octoleo/telegram-bot-bash
1
1
Fork 0
mirror of https://github.com/octoleo/telegram-bot-bash.git synced 2025-01-30 00:58:24 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #9 from danog/patch-3

Browse Source 
Fixed security issues
This commit is contained in:
Drew 2016-03-23 13:59:40 -04:00
commit 64f3cb5fc7
2 changed files with 13 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -104,7 +104,11 @@ To send messages use the ```send_message``` function:
``` ```
send_message "${USER[ID]}" "lol" send_message "${USER[ID]}" "lol"
``` ```
To send images, videos, voice files, photos ecc use the ```send_photo``` function: This function also allows a third parameter that disables additional function parsing (for safety use this when reprinting user input):
```
send_message "${USER[ID]}" "lol" "text"
```
To send images, videos, voice files, photos ecc use the ```send_photo``` function (remember to change the safety Regex @ line 94 to allow sending files only from certain directories):
``` ```
send_file "${USER[ID]}" "/home/user/doge.jpg" "Lool" send_file "${USER[ID]}" "/home/user/doge.jpg" "Lool"
``` ```

16
bashbot.sh
View File

@ -37,15 +37,15 @@ declare -A USER MESSAGE URLS CONTACT LOCATION
send_message() { send_message() {
local chat="$1" local chat="$1"
local text="$(echo "$2" | sed 's/ mykeyboardstartshere.*//g;s/ myfilelocationstartshere.*//g;s/ mylatstartshere.*//g;s/ mylongstartshere.*//g')" local text="$(echo "$2" | sed 's/ mykeyboardstartshere.*//g;s/ myfilelocationstartshere.*//g;s/ mylatstartshere.*//g;s/ mylongstartshere.*//g')"
[ "$3" != "text" ] && {
local keyboard="$(echo "$2" | sed '/mykeyboardstartshere /!d;s/.*mykeyboardstartshere //g;s/ myfilelocationstartshere.*//g;s/ mylatstartshere.*//g;s/ mylongstartshere.*//g')"
local keyboard="$(echo "$2" | sed '/mykeyboardstartshere /!d;s/.*mykeyboardstartshere //g;s/ myfilelocationstartshere.*//g;s/ mylatstartshere.*//g;s/ mylongstartshere.*//g')" local file="$(echo "$2" | sed '/myfilelocationstartshere /!d;s/.*myfilelocationstartshere //g;s/ mykeyboardstartshere.*//g;s/ mylatstartshere.*//g;s/ mylongstartshere.*//g')"
local file="$(echo "$2" | sed '/myfilelocationstartshere /!d;s/.*myfilelocationstartshere //g;s/ mykeyboardstartshere.*//g;s/ mylatstartshere.*//g;s/ mylongstartshere.*//g')" local lat="$(echo "$2" | sed '/mylatstartshere /!d;s/.*mylatstartshere //g;s/ mykeyboardstartshere.*//g;s/ myfilelocationstartshere.*//g;s/ mylongstartshere.*//g')"
local lat="$(echo "$2" | sed '/mylatstartshere /!d;s/.*mylatstartshere //g;s/ mykeyboardstartshere.*//g;s/ myfilelocationstartshere.*//g;s/ mylongstartshere.*//g')"
local long="$(echo "$2" | sed '/mylongstartshere /!d;s/.*mylongstartshere //g;s/ mykeyboardstartshere.*//g;s/ myfilelocationstartshere.*//g;s/ mylatstartshere.*//g')"
local long="$(echo "$2" | sed '/mylongstartshere /!d;s/.*mylongstartshere //g;s/ mykeyboardstartshere.*//g;s/ myfilelocationstartshere.*//g;s/ mylatstartshere.*//g')"
}
if [ "$keyboard" != "" ]; then if [ "$keyboard" != "" ]; then
send_keyboard "$chat" "$text" "$keyboard" send_keyboard "$chat" "$text" "$keyboard"
local sent=y local sent=y
@ -91,6 +91,7 @@ send_file() {
[ "$2" = "" ] && return [ "$2" = "" ] && return
local chat_id=$1 local chat_id=$1
local file=$2 local file=$2
echo "$file" | grep -qE '/home/allowed/.*' || return
local ext="${file##*.}" local ext="${file##*.}"
case $ext in case $ext in
"mp3") "mp3")
@ -231,7 +232,7 @@ Contribute to the project: https://github.com/topkecleon/telegram-bot-bash
'') '')
;; ;;
*) *)
send_message "${USER[ID]}" "$MESSAGE" send_message "${USER[ID]}" "$MESSAGE" "text"
esac esac
else else
case $MESSAGE in case $MESSAGE in
@ -265,4 +266,3 @@ while [ "$1" != "source" ]; do {
fi fi
}; done }; done