From fc2718d880c37f4fd91fa4824b3b956d6326e1c0 Mon Sep 17 00:00:00 2001
From: Thomas Steur <thomas.steur@googlemail.com>
Date: Tue, 8 Jul 2014 01:55:58 +0200
Subject: [PATCH] refs #5409 #341 #5349 if a config value contains a dollar
sign convert it to an html entity to prevent it being interpreted as a PHP
variable. This allows us to remove the RAW ini parser flag which causes
trouble on some PHP versions as the parser seems to be buggy.
---
core/Config.php | 1 +
libs/upgradephp/upgrade.php | 4 ++--
tests/PHPUnit/Core/ConfigTest.php | 24 ++++++++++++++++++++
tests/resources/Config/common.config.ini.php | 3 +--
4 files changed, 28 insertions(+), 4 deletions(-)
diff --git a/core/Config.php b/core/Config.php
index 1f91d554f0..c2ee88b119 100644
--- a/core/Config.php
+++ b/core/Config.php
@@ -383,6 +383,7 @@ class Config extends Singleton
}
} else {
$values = htmlentities($values, ENT_COMPAT, 'UTF-8');
+ $values = str_replace('$', '$', $values);
}
return $values;
}
diff --git a/libs/upgradephp/upgrade.php b/libs/upgradephp/upgrade.php
index 0108f72d7a..ffc6a1d87f 100644
--- a/libs/upgradephp/upgrade.php
+++ b/libs/upgradephp/upgrade.php
@@ -130,8 +130,8 @@ if(function_exists('parse_ini_file')) {
if(!file_exists($filename)) {
return false;
}
- // Note: INI_SCANNER_RAW is important here!
- return parse_ini_file($filename, $process_sections, INI_SCANNER_RAW);
+
+ return parse_ini_file($filename, $process_sections);
}
} else {
// we can't redefine parse_ini_file() if it has been disabled
diff --git a/tests/PHPUnit/Core/ConfigTest.php b/tests/PHPUnit/Core/ConfigTest.php
index 60245868d0..6ddba5840a 100644
--- a/tests/PHPUnit/Core/ConfigTest.php
+++ b/tests/PHPUnit/Core/ConfigTest.php
@@ -418,6 +418,17 @@ class ConfigTest extends PHPUnit_Framework_TestCase
'newSetting' => 'newValue')),
$header . "[General]\nkey = \"value\"\n\n[CommonCategory]\nnewSetting = \"newValue\"\n\n",
)),
+
+ array('Converts Dollar Sign To Dollar Entity', array(
+ array('General' => array('key' => '$value', 'key2' => '${value}')), // local
+ array('General' => array('key' => '$global'), // global
+ 'CommonCategory' => array('settingGlobal' => 'valueGlobal')),
+ array('CommonCategory' => array('settingCommon' => 'common', // common
+ 'settingCommon2' => 'common2')),
+ array('CommonCategory' => array('settingCommon2' => 'common2',
+ 'newSetting' => 'newValue')),
+ $header . "[General]\nkey = \"$value\"\nkey2 = \"${value}\"\n\n[CommonCategory]\nnewSetting = \"newValue\"\n\n",
+ )),
);
}
@@ -436,5 +447,18 @@ class ConfigTest extends PHPUnit_Framework_TestCase
$output = $config->dumpConfig($configLocal, $configGlobal, $configCommon, $configCache);
$this->assertEquals($expected, $output, $description);
}
+
+ public function testDollarEntityGetsConvertedToDollarSign()
+ {
+ $userFile = PIWIK_INCLUDE_PATH . '/tests/resources/Config/config.ini.php';
+ $globalFile = PIWIK_INCLUDE_PATH . '/tests/resources/Config/global.ini.php';
+ $commonFile = PIWIK_INCLUDE_PATH . '/tests/resources/Config/common.config.ini.php';
+
+ $config = Config::getInstance();
+ $config->setTestEnvironment($userFile, $globalFile, $commonFile);
+ $config->init();
+
+ $this->assertEquals('${@piwik(crash))}', $config->Category['key3']);
+ }
}
diff --git a/tests/resources/Config/common.config.ini.php b/tests/resources/Config/common.config.ini.php
index db8cb53d41..15852485dc 100644
--- a/tests/resources/Config/common.config.ini.php
+++ b/tests/resources/Config/common.config.ini.php
@@ -1,8 +1,7 @@
[Category]
key2 = valueCommon
-; This should not trigger an error if INI_SCANNER_RAW is used
-key3 = "${@piwik(crash))}"
+key3 = "${@piwik(crash))}"
[GeneralSection]
password = passwordCommonShouldNotBeOverriden
--
GitLab