From 413f9c9fb919159d251dcda6dd8e30ec745fee84 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Wed, 6 Mar 2019 10:54:37 +0100 Subject: [dozmod] Handle CRLF & LF for runscripts --- modules-available/dozmod/pages/runscripts.inc.php | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) (limited to 'modules-available/dozmod/pages') diff --git a/modules-available/dozmod/pages/runscripts.inc.php b/modules-available/dozmod/pages/runscripts.inc.php index c6566c13..7b67acf2 100644 --- a/modules-available/dozmod/pages/runscripts.inc.php +++ b/modules-available/dozmod/pages/runscripts.inc.php @@ -27,9 +27,23 @@ class SubPage Message::addError('main.parameter-missing', 'runscriptid'); return; } + // LF vs. CRLF crap -- use LF as soon as there's one non-MS OS selected + $content = Request::post('content', '', 'string'); + $oslist = Request::post('osid', false, 'array'); + if (is_array($oslist)) { + $oslist = array_filter($oslist, 'is_numeric'); + $res = Database::queryColumnArray('SELECT o.displayname FROM sat.operatingsystem o + WHERE o.osid IN (:osid)', ['osid' => $oslist]); + foreach ($res as $item) { + if ($item !== 'DOS' && strpos($item, 'Windows') === false) { + $content = str_replace("\r\n", "\n", $content); + break; + } + } + } $data = [ 'scriptname' => $scriptname, - 'content' => Request::post('content', '', 'string'), + 'content' => $content, 'visibility' => Request::post('visibility', 1, 'int'), 'extension' => preg_replace('/[^a-z0-9_\-~\!\$\=]/i', '', Request::post('extension', '', 'string')), 'passcreds' => Request::post('passcreds', 0, 'int') !== 0, @@ -49,9 +63,7 @@ class SubPage passcreds = :passcreds, isglobal = :isglobal WHERE runscriptid = :id', $data); } - $oslist = Request::post('osid', false, 'array'); if (is_array($oslist)) { - $oslist = array_filter($oslist, 'is_numeric'); $query = Database::prepare('INSERT INTO sat.presetrunscript_x_operatingsystem (runscriptid, osid) VALUES (:id, :osid)'); foreach ($oslist as $osid) { -- cgit v1.2.3-55-g7522