View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0009302 | mantisbt | other | public | 2008-06-25 18:51 | 2014-11-07 16:27 |
Reporter | bbryant | Assigned To | |||
Priority | normal | Severity | feature | Reproducibility | N/A |
Status | new | Resolution | open | ||
Summary | 0009302: [patch] change config_eval so that it can detect when it is in any kind of recursion, and throw a warning to the user. | ||||
Description | This patch changes config_eval so that it can detect when it is in any kind of recursion, and save itself by throwing a warning to the user. I attempted to put the name of the configuration option into the warning to make it easier to find, but adding formats appears to be tricky because of the language architecture. | ||||
Tags | No tags attached. | ||||
Attached Files | config_recursion.patch (3,688 bytes)
Index: core/constant_inc.php =================================================================== --- core/constant_inc.php +++ core/constant_inc.php @@ -282,6 +282,9 @@ define( 'ERROR_FILTER_NOT_FOUND', 2000 ); define( 'ERROR_FILTER_TOO_OLD', 2001 ); + # ERROR_CONFIG_RECURSION + define( 'ERROR_CONFIG_RECURSION', 2100 ); + # Status Legend Position define( 'STATUS_LEGEND_POSITION_TOP', 1); define( 'STATUS_LEGEND_POSITION_BOTTOM', 2); Index: core/config_api.php =================================================================== --- core/config_api.php +++ core/config_api.php @@ -9,6 +9,11 @@ # $Id$ # -------------------------------------------------------- + $t_core_dir = dirname( __FILE__ ).DIRECTORY_SEPARATOR; + + require_once( $t_core_dir . 'error_api.php' ); + require_once( $t_core_dir . 'database_api.php' ); + # cache for config variables $g_cache_config = array(); $g_cache_config_access = array(); @@ -116,7 +121,7 @@ break; case CONFIG_TYPE_STRING: default: - $t_value = config_eval( $t_raw_value ); + $t_value = config_eval( $t_raw_value, $p_option ); } return $t_value; } @@ -131,7 +136,7 @@ function config_get_global( $p_option, $p_default = null ) { if ( isset( $GLOBALS['g_' . $p_option] ) ) { - $t_value = config_eval( $GLOBALS['g_' . $p_option] ); + $t_value = config_eval( $GLOBALS['g_' . $p_option], $p_option ); if ( $t_value !== $GLOBALS['g_' . $p_option] ) { $GLOBALS['g_' . $p_option] = $t_value; } @@ -392,7 +397,12 @@ # check for recursion in defining config variables # If there is a %text% in the returned value, re-evaluate the "text" part and replace # the string - function config_eval( $p_value ) { + function config_eval( $p_value, $p_option = "" ) { + static $options = array(); + + if (ord($p_option[0])) + $options[] = $p_option; + $t_value = $p_value; if ( is_string( $t_value ) && !is_numeric( $t_value ) ) { if ( 0 < preg_match_all( '/%(.*)%/U', $t_value, $t_matches ) ) { @@ -400,11 +410,18 @@ for ($i=0; $i<$t_count; $i++) { # $t_matches[0][$i] is the matched string including the delimiters # $t_matches[1][$i] is the target parameter string - $t_repl = config_get( $t_matches[1][$i] ); + if (in_array($t_matches[1][$i], $options)) { + trigger_error(ERROR_CONFIG_RECURSION, E_USER_WARNING); + $t_repl = ""; + } else + $t_repl = config_get( $t_matches[1][$i] ); + $t_value = str_replace( $t_matches[0][$i], $t_repl, $t_value ); } } } + + $options = array(); return $t_value; } ?> Index: lang/strings_english.txt =================================================================== --- lang/strings_english.txt +++ lang/strings_english.txt @@ -263,10 +263,8 @@ $MANTIS_ERROR[ERROR_PROJECT_RECURSIVE_HIERARCHY] = 'That operation would create a loop in the subproject hierarchy.'; $MANTIS_ERROR[ERROR_USER_CHANGE_LAST_ADMIN] = 'You cannot change the access level of the only ADMINISTRATOR in the system.'; $MANTIS_ERROR[ERROR_PAGE_REDIRECTION] = 'Page redirection error, ensure that there are no spaces outside the PHP block (<?php ?>) in config_inc.php or custom_*.php files.'; +$MANTIS_ERROR[ERROR_CONFIG_RECURSION] = 'We have detected an error in your configuration that is causing an option to reference itself, directly or indirectly, in the replacement process.'; $s_login_error = 'Your account may be disabled or blocked or the username/password you entered is incorrect.'; $s_login_cookies_disabled = 'Your browser either doesn\'t know how to handle cookies, or refuses to handle them.'; | ||||