Issues in config.php (master) - Issues in master - EGroupware/egroupware - Measure and Improve Code Quality continuously with Scrutinizer

Issues (4868)

setup/config.php (1 issue)

Labels

Bug 1

Severity

<?php
/**
 * EGroupWare Setup - System configuration
 *
 * @link http://www.egroupware.org
 * @package setup
 * @author Miles Lott <[email protected]>
 * @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
 * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
 * @version $Id$
 */

use EGroupware\Api;
use EGroupware\Api\Framework;

include('./inc/functions.inc.php');

/*
Authorize the user to use setup app and load the database
Does not return unless user is authorized
*/
if(!$GLOBALS['egw_setup']->auth('Config') || @$_POST['cancel'])
{
	Header('Location: index.php');
	exit;
}

$tpl_root = $GLOBALS['egw_setup']->html->setup_tpl_dir('setup');
$setup_tpl = new Framework\Template($tpl_root);

$setup_tpl->set_file(array(
	'T_head' => 'head.tpl',
	'T_footer' => 'footer.tpl',
	'T_alert_msg' => 'msg_alert_msg.tpl',
	'T_config_pre_script' => 'config_pre_script.tpl',
	'T_config_post_script' => 'config_post_script.tpl'
));
$setup_tpl->set_var('hidden_vars', Api\Html::input_hidden('csrf_token', Api\Csrf::token(__FILE__)));

// check CSRF token for POST requests with any content (setup uses empty POST to call it's modules!)
if ($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST)
{
	Api\Csrf::validate($_POST['csrf_token'], __FILE__);
}

/* Following to ensure windows file paths are saved correctly */
if (function_exists('get_magic_quotes_runtime') && get_magic_quotes_runtime())
{
	set_magic_quotes_runtime(0);
}
$GLOBALS['egw_setup']->loaddb();

/* Check api version, use correct table */
$setup_info = $GLOBALS['egw_setup']->detection->get_db_versions();

$newsettings = $_POST['newsettings'];

if(@$_POST['submit'] && @$newsettings)
{
	/* Load hook file with functions to validate each config (one/none/all) */
	$GLOBALS['egw_setup']->hook('config_validate','setup');

	$newsettings['tz_offset'] = date('Z')/3600;

	$GLOBALS['egw_setup']->db->transaction_begin();
	foreach($newsettings as $setting => $value)
	{
		if(in_array($setting, (array)$GLOBALS['egw_info']['server']['found_validation_hook']) && function_exists($setting))
		{
			$setting($newsettings);
			if($GLOBALS['config_error'])
			{
				$GLOBALS['error'] .= '<b>'.$GLOBALS['config_error'] ."</b><br />\n";
				$GLOBALS['config_error'] = '';
				/* Bail out, stop writing config data */
				break;
			}
			$value = $newsettings[$setting];	// it might be changed by the validation hook
		}
		/* Don't erase passwords, since we also do not print them below */
		if(!empty($value) || !(stristr($setting,'passwd') || stristr($setting,'password') || stristr($setting,'root_pw')))
		{
			Api\Config::save_value($setting, $value, 'phpgwapi');
		}
	}
	if(!$GLOBALS['error'])
	{
		$GLOBALS['egw_setup']->db->transaction_commit();
		// unset cached config, as this is the primary source for configuration now
		Api\Cache::unsetInstance('config', 'configs');

		Header('Location: index.php');
		exit;
	}
}

$GLOBALS['egw_setup']->html->show_header(lang('Configuration'),False,'config',$GLOBALS['egw_setup']->ConfigDomain . '(' . $GLOBALS['egw_domain'][$GLOBALS['egw_setup']->ConfigDomain]['db_type'] . ')');

// if we have an validation error, use the new settings made by the user and not the stored config
if($GLOBALS['error'] && is_array($newsettings))
{
	$GLOBALS['current_config'] = $newsettings;
}
else
{
	foreach($GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->config_table,'*',false,__LINE__,__FILE__) as $row)
	{
		$GLOBALS['current_config'][$row['config_name']] = $row['config_value'];
	}
}
$setup_tpl->pparse('out','T_config_pre_script');

/* Now parse each of the templates we want to show here */
class phpgw
{
	var $accounts;
	var $applications;
	var $db;
}
$GLOBALS['egw'] = new phpgw;
$GLOBALS['egw']->db     =& $GLOBALS['egw_setup']->db;

$t = new Framework\Template(Framework\Template::get_dir('setup'));

$t->set_unknowns('keep');
$t->set_file(array('config' => 'config.tpl'));
$t->set_block('config','body','body');

$vars = $t->get_undefined('body');
$GLOBALS['egw_setup']->hook('config','setup');

foreach($vars as $value)

{
	$valarray = explode('_',$value);
	$type = array_shift($valarray);
	$newval = implode(' ',$valarray);

	switch ($type)
	{
		case 'lang':
			$t->set_var($value,lang($newval));
			break;
		case 'value':
			$newval = str_replace(' ','_',$newval);
			/* Don't show passwords in the form */
			if(strpos($value,'passwd') !== false || strpos($value,'password') !== false || strpos($value,'root_pw') !== false)
			{
				$t->set_var($value,'');
			}
			else
			{
				$t->set_var($value,@$current_config[$newval]);
			}
			break;
		case 'selected':
			$newvals = explode(' ',$newval);
			$setting = array_pop($newvals);
			$config = implode('_',$newvals);
			/* echo $config . '=' . $current_config[$config]; */
			if(@$current_config[$config] == $setting)
			{
				$t->set_var($value,' selected');
			}
			else
			{
				$t->set_var($value,'');
			}
			break;
		case 'hook':
			$newval = str_replace(' ','_',$newval);
			$t->set_var($value,$newval($current_config));
			break;
		default:
			$t->set_var($value,'');
			break;
	}
}

if($GLOBALS['error'])
{
	if($GLOBALS['error'] == 'badldapconnection')
	{
		/* Please check the number and dial again :) */
		$GLOBALS['egw_setup']->html->show_alert_msg('Error',
			lang('There was a problem trying to connect to your LDAP server. <br />'
				.'please check your LDAP server configuration') . '.');
	}

	$GLOBALS['egw_setup']->html->show_alert_msg('Error',$GLOBALS['error'].'<p>');
}

$t->pfp('out','body');
unset($t);

$setup_tpl->set_var('more_configs',lang('Please login to egroupware and run the admin application for additional site configuration') . '.');

$setup_tpl->set_var('lang_submit',lang('Save'));
$setup_tpl->set_var('lang_cancel',lang('Cancel'));
$setup_tpl->pparse('out','T_config_post_script');

$GLOBALS['egw_setup']->html->show_footer();


1			<?php
2			/**
3			* EGroupWare Setup - System configuration
4			*
5			* @link http://www.egroupware.org
6			* @package setup
7			* @author Miles Lott <[email protected]>
8			* @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
9			* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
10			* @version $Id$
11			*/
12
13			use EGroupware\Api;
14			use EGroupware\Api\Framework;
15
16			include('./inc/functions.inc.php');
17
18			/*
19			Authorize the user to use setup app and load the database
20			Does not return unless user is authorized
21			*/
22			if(!$GLOBALS['egw_setup']->auth('Config') \|\| @$_POST['cancel'])
23			{
24			Header('Location: index.php');
25			exit;
26			}
27
28			$tpl_root = $GLOBALS['egw_setup']->html->setup_tpl_dir('setup');
29			$setup_tpl = new Framework\Template($tpl_root);
30
31			$setup_tpl->set_file(array(
32			'T_head' => 'head.tpl',
33			'T_footer' => 'footer.tpl',
34			'T_alert_msg' => 'msg_alert_msg.tpl',
35			'T_config_pre_script' => 'config_pre_script.tpl',
36			'T_config_post_script' => 'config_post_script.tpl'
37			));
38			$setup_tpl->set_var('hidden_vars', Api\Html::input_hidden('csrf_token', Api\Csrf::token(__FILE__)));
39
40			// check CSRF token for POST requests with any content (setup uses empty POST to call it's modules!)
41			if ($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST)
42			{
43			Api\Csrf::validate($_POST['csrf_token'], __FILE__);
44			}
45
46			/* Following to ensure windows file paths are saved correctly */
47			if (function_exists('get_magic_quotes_runtime') && get_magic_quotes_runtime())
48			{
49			set_magic_quotes_runtime(0);
50			}
51			$GLOBALS['egw_setup']->loaddb();
52
53			/* Check api version, use correct table */
54			$setup_info = $GLOBALS['egw_setup']->detection->get_db_versions();
55
56			$newsettings = $_POST['newsettings'];
57
58			if(@$_POST['submit'] && @$newsettings)
59			{
60			/* Load hook file with functions to validate each config (one/none/all) */
61			$GLOBALS['egw_setup']->hook('config_validate','setup');
62
63			$newsettings['tz_offset'] = date('Z')/3600;
64
65			$GLOBALS['egw_setup']->db->transaction_begin();
66			foreach($newsettings as $setting => $value)
67			{
68			if(in_array($setting, (array)$GLOBALS['egw_info']['server']['found_validation_hook']) && function_exists($setting))
69			{
70			$setting($newsettings);
71			if($GLOBALS['config_error'])
72			{
73			$GLOBALS['error'] .= '<b>'.$GLOBALS['config_error'] ."</b><br />\n";
74			$GLOBALS['config_error'] = '';
75			/* Bail out, stop writing config data */
76			break;
77			}
78			$value = $newsettings[$setting]; // it might be changed by the validation hook
79			}
80			/* Don't erase passwords, since we also do not print them below */
81			if(!empty($value) \|\| !(stristr($setting,'passwd') \|\| stristr($setting,'password') \|\| stristr($setting,'root_pw')))
82			{
83			Api\Config::save_value($setting, $value, 'phpgwapi');
84			}
85			}
86			if(!$GLOBALS['error'])
87			{
88			$GLOBALS['egw_setup']->db->transaction_commit();
89			// unset cached config, as this is the primary source for configuration now
90			Api\Cache::unsetInstance('config', 'configs');
91
92			Header('Location: index.php');
93			exit;
94			}
95			}
96
97			$GLOBALS['egw_setup']->html->show_header(lang('Configuration'),False,'config',$GLOBALS['egw_setup']->ConfigDomain . '(' . $GLOBALS['egw_domain'][$GLOBALS['egw_setup']->ConfigDomain]['db_type'] . ')');
98
99			// if we have an validation error, use the new settings made by the user and not the stored config
100			if($GLOBALS['error'] && is_array($newsettings))
101			{
102			$GLOBALS['current_config'] = $newsettings;
103			}
104			else
105			{
106			foreach($GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->config_table,'*',false,__LINE__,__FILE__) as $row)
107			{
108			$GLOBALS['current_config'][$row['config_name']] = $row['config_value'];
109			}
110			}
111			$setup_tpl->pparse('out','T_config_pre_script');
112
113			/* Now parse each of the templates we want to show here */
114			class phpgw
115			{
116			var $accounts;
117			var $applications;
118			var $db;
119			}
120			$GLOBALS['egw'] = new phpgw;
121			$GLOBALS['egw']->db =& $GLOBALS['egw_setup']->db;
122
123			$t = new Framework\Template(Framework\Template::get_dir('setup'));
124
125			$t->set_unknowns('keep');
126			$t->set_file(array('config' => 'config.tpl'));
127			$t->set_block('config','body','body');
128
129			$vars = $t->get_undefined('body');
130			$GLOBALS['egw_setup']->hook('config','setup');
131
132			foreach($vars as $value)
			0 ignored issues – show Bug introduced 2019-02-28 11:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$vars` of type `false` is not traversable. Loading history...
133			{
134			$valarray = explode('_',$value);
135			$type = array_shift($valarray);
136			$newval = implode(' ',$valarray);
137
138			switch ($type)
139			{
140			case 'lang':
141			$t->set_var($value,lang($newval));
142			break;
143			case 'value':
144			$newval = str_replace(' ','_',$newval);
145			/* Don't show passwords in the form */
146			if(strpos($value,'passwd') !== false \|\| strpos($value,'password') !== false \|\| strpos($value,'root_pw') !== false)
147			{
148			$t->set_var($value,'');
149			}
150			else
151			{
152			$t->set_var($value,@$current_config[$newval]);
153			}
154			break;
155			case 'selected':
156			$newvals = explode(' ',$newval);
157			$setting = array_pop($newvals);
158			$config = implode('_',$newvals);
159			/* echo $config . '=' . $current_config[$config]; */
160			if(@$current_config[$config] == $setting)
161			{
162			$t->set_var($value,' selected');
163			}
164			else
165			{
166			$t->set_var($value,'');
167			}
168			break;
169			case 'hook':
170			$newval = str_replace(' ','_',$newval);
171			$t->set_var($value,$newval($current_config));
172			break;
173			default:
174			$t->set_var($value,'');
175			break;
176			}
177			}
178
179			if($GLOBALS['error'])
180			{
181			if($GLOBALS['error'] == 'badldapconnection')
182			{
183			/* Please check the number and dial again :) */
184			$GLOBALS['egw_setup']->html->show_alert_msg('Error',
185			lang('There was a problem trying to connect to your LDAP server. <br />'
186			.'please check your LDAP server configuration') . '.');
187			}
188
189			$GLOBALS['egw_setup']->html->show_alert_msg('Error',$GLOBALS['error'].'<p>');
190			}
191
192			$t->pfp('out','body');
193			unset($t);
194
195			$setup_tpl->set_var('more_configs',lang('Please login to egroupware and run the admin application for additional site configuration') . '.');
196
197			$setup_tpl->set_var('lang_submit',lang('Save'));
198			$setup_tpl->set_var('lang_cancel',lang('Cancel'));
199			$setup_tpl->pparse('out','T_config_post_script');
200
201			$GLOBALS['egw_setup']->html->show_footer();
202

EGroupware / egroupware

Issues (4868)

setup/config.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like