Use intval() for validation of config options

author Morris Jobke <hey@morrisjobke.de>

Tue, 21 Feb 2017 23:22:06 +0000 (17:22 -0600)

committer Morris Jobke <hey@morrisjobke.de>

Tue, 21 Feb 2017 23:22:06 +0000 (17:22 -0600)
author Morris Jobke <hey@morrisjobke.de>
Tue, 21 Feb 2017 23:22:06 +0000 (17:22 -0600)
committer Morris Jobke <hey@morrisjobke.de>
Tue, 21 Feb 2017 23:22:06 +0000 (17:22 -0600)
diff --git a/apps/files_sharing/lib/Controller/ShareesAPIController.php b/apps/files_sharing/lib/Controller/ShareesAPIController.php

index 171fac4dbd202e5889db8f49f08ff3e499c8c3bd..73f804faaceb22187aea0dbe1e95b19c3b2248aa 100644 (file)
--- a/apps/files_sharing/lib/Controller/ShareesAPIController.php
+++ b/apps/files_sharing/lib/Controller/ShareesAPIController.php
@@ -415,13 +415,13 @@ class ShareesAPIController extends OCSController {
         public function search($search = '', $itemType = null, $page = 1, $perPage = 200, $shareType = null, $lookup = true) {
  
                 // only search for string larger than a given threshold
-               $threshold = $this->config->getSystemValue('sharing.minSearchStringLength', 0);
+               $threshold = intval($this->config->getSystemValue('sharing.minSearchStringLength', 0));
                 if (strlen($search) < $threshold) {
                         return new Http\DataResponse($this->result);
                 }
  
                 // never return more than the max. number of results configured in the config.php
-               $maxResults = $this->config->getSystemValue('sharing.maxAutocompleteResults', 0);
+               $maxResults = intval($this->config->getSystemValue('sharing.maxAutocompleteResults', 0));
                 if ($maxResults > 0) {
                         $perPage = min($perPage, $maxResults);
                 }
diff --git a/core/js/sharedialogview.js b/core/js/sharedialogview.js

index bbc40c9c8d4423133670b3d7a2371c3c74916454..6a92c6a8dd573f5651b9e20333c41eebed5571dd 100644 (file)
--- a/core/js/sharedialogview.js
+++ b/core/js/sharedialogview.js
@@ -267,7 +267,10 @@
  
                                                         // show a notice that the list is truncated
                                                         // this is the case if one of the search results is at least as long as the max result config option
-                                                       if(Math.min(perPage, oc_config['sharing.maxAutocompleteResults']) <= Math.max(users.length, groups.length, remotes.length, emails.length, lookup.length)) {
+                                                       if(oc_config['sharing.maxAutocompleteResults'] > 0 &&
+                                                               Math.min(perPage, oc_config['sharing.maxAutocompleteResults'])
+                                                               <= Math.max(users.length, groups.length, remotes.length, emails.length, lookup.length)) {
+
                                                                 var message = t('core', 'This list is maybe truncated - please refine your search term to see more results.');
                                                                 $('.ui-autocomplete').append('<li class="autocomplete-note">' + message + '</li>');
                                                         }
diff --git a/lib/private/Template/JSConfigHelper.php b/lib/private/Template/JSConfigHelper.php

index 7a4e8415e7d18216545eef0922cb4a42d7188f25..6bf08dcdada81093465554b290960895fe2d7549 100644 (file)
--- a/lib/private/Template/JSConfigHelper.php
+++ b/lib/private/Template/JSConfigHelper.php
@@ -207,8 +207,8 @@ class JSConfigHelper {
                                 'enable_avatars'        => true, // here for legacy reasons - to not crash existing code that relies on this value
                                 'lost_password_link'=> $this->config->getSystemValue('lost_password_link', null),
                                 'modRewriteWorking'     => ($this->config->getSystemValue('htaccess.IgnoreFrontController', false) === true || getenv('front_controller_active') === 'true'),
-                               'sharing.maxAutocompleteResults' => $this->config->getSystemValue('sharing.maxAutocompleteResults', 0),
-                               'sharing.minSearchStringLength' => $this->config->getSystemValue('sharing.minSearchStringLength', 0),
+                               'sharing.maxAutocompleteResults' => intval($this->config->getSystemValue('sharing.maxAutocompleteResults', 0)),
+                               'sharing.minSearchStringLength' => intval($this->config->getSystemValue('sharing.minSearchStringLength', 0)),
                         ]),
                         "oc_appconfig" => json_encode([
                                 'core' => [
author	Morris Jobke <hey@morrisjobke.de>
	Tue, 21 Feb 2017 23:22:06 +0000 (17:22 -0600)
committer	Morris Jobke <hey@morrisjobke.de>
	Tue, 21 Feb 2017 23:22:06 +0000 (17:22 -0600)
apps/files_sharing/lib/Controller/ShareesAPIController.php		patch \| blob \| history
core/js/sharedialogview.js		patch \| blob \| history
lib/private/Template/JSConfigHelper.php		patch \| blob \| history