From 33321b43cafbb731bff062aeffd6f46e38749faf Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Wed, 27 May 2015 00:18:45 +0200 Subject: Improve running of external commands Signed-off-by: Florian Pritz --- application/controllers/file.php | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) (limited to 'application/controllers') diff --git a/application/controllers/file.php b/application/controllers/file.php index 9e920b9fa..83204c318 100644 --- a/application/controllers/file.php +++ b/application/controllers/file.php @@ -130,7 +130,7 @@ class File extends MY_Controller { handle_etag($etag); header("Content-disposition: inline; filename=\"".$id."_qr.png\"\n"); header("Content-Type: image/png\n"); - passthru('qrencode -s 10 -o - '.escapeshellarg(site_url($id).'/')); + echo (new \libraries\ProcRunner(array('qrencode', '-s', '10', '-o', '-', site_url($id).'/')))->execSafe()['stdout']; exit(); case "info": @@ -235,28 +235,31 @@ class File extends MY_Controller { private function _colorify($file, $lexer, $anchor_id = false) { - $return_value = 0; $output = ""; $lines_to_remove = 0; $output .= '
'."\n"; $output .= '
'."\n";
 
-		ob_start();
 		if ($lexer == "ascii") {
-			passthru('ansi2html -p < '.escapeshellarg($file), $return_value);
+			// TODO: use exec safe and catch exception
+			$ret = (new \libraries\ProcRunner(array('ansi2html', '-p')))
+				->input(file_get_contents($file))
+				->forbid_stderr()
+				->exec();
 			// Last line is empty
 			$lines_to_remove = 1;
 		} else {
-			passthru('pygmentize -F codetagify -O encoding=guess,outencoding=utf8,stripnl=False -l '.escapeshellarg($lexer).' -f html '.escapeshellarg($file), $return_value);
+			// TODO: use exec safe and catch exception
+			$ret = (new \libraries\ProcRunner(array('pygmentize', '-F', 'codetagify', '-O', 'encoding=guess,outencoding=utf8,stripnl=False', '-l', $lexer, '-f', 'html', $file)))
+				->forbid_stderr()
+				->exec();
 			// Last 2 items are "
" and "" $lines_to_remove = 2; } - $buf = ob_get_contents(); - ob_end_clean(); - $buf = explode("\n", $buf); + $buf = explode("\n", $ret["stdout"]); $line_count = count($buf); for ($i = 1; $i <= $lines_to_remove; $i++) { @@ -287,7 +290,7 @@ class File extends MY_Controller { $output .= "
"; return array( - "return_value" => $return_value, + "return_value" => $ret["return_code"], "output" => $output ); } @@ -305,12 +308,14 @@ class File extends MY_Controller { echo '
'."\n"; echo '
'."\n"; echo '
'."\n"; - passthru(escapeshellarg(FCPATH.'scripts/Markdown.pl').' '.escapeshellarg($file), $return_value); + // TODO: use exec safe and catch exception + $r = (new \libraries\ProcRunner(array(FCPATH.'scripts/Markdown.pl', $file)))->forbid_stderr()->exec(); + echo $r['stdout']; echo '
'; return array( "output" => ob_get_clean(), - "return_value" => $return_value, + "return_value" => $r["return_code"], ); } else { return get_instance()->_colorify($file, $lexer, $is_multipaste ? $filedata["id"] : false); -- cgit v1.2.3-24-g4f1b