diff options
| author | Stephen Shkardoon <ss23@ss23.geek.nz> | 2012-01-02 23:40:02 +1100 |
|---|---|---|
| committer | Stephen Shkardoon <ss23@ss23.geek.nz> | 2012-01-02 23:41:20 +1100 |
| commit | 3af6e0baefbeb144dea0490e05218a91a616103e (patch) | |
| tree | 958dfe8533bea186a1c4ef2c9eebb835398a8bc7 /lib | |
| parent | 49a1757d626b50a56e52c5174cf6ac72c89f4aed (diff) | |
| download | ampache-3af6e0baefbeb144dea0490e05218a91a616103e.tar.gz ampache-3af6e0baefbeb144dea0490e05218a91a616103e.tar.bz2 ampache-3af6e0baefbeb144dea0490e05218a91a616103e.zip | |
Bug where configuration file was escaped incorrectly
Bug where a timeout of 0 was incorrectly recognized
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/debug.lib.php | 24 | ||||
| -rw-r--r-- | lib/install.php | 2 |
2 files changed, 17 insertions, 9 deletions
diff --git a/lib/debug.lib.php b/lib/debug.lib.php index e6636976..928b4f8d 100644 --- a/lib/debug.lib.php +++ b/lib/debug.lib.php @@ -225,12 +225,8 @@ function check_php_memory() { */ function check_php_timelimit() { - $current = ini_get('max_execution_time'); - if (intval($current) < 60) { - return false; - } - - return true; + $current = intval(ini_get('max_execution_time')); + return ($current > 60 || $current == 0); } // check_php_timelimit @@ -352,10 +348,10 @@ function generate_config($current) { /* Put in the current value */ if ($key == 'config_version') { - $line = $key . ' = ' . addslashes($value); + $line = $key . ' = ' . escape_ini($value); } elseif (isset($current[$key])) { - $line = $key . ' = "' . addslashes($current[$key]) . '"'; + $line = $key . ' = "' . escape_ini($current[$key]) . '"'; unset($current[$key]); } // if set @@ -370,6 +366,18 @@ function generate_config($current) { } // generate_config /** + * escape_ini + * Escape a value used for inserting into an ini file. + * Won't quote ', like addslashes does. + */ +function escape_ini($str) { + + return str_replace('"', '\"', $str); + +} + + +/** * debug_ok * Return an "OK" with the specified string */ diff --git a/lib/install.php b/lib/install.php index 0513f5b7..16ce2b18 100644 --- a/lib/install.php +++ b/lib/install.php @@ -177,7 +177,7 @@ function install_insert_db($username,$password,$hostname,$database,$dbuser=false if ($_POST['db_user'] == 'create_db_user' || (strlen($dbuser) AND strlen($dbpass))) { $db_user = $_POST['db_username'] ? scrub_in($_POST['db_username']) : $dbuser; - $db_pass = $_POST['db_password'] ? scrub_in($_POST['db_password']) : $dbpass; + $db_pass = $_POST['db_password'] ? $_POST['db_password'] : $dbpass; if (!strlen($db_user) || !strlen($db_pass)) { Error::add('general',_('Error: Ampache SQL Username or Password missing')); |