[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r14532 - in gauger: . images
From: |
gnunet |
Subject: |
[GNUnet-SVN] r14532 - in gauger: . images |
Date: |
Thu, 24 Feb 2011 16:29:34 +0100 |
Author: bartpolot
Date: 2011-02-24 16:29:34 +0100 (Thu, 24 Feb 2011)
New Revision: 14532
Modified:
gauger/images/nodata.png
gauger/params.php
gauger/plot.php
Log:
Fixed shell escaping parameters
Modified: gauger/images/nodata.png
===================================================================
(Binary files differ)
Modified: gauger/params.php
===================================================================
--- gauger/params.php 2011-02-24 14:44:04 UTC (rev 14531)
+++ gauger/params.php 2011-02-24 15:29:34 UTC (rev 14532)
@@ -25,7 +25,7 @@
function get_param($name, $default = '', $persist = FALSE) {
if (array_key_exists($name, $_REQUEST)) {
- $ret = escapeshellcmd($_REQUEST[$name]);
+ $ret = $_REQUEST[$name];
if($persist) {
$_SESSION[$name] = $ret;
}
@@ -37,6 +37,10 @@
return $ret;
}
+function get_param_escsh($name, $default = '', $persist = FALSE) {
+ return escapeshellcmd(get_param($name, $default, $persist));
+}
+
function get_session($name, $default = '') {
if (array_key_exists($name, $_SESSION) && $_SESSION[$name] !== '') {
return $_SESSION[$name];
Modified: gauger/plot.php
===================================================================
--- gauger/plot.php 2011-02-24 14:44:04 UTC (rev 14531)
+++ gauger/plot.php 2011-02-24 15:29:34 UTC (rev 14532)
@@ -86,7 +86,7 @@
}
foreach (Array('x_max', 'x_min', 'y_max', 'y_min') as $param_name) {
- $$param_name = get_param($param_name, '', false);
+ $$param_name = get_param_escsh($param_name, '', false);
if(!is_numeric($$param_name)) $$param_name = '*';
}
$cmd .= " set xrange [$x_min:$x_max];";
@@ -104,12 +104,12 @@
if($x_min != '*') {
$range_start = $x_min;
} else {
- $range_start = get_param('xrange_max');
+ $range_start = get_param_escsh('xrange_max');
}
if($x_max != '*') {
$range_end = $x_max;
} else {
- $range_end = get_param('xrange_min');
+ $range_end = get_param_escsh('xrange_min');
}
$plotcmd = ' plot';
@@ -143,9 +143,9 @@
}
$counter = get_counter_name($graph);
if($c) $plotcmd .= ',';
- $plotcmd .= " \"$DATADIR$host/$graph.dat\"";
+ $plotcmd .= escapeshellcmd(" \"$DATADIR$host/$graph.dat\"");
if($norm) {
- $metric_max = get_local_maximum($host, $graph, $range_start,
$range_end);
+ $metric_max = (int)get_local_maximum($host, $graph,
$range_start, $range_end);
$plotcmd .= " using 1:($2*100/$metric_max)";
}
$plotcmd .= " title \"";
@@ -158,14 +158,14 @@
$c++;
}
}
- $size = get_param('png_x_size');
+ $size = get_param_escsh('png_x_size');
$gap = $range_end - $range_start;
$interval = ceil($gap/(abs($size-150)/50));
if($interval > $gap) $interval = $gap;
$rangecmd = " set xtics $range_start,$interval,$range_end;";
if(!$c) {
- header('Location: nodata.png');
+ header('Location: images/nodata.png');
die();
}
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r14532 - in gauger: . images,
gnunet <=