Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Ensure username is properly sanitized |
|---|---|
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
ec1cc1e2e0e633be8e6d153ea2757e3a |
| User & Date: | rkeene 2016-10-03 16:56:55.191 |
Context
|
2016-11-22
| ||
| 18:22 | Updated to ensure that no non-default SSH command is used for a pull check-in: f79eaca9ca user: rkeene tags: trunk | |
|
2016-10-03
| ||
| 16:56 | Ensure username is properly sanitized check-in: ec1cc1e2e0 user: rkeene tags: trunk | |
| 16:51 | Setting/unsetting environment variables in the constructor causes issues when objects are created and destroyed, leaving environment variables unset -- instead paramaterize the call to Fossil, this is better anyway check-in: 1af745f0f9 user: rkeene tags: trunk | |
Changes
Changes to nano/fossil.php.
| ︙ | ︙ | |||
22 23 24 25 26 27 28 |
private function getFossilCommand($timeout = 0, $cgi = false) {
$fossil = "/usr/local/bin/fossil";
if ($timeout) {
$fossil = "timeout {$timeout} {$fossil}";
}
| > > | | 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
private function getFossilCommand($timeout = 0, $cgi = false) {
$fossil = "/usr/local/bin/fossil";
if ($timeout) {
$fossil = "timeout {$timeout} {$fossil}";
}
$username = escapeshellarg($this->user['username']);
$cmd = "HOME={$this->workdir} USER={$username} {$fossil}";
if ($cgi) {
$cmd = "GATEWAY_INTERFACE=1 {$cmd}";
} else {
$cmd = "unset GATEWAY_INTERFACE; {$cmd}";
}
|
| ︙ | ︙ |