On Sep 2, 2010, at 4:11 PM, Hamish wrote:
as I edit the scripts I notice a lot of ${FILENAME}. fyi this
does not protect from spaces (or other chars) in path names. in
that context it is mostly useful to terminate the variable name,
e.g. as in "${FILENAME}_$DATE.txt", as "_" would otherwise
continue the variable name.
quote as "$FILENAME" instead to keep it as a single arguement,
but don't quote * wildcards as that will make them literal chars.
this isn't really a bug for us as we build in a controlled
environment, but it is good practice and helps protect against
the shell equivalent of SQL-injection attacks (but more likely
self-inflicted bugs).
Hamish
(once burnt by `rm -rf ${TMP}*` when `tempfile` failed and $TMP
was empty)
there's a case to be made to move away from BASH altogether!
or, as much as possible
I'd suggest python
once again acknowledging Hamish's steadfast efforts
-Brian
_______________________________________________
Live-demo mailing list
[email protected]
http://lists.osgeo.org/mailman/listinfo/live-demo
http://wiki.osgeo.org/wiki/Live_GIS_Disc
_______________________________________________
Live-demo mailing list
[email protected]
http://lists.osgeo.org/mailman/listinfo/live-demo
http://wiki.osgeo.org/wiki/Live_GIS_Disc
