Quote values in .ini file

[shpub.git] / src / shpub / Config.php

diff --git a/src/shpub/Config.php b/src/shpub/Config.php
index 5da9c4a729b9d8fad77d7c2f239a1e10b354ec00..d41e45dc2a3495179fb797eb185d471a0b8e015f 100644 (file)
--- a/src/shpub/Config.php
+++ b/src/shpub/Config.php
@@ -15,6 +15,7 @@ class Config
     protected function getConfigFilePath()
     {
         if (!isset($_SERVER['HOME'])) {
+            Log::err('Cannot determine home directory');
             return false;
         }
 
@@ -58,16 +59,24 @@ class Config
             }
             $str .= '[' . $hostName . "]\n";
             foreach ($host as $hostProp => $hostVal) {
-                if ($hostProp == 'cache') {
+                if ($hostProp == 'endpoints') {
                     continue;
                 }
                 if ($hostVal == '') {
                     continue;
                 }
-                $str .= $hostProp . '=' . $hostVal . "\n";
+                $str .= $hostProp
+                    . '=' . static::quoteIniValue($hostVal) . "\n";
             }
         }
-        file_put_contents($this->getConfigFilePath(), $str);
+        $cfgFilePath = $this->getConfigFilePath();
+        $cfgDir = dirname($cfgFilePath);
+        if (!is_dir($cfgDir)) {
+            mkdir($cfgDir, 0700);
+        }
+        file_put_contents($cfgFilePath, $str);
+        //contains sensitive data; nobody else may read that
+        chmod($cfgFilePath, 0600);
     }
 
     public function getDefaultHost()
@@ -97,5 +106,13 @@ class Config
         }
         return null;
     }
+
+    public static function quoteIniValue($val)
+    {
+        if (strpos($val, '=') === false) {
+            return $val;
+        }
+        return '"' . $val . '"';
+    }
 }
 ?>