From 350e1b2d2d61f2b0ee9e064212233474e782cec3 Mon Sep 17 00:00:00 2001
From: "Michael Kaufmann (d00p)" <d00p@froxlor.org>
Date: Sat, 6 Apr 2013 13:38:57 +0200
Subject: [PATCH] if empty string is allowed for file/folder in settings by
 definition, really allow empty string; fixes #1160

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
---
 actions/admin/settings/130.webserver.php      | 72 +----------------
 actions/admin/settings/131.ssl.php            | 77 ++++++++++++++++++
 .../function.validateFormFieldString.php      | 78 +++++++++----------
 lng/english.lng.php                           |  1 +
 lng/german.lng.php                            |  1 +
 5 files changed, 122 insertions(+), 107 deletions(-)
 create mode 100644 actions/admin/settings/131.ssl.php

diff --git a/actions/admin/settings/130.webserver.php b/actions/admin/settings/130.webserver.php
index 0041105d..76762733 100644
--- a/actions/admin/settings/130.webserver.php
+++ b/actions/admin/settings/130.webserver.php
@@ -218,72 +218,8 @@ return array(
 					'option_options_method' => 'getRedirectCodes',
 					'save_method' => 'storeSettingField',
 					'websrv_avail' => array('apache2', 'lighttpd')
-					),
-				),
-			),
-		'ssl' => array(
-			'title' => $lng['admin']['sslsettings'],
-			'fields' => array(
-				'system_ssl_enabled' => array(
-					'label' => $lng['serversettings']['ssl']['use_ssl'],
-					'settinggroup' => 'system',
-					'varname' => 'use_ssl',
-					'type' => 'bool',
-					'default' => false,
-					'save_method' => 'storeSettingField',
-					'overview_option' => true
-					),
-				'system_ssl_cert_file' => array(
-					'label' => $lng['serversettings']['ssl']['ssl_cert_file'],
-					'settinggroup' => 'system',
-					'varname' => 'ssl_cert_file',
-					'type' => 'string',
-					'string_type' => 'file',
-					'string_emptyallowed' => true,
-					'default' => '/etc/apache2/apache2.pem',
-					'save_method' => 'storeSettingField',
-					),
-				'system_ssl_key_file' => array(
-					'label' => $lng['serversettings']['ssl']['ssl_key_file'],
-					'settinggroup' => 'system',
-					'varname' => 'ssl_key_file',
-					'type' => 'string',
-					'string_type' => 'file',
-					'string_emptyallowed' => true,
-					'default' => '/etc/apache2/apache2.key',
-					'save_method' => 'storeSettingField',
-					),
-				'system_ssl_ca_file' => array(
-					'label' => $lng['serversettings']['ssl']['ssl_ca_file'],
-					'settinggroup' => 'system',
-					'varname' => 'ssl_ca_file',
-					'type' => 'string',
-					'string_type' => 'file',
-					'string_emptyallowed' => true,
-					'default' => '',
-					'save_method' => 'storeSettingField',
-					),
-				'system_ssl_cert_chainfile' => array(
-					'label' => $lng['admin']['ipsandports']['ssl_cert_chainfile'],
-					'settinggroup' => 'system',
-					'varname' => 'ssl_cert_chainfile',
-					'type' => 'string',
-					'string_type' => 'file',
-					'string_emptyallowed' => true,
-					'default' => '',
-					'save_method' => 'storeSettingField',
-					),
-				'system_ssl_openssl_cnf' => array(
-					'label' => $lng['serversettings']['ssl']['openssl_cnf'],
-					'settinggroup' => 'system',
-					'varname' => 'openssl_cnf',
-					'type' => 'text',
-					'default' => '',
-					'save_method' => 'storeSettingField',
-					),
-				),
-			),
-		),
+					)
+				)
+			)
+		)
 	);
-
-?>
diff --git a/actions/admin/settings/131.ssl.php b/actions/admin/settings/131.ssl.php
new file mode 100644
index 00000000..430724e8
--- /dev/null
+++ b/actions/admin/settings/131.ssl.php
@@ -0,0 +1,77 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2003-2009 the SysCP Team (see authors).
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Florian Lippert <flo@syscp.org> (2003-2009)
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Settings
+ *
+ */
+
+return array(
+	'groups' => array(
+			'ssl' => array(
+					'title' => $lng['admin']['sslsettings'],
+					'fields' => array(
+							'system_ssl_enabled' => array(
+									'label' => $lng['serversettings']['ssl']['use_ssl'],
+									'settinggroup' => 'system',
+									'varname' => 'use_ssl',
+									'type' => 'bool',
+									'default' => false,
+									'save_method' => 'storeSettingField',
+									'overview_option' => true
+							),
+							'system_ssl_cert_file' => array(
+									'label' => $lng['serversettings']['ssl']['ssl_cert_file'],
+									'settinggroup' => 'system',
+									'varname' => 'ssl_cert_file',
+									'type' => 'string',
+									'string_type' => 'file',
+									'string_emptyallowed' => true,
+									'default' => '/etc/apache2/apache2.pem',
+									'save_method' => 'storeSettingField',
+							),
+							'system_ssl_key_file' => array(
+									'label' => $lng['serversettings']['ssl']['ssl_key_file'],
+									'settinggroup' => 'system',
+									'varname' => 'ssl_key_file',
+									'type' => 'string',
+									'string_type' => 'file',
+									'string_emptyallowed' => true,
+									'default' => '/etc/apache2/apache2.key',
+									'save_method' => 'storeSettingField',
+							),
+							'system_ssl_ca_file' => array(
+									'label' => $lng['serversettings']['ssl']['ssl_ca_file'],
+									'settinggroup' => 'system',
+									'varname' => 'ssl_ca_file',
+									'type' => 'string',
+									'string_type' => 'file',
+									'string_emptyallowed' => true,
+									'default' => '',
+									'save_method' => 'storeSettingField',
+							),
+							'system_ssl_cert_chainfile' => array(
+									'label' => $lng['admin']['ipsandports']['ssl_cert_chainfile'],
+									'settinggroup' => 'system',
+									'varname' => 'ssl_cert_chainfile',
+									'type' => 'string',
+									'string_type' => 'file',
+									'string_emptyallowed' => true,
+									'default' => '',
+									'save_method' => 'storeSettingField',
+							)
+					)
+			)
+		)
+	);
diff --git a/lib/functions/formfields/string/function.validateFormFieldString.php b/lib/functions/formfields/string/function.validateFormFieldString.php
index 0b4c5634..39473400 100644
--- a/lib/functions/formfields/string/function.validateFormFieldString.php
+++ b/lib/functions/formfields/string/function.validateFormFieldString.php
@@ -48,68 +48,68 @@ function validateFormFieldString($fieldname, $fielddata, $newfieldvalue)
  		 */
 		$newfieldvalue = str_replace("\t", " ", $newfieldvalue);
 
-		if(isset($fielddata['string_type']) && $fielddata['string_type'] == 'mail')
-		{
+		if (isset($fielddata['string_type']) && $fielddata['string_type'] == 'mail') {
 			$returnvalue = (filter_var($newfieldvalue, FILTER_VALIDATE_EMAIL) == $newfieldvalue);
 		}
-		elseif(isset($fielddata['string_type']) && $fielddata['string_type'] == 'url')
-		{
+		elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'url') {
 			$returnvalue = validateUrl($newfieldvalue);
 		}
-		elseif(isset($fielddata['string_type']) && $fielddata['string_type'] == 'dir')
-		{
-			// add trailing slash to validate path if needed
-			// refs #331
-			if(substr($newfieldvalue, -1) != '/') {
-				$newfieldvalue.= '/';
+		elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'dir') {
+			// check for empty value (it might be allowed)
+			if (trim($newfieldvalue) == '') {
+				$newfieldvalue = '';
+				$returnvalue = 'stringmustntbeempty';
+			} else {
+				// add trailing slash to validate path if needed
+				// refs #331
+				if (substr($newfieldvalue, -1) != '/') {
+					$newfieldvalue.= '/';
+				}
+				$returnvalue = ($newfieldvalue == makeCorrectDir($newfieldvalue));
 			}
-			$returnvalue = ($newfieldvalue == makeCorrectDir($newfieldvalue));
 		}
-		elseif(isset($fielddata['string_type']) && $fielddata['string_type'] == 'file')
-		{
-			$returnvalue = ($newfieldvalue == makeCorrectFile($newfieldvalue));
+		elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'file') {
+			// check for empty value (it might be allowed)
+			if (trim($newfieldvalue) == '') {
+				$newfieldvalue = '';
+				$returnvalue = 'stringmustntbeempty';
+			} else {
+				$returnvalue = ($newfieldvalue == makeCorrectFile($newfieldvalue));
+			}
 		}
-		elseif(isset($fielddata['string_type']) && $fielddata['string_type'] == 'filedir')
-		{
-			$returnvalue = (($newfieldvalue == makeCorrectDir($newfieldvalue)) || ($newfieldvalue == makeCorrectFile($newfieldvalue)));
+		elseif (isset($fielddata['string_type']) && $fielddata['string_type'] == 'filedir') {
+			// check for empty value (it might be allowed)
+			if (trim($newfieldvalue) == '') {
+				$newfieldvalue = '';
+				$returnvalue = 'stringmustntbeempty';
+			} else {
+				$returnvalue = (($newfieldvalue == makeCorrectDir($newfieldvalue)) || ($newfieldvalue == makeCorrectFile($newfieldvalue)));
+			}
 		}
-		elseif(preg_match('/^[^\r\n\t\f\0]*$/D', $newfieldvalue))
-		{
+		elseif (preg_match('/^[^\r\n\t\f\0]*$/D', $newfieldvalue)) {
 			$returnvalue = true;
 		}
 
-		if(isset($fielddata['string_regexp']) && $fielddata['string_regexp'] != '')
-		{
-			if(preg_match($fielddata['string_regexp'], $newfieldvalue))
-			{
+		if (isset($fielddata['string_regexp']) && $fielddata['string_regexp'] != '') {
+			if (preg_match($fielddata['string_regexp'], $newfieldvalue)) {
 				$returnvalue = true;
-			}
-			else
-			{
+			} else {
 				$returnvalue = false;
 			}
 		}
 
-		if(isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === true && $newfieldvalue === '')
-		{
+		if (isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === true && $newfieldvalue === '') {
 			$returnvalue = true;
-		}
-		elseif(isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === false && $newfieldvalue === '')
-		{
+		} elseif (isset($fielddata['string_emptyallowed']) && $fielddata['string_emptyallowed'] === false && $newfieldvalue === '') {
 			$returnvalue = 'stringmustntbeempty';
 		}
 	}
 	
-	if($returnvalue === true)
-	{
+	if ($returnvalue === true) {
 		return true;
-	}
-	elseif($returnvalue === false)
-	{
+	} elseif ($returnvalue === false) {
 		return 'stringformaterror';
-	}
-	else
-	{
+	} else {
 		return $returnvalue;
 	}
 }
diff --git a/lng/english.lng.php b/lng/english.lng.php
index f8463526..a3bd0d64 100644
--- a/lng/english.lng.php
+++ b/lng/english.lng.php
@@ -1929,3 +1929,4 @@ $lng['error']['usercurrentlydeactivated'] = 'The user %s is currently deactivate
 $lng['admin']['speciallogfile']['title'] = 'Separate logfile';
 $lng['admin']['speciallogfile']['description'] = 'Enable this to get a separate access-log file for this domain';
 $lng['error']['setlessthanalreadyused'] = 'You cannot set less resources of \'%s\' than this user already used';
+$lng['error']['stringmustntbeempty'] = 'The value for the field %s must not be empty';
diff --git a/lng/german.lng.php b/lng/german.lng.php
index 9657beae..ac3778f9 100644
--- a/lng/german.lng.php
+++ b/lng/german.lng.php
@@ -1654,3 +1654,4 @@ $lng['error']['usercurrentlydeactivated'] = 'Der Benutzer %s ist derzeit deaktiv
 $lng['admin']['speciallogfile']['title'] = 'Eigene Log-Datei';
 $lng['admin']['speciallogfile']['description'] = 'Aktiviere diese Option, um für diese Domain eine eigene Access-Log Datei zu erhalten';
 $lng['error']['setlessthanalreadyused'] = 'Es können nicht weniger Resourcen von \'%s\' gesetzt werden, als der Benutzer bereits vergeben hat';
+$lng['error']['stringmustntbeempty'] = 'Der Wert für das Feld %s darf nicht leer sein';