Mercurial > hgrepos > hgweb.cgi > s4
changeset 414:f4ec6ac09b60
Remove non numeric/comma chars at reference id detection for safety
author | HIROSE Yuuji <yuuji@gentei.org> |
---|---|
date | Mon, 13 Feb 2017 19:46:20 +0859 |
parents | 933df1a150e0 |
children | 0d5d62b53cc3 |
files | s4-blog.sh |
diffstat | 1 files changed, 1 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/s4-blog.sh Mon Feb 13 19:37:33 2017 +0859 +++ b/s4-blog.sh Mon Feb 13 19:46:20 2017 +0859 @@ -63,7 +63,7 @@ if [ -z "$4" -a -n "$replymark" ]; then # If the action is new subscription($4="") and has ">#123" marks... ids=`echo "$replymark"|sed 's/[^#0-9]*#\([0-9]*\)[^#0-9]*/\1 /g'` - ids=`echo $ids|tr ' ' ','` + ids=`echo ${ids%%[!0-9,]*}|tr ' ' ','` # -> 123,345,347 unames=`query "SELECT distinct author FROM article \ WHERE rowid in ($ids)\