octoleo/telegram-bot-bash
1
1
Fork 0
mirror of https://github.com/octoleo/telegram-bot-bash.git synced 2024-09-28 16:29:03 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #9 from danog/patch-3

Browse Source 
Fixed security issues
This commit is contained in:
Drew 2016-03-23 13:59:40 -04:00
commit 64f3cb5fc7
2 changed files with 13 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -104,7 +104,11 @@ To send messages use the ```send_message``` function:
```
send_message "${USER[ID]}" "lol"
```
To send images, videos, voice files, photos ecc use the ```send_photo``` function:
This function also allows a third parameter that disables additional function parsing (for safety use this when reprinting user input):
```
send_message "${USER[ID]}" "lol" "text"
```
To send images, videos, voice files, photos ecc use the ```send_photo``` function (remember to change the safety Regex @ line 94 to allow sending files only from certain directories):
```
send_file "${USER[ID]}" "/home/user/doge.jpg" "Lool"
```

16
bashbot.sh
View File

@ -37,15 +37,15 @@ declare -A USER MESSAGE URLS CONTACT LOCATION
send_message() {
local chat="$1"
local text="$(echo "$2" | sed 's/ mykeyboardstartshere.*//g;s/ myfilelocationstartshere.*//g;s/ mylatstartshere.*//g;s/ mylongstartshere.*//g')"
[ "$3" != "text" ] && {
local keyboard="$(echo "$2" | sed '/mykeyboardstartshere /!d;s/.*mykeyboardstartshere //g;s/ myfilelocationstartshere.*//g;s/ mylatstartshere.*//g;s/ mylongstartshere.*//g')"
local keyboard="$(echo "$2" | sed '/mykeyboardstartshere /!d;s/.*mykeyboardstartshere //g;s/ myfilelocationstartshere.*//g;s/ mylatstartshere.*//g;s/ mylongstartshere.*//g')"
local file="$(echo "$2" | sed '/myfilelocationstartshere /!d;s/.*myfilelocationstartshere //g;s/ mykeyboardstartshere.*//g;s/ mylatstartshere.*//g;s/ mylongstartshere.*//g')"
local file="$(echo "$2" | sed '/myfilelocationstartshere /!d;s/.*myfilelocationstartshere //g;s/ mykeyboardstartshere.*//g;s/ mylatstartshere.*//g;s/ mylongstartshere.*//g')"
local lat="$(echo "$2" | sed '/mylatstartshere /!d;s/.*mylatstartshere //g;s/ mykeyboardstartshere.*//g;s/ myfilelocationstartshere.*//g;s/ mylongstartshere.*//g')"
local long="$(echo "$2" | sed '/mylongstartshere /!d;s/.*mylongstartshere //g;s/ mykeyboardstartshere.*//g;s/ myfilelocationstartshere.*//g;s/ mylatstartshere.*//g')"
local lat="$(echo "$2" | sed '/mylatstartshere /!d;s/.*mylatstartshere //g;s/ mykeyboardstartshere.*//g;s/ myfilelocationstartshere.*//g;s/ mylongstartshere.*//g')"
local long="$(echo "$2" | sed '/mylongstartshere /!d;s/.*mylongstartshere //g;s/ mykeyboardstartshere.*//g;s/ myfilelocationstartshere.*//g;s/ mylatstartshere.*//g')"
}
if [ "$keyboard" != "" ]; then
send_keyboard "$chat" "$text" "$keyboard"
local sent=y
@ -91,6 +91,7 @@ send_file() {
[ "$2" = "" ] && return
local chat_id=$1
local file=$2
echo "$file" | grep -qE '/home/allowed/.*' || return
local ext="${file##*.}"
case $ext in
"mp3")
@ -231,7 +232,7 @@ Contribute to the project: https://github.com/topkecleon/telegram-bot-bash
'')
;;
*)
send_message "${USER[ID]}" "$MESSAGE"
send_message "${USER[ID]}" "$MESSAGE" "text"
esac
else
case $MESSAGE in
@ -265,4 +266,3 @@ while [ "$1" != "source" ]; do {
fi
}; done