Permalink
Browse files

Escape text being passed to Slack

  • Loading branch information...
kiwiz committed Oct 3, 2017
1 parent 811e7a7 commit bded8c2e52db411d4173d52c4c4d732a458996ba
Showing with 16 additions and 7 deletions.
  1. +16 −7 phplib/Target/Slack.php
View
@@ -51,23 +51,24 @@ public function process(Alert $alert, $date) {
}
$site = SiteFinder::getCurrent();
$alert_link = $alert->isNew() ? null:$site->urlFor(sprintf('/alert/%d', $alert['alert_id']));
$message = implode(' ', [
is_null($search) ? 'Unknown':sprintf('<%s|%s>', $site->urlFor(
is_null($search) ? 'Unknown':sprintf('<%s|%s>', self::escape($site->urlFor(
sprintf('/search/%d', $search['id']),
$search['name']
)),
$alert->isNew() ? '[N/A]':sprintf('[<%s|Alert>]', $alert_link)
self::escape($search['name'])
))),
$alert->isNew() ? '[N/A]':sprintf('[<%s|Alert>]', self::escape($site->urlFor(
sprintf('/alert/%d', $alert['alert_id'])
)))
]);
$message_data = [
'channel' => $this->obj['data']['channel'],
'username' => Util::getSiteName(),
'username' => self::escape(Util::getSiteName()),
'icon_emoji' => ':warning:',
'text' => '',
'attachments' => [[
'pretext' => $message,
'pretext' => self::escape($message),
'fields' => $fields,
'ts' => $alert['alert_date'],
]],
@@ -77,6 +78,14 @@ public function process(Alert $alert, $date) {
self::createMessage($message_data);
}
public static function escape($text) {
return str_replace(
['&', '<', '>'],
['&amp;', '&lt;', '&gt;'],
$text
);
}
/**
* Send a message to Slack.
* @param mixed[] $message_data Message data.

0 comments on commit bded8c2

Please sign in to comment.