[sword-svn] r2433 - trunk/utilities/diatheke/tcl
chrislit at crosswire.org
chrislit at crosswire.org
Thu Jun 4 02:02:36 MST 2009
Author: chrislit
Date: 2009-06-04 02:02:36 -0700 (Thu, 04 Jun 2009)
New Revision: 2433
Modified:
trunk/utilities/diatheke/tcl/README
trunk/utilities/diatheke/tcl/biblebot-diatheke.tcl
Log:
enhanced security somewhat (I'm not sure whether this was even a problem since none of the attacks I tried even worked)
removed history function
added direction to update file locations to README
Modified: trunk/utilities/diatheke/tcl/README
===================================================================
--- trunk/utilities/diatheke/tcl/README 2009-06-04 07:36:27 UTC (rev 2432)
+++ trunk/utilities/diatheke/tcl/README 2009-06-04 09:02:36 UTC (rev 2433)
@@ -24,12 +24,17 @@
This script requires the Diatheke command line front end to The SWORD
Project. You should really install this first, including all optional
components: zlib, CLucene, ICU (preferrably icu-sword), and cURL. Then
-install any modules you want to make available to users. Finally, run
-the Perl script makebooklist.pl, which will create/overwrite the file
-biblebot-diatheke-books.tcl. This includes all books installed on
-the system, so remove any entries you want to hide from users, as
-necessary.
+install any modules you want to make available to users.
+Modify the file biblebot-diatheke.tcl as necessary so that the two
+variables "diatheke" and "dict" point to the copies of the diatheke
+and dict programs on your system.
+
+Finally, run the Perl script makebooklist.pl, which will
+create/overwrite the file biblebot-diatheke-books.tcl. This includes
+all books installed on the system, so remove any entries you want to
+hide from users, as necessary.
+
To install Diatheke/Tcl, install an eggdrop IRC bot, copy the
Diatheke/Tcl .tcl files (biblebot-diatheke.tcl and
biblebot-diatheke-books.tcl) to your eggdrop scripts directory, and
Modified: trunk/utilities/diatheke/tcl/biblebot-diatheke.tcl
===================================================================
--- trunk/utilities/diatheke/tcl/biblebot-diatheke.tcl 2009-06-04 07:36:27 UTC (rev 2432)
+++ trunk/utilities/diatheke/tcl/biblebot-diatheke.tcl 2009-06-04 09:02:36 UTC (rev 2433)
@@ -15,12 +15,12 @@
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
-set diaver 5.0
-
-#modify this to reflect actual location of diatheke and dict binaries
+# modify this to reflect actual location of diatheke and dict binaries
set diatheke "/usr/bin/diatheke"
set dict "/usr/bin/dict"
+set diaver 5.0
+
proc publookupverse {vlookup} {
global botnick chan bibver diatheke
@@ -38,6 +38,7 @@
set vlookup [string trimleft $vlookup "@"]
set vlookup [string trimleft $vlookup "#"]
+ regsub -all {[[]{};\#\%\\\$\'\"\/\|<>]} $vlookup { } vlookup
catch {exec $diatheke -f plaintext -o $arg -b $bibver -k "$vlookup" >& /tmp/fooout.$botnick}
catch {set foofile [open /tmp/fooout.$botnick]}
while {[gets $foofile fooverse] >= 0} {
@@ -68,7 +69,7 @@
putmsg $chan "$foo2"
}
- catch {close $foofile}
+ catch {close $foofile}
exec rm /tmp/fooout.$botnick
return 1
}
@@ -85,15 +86,15 @@
putmsg $nick "Only ops can display verses at this time."
return 0
}
-
- publookupverse $arg
+ publookupverse $arg
}
-# ----------------------------------------------------------------------
+#----------------------------------------------------------------------
proc pubsearchword {vlookup} {
global botnick chan bibver diatheke
+ regsub -all {[[]{};\#\%\\\$\'\"\/\|<>]} $vlookup { } vlookup
catch {exec $diatheke -s $bibver "$vlookup" >& /tmp/fooout.$botnick}
catch {set foofile [open /tmp/fooout.$botnick]}
@@ -143,9 +144,9 @@
#----------------------------------------------------------------------
-
proc publookupdict {vlookup} {
global botnick chan bibver diatheke
+ regsub -all {[[]{};\#\%\\\$\'\"\/\|<>]} $vlookup { } vlookup
catch {exec $diatheke -f plaintext -b $bibver -k "$vlookup" >& /tmp/fooout.$botnick}
catch {set foofile [open /tmp/fooout.$botnick]}
@@ -153,7 +154,7 @@
putmsg $chan "$fooverse"
}
catch {close $foofile}
- # exec rm /tmp/fooout.$botnick
+ exec rm /tmp/fooout.$botnick
return 1
}
@@ -173,7 +174,7 @@
putmsg $nick "Sorry, only ops can use dictionaries and indices right now."
return 0
}
-
+
publookupdict $arg
}
@@ -193,6 +194,7 @@
proc publookupcomm {vlookup} {
global botnick chan bibver diatheke
+ regsub -all {[[]{};\#\%\\\$\'\"\/\|<>]} $vlookup { } vlookup
catch {exec $diatheke -c $bibver "$vlookup" >& /tmp/fooout.$botnick}
catch {set foofile [open /tmp/fooout.$botnick]}
while {[gets $foofile fooverse] >= 0} {
@@ -263,6 +265,7 @@
return 0
}
+ regsub -all {[[]{};\#\%\\\$\'\"\/\|<>]} $arg { } arg
catch {exec $dict "$arg" >& /tmp/fooout.$botnick}
catch {set foofile [open /tmp/fooout.$botnick]}
catch {set fooverse [gets $foofile]}
@@ -293,9 +296,6 @@
putserv "NOTICE $nick :Supported commands:"
putserv "NOTICE $nick :Help, using \"!biblehelp\""
putserv "NOTICE $nick :Book list, using \"!books\" (it's long)"
-# Uncomment the next line if you have turned LOGGING on in diatheke to enable
-# the history function.
-# putserv "NOTICE $nick :See last 5 calls to BibleBot, using \"!history\""
putserv "NOTICE $nick :Check display status, using \"!status\""
putserv "NOTICE $nick :Bible lookups, using \"!<bible version> <book> <chapter>:<verse>\""
putserv "NOTICE $nick :verse ranges can be specified by adding \"-<last verse>\" to this"
@@ -361,25 +361,6 @@
return 1
}
-
-bind pub - !history pub_hist
-bind msg - history pub_hist
-
-proc pub_hist {nick uhost hand channel arg} {
- global botnick
- catch {exec tail -n 5 /var/log/diatheke.log >& /tmp/fooout.$botnick}
- catch {set foofile [open /tmp/fooout.$botnick]}
- catch {set fooverse [gets $foofile]}
- putserv "NOTICE $nick :Last 5 calls to Diatheke/Tcl BibleBot"
- putserv "NOTICE $nick :$fooverse"
- while {[gets $foofile fooverse] >= 0} {
- putserv "NOTICE $nick :$fooverse"
- }
- catch {close $foofile}
- exec rm /tmp/fooout.$botnick
- return 1
-}
-
#---------------------------------------------------------------------
proc pub_verseon {nick uhost hand channel arg} {
More information about the sword-cvs
mailing list