diff options
| -rw-r--r-- | health-model.lua | 4 | ||||
| -rw-r--r-- | interfaces-model.lua | 11 | ||||
| -rw-r--r-- | logfiles-model.lua | 3 | ||||
| -rw-r--r-- | password-model.lua | 3 | ||||
| -rw-r--r-- | skins-model.lua | 4 |
5 files changed, 15 insertions, 10 deletions
diff --git a/health-model.lua b/health-model.lua index e012bf1..52b4fa9 100644 --- a/health-model.lua +++ b/health-model.lua @@ -8,7 +8,7 @@ require("format") -- ############################################################### -- Private functions local function querycmd ( cmdline ) - local cmd = io.popen( cmdline ) + local cmd = io.popen( format.escapespecialcharacters(cmdline) ) local cmd_result = cmd:read("*a") or "unknown" cmd:close() return cmd_result @@ -16,7 +16,7 @@ end local function diskfree ( media ) if not (media) then media = "" end - local cmd = io.popen( "df -h " .. media ) + local cmd = io.popen( "df -h " .. format.escapespecialcharacters(media) ) local cmd_result = cmd:read("*a") or "unknown" cmd:close() return cmd_result diff --git a/interfaces-model.lua b/interfaces-model.lua index 93456e4..fdff2e2 100644 --- a/interfaces-model.lua +++ b/interfaces-model.lua @@ -4,6 +4,7 @@ module (..., package.seeall) require("modelfunctions") require("fs") +require("format") -- iface is a local (private) table with private methods for managing -- the interfaces file. All low-level stuff is done here. It exposes @@ -364,7 +365,7 @@ end iface.ifup = function (name) name = name or "" local cmd = "PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin ifup "..name - local f = io.popen(cmd) + local f = io.popen(format.escapespecialcharacters(cmd)) local cmdresult = f:read("*a") f:close() @@ -378,7 +379,7 @@ end iface.ifdown = function (name) name = name or "" local cmd = "PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin ifdown "..name - local f = io.popen(cmd) + local f = io.popen(format.escapespecialcharacters(cmd)) local cmdresult = f:read("*a") f:close() @@ -391,7 +392,7 @@ end iface.ipaddr = function () local cmd = "PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin ip addr" - local f = io.popen(cmd) + local f = io.popen(format.escapespecialcharacters(cmd)) local cmdresult = f:read("*a") f:close() @@ -400,7 +401,7 @@ end iface.iproute = function () local cmd = "PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin ip route" - local f = io.popen(cmd) + local f = io.popen(format.escapespecialcharacters(cmd)) local cmdresult = f:read("*a") f:close() @@ -409,7 +410,7 @@ end iface.ifconfig = function () local cmd = "PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin ifconfig" - local f = io.popen(cmd) + local f = io.popen(format.escapespecialcharacters(cmd)) local cmdresult = f:read("*a") f:close() diff --git a/logfiles-model.lua b/logfiles-model.lua index d255256..174d389 100644 --- a/logfiles-model.lua +++ b/logfiles-model.lua @@ -1,6 +1,7 @@ -- acf model for displaying logfiles module (..., package.seeall) require("fs") +require("format") require("modelfunctions") -- Function to get detailed information on a specific file. @@ -9,7 +10,7 @@ local function file_info ( path ) local st = fs.stat(path) local size = st.size or "0" local lastmod = st.mtime or "---" - local file_inuse = io.popen("fuser " .. path ) + local file_inuse = io.popen("fuser " .. format.escapespecialcharacters(path) ) local fileinuseresult = file_inuse:read("*a") or "unknown" file_inuse:close() fileinuseresult = (fileinuseresult == "") diff --git a/password-model.lua b/password-model.lua index 7dd9cd6..accab05 100644 --- a/password-model.lua +++ b/password-model.lua @@ -2,6 +2,7 @@ module (..., package.seeall) require ("fs") +require ("format") read_password = function() pw = {} @@ -25,7 +26,7 @@ update_password = function (pw) end if success then - local f = io.popen("/usr/bin/cryptpw " .. pw.value.password.value) + local f = io.popen("/usr/bin/cryptpw " .. format.escapespecialcharacters(pw.value.password.value)) local newpass = f:read("*l") f:close() local new = string.gsub(filecontent, "(\n"..pw.value.user.value..":)[^:]*", "%1"..newpass) diff --git a/skins-model.lua b/skins-model.lua index 441298e..620e7a7 100644 --- a/skins-model.lua +++ b/skins-model.lua @@ -1,8 +1,10 @@ -- acf model for displaying logfiles recusivly module (..., package.seeall) +require("format") + local function set_skins(skin) - local cmd = "/bin/sed -i 's/skin=.*/skin=" .. skin .. "/' /etc/acf/acf.conf" + local cmd = "/bin/sed -i 's/skin=.*/skin=" .. format.escapespecialcharacters(skin) .. "/' /etc/acf/acf.conf" local f, errtxt = io.popen(cmd) local cmdoutput = f:read("*a") if cmdoutput == "" then cmdoutput = "New skin selected" end |