Merge pull request #186 from splitbrain/configmgr_improvements

Configmgr improvements

lib/plugins/authldap/lang/en/settings.php

@@ -20,4 +20,4 @@ $lang['debug']       = 'Display additional debug information on errors';
 $lang['deref_o_0']   = 'LDAP_DEREF_NEVER';
 $lang['deref_o_1']   = 'LDAP_DEREF_SEARCHING';
 $lang['deref_o_2']   = 'LDAP_DEREF_FINDING';
-$lang['deref_o_3']   = 'LDAP_DEREF_ALWAYS';
\ No newline at end of file
+$lang['deref_o_3']   = 'LDAP_DEREF_ALWAYS';

lib/plugins/config/settings/config.class.php

@@ -366,12 +366,11 @@ if (!class_exists('setting')) {
     var $_pattern = '';
     var $_error = false;            // only used by those classes which error check
     var $_input = null;             // only used by those classes which error check
+    var $_caution = null;           // used by any setting to provide an alert along with the setting
+                                    // valid alerts, 'warning', 'danger', 'security'
+                                    // images matching the alerts are in the plugin's images directory
 
-    var $_cautionList = array(
-        'basedir' => 'danger', 'baseurl' => 'danger', 'savedir' => 'danger', 'cookiedir' => 'danger', 'useacl' => 'danger', 'authtype' => 'danger', 'superuser' => 'danger', 'userewrite' => 'danger',
-        'start' => 'warning', 'camelcase' => 'warning', 'deaccent' => 'warning', 'sepchar' => 'warning', 'compression' => 'warning', 'xsendfile' => 'warning', 'renderer_xhtml' => 'warning', 'fnencode' => 'warning',
-        'allowdebug' => 'security', 'htmlok' => 'security', 'phpok' => 'security', 'iexssprotect' => 'security', 'remote' => 'security', 'fullpath' => 'security'
-    );
+    static protected $_validCautions = array('warning','danger','security');
 
     function setting($key, $params=null) {
         $this->_key = $key;
@@ -473,8 +472,22 @@ if (!class_exists('setting')) {
     function error() { return $this->_error; }
 
     function caution() {
-        if (!array_key_exists($this->_key, $this->_cautionList)) return false;
-        return $this->_cautionList[$this->_key];
+        if (!empty($this->_caution)) {
+            if (!in_array($this->_caution, setting::$_validCautions)) {
+                trigger_error('Invalid caution string ('.$this->_caution.') in metadata for setting "'.$this->_key.'"', E_USER_WARNING);
+                return false;
+            }
+            return $this->_caution;
+        }
+        // compatibility with previous cautionList
+        // TODO: check if any plugins use; remove
+        if (!empty($this->_cautionList[$this->_key])) {
+            $this->_caution = $this->_cautionList[$this->_key];
+            unset($this->_cautionList);
+
+            return $this->caution();
+        }
+        return false;
     }
 
     function _out_key($pretty=false,$url=false) {
@@ -659,10 +672,8 @@ if (!class_exists('setting_password')) {
 }
 
 if (!class_exists('setting_email')) {
-  if (!defined('SETTING_EMAIL_PATTERN')) define('SETTING_EMAIL_PATTERN','<^'.PREG_PATTERN_VALID_EMAIL.'$>');
 
   class setting_email extends setting_string {
-    var $_pattern = SETTING_EMAIL_PATTERN;       // no longer required, retained for backward compatibility - FIXME, may not be necessary
     var $_multiple = false;
     var $_placeholders = false;
 
@@ -1107,96 +1118,39 @@ if (!class_exists('setting_multicheckbox')) {
   }
 }
 
-/**
- *  Provide php_strip_whitespace (php5 function) functionality
- *
- *  @author   Chris Smith <chris@jalakai.co.uk>
- */
-if (!function_exists('php_strip_whitespace'))  {
-
-  if (function_exists('token_get_all')) {
-
-    if (!defined('T_ML_COMMENT')) {
-      define('T_ML_COMMENT', T_COMMENT);
-    } else {
-      define('T_DOC_COMMENT', T_ML_COMMENT);
-    }
+if (!class_exists('setting_regex')){
+   class setting_regex extends setting_string {
 
-    /**
-     * modified from original
-     * source Google Groups, php.general, by David Otton
-     */
-    function php_strip_whitespace($file) {
-        if (!@is_readable($file)) return '';
+        var $_delimiter = '/';    // regex delimiter to be used in testing input
+        var $_pregflags = 'ui';   // regex pattern modifiers to be used in testing input
 
-        $in = join('',@file($file));
-        $out = '';
+        /**
+         *  update changed setting with user provided value $input
+         *  - if changed value fails error check, save it to $this->_input (to allow echoing later)
+         *  - if changed value passes error check, set $this->_local to the new value
+         *
+         *  @param  mixed   $input   the new value
+         *  @return boolean          true if changed, false otherwise (incl. on error)
+         */
+        function update($input) {
 
-        $tokens = token_get_all($in);
+            // let parent do basic checks, value, not changed, etc.
+            $local = $this->_local;
+            if (!parent::update($input)) return false;
+            $this->_local = $local;
 
-        foreach ($tokens as $token) {
-          if (is_string ($token)) {
-            $out .= $token;
-          } else {
-            list ($id, $text) = $token;
-            switch ($id) {
-              case T_COMMENT : // fall thru
-              case T_ML_COMMENT : // fall thru
-              case T_DOC_COMMENT : // fall thru
-              case T_WHITESPACE :
-                break;
-              default : $out .= $text; break;
+            // see if the regex compiles and runs (we don't check for effectiveness)
+            $regex = $this->_delimiter . $input . $this->_delimiter . $this->_pregflags;
+            $lastError = error_get_last();
+            $ok = @preg_match($regex,'testdata');
+            if (preg_last_error() != PREG_NO_ERROR || error_get_last() != $lastError) {
+                $this->_input = $input;
+                $this->_error = true;
+                return false;
             }
-          }
-        }
-        return ($out);
-    }
-
-  } else {
-
-    function is_whitespace($c) { return (strpos("\t\n\r ",$c) !== false); }
-    function is_quote($c) { return (strpos("\"'",$c) !== false); }
-    function is_escaped($s,$i) {
-        $idx = $i-1;
-        while(($idx>=0) && ($s{$idx} == '\\')) $idx--;
-        return (($i - $idx + 1) % 2);
-    }
-
-    function is_commentopen($str, $i) {
-        if ($str{$i} == '#') return "\n";
-        if ($str{$i} == '/') {
-          if ($str{$i+1} == '/') return "\n";
-          if ($str{$i+1} == '*') return "*/";
-        }
-
-        return false;
-    }
-
-    function php_strip_whitespace($file) {
-
-        if (!@is_readable($file)) return '';
 
-        $contents = join('',@file($file));
-        $out = '';
-
-        $state = 0;
-        for ($i=0; $i<strlen($contents); $i++) {
-          if (!$state && is_whitespace($contents{$i})) continue;
-
-          if (!$state && ($c_close = is_commentopen($contents, $i))) {
-            $c_open_len = ($contents{$i} == '/') ? 2 : 1;
-            $i = strpos($contents, $c_close, $i+$c_open_len)+strlen($c_close)-1;
-            continue;
-          }
-
-          $out .= $contents{$i};
-          if (is_quote($contents{$i})) {
-              if (($state == $contents{$i}) && !is_escaped($contents, $i)) { $state = 0; continue; }
-            if (!$state) {$state = $contents{$i}; continue; }
-          }
+            $this->_local = $input;
+            return true;
         }
-
-        return $out;
     }
-  }
 }

lib/plugins/config/settings/config.metadata.php

@@ -34,6 +34,9 @@
  *   'array'        - a simple (one dimensional) array of string values, shown as comma separated list in the
  *                    config manager but saved as PHP array(). Values may not contain commas themselves.
  *                    _pattern matching on the array values supported.
+ *   'regex'        - regular expression string, normally without delimiters; as for string, in addition tested
+ *                    to see if will compile & run as a regex.  in addition to _pattern, also accepts _delimiter
+ *                    (default '/') and _pregflags (default 'ui')
  *
  *  Single Setting (source: settings/extra.class.php)
  *  -------------------------------------------------
@@ -43,10 +46,13 @@
  *   'im_convert'  - as 'setting', input must exist and be an im_convert module
  *   'disableactions' - as 'setting'
  *   'compression' - no additional parameters. checks php installation supports possible compression alternatives
+ *   'licence'     - as multichoice, selection constructed from licence strings in language files
+ *   'renderer'    - as multichoice, selection constructed from enabled renderer plugins which canRender()
  *
  *  Any setting commented or missing will use 'setting' class - text input, minimal validation, quoted output
  *
  * Defined parameters:
+ *   '_caution'    - no value (default) or 'warning', 'danger', 'security'. display an alert along with the setting
  *   '_pattern'    - string, a preg pattern. input is tested against this pattern before being accepted
  *                   optional all classes, except onoff & multichoice which ignore it
  *   '_choices'    - array of choices. used to populate a selection box. choice will be replaced by a localised
@@ -59,6 +65,9 @@
  *   '_code'       - encoding method to use, accepted values: 'base64','uuencode','plain'.  defaults to plain.
  *   '_min'        - minimum numeric value, optional for 'numeric' and 'numericopt', ignored by others
  *   '_max'        - maximum numeric value, optional for 'numeric' and 'numericopt', ignored by others
+ *   '_delimiter'  - string, default '/', a single character used as a delimiter for testing regex input values
+ *   '_pregflags'  - string, default 'ui', valid preg pattern modifiers used when testing regex input values, for more
+ *                   information see http://uk1.php.net/manual/en/reference.pcre.pattern.modifiers.php
  *   '_multiple'   - bool, allow multiple comma separated email values; optional for 'email', ignored by others
  *
  * @author    Chris Smith <chris@jalakai.co.uk>
@@ -83,26 +92,26 @@ $config['heading'] = 'Dokuwiki\'s Main Configuration File - Local Settings';
 
 $meta['_basic']   = array('fieldset');
 $meta['title']    = array('string');
-$meta['start']    = array('string','_pattern' => '!^[^:;/]+$!'); // don't accept namespaces
+$meta['start']    = array('string','_caution' => 'warning','_pattern' => '!^[^:;/]+$!'); // don't accept namespaces
 $meta['lang']     = array('dirchoice','_dir' => DOKU_INC.'inc/lang/');
 $meta['template'] = array('dirchoice','_dir' => DOKU_INC.'lib/tpl/','_pattern' => '/^[\w-]+$/');
 $meta['tagline']  = array('string');
 $meta['sidebar']  = array('string');
 $meta['license']  = array('license');
-$meta['savedir']  = array('savedir');
-$meta['basedir']  = array('string');
-$meta['baseurl']  = array('string');
-$meta['cookiedir'] = array('string');
+$meta['savedir']  = array('savedir','_caution' => 'danger');
+$meta['basedir']  = array('string','_caution' => 'danger');
+$meta['baseurl']  = array('string','_caution' => 'danger');
+$meta['cookiedir'] = array('string','_caution' => 'danger');
 $meta['dmode']    = array('numeric','_pattern' => '/0[0-7]{3,4}/'); // only accept octal representation
 $meta['fmode']    = array('numeric','_pattern' => '/0[0-7]{3,4}/'); // only accept octal representation
-$meta['allowdebug']  = array('onoff');
+$meta['allowdebug']  = array('onoff','_caution' => 'security');
 
 $meta['_display']    = array('fieldset');
 $meta['recent']      = array('numeric');
 $meta['recent_days'] = array('numeric');
 $meta['breadcrumbs'] = array('numeric','_min' => 0);
 $meta['youarehere']  = array('onoff');
-$meta['fullpath']    = array('onoff');
+$meta['fullpath']    = array('onoff','_caution' => 'security');
 $meta['typography']  = array('multichoice','_choices' => array(0,1,2));
 $meta['dformat']     = array('string');
 $meta['signature']   = array('string');
@@ -111,19 +120,19 @@ $meta['toptoclevel'] = array('multichoice','_choices' => array(1,2,3,4,5));   //
 $meta['tocminheads'] = array('multichoice','_choices' => array(0,1,2,3,4,5,10,15,20));
 $meta['maxtoclevel'] = array('multichoice','_choices' => array(0,1,2,3,4,5));
 $meta['maxseclevel'] = array('multichoice','_choices' => array(0,1,2,3,4,5)); // 0 for no sec edit buttons
-$meta['camelcase']   = array('onoff');
-$meta['deaccent']    = array('multichoice','_choices' => array(0,1,2));
+$meta['camelcase']   = array('onoff','_caution' => 'warning');
+$meta['deaccent']    = array('multichoice','_choices' => array(0,1,2),'_caution' => 'warning');
 $meta['useheading']  = array('multichoice','_choices' => array(0,'navigation','content',1));
 $meta['sneaky_index'] = array('onoff');
-$meta['hidepages']   = array('string');
+$meta['hidepages']   = array('regex');
 
 $meta['_authentication'] = array('fieldset');
-$meta['useacl']      = array('onoff');
+$meta['useacl']      = array('onoff','_caution' => 'danger');
 $meta['autopasswd']  = array('onoff');
-$meta['authtype']    = array('authtype');
+$meta['authtype']    = array('authtype','_caution' => 'danger');
 $meta['passcrypt']   = array('multichoice','_choices' => array('smd5','md5','apr1','sha1','ssha','lsmd5','crypt','mysql','my411','kmd5','pmd5','hmd5','mediawiki','bcrypt','djangomd5','djangosha1','sha512'));
 $meta['defaultgroup']= array('string');
-$meta['superuser']   = array('string');
+$meta['superuser']   = array('string','_caution' => 'danger');
 $meta['manager']     = array('string');
 $meta['profileconfirm'] = array('onoff');
 $meta['rememberme'] = array('onoff');
@@ -132,7 +141,7 @@ $meta['disableactions'] = array('disableactions',
                                 '_combine' => array('subscription' => array('subscribe','unsubscribe'), 'wikicode' => array('source','export_raw')));
 $meta['auth_security_timeout'] = array('numeric');
 $meta['securecookie'] = array('onoff');
-$meta['remote']       = array('onoff');
+$meta['remote']       = array('onoff','_caution' => 'security');
 $meta['remoteuser']   = array('string');
 
 $meta['_anti_spam']  = array('fieldset');
@@ -140,12 +149,12 @@ $meta['usewordblock']= array('onoff');
 $meta['relnofollow'] = array('onoff');
 $meta['indexdelay']  = array('numeric');
 $meta['mailguard']   = array('multichoice','_choices' => array('visible','hex','none'));
-$meta['iexssprotect']= array('onoff');
+$meta['iexssprotect']= array('onoff','_caution' => 'security');
 
 $meta['_editing']    = array('fieldset');
 $meta['usedraft']    = array('onoff');
-$meta['htmlok']      = array('onoff');
-$meta['phpok']       = array('onoff');
+$meta['htmlok']      = array('onoff','_caution' => 'security');
+$meta['phpok']       = array('onoff','_caution' => 'security');
 $meta['locktime']    = array('numeric');
 $meta['cachetime']   = array('numeric');
 
@@ -184,20 +193,20 @@ $meta['rss_show_summary'] = array('onoff');
 
 $meta['_advanced']   = array('fieldset');
 $meta['updatecheck'] = array('onoff');
-$meta['userewrite']  = array('multichoice','_choices' => array(0,1,2));
+$meta['userewrite']  = array('multichoice','_choices' => array(0,1,2),'_caution' => 'danger');
 $meta['useslash']    = array('onoff');
-$meta['sepchar']     = array('sepchar');
+$meta['sepchar']     = array('sepchar','_caution' => 'warning');
 $meta['canonical']   = array('onoff');
-$meta['fnencode']    = array('multichoice','_choices' => array('url','safe','utf-8'));
+$meta['fnencode']    = array('multichoice','_choices' => array('url','safe','utf-8'),'_caution' => 'warning');
 $meta['autoplural']  = array('onoff');
 $meta['compress']    = array('onoff');
 $meta['cssdatauri']  = array('numeric','_pattern' => '/^\d+$/');
 $meta['gzip_output'] = array('onoff');
 $meta['send404']     = array('onoff');
-$meta['compression'] = array('compression');
+$meta['compression'] = array('compression','_caution' => 'warning');
 $meta['broken_iua']  = array('onoff');
-$meta['xsendfile']   = array('multichoice','_choices' => array(0,1,2,3));
-$meta['renderer_xhtml'] = array('renderer','_format' => 'xhtml','_choices' => array('xhtml'));
+$meta['xsendfile']   = array('multichoice','_choices' => array(0,1,2,3),'_caution' => 'warning');
+$meta['renderer_xhtml'] = array('renderer','_format' => 'xhtml','_choices' => array('xhtml'),'_caution' => 'warning');
 $meta['readdircache'] = array('numeric');
 
 $meta['_network']    = array('fieldset');