]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Plugin/sparkline.pm
More about security
[git.ikiwiki.info.git] / IkiWiki / Plugin / sparkline.pm
index 458192695322317d5e0f69a860476758675987d5..e28d2605a2c1802e6afe798cab14548529d55936 100644 (file)
@@ -24,6 +24,7 @@ sub getsetup () {
                plugin => {
                        safe => 1,
                        rebuild => undef,
+                       section => "widget",
                },
 }
 
@@ -75,7 +76,7 @@ sub preprocess (@) {
                        my ($x, $y, $color, $diameter, $text, $location)=
                                split(/\s*,\s*/, $value);
                        if (! defined $diameter || $diameter < 0) {
-                               error gettext("bad featurepoint diameter");
+                               error gettext("invalid featurepoint diameter");
                        }
                        $x=int($x);
                        $y=int($y);
@@ -85,7 +86,7 @@ sub preprocess (@) {
                        if (defined $location) {
                                $location=$locmap{$location};
                                if (! defined $location) {
-                                       error gettext("bad featurepoint location");
+                                       error gettext("invalid featurepoint location");
                                }
                        }
                        $php.=qq{\$sparkline->SetFeaturePoint($x, $y, '$color', $diameter};
@@ -101,7 +102,7 @@ sub preprocess (@) {
 
        my $height=int($params{height} || 20);
        if ($height < 2 || $height > 100) {
-               error gettext("bad height value");
+               error gettext("invalid height value");
        }
        if ($style eq "Bar") {
                $php.=qq{\$sparkline->Render($height);\n};
@@ -112,7 +113,7 @@ sub preprocess (@) {
                }
                my $width=int($params{width});
                if ($width < 2 || $width > 1024) {
-                       error gettext("bad width value");
+                       error gettext("invalid width value");
                }
                $php.=qq{\$sparkline->RenderResampled($width, $height);\n};
        }
@@ -121,10 +122,10 @@ sub preprocess (@) {
 
        # Use the sha1 of the php code that generates the sparkline as
        # the base for its filename.
-       eval q{use Digest::SHA1};
+       eval q{use Digest::SHA};
         error($@) if $@;
        my $fn=$params{page}."/sparkline-".
-               IkiWiki::possibly_foolish_untaint(Digest::SHA1::sha1_hex($php)).
+               IkiWiki::possibly_foolish_untaint(Digest::SHA::sha1_hex($php)).
                ".png";
        will_render($params{page}, $fn);
 
@@ -149,7 +150,7 @@ sub preprocess (@) {
 
                waitpid $pid, 0;
                $SIG{PIPE}="DEFAULT";
-               if ($sigpipe) {
+               if ($sigpipe || ! defined $png) {
                        error gettext("failed to run php");
                }
 
@@ -157,7 +158,8 @@ sub preprocess (@) {
                        writefile($fn, $config{destdir}, $png, 1);
                }
                else {
-                       # can't write the file, so embed it in a data uri
+                       # in preview mode, embed the image in a data uri
+                       # to avoid temp file clutter
                        eval q{use MIME::Base64};
                        error($@) if $@;
                        return "<img src=\"data:image/png;base64,".