OpenACS

antoniop
committed
oacs-5-10:antoniop:20220825153701
on 25 Aug 22
Reimplement ad_page_contract_filter_proc_tmpfile using security::safe_tmpfile_p

Some of the features implemented by this filter have been p… Show more
Reimplement ad_page_contract_filter_proc_tmpfile using security::safe_tmpfile_p

Some of the features implemented by this filter have been ported into the api, namely the possibility to fetch the valid temp folders from the subsite TmpDir parameter and the possibility to relax the check and allow also files deeper in the tmpfolder hierachy.

Notably, the hardcoded tmpfolders "/var/tmp" and "/tmp" have NOT been ported. One should configure these values via the many available options. security::safe_tmpfile_p is also more restrictive when a file exists, because it checks for ownership and read and write permissions on the file.

Show less

/tcl/lang-message-procs.tcl (+6 -2)
746 746         locale
747 747         key
748 748     } {
749 749         Return 1 if message exists in given locale, 0 otherwise.
750 750
751 751         @param varname when specified, return value in this variable
752 752         @author Gustaf Neumann
753 753     } {
754 754         #
755 755         # Make sure messages are loaded into the cache.
756 756         #
757 757         acs::per_thread_cache eval -key acs-lang.message_cache_loaded {
758 758             lang::message::cache
759 759         }
760 760         #
761 761         # Provide linkage to the output variable and perform lookup
762 762         #
763 763         if {[info exists varname]} {
764 764             upvar 1 $varname var
765 765         }
  766         try {
766 767             return [nsv_get lang_message_$locale $key var]
  768         } on error {errmsg} {
  769             return 0
767 770         }
  771     }
768 772 } else {
769 773     #
770 774     # AOLserver compatible version
771 775     #
772 776     ad_proc -public lang::message::message_exists_p {
773 777         -varname
774 778         locale
775 779         key
776 780     } {
777 781         Return 1 if message exists in given locale, 0 otherwise.
778 782
779 783         @param varname when specified, return value in this variable
780 784         @author Gustaf Neumann
781 785     } {
782 786         #
783 787         # Make sure messages are loaded into the cache.
784 788         #
785 789         acs::per_thread_cache eval -key acs-lang.message_cache_loaded {
786 790             lang::message::cache
787 791         }