From: skodak Date: Thu, 15 Feb 2007 09:43:14 +0000 (+0000) Subject: MDL-7722 fixed wrong cleaning in backup paths X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=348d6827b3978b45b2db66b992c0ac518f462947;p=moodle.git MDL-7722 fixed wrong cleaning in backup paths --- diff --git a/backup/lib.php b/backup/lib.php index 2bfb708def..25944442e6 100644 --- a/backup/lib.php +++ b/backup/lib.php @@ -7,10 +7,11 @@ //Sets a name/value pair in backup_config table function backup_set_config($name, $value) { if (get_field("backup_config", "name", "name", $name)) { - return set_field("backup_config", "value", $value, "name", $name); + return set_field("backup_config", "value", addslashes($value), "name", $name); } else { + $config = new object(); $config->name = $name; - $config->value = $value; + $config->value = addslashes($value); return insert_record("backup_config", $config); } } diff --git a/lib/adminlib.php b/lib/adminlib.php index 39c1edd86d..65a04be505 100644 --- a/lib/adminlib.php +++ b/lib/adminlib.php @@ -2153,7 +2153,7 @@ class admin_setting_special_backupsaveto extends admin_setting_configtext { $name = 'backup_sche_destination'; $visiblename = get_string('saveto'); $description = get_string('backupsavetohelp'); - parent::admin_setting_configtext($name, $visiblename, $description, '', PARAM_PATH); + parent::admin_setting_configtext($name, $visiblename, $description, ''); } function get_setting() { @@ -2162,10 +2162,8 @@ class admin_setting_special_backupsaveto extends admin_setting_configtext { } function write_setting($data) { - $data = clean_param($data, PARAM_PATH); - if (!empty($data) and (substr($data,-1) == '/' or substr($data,-1) == '\\')) { - return get_string('pathslasherror') . '
'; - } else if (!empty($data) and !is_dir($data)) { + $data = trim($data); + if (!empty($data) and !is_dir($data)) { return get_string('pathnotexists') . '
'; } return (backup_set_config($this->name, $data) ? '' : get_string('errorsetting', 'admin') . $this->visiblename . '
');