From 4bf9926207687b8bf1b3610cd2e6a1082a46ae8c Mon Sep 17 00:00:00 2001
From: Victor Boctor <vboctor@gmail.com>
Date: Wed, 25 Sep 2013 16:56:21 -0700
Subject: [PATCH] Fixes #16408: config_eval() fails on configs that reference
 array values

The $g_update_bug_assign_threshold is set to '%handle_bug_threshold%'.
If the value of $g_handle_bug_threshold is set to an array instead of a string/int, a system notice is generated that array to string conversion is done in config_eval().

The fix is to detect the direct assignment case and not use a string replace,
but use normal assignment.  This will make it work for complex types like
arrays.

We still don't support $g_x = '%y%_aaa' where $g_y is not a string or int,
but that shouldn't be an issue.

Signed-off-by: Damien Regad <dregad@mantisbt.org>

Cherry-pick of 1ac581e46e2970475fdbe6434a9ac18a252e9048; Victor's
original commit was amended to follow coding guidelines.
---
 core/config_api.php | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/core/config_api.php b/core/config_api.php
index bf78843e87..3368531bc1 100644
--- a/core/config_api.php
+++ b/core/config_api.php
@@ -604,6 +604,15 @@ function config_eval( $p_value, $p_global = false ) {
 				} else {
 					$t_repl = config_get( $t_matches[2][$i] );
 				}
+
+				# Handle the simple case where there is no need to do string replace.
+				# This will resolve the case where the $t_repl value is of non-string
+				# type, e.g. array of access levels.
+				if( $t_count == 1 && $p_value == '%' . $t_matches[2][$i] . '%' ) {
+					$t_value = $t_repl;
+					break;
+				}
+
 				$t_value = str_replace( $t_matches[1][$i], $t_repl, $t_value );
 			}
 		}