From c409de5eb7ce5c288a9521169e5ec981aede811f Mon Sep 17 00:00:00 2001
From: Marcin Haba <marcin.haba@bacula.pl>
Date: Fri, 26 Feb 2016 09:03:13 +0100
Subject: [PATCH] baculum: Tweak escape config file values

---
 gui/baculum/protected/Class/Miscellaneous.php | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/gui/baculum/protected/Class/Miscellaneous.php b/gui/baculum/protected/Class/Miscellaneous.php
index 957e85b998..c7b95ba792 100644
--- a/gui/baculum/protected/Class/Miscellaneous.php
+++ b/gui/baculum/protected/Class/Miscellaneous.php
@@ -171,10 +171,12 @@ class Miscellaneous extends TModule {
 			$tmp .= "[$section]\n";
 				foreach($values as $key => $val){
 					if(is_array($val)){
-						foreach($val as $k =>$v){
+						foreach($val as $k => $v) {
+							$v = $this->escapeINIVal($v);
 							$tmp .= "{$key}[$k] = \"$v\"\n";
 						}
 					} else {
+						$val = $this->escapeINIVal($val);
 						$tmp .= "$key = \"$val\"\n";
 					}
 				}
@@ -187,6 +189,18 @@ class Miscellaneous extends TModule {
 		return $result;
 	}
 
+	/**
+	 * Escape text written to INI-style file.
+	 *
+	 * @access private
+	 * @param string $value text to escape
+	 * @return string escaped text
+	 */
+	private function escapeINIVal($value) {
+		$esc_value = str_replace('"', '\"', $value);
+		return $esc_value;
+	}
+
 	/**
 	 * Parse INI-style configuration file.
 	 * 
-- 
2.39.5