r42184 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r42183‎ \| r42184 \| r42185 >
Date:	23:53, 17 October 2008
Author:	dale
Status:	old (Comments)
Tags:
Comment:	fixed issues of r41969 revert. Removed XSS, ( less variable overloading ), fall-back ffmpeg command for failed multi-track ogg thumbnail generation
Modified paths:	/trunk/extensions/OggHandler/OggHandler.php (modified) (history) /trunk/extensions/OggHandler/OggHandler_body.php (modified) (history)

Diff [purge]

Index: trunk/extensions/OggHandler/OggHandler.php
—	—	@@ -34,6 +34,15 @@
35	35
36	36	/***************** CONFIGURATION STARTS HERE ********************/
37	37
	38	+//if wgPlayerStats collection is enabled or not
	39	+$wgPlayerStatsCollection=false;
	40	+
	41	+//the player stats js file (does not have to be the same server as OggHandler is installed on)
	42	+$wgPlayerStatsCollectionJs = $wgScriptPath . '/extensions/PlayerStatsGrabber/playerStats.js';
	43	+
	44	+//url to the wiki index.php your submitting stats to (leave empty for the same server as current)
	45	+$wgPlayerStatsCollectionScriptPath = '';
	46	+
38	47	// Location of the FFmpeg binary
39	48	$wgFFmpegLocation = 'ffmpeg';
40	49
Index: trunk/extensions/OggHandler/OggHandler_body.php
—	—	@@ -238,23 +238,36 @@
239	239	# No audio, one frame
240	240	' -f mjpeg -an -vframes 1 ' .
241	241	wfEscapeShellArg( $dstPath ) . ' 2>&1';
242		-
	242	+
243	243	$retval = 0;
244	244	$returnText = wfShellExec( $cmd, $retval );
245	245
246	246	if ( $this->removeBadFile( $dstPath, $retval ) \|\| $retval ) {
247		~~- // Filter nonsense~~
248		~~- $lines = explode( "\n", str_replace( "\r\n", "\n", $returnText ) );~~
249		~~- if ( substr( $lines[0], 0, 6 ) == 'FFmpeg' ) {~~
250		~~- for ( $i = 1; $i < count( $lines ); $i++ ) {~~
251		~~- if ( substr( $lines[$i], 0, 2 ) != ' ' ) {~~
252		~~- break;~~
	247	+ #re-attempt encode command on frame time 1 and with mapping (special case for chopped oggs)
	248	+ $cmd = wfEscapeShellArg( $wgFFmpegLocation ) .
	249	+ ' -map 0:1 '.
	250	+ ' -ss 1 ' .
	251	+ ' -i ' . wfEscapeShellArg( $file->getPath() ) .
	252	+ ' -f mjpeg -an -vframes 1 ' .
	253	+ wfEscapeShellArg( $dstPath ) . ' 2>&1';
	254	+
	255	+ $retval = 0;
	256	+ $returnText = wfShellExec( $cmd, $retval );
	257	+ //if still bad return error:
	258	+ if ( $this->removeBadFile( $dstPath, $retval ) \|\| $retval ) {
	259	+ // Filter nonsense
	260	+ $lines = explode( "\n", str_replace( "\r\n", "\n", $returnText ) );
	261	+ if ( substr( $lines[0], 0, 6 ) == 'FFmpeg' ) {
	262	+ for ( $i = 1; $i < count( $lines ); $i++ ) {
	263	+ if ( substr( $lines[$i], 0, 2 ) != ' ' ) {
	264	+ break;
	265	+ }
253	266	}
	267	+ $lines = array_slice( $lines, $i );
254	268	}
255		~~- $lines = array_slice( $lines, $i );~~
	269	+ // Return error box
	270	+ return new MediaTransformError( 'thumbnail_error', $width, $height, implode( "\n", $lines ) );
256	271	}
257		~~- // Return error box~~
258		~~- return new MediaTransformError( 'thumbnail_error', $width, $height, implode( "\n", $lines ) );~~
259	272	}
260	273	return new OggVideoDisplay( $file, $file->getURL(), $dstUrl, $width, $height, $length, $dstPath );
261	274	}
—	—	@@ -390,7 +403,8 @@
391	404	}
392	405
393	406	function setHeaders( $out ) {
394		~~- global $wgOggScriptVersion, $wgCortadoJarFile, $wgServer;~~
	407	+ global $wgOggScriptVersion, $wgCortadoJarFile, $wgServer, $wgUser,
	408	+ $wgPlayerStatsCollection, $wgPlayerStatsCollectionJs, $wgPlayerStatsCollectionScriptPath;
395	409	if ( $out->hasHeadItem( 'OggHandler' ) ) {
396	410	return;
397	411	}
—	—	@@ -430,7 +444,27 @@
431	445	}
432	446	</style>
433	447	EOT
434		~~- );~~
	448	+);
	449	+ //if collecting stats add relevant code:
	450	+ if( $wgPlayerStatsCollection ){
	451	+ $jsUserHash = sha1( $wgUser->getName() . $wgProxyKey );
	452	+ $enUserHash = Xml::encodeJsVar( $jsUserHash );
	453	+ //escape the javascript url:
	454	+ $wgPlayerStatsCollectionJs = htmlspecialchars( $wgPlayerStatsCollectionJs );
	455	+
	456	+ if( trim($wgPlayerStatsCollectionScriptPath ) != '' )
	457	+ $wgPlayerStatsCollectionScriptPath= htmlentities( $wgPlayerStatsCollectionScriptPath );
	458	+
	459	+ $wgPlayerStatsCollectionScriptPath = htmlspecialchars( $wgPlayerStatsCollectionScriptPath );
	460	+ $out->addHeadItem('playerStatsCollection', <<<EOT
	461	+<script type="text/javascript">
	462	+wgOggPlayer.userHash = $enUserHash;
	463	+wgServerOveride = "$wgPlayerStatsCollectionScriptPath";
	464	+</script>
	465	+<script type="text/javascript" src="$wgPlayerStatsCollectionJs"></script>
	466	+EOT
	467	+);
	468	+ }
435	469
436	470	}
437	471

Follow-up revisions

Revision	Commit summary	Author	Date
r42237	Reverting r42184 "fixed issues of r41969 revert. Removed XSS, ( less variable...	brion	00:11, 20 October 2008

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r41969	Revert r41628:...	tstarling	14:14, 11 October 2008

Comments

#Comment by Brion VIBBER (talk | contribs) 00:12, 20 October 2008

There's some weird altering of a global variable here; could cause data corruption if called multiple times.

Reverting in r42237

Status & tagging log

09:06, 18 January 2012 Siebrand (talk | contribs) changed the tags for r42184 [removed: reverted]
15:36, 12 September 2011 Meno25 (talk | contribs) changed the status of r42184 [removed: resolved added: old]