Menu
▾
▴
phpwiki-checkins
|
From: <var...@us...> - 2014-10-06 08:49:35
|
Revision: 9188
http://sourceforge.net/p/phpwiki/code/9188
Author: vargenau
Date: 2014-10-06 08:49:28 +0000 (Mon, 06 Oct 2014)
Log Message:
-----------
Remove commented code
Modified Paths:
--------------
trunk/lib/plugin/Ploticus.php
Modified: trunk/lib/plugin/Ploticus.php
===================================================================
--- trunk/lib/plugin/Ploticus.php 2014-10-03 16:06:26 UTC (rev 9187)
+++ trunk/lib/plugin/Ploticus.php 2014-10-06 08:49:28 UTC (rev 9188)
@@ -204,8 +204,6 @@
function getImage($dbi, $argarray, $request)
{
- //extract($this->getArgs($argstr, $request));
- //extract($argarray);
$source =& $this->source;
if (!empty($source)) {
if ($this->withShellCommand($source)) {
@@ -253,8 +251,6 @@
$code = $this->filterThroughCmd($source, PLOTICUS_EXE . " -stdin $args");
sleep(1);
}
- //if (empty($code))
- // return $this->error(fmt("Couldn't start commandline “%s”", $commandLine));
if (!file_exists($tempfile . ".$gif")) {
$this->_errortext .= sprintf(_("%s error: outputfile “%s” not created"),
"Ploticus", "$tempfile.$gif");
@@ -278,7 +274,7 @@
}
return "$tempfile.$gif";
} else {
- return $this->error(fmt("empty source"));
+ return $this->error(_("empty source"));
}
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2014-10-06 08:55:38
|
Revision: 9189
http://sourceforge.net/p/phpwiki/code/9189
Author: vargenau
Date: 2014-10-06 08:55:30 +0000 (Mon, 06 Oct 2014)
Log Message:
-----------
Invert test
Modified Paths:
--------------
trunk/lib/plugin/Ploticus.php
Modified: trunk/lib/plugin/Ploticus.php
===================================================================
--- trunk/lib/plugin/Ploticus.php 2014-10-06 08:49:28 UTC (rev 9188)
+++ trunk/lib/plugin/Ploticus.php 2014-10-06 08:55:30 UTC (rev 9189)
@@ -205,77 +205,76 @@
function getImage($dbi, $argarray, $request)
{
$source =& $this->source;
- if (!empty($source)) {
- if ($this->withShellCommand($source)) {
- $this->_errortext .= _("shell commands not allowed in Ploticus");
- return false;
- }
- if (is_array($argarray['data'])) { // support <!plugin-list !> pagelists
- $src = "#proc getdata\ndata:";
- $i = 0;
- foreach ($argarray['data'] as $data) {
- // hash or array?
- if (is_array($data))
- $src .= ("\t" . join(" ", $data) . "\n");
- else
- $src .= ("\t" . '"' . $data . '" ' . $i++ . "\n");
- }
- $src .= $source;
- $source = $src;
- }
- $tempfile = $this->tempnam('Ploticus', 'plo');
- @unlink($tempfile);
- $gif = $argarray['device'];
- $args = "-$gif -o $tempfile.$gif";
- if (!empty($argarray['-csmap'])) {
- $args .= " -csmap -mapfile $tempfile.map";
- $this->_mapfile = "$tempfile.map";
- }
- if (!empty($argarray['-prefab'])) {
- //check $_ENV['PLOTICUS_PREFABS'] and default directory
- global $HTTP_ENV_VARS;
- if (empty($HTTP_ENV_VARS['PLOTICUS_PREFABS'])) {
- if (file_exists("/usr/share/ploticus"))
- $HTTP_ENV_VARS['PLOTICUS_PREFABS'] = "/usr/share/ploticus";
- elseif (defined('PLOTICUS_PREFABS'))
- $HTTP_ENV_VARS['PLOTICUS_PREFABS'] = constant('PLOTICUS_PREFABS');
- }
- $args .= (" -prefab " . $argarray['-prefab']);
- }
- if (isWindows()) {
- $fp = fopen("$tempfile.plo", "w");
- fwrite($fp, $source);
- fclose($fp);
- $code = $this->execute(PLOTICUS_EXE . " $tempfile.plo $args", $tempfile . ".$gif");
- } else {
- $code = $this->filterThroughCmd($source, PLOTICUS_EXE . " -stdin $args");
- sleep(1);
- }
- if (!file_exists($tempfile . ".$gif")) {
- $this->_errortext .= sprintf(_("%s error: outputfile “%s” not created"),
- "Ploticus", "$tempfile.$gif");
- if (isWindows())
- $this->_errortext .= ("\ncmd-line: " . PLOTICUS_EXE . " $tempfile.plo $args");
+ if (empty($source)) {
+ return $this->error(_("empty source"));
+ }
+ if ($this->withShellCommand($source)) {
+ $this->_errortext .= _("shell commands not allowed in Ploticus");
+ return false;
+ }
+ if (is_array($argarray['data'])) { // support <!plugin-list !> pagelists
+ $src = "#proc getdata\ndata:";
+ $i = 0;
+ foreach ($argarray['data'] as $data) {
+ // hash or array?
+ if (is_array($data))
+ $src .= ("\t" . join(" ", $data) . "\n");
else
- $this->_errortext .= ("\ncmd-line: cat script | " . PLOTICUS_EXE . " $args");
- @unlink("$tempfile.pl");
- @unlink("$tempfile");
- return false;
+ $src .= ("\t" . '"' . $data . '" ' . $i++ . "\n");
}
- $ImageCreateFromFunc = "ImageCreateFrom$gif";
- if (function_exists($ImageCreateFromFunc)) {
- $handle = $ImageCreateFromFunc("$tempfile.$gif");
- if ($handle) {
- @unlink("$tempfile.$gif");
- @unlink("$tempfile.plo");
- @unlink("$tempfile");
- return $handle;
- }
+ $src .= $source;
+ $source = $src;
+ }
+ $tempfile = $this->tempnam('Ploticus', 'plo');
+ @unlink($tempfile);
+ $gif = $argarray['device'];
+ $args = "-$gif -o $tempfile.$gif";
+ if (!empty($argarray['-csmap'])) {
+ $args .= " -csmap -mapfile $tempfile.map";
+ $this->_mapfile = "$tempfile.map";
+ }
+ if (!empty($argarray['-prefab'])) {
+ //check $_ENV['PLOTICUS_PREFABS'] and default directory
+ global $HTTP_ENV_VARS;
+ if (empty($HTTP_ENV_VARS['PLOTICUS_PREFABS'])) {
+ if (file_exists("/usr/share/ploticus"))
+ $HTTP_ENV_VARS['PLOTICUS_PREFABS'] = "/usr/share/ploticus";
+ elseif (defined('PLOTICUS_PREFABS'))
+ $HTTP_ENV_VARS['PLOTICUS_PREFABS'] = constant('PLOTICUS_PREFABS');
}
- return "$tempfile.$gif";
+ $args .= (" -prefab " . $argarray['-prefab']);
+ }
+ if (isWindows()) {
+ $fp = fopen("$tempfile.plo", "w");
+ fwrite($fp, $source);
+ fclose($fp);
+ $code = $this->execute(PLOTICUS_EXE . " $tempfile.plo $args", $tempfile . ".$gif");
} else {
- return $this->error(_("empty source"));
+ $code = $this->filterThroughCmd($source, PLOTICUS_EXE . " -stdin $args");
+ sleep(1);
}
+ if (!file_exists($tempfile . ".$gif")) {
+ $this->_errortext .= sprintf(_("%s error: outputfile “%s” not created"),
+ "Ploticus", "$tempfile.$gif");
+ if (isWindows())
+ $this->_errortext .= ("\ncmd-line: " . PLOTICUS_EXE . " $tempfile.plo $args");
+ else
+ $this->_errortext .= ("\ncmd-line: cat script | " . PLOTICUS_EXE . " $args");
+ @unlink("$tempfile.pl");
+ @unlink("$tempfile");
+ return false;
+ }
+ $ImageCreateFromFunc = "ImageCreateFrom$gif";
+ if (function_exists($ImageCreateFromFunc)) {
+ $handle = $ImageCreateFromFunc("$tempfile.$gif");
+ if ($handle) {
+ @unlink("$tempfile.$gif");
+ @unlink("$tempfile.plo");
+ @unlink("$tempfile");
+ return $handle;
+ }
+ }
+ return "$tempfile.$gif";
}
// which argument must be set to 'png', for the fallback image when svg will fail on the client.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2014-10-07 13:23:17
|
Revision: 9213
http://sourceforge.net/p/phpwiki/code/9213
Author: vargenau
Date: 2014-10-07 13:23:09 +0000 (Tue, 07 Oct 2014)
Log Message:
-----------
Fix CVE-2014-5519
Modified Paths:
--------------
trunk/lib/plugin/Ploticus.php
Modified: trunk/lib/plugin/Ploticus.php
===================================================================
--- trunk/lib/plugin/Ploticus.php 2014-10-07 12:16:54 UTC (rev 9212)
+++ trunk/lib/plugin/Ploticus.php 2014-10-07 13:23:09 UTC (rev 9213)
@@ -209,9 +209,16 @@
protected function getImage($dbi, $argarray, $request)
{
+ // Check device
+ $device = strtolower($argarray['device']);
+ if (!in_array($device, array('gif', 'png', 'jpeg', 'svg', 'svgz', 'eps', 'swf', 'ps', 'pdf', 'html'))) {
+ $this->_errortext = _("wrong device");
+ return false;
+ }
$source =& $this->source;
if (empty($source)) {
- return $this->error(_("empty source"));
+ $this->_errortext = _("empty source");
+ return false;
}
if ($this->withShellCommand($source)) {
$this->_errortext .= _("shell commands not allowed in Ploticus");
@@ -232,8 +239,7 @@
}
$tempfile = $this->tempnam('Ploticus', 'plo');
@unlink($tempfile);
- $gif = $argarray['device'];
- $args = "-$gif -o $tempfile.$gif";
+ $args = "-$device -o $tempfile.$device";
if (!empty($argarray['-csmap'])) {
$args .= " -csmap -mapfile $tempfile.map";
$this->_mapfile = "$tempfile.map";
@@ -253,14 +259,14 @@
$fp = fopen("$tempfile.plo", "w");
fwrite($fp, $source);
fclose($fp);
- $code = $this->execute(PLOTICUS_EXE . " $tempfile.plo $args", $tempfile . ".$gif");
+ $code = $this->execute(PLOTICUS_EXE . " $tempfile.plo $args", $tempfile . ".$device");
} else {
$code = $this->filterThroughCmd($source, PLOTICUS_EXE . " -stdin $args");
sleep(1);
}
- if (!file_exists($tempfile . ".$gif")) {
+ if (!file_exists($tempfile . ".$device")) {
$this->_errortext .= sprintf(_("%s error: outputfile “%s” not created"),
- "Ploticus", "$tempfile.$gif");
+ "Ploticus", "$tempfile.$device");
if (isWindows())
$this->_errortext .= ("\ncmd-line: " . PLOTICUS_EXE . " $tempfile.plo $args");
else
@@ -269,17 +275,17 @@
@unlink("$tempfile");
return false;
}
- $ImageCreateFromFunc = "ImageCreateFrom$gif";
+ $ImageCreateFromFunc = "ImageCreateFrom$device";
if (function_exists($ImageCreateFromFunc)) {
- $handle = $ImageCreateFromFunc("$tempfile.$gif");
+ $handle = $ImageCreateFromFunc("$tempfile.$device");
if ($handle) {
- @unlink("$tempfile.$gif");
+ @unlink("$tempfile.$device");
@unlink("$tempfile.plo");
@unlink("$tempfile");
return $handle;
}
}
- return "$tempfile.$gif";
+ return "$tempfile.$device";
}
/**
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2014-11-09 17:36:51
|
Revision: 9292
http://sourceforge.net/p/phpwiki/code/9292
Author: vargenau
Date: 2014-11-09 17:36:49 +0000 (Sun, 09 Nov 2014)
Log Message:
-----------
filterThroughCmd is void
Modified Paths:
--------------
trunk/lib/plugin/Ploticus.php
Modified: trunk/lib/plugin/Ploticus.php
===================================================================
--- trunk/lib/plugin/Ploticus.php 2014-11-09 17:24:37 UTC (rev 9291)
+++ trunk/lib/plugin/Ploticus.php 2014-11-09 17:36:49 UTC (rev 9292)
@@ -31,7 +31,7 @@
*
* Note:
* - For windows you need either a gd library with GIF support or
- * a ploticus with PNG support. This comes e.g. with the cygwin build.
+ * a Ploticus with PNG support. This comes e.g. with the Cygwin build.
* - We support only images supported by GD so far (PNG most likely).
* No EPS, PS, SWF, SVG or SVGZ support yet, due to limitations in WikiPluginCached.
* This will be fixed soon.
@@ -60,6 +60,11 @@
class WikiPlugin_Ploticus
extends WikiPluginCached
{
+ public $_args;
+ public $source;
+ public $_mapfile;
+ public $_errortext;
+
/**
* Sets plugin type to MAP if -csmap (-map or -mapdemo or -csmapdemo not supported)
* or HTML if the imagetype is not supported by GD (EPS, SVG, SVGZ) (not yet)
@@ -259,9 +264,9 @@
$fp = fopen("$tempfile.plo", "w");
fwrite($fp, $source);
fclose($fp);
- $code = $this->execute(PLOTICUS_EXE . " $tempfile.plo $args", $tempfile . ".$device");
+ $this->execute(PLOTICUS_EXE . " $tempfile.plo $args", $tempfile . ".$device");
} else {
- $code = $this->filterThroughCmd($source, PLOTICUS_EXE . " -stdin $args");
+ $this->filterThroughCmd($source, PLOTICUS_EXE . " -stdin $args");
sleep(1);
}
if (!file_exists($tempfile . ".$device")) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <var...@us...> - 2021-06-17 16:08:09
|
Revision: 10297
http://sourceforge.net/p/phpwiki/code/10297
Author: vargenau
Date: 2021-06-17 16:08:11 +0000 (Thu, 17 Jun 2021)
Log Message:
-----------
tempnam has only one parameter
Modified Paths:
--------------
trunk/lib/plugin/Ploticus.php
Modified: trunk/lib/plugin/Ploticus.php
===================================================================
--- trunk/lib/plugin/Ploticus.php 2021-06-17 16:04:14 UTC (rev 10296)
+++ trunk/lib/plugin/Ploticus.php 2021-06-17 16:08:11 UTC (rev 10297)
@@ -242,7 +242,7 @@
$src .= $source;
$source = $src;
}
- $tempfile = $this->tempnam('Ploticus', 'plo');
+ $tempfile = $this->tempnam('Ploticus');
@unlink($tempfile);
$args = "-$device -o $tempfile.$device";
if (!empty($argarray['-csmap'])) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X