Re: The last long steps of the gnome.org website
- From: Vinicius Depizzol <vdepizzol gmail com>
- To: Olav Vitters <olav vitters nl>
- Cc: gnome-web-list gnome org, GNOME Marketing List <marketing-list gnome org>
- Subject: Re: The last long steps of the gnome.org website
- Date: Wed, 30 Mar 2011 23:34:50 -0300
On Wed, Mar 30, 2011 at 15:35, Olav Vitters <olav vitters nl> wrote:
>
> Looking at:
> http://git.gnome.org/browse/gnomeweb-wp/tree/wp-content/plugins/wppo/wppo.php
>
> | $wppo_cache[$p->ID] = $wpdb->get_row ("SELECT * FROM " . $wpdb->prefix . "wppo WHERE post_id = '" . $p->ID . "' AND (lang = '" . $lang . "' OR lang = '" . $fallback_lang . "')", ARRAY_A);
>
> That is bad. Please do proper escaping. It doesn't matter if the $lang
> and so on is restricted to well known values; it *must* be escaped!
Hey Olav! The localization plugin won't be used the first days after
GNOME 3.0 release. This is clearly something that must fixed before
using it.
> | $cmd = "/usr/bin/xml2po -m xhtml -p " . PO_DIR . "$po_file -o $translated_xml_file " . XML_DIR . "gnomesite.xml";
>
> that is also *very* bad. Don't execute via shell!
I fully agree this is pretty ugly. Do you have any suggestion
regarding this (a way to execute xml2po via php without executing it
with shell)?
Thank you!
>
> Similarly:
> | mkdir (WPPO_DIR, 0777);
> | mkdir (PO_DIR, 0777);
> | mkdir (POT_DIR, 0777);
> | mkdir (XML_DIR, 0777);
>
> Can't this be 755?
Changed and commited.
Thank you!
--
Vinicius Depizzol <vdepizzol gmail com>
http://vinicius.depizzol.com.br
[
Date Prev][Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
