Jingga/phpOMS
1
0
Fork 0
mirror of https://github.com/Karaka-Management/phpOMS.git synced 2026-02-07 21:18:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Security fixes

Browse Source
This commit is contained in:
Dennis Eichhorn 2016-05-27 14:06:40 +02:00
parent da92cde5c2
commit ff4881d7fa
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Utils/Git/Repository.php
View File

@ -616,8 +616,7 @@ class Repository
*/ */
public function getCommit(string $commit) : Commit public function getCommit(string $commit) : Commit
{ {
$commit = escapeshellarg($commit); $lines = $this->run('show --name-only ' . escapeshellarg($commit));
$lines = $this->run('show --name-only ' . $commit);
$count = count($lines); $count = count($lines);
if (empty($lines)) { if (empty($lines)) {
@ -726,7 +725,7 @@ class Repository
public function getAdditionsRemovalsByContributor(Author $author, \DateTime $start = null, \DateTime $end = null) : array public function getAdditionsRemovalsByContributor(Author $author, \DateTime $start = null, \DateTime $end = null) : array
{ {
$addremove = ['added' => 0, 'removed' => 0]; $addremove = ['added' => 0, 'removed' => 0];
$lines = $this->run('log --author="' . $author->getName() . '" --since="' . $start->format('Y-m-d') . '" --before="' . $end->format('Y-m-d') . '" --pretty=tformat: --numstat'); $lines = $this->run('log --author=' . escapeshellarg($author->getName()) . ' --since="' . $start->format('Y-m-d') . '" --before="' . $end->format('Y-m-d') . '" --pretty=tformat: --numstat');
foreach ($lines as $line) { foreach ($lines as $line) {
$nums = explode(' ', $line); $nums = explode(' ', $line);
@ -776,7 +775,7 @@ class Repository
if (!isset($author)) { if (!isset($author)) {
$author = ''; $author = '';
} else { } else {
$author = ' --author="' . $author->getName() . '"'; $author = ' --author=' . escapeshellarg($author->getName()) . '';
} }
$lines = $this->run('git log --before="' . $end->format('Y-m-d') . '" --after="' . $start->format('Y-m-d') . '"' . $author . ' --reverse --date=short'); $lines = $this->run('git log --before="' . $end->format('Y-m-d') . '" --after="' . $start->format('Y-m-d') . '"' . $author . ' --reverse --date=short');