diff --git a/core/config.class.php b/core/config.class.php index 7e76b66c..8fc7b4d9 100644 --- a/core/config.class.php +++ b/core/config.class.php @@ -103,7 +103,7 @@ abstract class BaseConfig implements Config { return $this->get($name, $default); } public function get_bool(/*string*/ $name, $default=null) { - return undb_bool($this->get($name, $default)); + return bool_escape($this->get($name, $default)); } public function get_array(/*string*/ $name, $default=array()) { return explode(",", $this->get($name, "")); diff --git a/core/imageboard.pack.php b/core/imageboard.pack.php index cd356513..2872d06c 100644 --- a/core/imageboard.pack.php +++ b/core/imageboard.pack.php @@ -56,7 +56,7 @@ class Image { $this->$name = $value; // hax } $this->posted_timestamp = strtotime($this->posted); // pray - $this->locked = undb_bool($this->locked); + $this->locked = bool_escape($this->locked); assert(is_numeric($this->id)); assert(is_numeric($this->height)); @@ -439,7 +439,7 @@ class Image { $sln = $database->engine->scoreql_to_sql('SCORE_BOOL_'.$ln); $sln = str_replace("'", "", $sln); $sln = str_replace('"', "", $sln); - if(undb_bool($sln) !== $this->locked) { + if(bool_escape($sln) !== $this->locked) { $database->execute("UPDATE images SET locked=:yn WHERE id=:id", array("yn"=>$sln, "id"=>$this->id)); log_info("core-image", "Setting Image #{$this->id} lock to: $ln"); } diff --git a/core/util.inc.php b/core/util.inc.php index 4222cc97..6ad2656f 100644 --- a/core/util.inc.php +++ b/core/util.inc.php @@ -65,16 +65,31 @@ function sql_escape($input) { * @retval boolean */ function bool_escape($input) { - $input = strtolower($input); - return ( - $input === "y" || - $input === "yes" || - $input === "t" || - $input === "true" || - $input === "on" || - $input === 1 || - $input === true - ); + /* + Sometimes, I don't like PHP -- this, is one of those times... + "a boolean FALSE is not considered a valid boolean value by this function." + Yay for Got'chas! + http://php.net/manual/en/filter.filters.validate.php + */ + if (is_bool($value)) { + return $value; + } else { + $value = filter_var($input, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE); + if (!is_null($value)) { + return $value; + } else { + $input = strtolower($input); + return ( + $input === "y" || + $input === "yes" || + $input === "t" || + $input === "true" || + $input === "on" || + $input === 1 || + $input === true + ); + } + } } /** @@ -209,16 +224,6 @@ function show_ip($ip, $ban_reason) { return $ip; } -/** - * Different databases have different ways to represent booleans; this - * will try and standardise them - */ -function undb_bool($val) { - // Could this be combined with bool_escape() ? - if($val === true || $val == 'Y' || $val == 'y' || $val == 'T' || $val == 't' || $val === 1) return true; - if($val === false || $val == 'N' || $val == 'n' || $val == 'F' || $val == 'f' || $val === 0) return false; -} - /** * Checks if a given string contains another at the beginning. * diff --git a/ext/pm/main.php b/ext/pm/main.php index d77258aa..729ac808 100644 --- a/ext/pm/main.php +++ b/ext/pm/main.php @@ -28,7 +28,7 @@ class PM { $this->sent_date = $a["sent_date"]; $this->subject = $a["subject"]; $this->message = $a["message"]; - $this->is_read = undb_bool($a["is_read"]); + $this->is_read = bool_escape($a["is_read"]); } else { $this->id = -1;