diff options
| author | Richard Ipsum <richard.ipsum@codethink.co.uk> | 2014-01-09 15:11:59 +0000 |
|---|---|---|
| committer | Richard Ipsum <richard.ipsum@codethink.co.uk> | 2014-01-23 17:18:41 +0000 |
| commit | 92e6c57cc6896480658b7bb1fb3facc3fbb1be38 (patch) | |
| tree | e8bb670f586ea0030df7f2f8674ca0f551178d7d | |
| parent | 0d4a9b22594a3973b1d54a51d9c123671af5a503 (diff) | |
| download | gitano-92e6c57cc6896480658b7bb1fb3facc3fbb1be38.tar.gz | |
Decode url
| -rwxr-xr-x | cgi/command.cgi | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/cgi/command.cgi b/cgi/command.cgi index 041d6ca..4406aea 100755 --- a/cgi/command.cgi +++ b/cgi/command.cgi @@ -5,9 +5,17 @@ io.flush() os.execute("env") print "\n" +function url_decode(str) + str = string.gsub (str, "+", " ") + str = string.gsub (str, "%%(%x%x)", + function(h) return string.char(tonumber(h,16)) end) + str = string.gsub (str, "\r\n", "\n") + return str +end + local function run_command(user) -- we may need to do some kind of input validation on the query string - local query_string = os.getenv("QUERY_STRING") + local query_string = url_decode(os.getenv("QUERY_STRING")) --local cmdline = query_string |