cellog Wed Mar 30 15:16:53 2005 EDT
Modified files:
/pear-core/PEAR Config.php
Log:
security precaution: only allow 3 or fewer configuration variables
to be defined by a custom role
http://cvs.php.net/diff.php/pear-core/PEAR/Config.php?r1=1.99&r2=1.100&ty=u
Index: pear-core/PEAR/Config.php
diff -u pear-core/PEAR/Config.php:1.99 pear-core/PEAR/Config.php:1.100
--- pear-core/PEAR/Config.php:1.99 Sun Mar 20 20:06:46 2005
+++ pear-core/PEAR/Config.php Wed Mar 30 15:16:52 2005
@@ -16,7 +16,7 @@
* @author Greg Beaver <cellog@xxxxxxx>
* @copyright 1997-2005 The PHP Group
* @license http://www.php.net/license/3_0.txt PHP License 3.0
- * @version CVS: $Id: Config.php,v 1.99 2005/03/21 01:06:46 cellog Exp $
+ * @version CVS: $Id: Config.php,v 1.100 2005/03/30 20:16:52 cellog Exp $
* @link http://pear.php.net/package/PEAR
* @since File available since Release 0.1
*/
@@ -934,6 +934,9 @@
function _addConfigVars($role)
{
$vars = call_user_func(array($role, 'getSupportingConfigVars'));
+ if (count($vars) > 3) {
+ return $this->raiseError('Roles can only define 3 new config
variables or less');
+ }
foreach ($vars as $name => $var) {
if (!is_array($var)) {
return $this->raiseError('Configuration information must be an
array');
--
PEAR CVS Mailing List (http://pear.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
|
