Removed debug output

[gosa.git] / gosa-core / include / class_userFilterEditor.inc

diff --git a/gosa-core/include/class_userFilterEditor.inc b/gosa-core/include/class_userFilterEditor.inc
index 5719106bb021058caeac5dcf09b843c73ed27668..90eefe1c336bb4d51a1ebd4c908f3e9ff7d43272 100644 (file)
--- a/gosa-core/include/class_userFilterEditor.inc
+++ b/gosa-core/include/class_userFilterEditor.inc
@@ -64,11 +64,11 @@ class userFilterEditor extends plugin
   {
     plugin::execute();
     $smarty = get_smarty();
-    $smarty->assign('name', $this->name);
-    $smarty->assign('filter', $this->filter);
+    $smarty->assign('name', htmlentities($this->name,ENT_COMPAT,'UTF-8'));
+    $smarty->assign('filter', htmlentities($this->filter,ENT_COMPAT,'UTF-8'));
     $smarty->assign('share', $this->share);
     $smarty->assign('enable', $this->enabled);
-    $smarty->assign('description', $this->description);
+    $smarty->assign('description', htmlentities($this->description,ENT_COMPAT,'UTF-8'));
     $smarty->assign('selectedCategories', $this->selectedCategories);
     $smarty->assign('availableCategories', $this->availableCategories);
     return($smarty->fetch(get_template_path('userFilterEditor.tpl', FALSE)));
@@ -82,12 +82,23 @@ class userFilterEditor extends plugin
     if(isset($_POST['userFilterEditor'])){
 
       // Get posted strings
-      foreach(array('name','description','filter') as $attr){
+      foreach(array('name','description') as $attr){
         if(isset($_POST[$attr])){
           $this->$attr = get_post($attr);
         }
       }
 
+      // Filter needs special handling, it may contain charactes like < and >
+      //  wich are stipped out by get_post() && validate()
+      if(isset($_POST['filter'])){
+        $f = $_POST['filter'];
+        if(get_magic_quotes_gpc()){
+          $f = stripcslashes($f);
+        }
+        $f = mb_convert_encoding($_POST['filter'], 'UTF-8');
+        $this->filter = $f;
+      }
+
       // Get posted flags 
       $this->share = isset($_POST['shareFilter']);
       $this->enable = isset($_POST['enableFilter']);
@@ -127,6 +138,14 @@ class userFilterEditor extends plugin
       $msgs[] = msgPool::invalid(_("Name"), $this->name,"/[a-z0-9\-_ ]/i");
     }  
 
+    // Count the number of opening and closing brackets - exclude escaped ones.
+    $f = preg_replace('/\\\\[\(\)]/',"",$this->filter);
+    $o = substr_count($f, '(');
+    $c = substr_count($f, ')');
+    if($o != $c){
+      $msgs[] = sprintf(_("Please check your filter, you have '%s' opening and '%s' closing brackets!"), $o, $c);
+    }
+
     return($msgs);
   }