[GNUnet-SVN] r14532 - in gauger: . images

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] r14532 - in gauger: . images

From:	gnunet
Subject:	[GNUnet-SVN] r14532 - in gauger: . images
Date:	Thu, 24 Feb 2011 16:29:34 +0100

Author: bartpolot
Date: 2011-02-24 16:29:34 +0100 (Thu, 24 Feb 2011)
New Revision: 14532

Modified:
   gauger/images/nodata.png
   gauger/params.php
   gauger/plot.php
Log:
Fixed shell escaping parameters


Modified: gauger/images/nodata.png
===================================================================
(Binary files differ)

Modified: gauger/params.php
===================================================================
--- gauger/params.php   2011-02-24 14:44:04 UTC (rev 14531)
+++ gauger/params.php   2011-02-24 15:29:34 UTC (rev 14532)
@@ -25,7 +25,7 @@
 
 function get_param($name, $default = '', $persist = FALSE) {
     if (array_key_exists($name, $_REQUEST)) {
-        $ret = escapeshellcmd($_REQUEST[$name]);
+        $ret = $_REQUEST[$name];
         if($persist) {
             $_SESSION[$name] = $ret;
         }
@@ -37,6 +37,10 @@
     return $ret;
 }
 
+function get_param_escsh($name, $default = '', $persist = FALSE) {
+    return escapeshellcmd(get_param($name, $default, $persist));
+}
+
 function get_session($name, $default = '') {
     if (array_key_exists($name, $_SESSION) && $_SESSION[$name] !== '') {
         return $_SESSION[$name];

Modified: gauger/plot.php
===================================================================
--- gauger/plot.php     2011-02-24 14:44:04 UTC (rev 14531)
+++ gauger/plot.php     2011-02-24 15:29:34 UTC (rev 14532)
@@ -86,7 +86,7 @@
     }
 
     foreach (Array('x_max', 'x_min', 'y_max', 'y_min') as $param_name) {
-        $$param_name = get_param($param_name, '', false);
+        $$param_name = get_param_escsh($param_name, '', false);
         if(!is_numeric($$param_name)) $$param_name = '*';
     }
     $cmd .= " set xrange [$x_min:$x_max];";
@@ -104,12 +104,12 @@
     if($x_min != '*') {
         $range_start = $x_min;
     } else {
-        $range_start = get_param('xrange_max');
+        $range_start = get_param_escsh('xrange_max');
     }
     if($x_max != '*') {
         $range_end = $x_max;
     } else {
-        $range_end = get_param('xrange_min');
+        $range_end = get_param_escsh('xrange_min');
     }
 
     $plotcmd = ' plot';
@@ -143,9 +143,9 @@
             }
             $counter = get_counter_name($graph);
             if($c) $plotcmd .= ',';
-            $plotcmd .= " \"$DATADIR$host/$graph.dat\"";
+            $plotcmd .= escapeshellcmd(" \"$DATADIR$host/$graph.dat\"");
            if($norm) {
-               $metric_max = get_local_maximum($host, $graph, $range_start, 
$range_end);
+               $metric_max = (int)get_local_maximum($host, $graph, 
$range_start, $range_end);
                $plotcmd .= " using 1:($2*100/$metric_max)";
            }
             $plotcmd .= " title \"";
@@ -158,14 +158,14 @@
             $c++;
         }
     }
-    $size = get_param('png_x_size');
+    $size = get_param_escsh('png_x_size');
     $gap = $range_end - $range_start;
     $interval = ceil($gap/(abs($size-150)/50));
     if($interval > $gap) $interval = $gap;
     $rangecmd = " set xtics $range_start,$interval,$range_end;";
 
     if(!$c) {
-        header('Location: nodata.png');
+        header('Location: images/nodata.png');
         die();
     }

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-SVN] r14532 - in gauger: . images, gnunet <=

Prev by Date: [GNUnet-SVN] r14531 - gnunet/src/vpn
Next by Date: [GNUnet-SVN] r14533 - gnunet/src/testing
Previous by thread: [GNUnet-SVN] r14531 - gnunet/src/vpn
Next by thread: [GNUnet-SVN] r14533 - gnunet/src/testing
Index(es):
- Date
- Thread