From e45609cf6645e650b8bafccd6860dec6aa9bb547 Mon Sep 17 00:00:00 2001 From: Lukas Fleischer Date: Sat, 12 Dec 2015 18:28:42 +0100 Subject: notify: Do not pass notification texts via pipes Directly retrieve comments from the database instead of additionally passing them via stdin. Fixes FS#46742. Signed-off-by: Lukas Fleischer --- web/lib/acctfuncs.inc.php | 4 +--- web/lib/pkgbasefuncs.inc.php | 5 +++-- web/lib/pkgreqfuncs.inc.php | 4 ++-- 3 files changed, 6 insertions(+), 7 deletions(-) (limited to 'web/lib') diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index a166d65..6fb2b40 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -1277,11 +1277,10 @@ function account_set_ssh_keys($uid, $ssh_keys, $ssh_fingerprints) { * Invoke the email notification script. * * @param string $params Command line parameters for the script. - * @param string $text Text to pass via stdin. * * @return void */ -function notify($params, $text='') { +function notify($params) { $cmd = config_get('notifications', 'notify-cmd'); foreach ($params as $param) { $cmd .= ' ' . escapeshellarg($param); @@ -1299,7 +1298,6 @@ function notify($params, $text='') { return false; } - fwrite($pipes[0], $text); fclose($pipes[0]); fclose($pipes[1]); fclose($pipes[2]); diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php index 7076c31..7b744d5 100644 --- a/web/lib/pkgbasefuncs.inc.php +++ b/web/lib/pkgbasefuncs.inc.php @@ -100,8 +100,9 @@ function pkgbase_add_comment($base_id, $uid, $comment) { $q.= intval($base_id) . ", " . $uid . ", "; $q.= $dbh->quote($comment) . ", UNIX_TIMESTAMP())"; $dbh->exec($q); + $comment_id = $dbh->lastInsertId(); - notify(array('comment', $uid, $base_id), $comment); + notify(array('comment', $uid, $base_id, $comment_id)); return array(true, __('Comment has been added.')); } @@ -401,7 +402,7 @@ function pkgbase_flag($base_ids, $comment) { $dbh->exec($q); foreach ($base_ids as $base_id) { - notify(array('flag', $uid, $base_id), $comment); + notify(array('flag', $uid, $base_id)); } return array(true, __("The selected packages have been flagged out-of-date.")); diff --git a/web/lib/pkgreqfuncs.inc.php b/web/lib/pkgreqfuncs.inc.php index c1a4931..cf56663 100644 --- a/web/lib/pkgreqfuncs.inc.php +++ b/web/lib/pkgreqfuncs.inc.php @@ -158,7 +158,7 @@ function pkgreq_file($ids, $type, $merge_into, $comments) { if ($type === 'merge') { $params[] = $merge_into; } - notify($params, $comments); + notify($params); $auto_orphan_age = config_get('options', 'auto_orphan_age'); $auto_delete_age = config_get('options', 'auto_delete_age'); @@ -233,7 +233,7 @@ function pkgreq_close($id, $reason, $comments, $auto_close=false) { $dbh->exec($q); /* Send e-mail notifications. */ - notify(array('request-close', $uid, $id, $reason), $comments); + notify(array('request-close', $uid, $id, $reason)); return array(true, __("Request closed successfully.")); } -- cgit v1.2.3-54-g00ecf