small updates and fixes for 1.40

README.html

@@ -350,8 +350,9 @@ It features background tasks and interactive chats, and can serve as an interfac
 <p><strong>Never run your Bot as root, this is the most dangerous you can do!</strong> Usually the user 'nobody' has almost no rights on Linux/Unix systems. See <a href="doc/4_expert.md">Expert use</a> on how to run your Bot as an other user.</p>
 <h3>Secure your Bot installation</h3>
 <p><strong>Your Bot configuration must not be readable by other users.</strong> Everyone who can read your Bots token is able to act as your Bot and has access to all chats the Bot is in!</p>
-<p>Everyone with read access to your Bot files can extract your Bots data. Especially your Bot config in<code>config.jssh</code> must be protected against other users. No one except you should have write access to the Bot files. The Bot should be restricted to have write access to<code>count.jssh</code> and <code>data-bot-bash</code> only, all other files must be write protected.</p>
+<p>Everyone with read access to your Bot files can extract your Bots data. Especially your Bot config in <code>config.jssh</code> must be protected against other users. No one except you should have write access to the Bot files. The Bot should be restricted to have write access to <code>count.jssh</code>, <code>data-bot-bash/</code> and <code>logs/</code> only, all other files must be write protected.</p>
 <p>To set access rights for your bashbot installation to a reasonable default run <code>sudo ./bashbot.sh init</code> after every update or change to your installation directory.</p>
+<p><em>Note</em>: Keep old log files in a safe place or even better delete them, they are GDPR relevant and <a href="https://github.com/topkecleon/telegram-bot-bash/issues/174">may contain information</a> you don't want to be public.</p>
 <h2>FAQ</h2>
 <h3>Is this Bot insecure?</h3>
 <p>Bashbot is not more (in)secure than a Bot written in another language. We have done our best to make it as secure as possible. But YOU are responsible for the bot commands you wrote and you should know about the risks ...</p>
@@ -391,6 +392,6 @@ It features background tasks and interactive chats, and can serve as an interfac
 <p>@Gnadelwartz</p>
 <h2>That's it all guys!</h2>
 <p>If you feel that there's something missing or if you found a bug, feel free to submit a pull request!</p>
-<h4>$$VERSION$$ v1.40-dev-29-g737be16</h4>
+<h4>$$VERSION$$ v1.40-dev-34-g1440d56</h4>
 </body>
 </html>

README.md

@@ -169,10 +169,12 @@ For the same reason every file your Bot can read is in danger of being disclosed
 ### Secure your Bot installation
 **Your Bot configuration must not be readable by other users.** Everyone who can read your Bots token is able to act as your Bot and has access to all chats the Bot is in!
 
-Everyone with read access to your Bot files can extract your Bots data. Especially your Bot config in`config.jssh` must be protected against other users. No one except you should have write access to the Bot files. The Bot should be restricted to have write access to`count.jssh` and `data-bot-bash` only, all other files must be write protected.
+Everyone with read access to your Bot files can extract your Bots data. Especially your Bot config in `config.jssh` must be protected against other users. No one except you should have write access to the Bot files. The Bot should be restricted to have write access to `count.jssh`, `data-bot-bash/` and `logs/` only, all other files must be write protected.
 
 To set access rights for your bashbot installation to a reasonable default run `sudo ./bashbot.sh init` after every update or change to your installation directory.
 
+*Note*: Keep old log files in a safe place or even better delete them, they are GDPR relevant and [may contain information](https://github.com/topkecleon/telegram-bot-bash/issues/174) you don't want to be public.
+
 ## FAQ
 
 ### Is this Bot insecure?
@@ -239,4 +241,4 @@ See `mycommnds.sh.dist` for an example.
 
 If you feel that there's something missing or if you found a bug, feel free to submit a pull request!
 
-#### $$VERSION$$ v1.40-dev-29-g737be16
+#### $$VERSION$$ v1.40-dev-34-g1440d56

README.txt

@@ -233,10 +233,13 @@ Your Bot configuration must not be readable by other users. Everyone who can rea
 Bots token is able to act as your Bot and has access to all chats the Bot is in!
 Everyone with read access to your Bot files can extract your Bots data. Especially your
 Bot config in config.jssh must be protected against other users. No one except you should
-have write access to the Bot files. The Bot should be restricted to have write access
+have write access to the Bot files. The Bot should be restricted to have write access to
-tocount.jssh and data-bot-bash only, all other files must be write protected.
+count.jssh, data-bot-bash/ and logs/ only, all other files must be write protected.
 To set access rights for your bashbot installation to a reasonable default run sudo ./
 bashbot.sh init after every update or change to your installation directory.
+Note: Keep old log files in a safe place or even better delete them, they are GDPR
+relevant and may contain information [https://github.com/topkecleon/telegram-bot-bash/
+issues/174] you don't want to be public.
 
 FAQ
 
@@ -315,5 +318,5 @@ That's it all guys!
 If you feel that there's something missing or if you found a bug, feel free to submit a
 pull request!
 
-$$VERSION$$ v1.40-dev-29-g737be16
+$$VERSION$$ v1.40-dev-34-g1440d56
 

bashbot.sh

@@ -30,7 +30,7 @@ BOTCOMMANDS="-h  help  init  start  stop  status  suspendback  resumeback  killb
 #     8 - curl/wget missing
 #     10 - not bash!
 #
-#### $$VERSION$$ v1.40-dev-32-gd876f75
+#### $$VERSION$$ v1.40-dev-34-g1440d56
 ##################################################################
 
 # are we running in a terminal?
@@ -390,13 +390,13 @@ fi
 
 # $1 URL, $2 filename in DATADIR
 # outputs final filename
-#download() {
+download() {
-#	local empty="no.file" file="${2:-${empty}}"
+	local empty="no.file" file="${2:-${empty}}"
-#	if [[ "${file}" = *"/"* ]] || [[ "${file}" = "."* ]]; then file="${empty}"; fi
+	if [[ "${file}" = *"/"* ]] || [[ "${file}" = "."* ]]; then file="${empty}"; fi
-#	while [ -f "${DATADIR:-.}/${file}" ] ; do file="${RANDOM}-${file}"; done
+	while [ -f "${DATADIR:-.}/${file}" ] ; do file="${RANDOM}-${file}"; done
-#	getJson "$1" >"${DATADIR:-.}/${file}" || return
+	getJson "$1" >"${DATADIR:-.}/${file}" || return
-#	printf '%s\n' "${DATADIR:-.}/${file}"
+	printf '%s\n' "${DATADIR:-.}/${file}"
-#}
+}
 
 # $1 postfix, e.g. chatid
 # $2 prefix, back- or startbot-

commands.sh

@@ -8,14 +8,14 @@
 # | |__/ / |_| |  | | | | |_| | |__   | |____( (_| | | |__ _ 
 # |_____/ \___/   |_| |_|\___/ \___)  |_______)____|_|\___)_|
 #
-# this file *MUST* not be edited! place your config and commands in
+# this file *MUST* not edited! place your config in the file "mycommands.conf"
-# the file "mycommands.sh". a clean version is provided as "mycommands.sh.clean"
+# and commands in "mycommands.sh", a clean version is provided as "mycommands.sh.clean"
 #
 
 # This file is public domain in the USA and all free countries.
 # Elsewhere, consider it to be WTFPLv2. (wtfpl.net/txt/copying)
 #
-#### $$VERSION$$ v1.35-dev-14-g08a0524
+#### $$VERSION$$ v1.40-dev-34-g1440d56
 #
 
 # bashbot locale defaults to c.UTF-8, adjust locale in mycommands.sh if needed

doc/0_install.md

@@ -132,5 +132,5 @@ You must update to [Version 1.20](https://github.com/topkecleon/telegram-bot-bas
 
 #### [Next Create Bot](1_firstbot.md)
 
-#### $$VERSION$$ v1.30-0-g3266427
+#### $$VERSION$$ v1.40-dev-34-g1440d56
 

doc/2_usage.md

@@ -372,5 +372,5 @@ send_action "${CHAT[ID]}" "action"
 #### [Prev Create Bot](1_firstbot.md)
 #### [Next Advanced Usage](3_advanced.md)
 
-#### $$VERSION$$ v1.35-dev-31-ga3eec98
+#### $$VERSION$$ v1.40-dev-34-g1440d56
 

doc/3_advanced.md

@@ -190,7 +190,7 @@ Note: Background jobs run independent from main bot and continue running until y
 
 In order to enable **inline mode**, send `/setinline` command to [@BotFather](https://telegram.me/botfather) and provide the placeholder text that the user will see in the input field after typing your bot’s name.
 
-The following commands allows you to send ansers to *inline queries*. To enable bashbot to process inline queries set `INLINE="1"`in 'mycommands.sh'.
+The following commands allows you to send ansers to *inline queries*. To enable bashbot to process inline queries set `INLINE="1"` in `mycommands.sh`.
 
 To send messages or links through an *inline query*:
 ```bash
@@ -302,5 +302,5 @@ Note: If you disable automatic retry, se above, you disable also connection prob
 #### [Prev Getting started](2_usage.md)
 #### [Next Expert Use](4_expert.md)
 
-#### $$VERSION$$ v1.30-0-g3266427
+#### $$VERSION$$ v1.40-dev-34-g1440d56
 

doc/4_expert.md

@@ -434,5 +434,5 @@ for every poll until the maximum of BASHBOT_SLEEP ms.
 #### [Prev Advanced Use](3_advanced.md)
 #### [Next Best Practice](5_practice.md)
 
-#### $$VERSION$$ v1.30-0-g3266427
+#### $$VERSION$$ v1.40-dev-34-g1440d56
 

doc/5_practice.md

@@ -160,5 +160,5 @@ The second warning is about an unused variable, this is true because in our exam
 #### [Prev Best Practice](5_practice.md)
 #### [Next Functions Reference](6_reference.md)
 
-#### $$VERSION$$ v1.30-0-g3266427
+#### $$VERSION$$ v1.40-dev-34-g1440d56
 

modules/processUpdates.sh

@@ -4,7 +4,7 @@
 # File: processUpdates.sh 
 # Note: DO NOT EDIT! this file will be overwritten on update
 #
-#### $$VERSION$$ v1.40-dev-33-g969c7a9
+#### $$VERSION$$ v1.40-dev-34-g1440d56
 ##################################################################
 
 ##############
@@ -82,7 +82,7 @@ process_update() {
 		process_message "${num}" "${debug}"
 	        printf "%(%c)T: update received FROM=%s CHAT=%s CMD=%s\n" -1 "${USER[USERNAME]:0:20} (${USER[ID]})"\
 			"${CHAT[USERNAME]:0:20}${CHAT[TITLE]:0:30} (${CHAT[ID]})"\
-			"${MESSAGE:0:30}${CAPTION:0:30}$(: "${URL[*]/bot*:}"; printf "%s" "${_//[A-Z-]}")" >>"${UPDATELOG}"
+			"${MESSAGE:0:30}${CAPTION:0:30}$(: "${URLS[*]//bot*:}"; printf "%s" "${_//[A-Z-]}")" >>"${UPDATELOG}"
 	fi
 	#####
 	# process inline and message events