From 0b7d507a5f2a81a53074c4ee661d139c7ef7cc77 Mon Sep 17 00:00:00 2001
From: vasu <vasu.ru@ya.ru>
Date: Wed, 19 Dec 2012 03:29:25 +0400
Subject: [PATCH] security holes: getActualValue

---
 core/Form/Primitives/BasePrimitive.class.php  | 18 +++++++++++++---
 core/Form/Primitives/PrimitiveAlias.class.php | 19 ++++++++---------
 core/Form/Primitives/TimeList.class.php       | 21 +++++++++++++++----
 3 files changed, 41 insertions(+), 17 deletions(-)

diff --git a/core/Form/Primitives/BasePrimitive.class.php b/core/Form/Primitives/BasePrimitive.class.php
index d7cbe2f8b3..20af7b8b2e 100644
--- a/core/Form/Primitives/BasePrimitive.class.php
+++ b/core/Form/Primitives/BasePrimitive.class.php
@@ -72,22 +72,34 @@ public function getRawValue()
 		{
 			return $this->raw;
 		}
+
+		public function getValueOrDefault()
+		{
+			if ($this->value !== null)
+				return $this->value;
+
+			return $this->default;
+		}
 		
+		/**
+		 * @deprecated since version 1.0
+		 * @see getSafeValue, getValueOrDefault
+		 */
 		public function getActualValue()
 		{
-			if (null !== $this->value)
+			if ($this->value !== null)
 				return $this->value;
 			elseif ($this->imported)
 				return $this->raw;
 			
 			return $this->default;
 		}
-		
+
 		public function getSafeValue()
 		{
 			if ($this->imported)
 				return $this->value;
-			
+
 			return $this->default;
 		}
 		
diff --git a/core/Form/Primitives/PrimitiveAlias.class.php b/core/Form/Primitives/PrimitiveAlias.class.php
index 33fe5cfbe2..d1f9fc423f 100644
--- a/core/Form/Primitives/PrimitiveAlias.class.php
+++ b/core/Form/Primitives/PrimitiveAlias.class.php
@@ -57,25 +57,24 @@ public function getRawValue()
 			return $this->primitive->getRawValue();
 		}
 		
+
+		public function getValueOrDefault()
+		{
+			return $this->primitive->getValueOrDefault();
+		}
+
 		/**
 		 * @deprecated by getFormValue
+		 * since version 1.0 by getValueOrDefault
 		**/
 		public function getActualValue()
 		{
-			if (null !== $this->primitive->getValue())
-				return $this->primitive->getValue();
-			elseif ($this->primitive->isImported())
-				return $this->primitive->getRawValue();
-			
-			return $this->primitive->getDefault();
+			return $this->primitive->getActualValue();
 		}
 		
 		public function getSafeValue()
 		{
-			if ($this->primitive->isImported())
-				return $this->primitive->getValue();
-			
-			return $this->primitive->getDefault();
+			return $this->primitive->getSafeValue();
 		}
 		
 		public function getFormValue()
diff --git a/core/Form/Primitives/TimeList.class.php b/core/Form/Primitives/TimeList.class.php
index 405f382f78..35c7f1cc07 100644
--- a/core/Form/Primitives/TimeList.class.php
+++ b/core/Form/Primitives/TimeList.class.php
@@ -53,17 +53,30 @@ public function import($scope)
 			
 			return ($this->value !== array());
 		}
-		
+
+		public function getValueOrDefault()
+		{
+			if (is_array($this->value) && $this->value[0])
+				return $this->value;
+
+			return array($this->default);
+		}
+
+		/**
+		 * @deprecated deprecated since version 1.0
+		 * @see getSafeValue, getValueOrDefault
+		 * @return type
+		 */
 		public function getActualValue()
 		{
 			if (is_array($this->value) && $this->value[0])
 				return $this->value;
 			elseif (is_array($this->raw) && $this->raw[0])
 				return $this->raw;
-			
+
 			return array($this->default);
 		}
-		
+
 		public static function stringToTimeList($string)
 		{
 			$list = array();
@@ -86,4 +99,4 @@ public function exportValue()
 			throw new UnimplementedFeatureException();
 		}
 	}
-?>
\ No newline at end of file
+?>