r42237 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r42236‎ \| r42237 \| r42238 >
Date:	00:11, 20 October 2008
Author:	brion
Status:	old
Tags:
Comment:	Reverting r42184 "fixed issues of r41969 revert. Removed XSS, ( less variable overloading ), fall-back ffmpeg command for failed multi-track ogg thumbnail generation" There's some weird altering of a global variable here; could cause data corruption if called multiple times.
Modified paths:	/trunk/extensions/OggHandler/OggHandler.php (modified) (history) /trunk/extensions/OggHandler/OggHandler_body.php (modified) (history)

Diff [purge]

Index: trunk/extensions/OggHandler/OggHandler.php
—	—	@@ -34,15 +34,6 @@
35	35
36	36	/***************** CONFIGURATION STARTS HERE ********************/
37	37
38		~~-//if wgPlayerStats collection is enabled or not~~
39		~~-$wgPlayerStatsCollection=false;~~
40		-
41		~~-//the player stats js file (does not have to be the same server as OggHandler is installed on)~~
42		~~-$wgPlayerStatsCollectionJs = $wgScriptPath . '/extensions/PlayerStatsGrabber/playerStats.js';~~
43		-
44		~~-//url to the wiki index.php your submitting stats to (leave empty for the same server as current)~~
45		~~-$wgPlayerStatsCollectionScriptPath = '';~~
46		-
47	38	// Location of the FFmpeg binary
48	39	$wgFFmpegLocation = 'ffmpeg';
49	40
Index: trunk/extensions/OggHandler/OggHandler_body.php
—	—	@@ -238,36 +238,23 @@
239	239	# No audio, one frame
240	240	' -f mjpeg -an -vframes 1 ' .
241	241	wfEscapeShellArg( $dstPath ) . ' 2>&1';
242		-
	242	+
243	243	$retval = 0;
244	244	$returnText = wfShellExec( $cmd, $retval );
245	245
246	246	if ( $this->removeBadFile( $dstPath, $retval ) \|\| $retval ) {
247		~~- #re-attempt encode command on frame time 1 and with mapping (special case for chopped oggs)~~
248		~~- $cmd = wfEscapeShellArg( $wgFFmpegLocation ) .~~
249		~~- ' -map 0:1 '.~~
250		~~- ' -ss 1 ' .~~
251		~~- ' -i ' . wfEscapeShellArg( $file->getPath() ) .~~
252		~~- ' -f mjpeg -an -vframes 1 ' .~~
253		~~- wfEscapeShellArg( $dstPath ) . ' 2>&1';~~
254		-
255		~~- $retval = 0;~~
256		~~- $returnText = wfShellExec( $cmd, $retval );~~
257		~~- //if still bad return error:~~
258		~~- if ( $this->removeBadFile( $dstPath, $retval ) \|\| $retval ) {~~
259		~~- // Filter nonsense~~
260		~~- $lines = explode( "\n", str_replace( "\r\n", "\n", $returnText ) );~~
261		~~- if ( substr( $lines[0], 0, 6 ) == 'FFmpeg' ) {~~
262		~~- for ( $i = 1; $i < count( $lines ); $i++ ) {~~
263		~~- if ( substr( $lines[$i], 0, 2 ) != ' ' ) {~~
264		~~- break;~~
265		~~- }~~
	247	+ // Filter nonsense
	248	+ $lines = explode( "\n", str_replace( "\r\n", "\n", $returnText ) );
	249	+ if ( substr( $lines[0], 0, 6 ) == 'FFmpeg' ) {
	250	+ for ( $i = 1; $i < count( $lines ); $i++ ) {
	251	+ if ( substr( $lines[$i], 0, 2 ) != ' ' ) {
	252	+ break;
266	253	}
267		~~- $lines = array_slice( $lines, $i );~~
268	254	}
269		~~- // Return error box~~
270		~~- return new MediaTransformError( 'thumbnail_error', $width, $height, implode( "\n", $lines ) );~~
	255	+ $lines = array_slice( $lines, $i );
271	256	}
	257	+ // Return error box
	258	+ return new MediaTransformError( 'thumbnail_error', $width, $height, implode( "\n", $lines ) );
272	259	}
273	260	return new OggVideoDisplay( $file, $file->getURL(), $dstUrl, $width, $height, $length, $dstPath );
274	261	}
—	—	@@ -403,8 +390,7 @@
404	391	}
405	392
406	393	function setHeaders( $out ) {
407		~~- global $wgOggScriptVersion, $wgCortadoJarFile, $wgServer, $wgUser,~~
408		~~- $wgPlayerStatsCollection, $wgPlayerStatsCollectionJs, $wgPlayerStatsCollectionScriptPath;~~
	394	+ global $wgOggScriptVersion, $wgCortadoJarFile, $wgServer;
409	395	if ( $out->hasHeadItem( 'OggHandler' ) ) {
410	396	return;
411	397	}
—	—	@@ -444,27 +430,7 @@
445	431	}
446	432	</style>
447	433	EOT
448		~~-);~~
449		~~- //if collecting stats add relevant code:~~
450		~~- if( $wgPlayerStatsCollection ){~~
451		~~- $jsUserHash = sha1( $wgUser->getName() . $wgProxyKey );~~
452		~~- $enUserHash = Xml::encodeJsVar( $jsUserHash );~~
453		~~- //escape the javascript url:~~
454		~~- $wgPlayerStatsCollectionJs = htmlspecialchars( $wgPlayerStatsCollectionJs );~~
455		-
456		~~- if( trim($wgPlayerStatsCollectionScriptPath ) != '' )~~
457		~~- $wgPlayerStatsCollectionScriptPath= htmlentities( $wgPlayerStatsCollectionScriptPath );~~
458		-
459		~~- $wgPlayerStatsCollectionScriptPath = htmlspecialchars( $wgPlayerStatsCollectionScriptPath );~~
460		~~- $out->addHeadItem('playerStatsCollection', <<<EOT~~
461		~~-<script type="text/javascript">~~
462		~~-wgOggPlayer.userHash = $enUserHash;~~
463		~~-wgServerOverride = "$wgPlayerStatsCollectionScriptPath";~~
464		~~-</script>~~
465		~~-<script type="text/javascript" src="$wgPlayerStatsCollectionJs"></script>~~
466		~~-EOT~~
467		~~-);~~
468		~~- }~~
	434	+ );
469	435
470	436	}
471	437

Follow-up revisions

Revision	Commit summary	Author	Date
r42275	changed to use a single one time use global variable (hopefully addresses -r4...	dale	20:52, 20 October 2008

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r41969	Revert r41628:...	tstarling	14:14, 11 October 2008
r42184	fixed issues of r41969 revert. Removed XSS, ( less variable overloading ), fa...	dale	23:53, 17 October 2008

Status & tagging log

15:36, 12 September 2011 Meno25 (talk | contribs) changed the status of r42237 [removed: ok added: old]