From 17adba609667be944255ca358fa97964589894ae Mon Sep 17 00:00:00 2001 From: catvayor Date: Thu, 19 Sep 2024 16:55:46 +0200 Subject: [PATCH] =?UTF-8?q?wordpress:=20don=E2=80=99t=20use=20lib.escapeSh?= =?UTF-8?q?ellArg?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- nixos/modules/services/web-apps/wordpress.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/nixos/modules/services/web-apps/wordpress.nix b/nixos/modules/services/web-apps/wordpress.nix index ea771c358814..700bee191b9d 100644 --- a/nixos/modules/services/web-apps/wordpress.nix +++ b/nixos/modules/services/web-apps/wordpress.nix @@ -73,15 +73,17 @@ let checkPhase = "${pkgs.php}/bin/php --syntax-check $target"; }; + toPhpString = s: "'${escape [ "'" "\\" ] s}'"; + mkPhpValue = v: let isHasAttr = s: isAttrs v && hasAttr s v; in - if isString v then escapeShellArg v + if isString v then toPhpString v # NOTE: If any value contains a , (comma) this will not get escaped - else if isList v && any lib.strings.isCoercibleToString v then escapeShellArg (concatMapStringsSep "," toString v) + else if isList v && any lib.strings.isCoercibleToString v then toPhpString (concatMapStringsSep "," toString v) else if isInt v then toString v else if isBool v then boolToString v - else if isHasAttr "_file" then "trim(file_get_contents(${lib.escapeShellArg v._file}))" + else if isHasAttr "_file" then "trim(file_get_contents(${lib.toPhpString v._file}))" else if isHasAttr "_raw" then v._raw else abort "The Wordpress config value ${lib.generators.toPretty {} v} can not be encoded." ; -- 2.46.0