From fef75ff2c0257d66071079da20d700d240a1d6fa Mon Sep 17 00:00:00 2001
From: Morris Jobke <hey@morrisjobke.de>
Date: Tue, 21 Feb 2017 17:22:06 -0600
Subject: [PATCH] Use intval() for validation of config options

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
---
 apps/files_sharing/lib/Controller/ShareesAPIController.php | 4 ++--
 core/js/sharedialogview.js                                 | 5 ++++-
 lib/private/Template/JSConfigHelper.php                    | 4 ++--
 3 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/apps/files_sharing/lib/Controller/ShareesAPIController.php b/apps/files_sharing/lib/Controller/ShareesAPIController.php
index 8f44e650c43..5261fc80316 100644
--- a/apps/files_sharing/lib/Controller/ShareesAPIController.php
+++ b/apps/files_sharing/lib/Controller/ShareesAPIController.php
@@ -429,13 +429,13 @@ class ShareesAPIController extends OCSController {
 	public function search($search = '', $itemType = null, $page = 1, $perPage = 200, $shareType = null, $lookup = true) {
 
 		// only search for string larger than a given threshold
-		$threshold = $this->config->getSystemValue('sharing.minSearchStringLength', 0);
+		$threshold = intval($this->config->getSystemValue('sharing.minSearchStringLength', 0));
 		if (strlen($search) < $threshold) {
 			return new Http\DataResponse($this->result);
 		}
 
 		// never return more than the max. number of results configured in the config.php
-		$maxResults = $this->config->getSystemValue('sharing.maxAutocompleteResults', 0);
+		$maxResults = intval($this->config->getSystemValue('sharing.maxAutocompleteResults', 0));
 		if ($maxResults > 0) {
 			$perPage = min($perPage, $maxResults);
 		}
diff --git a/core/js/sharedialogview.js b/core/js/sharedialogview.js
index 21993aa3b69..552050f06b9 100644
--- a/core/js/sharedialogview.js
+++ b/core/js/sharedialogview.js
@@ -267,7 +267,10 @@
 
 							// show a notice that the list is truncated
 							// this is the case if one of the search results is at least as long as the max result config option
-							if(Math.min(perPage, oc_config['sharing.maxAutocompleteResults']) <= Math.max(users.length, groups.length, remotes.length, emails.length, lookup.length)) {
+							if(oc_config['sharing.maxAutocompleteResults'] > 0 &&
+								Math.min(perPage, oc_config['sharing.maxAutocompleteResults'])
+								<= Math.max(users.length, groups.length, remotes.length, emails.length, lookup.length)) {
+
 								var message = t('core', 'This list is maybe truncated - please refine your search term to see more results.');
 								$('.ui-autocomplete').append('<li class="autocomplete-note">' + message + '</li>');
 							}
diff --git a/lib/private/Template/JSConfigHelper.php b/lib/private/Template/JSConfigHelper.php
index 701ca09a9b4..010e7b1ca63 100644
--- a/lib/private/Template/JSConfigHelper.php
+++ b/lib/private/Template/JSConfigHelper.php
@@ -207,8 +207,8 @@ class JSConfigHelper {
 				'enable_avatars'	=> $this->config->getSystemValue('enable_avatars', true) === true,
 				'lost_password_link'=> $this->config->getSystemValue('lost_password_link', null),
 				'modRewriteWorking'	=> ($this->config->getSystemValue('htaccess.IgnoreFrontController', false) === true || getenv('front_controller_active') === 'true'),
-				'sharing.maxAutocompleteResults' => $this->config->getSystemValue('sharing.maxAutocompleteResults', 0),
-				'sharing.minSearchStringLength' => $this->config->getSystemValue('sharing.minSearchStringLength', 0),
+				'sharing.maxAutocompleteResults' => intval($this->config->getSystemValue('sharing.maxAutocompleteResults', 0)),
+				'sharing.minSearchStringLength' => intval($this->config->getSystemValue('sharing.minSearchStringLength', 0)),
 			]),
 			"oc_appconfig" => json_encode([
 				'core' => [