From 11acaaaa1ac9a8a33893c18d94ec91ca6cb004ac Mon Sep 17 00:00:00 2001 From: "Kay Marquardt (Gnadelwartz)" Date: Sat, 18 Jan 2020 14:41:09 +0100 Subject: [PATCH] escape quote and other charaters in JSON strings --- bashbot.sh | 17 ++++++++++++----- modules/sendMessage.sh | 16 ++++++++-------- 2 files changed, 20 insertions(+), 13 deletions(-) diff --git a/bashbot.sh b/bashbot.sh index dd5c524..0f1306b 100755 --- a/bashbot.sh +++ b/bashbot.sh @@ -282,15 +282,22 @@ else } fi +# escape / remove text charaters for json strings, eg. " -> \" +# $1 string +# output escaped string +JsonEscape() { + sed 's/\([-"`´,§$%&ß/(){}#@?*]\)/\\\1/g' <<< "$1" +} + # convert common telegram entities to JSON # title caption description markup inlinekeyboard title2Json(){ local title caption desc markup keyboard - [ "$1" != "" ] && title=',"title":"'$1'"' - [ "$2" != "" ] && caption=',"caption":"'$2'"' - [ "$3" != "" ] && desc=',"description":"'$3'"' - [ "$4" != "" ] && markup=',"parse_mode":"'$4'"' - [ "$5" != "" ] && keyboard=',"reply_markup":"'$5'"' + [ "$1" != "" ] && title=',"title":"'$(JsonEscape "$1")'"' + [ "$2" != "" ] && caption=',"caption":"'$(JsonEscape "$2")'"' + [ "$3" != "" ] && desc=',"description":"'$(JsonEscape "$3")'"' + [ "$4" != "" ] && markup=',"parse_mode":"'$(JsonEscape "$4")'"' + [ "$5" != "" ] && keyboard=',"reply_markup":"'$(JsonEscape "$5")'"' echo "${title}${caption}${desc}${markup}${keyboard}" } diff --git a/modules/sendMessage.sh b/modules/sendMessage.sh index 2088d21..e189510 100644 --- a/modules/sendMessage.sh +++ b/modules/sendMessage.sh @@ -22,7 +22,7 @@ ACTION_URL=$URL'/sendChatAction' FORWARD_URL=$URL'/forwardMessage' send_normal_message() { - local text="${2}" + local text="$(JsonEscape "${2}")" until [ -z "${text}" ]; do sendJson "${1}" '"text":"'"${text:0:4096}"'"' "${MSG_URL}" text="${text:4096}" @@ -30,7 +30,7 @@ send_normal_message() { } send_markdown_message() { - local text="${2}" + local text="$(JsonEscape "${2}")" until [ -z "${text}" ]; do sendJson "${1}" '"text":"'"${text:0:4096}"'","parse_mode":"markdown"' "${MSG_URL}" text="${text:4096}" @@ -38,7 +38,7 @@ send_markdown_message() { } send_html_message() { - local text="${2}" + local text="$(JsonEscape "${2}")" until [ -z "${text}" ]; do sendJson "${1}" '"text":"'"${text:0:4096}"'","parse_mode":"html"' "${MSG_URL}" text="${text:4096}" @@ -46,7 +46,7 @@ send_html_message() { } old_send_keyboard() { - local text='"text":"'"${2}"'"' + local text='"text":"'$(JsonEscape "${2}")'"' shift 2 local keyboard="init" OLDIFS="$IFS" @@ -64,24 +64,24 @@ sendEmpty() { } send_keyboard() { if [[ "$3" != *'['* ]]; then old_send_keyboard "${@}"; return; fi - local text='"text":"'"${2}"'"'; [ "${2}" = "" ] && text='"text":"'"${ISEMPTY}"'"' + local text='"text":"'$(JsonEscape "${2}")'"'; [ "${2}" = "" ] && text='"text":"'"${ISEMPTY}"'"' local one_time=', "one_time_keyboard":true' && [ "$4" != "" ] && one_time="" sendEmpty "${1}" "${text}"', "reply_markup": {"keyboard": [ '"${3}"' ] '"${one_time}"'}' "$MSG_URL" # '"text":"$2", "reply_markup": {"keyboard": [ ${3} ], "one_time_keyboard": true}' } remove_keyboard() { - local text='"text":"'"${2}"'"'; [ "${2}" = "" ] && text='"text":"'"${ISEMPTY}"'"' + local text='"text":"'$(JsonEscape "${2}")'"'; [ "${2}" = "" ] && text='"text":"'"${ISEMPTY}"'"' sendEmpty "${1}" "${text}"', "reply_markup": {"remove_keyboard":true}' "$MSG_URL" #JSON='"text":"$2", "reply_markup": {"remove_keyboard":true}' } send_inline_keyboard() { - local text='"text":"'"${2}"'"'; [ "${2}" = "" ] && text='"text":"'"${ISEMPTY}"'"' + local text='"text":"'$(JsonEscape "${2}")'"'; [ "${2}" = "" ] && text='"text":"'"${ISEMPTY}"'"' sendEmpty "${1}" "${text}"', "reply_markup": {"inline_keyboard": [ '"${3}"' ]}' "$MSG_URL" # JSON='"text":"$2", "reply_markup": {"inline_keyboard": [ $3->[{"text":"text", "url":"url"}]<- ]}' } send_button() { - send_inline_keyboard "${1}" "${2}" '[ {"text":"'"${3}"'", "url":"'"${4}"'"}]' + send_inline_keyboard "${1}" "${2}" '[ {"text":"'$(JsonEscape "${3}")'", "url":"'"${4}"'"}]' }