From 6e083bd6901cab729fdaf24edc6464895702b5c0 Mon Sep 17 00:00:00 2001
From: Roland Gruber <post@rolandgruber.de>
Date: Sun, 23 Oct 2005 09:26:18 +0000
Subject: [PATCH] allow spaces in profile names and fixed magic_quotes_gpc
 problem

---
 lam/HISTORY                            | 3 +++
 lam/lib/profiles.inc                   | 6 +++---
 lam/templates/profedit/profilepage.php | 7 ++++++-
 3 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/lam/HISTORY b/lam/HISTORY
index 1f611125..1a510951 100644
--- a/lam/HISTORY
+++ b/lam/HISTORY
@@ -3,6 +3,9 @@
    - check file permissions on login page
    - fixed bugs:
     -> creation of home directories did not work
+    -> allow spaces in profile names (1333058)
+    -> fixed problem with magic_quotes_gpc in profile editor (1333069)    
+
 
 19.10.2005 0.5.1
    - Samba 3: added support for account expiration
diff --git a/lam/lib/profiles.inc b/lam/lib/profiles.inc
index 93dc4251..e6c4d0b9 100644
--- a/lam/lib/profiles.inc
+++ b/lam/lib/profiles.inc
@@ -64,7 +64,7 @@ function getAccountProfiles($scope) {
 * @return array hash array (attribute => value)
 */
 function loadAccountProfile($profile, $scope) {
-	if (!eregi("^[0-9a-z_-]+$", $profile) || !eregi("^[a-z]+$", $scope)) return false;
+	if (!eregi("^[0-9a-z _-]+$", $profile) || !eregi("^[a-z]+$", $scope)) return false;
 	$settings = array();
 	$file = substr(__FILE__, 0, strlen(__FILE__) - 17) . "/config/profiles/" . $profile . "." . $scope;
 	if (is_file($file) == True) {
@@ -110,7 +110,7 @@ function loadAccountProfile($profile, $scope) {
 function saveAccountProfile($attributes, $profile, $scope) {
 	if (!$_SESSION['loggedIn'] == true) return false;
 	// check profile name
-	if (!eregi("^[0-9a-z_-]+$", $profile) || !eregi("^[a-z]+$", $scope)) return false;
+	if (!eregi("^[0-9a-z _-]+$", $profile) || !eregi("^[a-z]+$", $scope)) return false;
 	if (!is_array($attributes)) {
 		return false;
 	}
@@ -146,7 +146,7 @@ function saveAccountProfile($attributes, $profile, $scope) {
 */
 function delAccountProfile($file, $scope) {
 	if (!$_SESSION['loggedIn'] == true) return false;
-	if (!eregi("^[0-9a-z\\-_]+$", $file) || !eregi("^[0-9a-z\\-_]+$", $scope)) return false;
+	if (!eregi("^[0-9a-z _-]+$", $file) || !eregi("^[a-z]+$", $scope)) return false;
 	$prof = substr(__FILE__, 0, strlen(__FILE__) - 16) . "config/profiles/" . $file . "." . $scope;
 	if (is_file($prof)) {
 		return @unlink($prof);
diff --git a/lam/templates/profedit/profilepage.php b/lam/templates/profedit/profilepage.php
index 721d9fda..84c4cadc 100644
--- a/lam/templates/profedit/profilepage.php
+++ b/lam/templates/profedit/profilepage.php
@@ -141,7 +141,12 @@ if (isset($_POST['save'])) {
 	$postKeys = array_keys($_POST);
 	for ($i = 0; $i < sizeof($postKeys); $i++) {
 		if (!is_array($_POST[$postKeys[$i]])) {
-			$old_options[$postKeys[$i]] = array($_POST[$postKeys[$i]]);
+			if (get_magic_quotes_gpc() == 1) {
+				$old_options[$postKeys[$i]] = array(stripslashes($_POST[$postKeys[$i]]));
+			}
+			else {
+				$old_options[$postKeys[$i]] = array($_POST[$postKeys[$i]]);
+			}
 		}
 		else {
 			$old_options[$postKeys[$i]] = $_POST[$postKeys[$i]];