Dear Platonides, On 1/2/13, Platonides <platoni...@gmail.com> wrote: >> >> 1) IMAGE FILE NAME -----snip----- > > Obviously, you should have been using: > $ curl -O 'http://star*.jpg' > $ curl -O 'http://foo`ls`bar.jpg' > > If you simply pass the parameters without quoting to curl, well, that's > a bad idea. Specially since you don't seem to be treating $ specially... >
Of course. I learned the quoting rules for /bin/sh, sql, and many other systems. My point is really about risk tolerance. The image file `star*.jpg' is one real example of what was downloaded using an early version of WP-MIRROR, which I then rewrote to block. I am averse to file names that contain wild cards and other control characters. I can handle them safely *almost* all the time. But, (shell)$ rm 'star*.jpg' <-- one day I will forget to do this, (shell)$ rm star*.jpg <-- and will instead do this (with collateral damage). Murphy's Law: Work two days straight, inadvertently delete three days work, discover backup tape is unreadable. -----snip----- >> 4) SHA1SUM -----snip----- >> >> (rootshell)# openssl dgst -sha1 0/00/Arc_en_ciel.png >> SHA1(0/00/Arc_en_ciel.png)= fd67104be2338dea99e1211be8b6824d3b271c38 -----snip----- >> mysql> SELECT img_sha1,img_name FROM simplewiki.image WHERE >> img_name='Arc_en_ciel.png'; >> +---------------------------------+-----------------+ >> | img_sha1 | img_name | >> +---------------------------------+-----------------+ >> | tllx8mwbr31uissi6a9jq86836d6vy0 | Arc_en_ciel.png | >> +---------------------------------+-----------------+ >> 1 row in set (0.00 sec) -----snip----- > > Those are sha1 in base-36. You will need to convert from base-36 to > base-16 to get the “classical output”. > Can't test this with MySQL function CONV() which is limited to 64bit, so let's try: (shell)$ clisp -q -q [1]> (string-downcase (format nil "~36r" #xfd67104be2338dea99e1211be8b6824d3b271c38)) "tllx8mwbr31uissi6a9jq86836d6vy0" Its a match. Excellent! Thank you very much. Action Item: WP-MIRROR 0.6 shall use SHA1 digests to validate image files. Sincerely Yours, Kent _______________________________________________ Xmldatadumps-l mailing list Xmldatadumps-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/xmldatadumps-l
