From: paul Date: Wed, 5 Aug 2015 21:10:29 +0000 (+0000) Subject: safer handling of file names X-Git-Url: https://git.plutz.net/?a=commitdiff_plain;h=c20a459bbb2b8ee2f4a70f82f3b08cec37d6d93c;p=serve0 safer handling of file names svn path=/trunk/; revision=77 --- diff --git a/pages/common.sh b/pages/common.sh index 38296df..6257aad 100755 --- a/pages/common.sh +++ b/pages/common.sh @@ -49,8 +49,8 @@ _printVideo(){ else videofile="${_DATA}/videos/$info" thumb="${_DATA}/thumbs/$info.jpg" - [ -r "$meta" ] || ${_EXEC}/helpers/genmeta.sh "$videofile" "$meta" - [ -r "$thumb" ] || ${_EXEC}/helpers/genthumb.sh "$videofile" "$thumb" + [ -r "$meta" ] || ${_EXEC}/helpers/genmeta.sh "$videofile" "$meta" >/dev/null + [ -r "$thumb" ] || ${_EXEC}/helpers/genthumb.sh "$videofile" "$thumb" >/dev/null head -n1 "$meta" |read length width height filename [ -z "$length" ] && length=0 @@ -61,6 +61,7 @@ _printVideo(){ video="$(urlsafe "videos/$info")" thumb="$(urlsafe "thumbs/$info.jpg")" linkinfo="$(urlsafe "$info")" + htmlinfo="$(htmlsafe "$info")" [ "$(($length % 60))" -lt 10 ] && minutes="$(($length / 60)):0$(($length % 60))" \ || minutes="$(($length / 60)):$(($length % 60))" @@ -70,9 +71,9 @@ _printVideo(){ Preview not yet available -

$info

+

${htmlinfo}

- + ${minutes}min ${width}x${height} $(printf %s "$tags" |sed -r 's:\|*([^|]+)\|*: \1:g')