diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2013-01-31 16:29:09 -0500 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2013-01-31 16:29:09 -0500 |
| commit | ea54a88ec8d3c6e412f5efda58601006af1cf86c (patch) | |
| tree | 2ca9be1515e3aefa3bf9af6869cfdabe736d19e5 | |
| parent | 107735ffc42bd761e28cbfc79f59aa23c1bcbc2a (diff) | |
Escape the host/username/password arguments to mysqldump. Fixes #1984.
| -rw-r--r-- | modules/gallery/controllers/packager.php | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/modules/gallery/controllers/packager.php b/modules/gallery/controllers/packager.php index c48965b5..d7e3cf41 100644 --- a/modules/gallery/controllers/packager.php +++ b/modules/gallery/controllers/packager.php @@ -88,14 +88,17 @@ class Packager_Controller extends Controller { $dbconfig = Kohana::config('database.default'); $conn = $dbconfig["connection"]; - $pass = $conn["pass"] ? "-p{$conn['pass']}" : ""; $sql_file = DOCROOT . "installer/install.sql"; if (!is_writable($sql_file)) { print "$sql_file is not writeable"; return; } - $command = "mysqldump --compact --skip-extended-insert --add-drop-table -h{$conn['host']} " . - "-u{$conn['user']} $pass {$conn['database']} > $sql_file"; + $command = sprintf( + "mysqldump --compact --skip-extended-insert --add-drop-table %s %s %s %s > $sql_file", + escapeshellarg("-h{$conn['host']}"), + escapeshellarg("-u{$conn['user']}"), + $conn['pass'] ? escapeshellarg("-p{$conn['pass']}") : "", + escapeshellarg($conn['database'])); exec($command, $output, $status); if ($status) { print "<pre>"; |