From c30c29928c41ae4e2593976487f7084c3dd6969d Mon Sep 17 00:00:00 2001
From: YongBoLiu <bobo_hcc2000@163.com>
Date: Mon, 30 Nov 2020 18:55:13 +0800
Subject: [PATCH] Feature #3965, Add a value check if the input field is
 textbox in settings (#3966)

* feature 3965, Add a value check if the input field is textbox in settings

* feature 3965, revert

* feature 3965, Add a value check if the input field is textbox in settings.

* feature 3965, update Changelog file

Co-authored-by: yboliu <yboliu@oc8636837557.ibm.com>
---
 CHANGELOG    |  1 +
 settings.php | 13 +++++++++++++
 2 files changed, 14 insertions(+)

diff --git a/CHANGELOG b/CHANGELOG
index 1519aafeef..ada40c760a 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -31,6 +31,7 @@ Cacti CHANGELOG
 -issue#3963: Plugin table creation function misses the table collation setting
 -feature#3923: Added ability to Hide the Graph Drilldowns icons from the graph_view.php and graph.php pages
 -feature#3943: Add hooks for plugins to show custom Graph Source and custom Template URL (List View)
+-feature#3965: Add a value check if the input field is textbox in settings
 -feature: Update c3.js to version 0.7.20
 -feature: Update Chart.js to version 2.9.4
 -feature: Update phpseclib to version 2.0.29
diff --git a/settings.php b/settings.php
index 7d15e7297a..6476aeabd6 100644
--- a/settings.php
+++ b/settings.php
@@ -176,6 +176,19 @@
 					array($field_name));
 			}
 		} elseif (isset_request_var($field_name)) {
+			if ($field_array['method'] == 'textbox' && isset($field_array['filter'])) {
+				if (isset($field_array['options'])) {
+					$value = filter_var(get_nfilter_request_var($field_name), $field_array['filter'], $field_array['options']);
+				} else {
+					$value = filter_var(get_nfilter_request_var($field_name), $field_array['filter']);
+				}
+				if ($value === false) {
+					$_SESSION['sess_error_fields'][$field_name] = $field_name;
+					$_SESSION['sess_field_values'][$field_name] = get_nfilter_request_var($field_name);
+					$errors[3] = 3;
+					continue;
+				}
+			}
 			if (is_array(get_nfilter_request_var($field_name))) {
 				$inserts[] = '(' . db_qstr($field_name) . ', ' . db_qstr(implode(',', get_nfilter_request_var($field_name))) . ')';
 				db_execute_prepared('REPLACE INTO settings