmlPath = rtrim($indexerConfig['ppthtml'], '/').'/';
-                                       if (ini_get('safe_mode') || @is_file($ppthtmlPath.'ppthtml'.$exe)){
+                                       if ($safeModeEnabled || @is_file($ppthtmlPath . 'ppthtml' . $exe)) {
                                                $this->app['ppthtml'] = $ppthtmlPath.'ppthtml'.$exe;
                                                $extOK = TRUE;
                                        } else $this->pObj->log_setTSlogMessage(sprintf($this->sL('LLL:EXT:indexed_search/locallang.xml:ppthtmlNotFound'), $ppthtmlPath), 3);
@@ -156,7 +158,7 @@ class tx_indexed_search_extparse {
                                        // Xlhtml
                                if ($indexerConfig['xlhtml'])   {
                                        $xlhtmlPath = rtrim($indexerConfig['xlhtml'], '/').'/';
-                                       if (ini_get('safe_mode') || @is_file($xlhtmlPath.'xlhtml'.$exe)){
+                                       if ($safeModeEnabled || @is_file($xlhtmlPath . 'xlhtml' . $exe)) {
                                                $this->app['xlhtml'] = $xlhtmlPath.'xlhtml'.$exe;
                                                $extOK = TRUE;
                                        } else $this->pObj->log_setTSlogMessage(sprintf($this->sL('LLL:EXT:indexed_search/locallang.xml:xlhtmlNotFound'), $xlhtmlPath), 3);
@@ -170,7 +172,7 @@ class tx_indexed_search_extparse {
                        case 'odt':             // Oasis OpenDocument Text
                                if ($indexerConfig['unzip'])    {
                                        $unzipPath = rtrim($indexerConfig['unzip'], '/').'/';
-                                       if (ini_get('safe_mode') || @is_file($unzipPath.'unzip'.$exe))  {
+                                       if ($safeModeEnabled || @is_file($unzipPath . 'unzip' . $exe)) {
                                                $this->app['unzip'] = $unzipPath.'unzip'.$exe;
                                                $extOK = TRUE;
                                        } else $this->pObj->log_setTSlogMessage(sprintf($this->sL('LLL:EXT:indexed_search/locallang.xml:unzipNotFound'), $unzipPath), 3);
@@ -180,7 +182,7 @@ class tx_indexed_search_extparse {
                                        // Catdoc
                                if ($indexerConfig['unrtf'])    {
                                        $unrtfPath = rtrim($indexerConfig['unrtf'], '/').'/';
-                                       if (ini_get('safe_mode') || @is_file($unrtfPath.'unrtf'.$exe))  {
+                                       if ($safeModeEnabled || @is_file($unrtfPath . 'unrtf' . $exe)) {
                                                $this->app['unrtf'] = $unrtfPath.'unrtf'.$exe;
                                                $extOK = TRUE;
                                        } else $this->pObj->log_setTSlogMessage(sprintf($this->sL('LLL:EXT:indexed_search/locallang.xml:unrtfNotFound'), $unrtfPath), 3);
index 4c87337..146e533 100755 (executable)
@@ -1278,7 +1278,7 @@ REMOTE_ADDR was '".t3lib_div::getIndpEnv('REMOTE_ADDR')."' (".t3lib_div::getIndp
                }
 
                asort($paths);
-               if (ini_get('safe_mode')) {
+               if (t3lib_utility_PhpOptions::isSafeModeEnabled()) {
                        $paths=array(ini_get('safe_mode_exec_dir'),'/usr/local/php/bin/');
                }
                if ($this->INSTALL['checkIM']['lzw']) {
@@ -2408,7 +2408,7 @@ REMOTE_ADDR was '".t3lib_div::getIndpEnv('REMOTE_ADDR')."' (".t3lib_div::getIndp
                        // *****************
                        // Safe mode related
                        // *****************
-               if (ini_get('safe_mode')) {
+               if (t3lib_utility_PhpOptions::isSafeModeEnabled()) {
                        $this->message($ext, 'Safe mode turned on', '
                                <p>
                                        <em>safe_mode=' . ini_get('safe_mode') . '</em>
@@ -2488,7 +2488,7 @@ REMOTE_ADDR was '".t3lib_div::getIndpEnv('REMOTE_ADDR')."' (".t3lib_div::getIndp
                } else {
                        $this->message($ext, 'safe_mode: off',"",-1);
                }
-               if (ini_get('sql.safe_mode')) {
+               if (t3lib_utility_PhpOptions::isSqlSafeModeEnabled()) {
                        $this->message($ext, 'sql.safe_mode is enabled', '
                                <p>
                                        <em>sql.safe_mode=' . ini_get('sql.safe_mode') . '</em>
index 19e70f2..4d9b04b 100644 (file)
@@ -76,7 +76,7 @@ class tx_rtehtmlarea_spellchecker extends tx_rtehtmlarea_api {
                        // Set the use of personal dictionary
                        // $this->thisConfig['enablePersonalDicts'] is DEPRECATED as of 4.3.0
                $enablePersonalDicts = ($this->thisConfig['buttons.'][$button.'.']['enablePersonalDictionaries'] || $this->thisConfig['enablePersonalDicts']) ? ((isset($GLOBALS['BE_USER']->userTS['options.']['enablePersonalDicts']) && $GLOBALS['BE_USER']->userTS['options.']['enablePersonalDicts']) ? true : false) : false;
-               if (ini_get('safe_mode') || $this->htmlAreaRTE->is_FE()) {
+               if (t3lib_utility_PhpOptions::isSafeModeEnabled() || $this->htmlAreaRTE->is_FE()) {
                        $enablePersonalDicts = false;
                }
 
index e711806..8bb6bf3 100644 (file)
@@ -72,7 +72,7 @@ class tx_rtehtmlarea_pi1 {
                $this->pspell_is_available = in_array('pspell', get_loaded_extensions());
                $this->AspellDirectory = trim($GLOBALS['TYPO3_CONF_VARS']['EXTCONF'][$this->extKey]['plugins']['SpellChecker']['AspellDirectory'])? trim($GLOBALS['TYPO3_CONF_VARS']['EXTCONF'][$this->extKey]['plugins']['SpellChecker']['AspellDirectory']) : '/usr/bin/aspell';
                $this->forceCommandMode = (trim($GLOBALS['TYPO3_CONF_VARS']['EXTCONF'][$this->extKey]['plugins']['SpellChecker']['forceCommandMode']))? trim($GLOBALS['TYPO3_CONF_VARS']['EXTCONF'][$this->extKey]['plugins']['SpellChecker']['forceCommandMode']) : 0;
-               $safe_mode_is_enabled = ini_get('safe_mode');
+               $safe_mode_is_enabled = t3lib_utility_PhpOptions::isSafeModeEnabled();
                if($safe_mode_is_enabled && !$this->pspell_is_available ) echo('Configuration problem: Spell checking cannot be performed');
                if($safe_mode_is_enabled && $this->forceCommandMode) echo('Configuration problem: Spell checking cannot be performed in command mode');
                if(!$safe_mode_is_enabled && (!$this->pspell_is_available || $this->forceCommandMode)) {