diff --git a/filter/algebra/algebradebug.php b/filter/algebra/algebradebug.php
index 75b86bad592d2..467a22a62752a 100644
--- a/filter/algebra/algebradebug.php
+++ b/filter/algebra/algebradebug.php
@@ -84,7 +84,7 @@
}
function algebra2tex($algebra) {
- Global $CFG;
+ global $CFG;
$algebra = str_replace('<','<',$algebra);
$algebra = str_replace('>','>',$algebra);
$algebra = str_replace('<>','#',$algebra);
@@ -99,9 +99,9 @@ function algebra2tex($algebra) {
$algebra = str_replace('epsilon','zepslon',$algebra);
$algebra = str_replace('upsilon','zupslon',$algebra);
$algebra = preg_replace('!\r\n?!',' ',$algebra);
+ $algebra = escapeshellarg($algebra);
if ( (PHP_OS == "WINNT") || (PHP_OS == "WIN32") || (PHP_OS == "Windows") ) {
- $algebra = "\"". str_replace('"','\"',$algebra) . "\"";
$cmd = "cd $CFG->dirroot\\$CFG->algebrafilterdirwin & algebra2tex.pl x/2";
$test = `$cmd`;
if ($test != '\frac{x}{2}') {
@@ -117,7 +117,6 @@ function algebra2tex($algebra) {
}
$cmd = "cd $CFG->dirroot\\$CFG->algebrafilterdirwin & algebra2tex.pl $algebra";
} else {
- $algebra = escapeshellarg($algebra);
$cmd = "cd $CFG->dirroot/$CFG->algebrafilterdir; ./algebra2tex.pl x/2";
$test = `$cmd`;
if ($test != '\frac{x}{2}') {
@@ -206,66 +205,66 @@ function outputText($texexp) {
}
function tex2image($texexp, $md5, $return=false) {
- global $CFG;
- $error_message1 = "Your system is not configured to run mimeTeX. ";
- $error_message1 .= "You need to download the appropriate
executable ";
- $error_message1 .= "from ";
- $error_message1 .= "http://moodle.org/download/mimetex/, or obtain the ";
- $error_message1 .= "C source
from ";
- $error_message1 .= "http://www.forkosh.com/mimetex.zip, compile it and ";
- $error_message1 .= "put the executable into your
moodle/filter/tex/ directory. ";
- $error_message1 .= "You also need to edit your moodle/filter/algebra/pix.php file
";
- $error_message1 .= ' by adding the line
case "' . PHP_OS . "\":\n";
- $error_message1 .= " \$cmd = \"\\\\\"\$CFG->dirroot/\$CFG->texfilterdir/";
- $error_message1 .= 'mimetex.' . strtolower(PHP_OS) . "\\\\\" -e \\\\\"\$pathname\\\\\" \". escapeshellarg(\$texexp);";
- $error_message1 .= "
You also need to add this to your algebradebug.php file.";
+ global $CFG;
+ $error_message1 = "Your system is not configured to run mimeTeX. ";
+ $error_message1 .= "You need to download the appropriate
executable ";
+ $error_message1 .= "from ";
+ $error_message1 .= "http://moodle.org/download/mimetex/, or obtain the ";
+ $error_message1 .= "C source
from ";
+ $error_message1 .= "http://www.forkosh.com/mimetex.zip, compile it and ";
+ $error_message1 .= "put the executable into your
moodle/filter/tex/ directory. ";
+ $error_message1 .= "You also need to edit your moodle/filter/algebra/pix.php file
";
+ $error_message1 .= ' by adding the line
case "' . PHP_OS . "\":\n";
+ $error_message1 .= " \$cmd = \"\\\\\"\$CFG->dirroot/\$CFG->texfilterdir/";
+ $error_message1 .= 'mimetex.' . strtolower(PHP_OS) . "\\\\\" -e \\\\\"\$pathname\\\\\" \". escapeshellarg(\$texexp);";
+ $error_message1 .= "
You also need to add this to your algebradebug.php file.";
- if ($texexp) {
- $texexp = '\Large ' . $texexp;
- $lifetime = 86400;
- $image = $md5 . ".gif";
- $filetype = 'image/gif';
- if (!file_exists("$CFG->dataroot/$CFG->algebraimagedir")) {
- make_upload_directory($CFG->algebraimagedir);
- }
- $pathname = "$CFG->dataroot/$CFG->algebraimagedir/$image";
- if (file_exists($pathname)) {
- unlink($pathname);
- }
- $commandpath = "";
- $cmd = "";
- switch (PHP_OS) {
- case "Linux":
- $commandpath="$CFG->dirroot/$CFG->texfilterdir/mimetex.linux";
- $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.linux\" -e \"$pathname\" ". escapeshellarg($texexp);
- break;
- case "WINNT":
- case "WIN32":
- case "Windows":
- $commandpath="$CFG->dirroot/$CFG->texfilterdir/mimetex.exe";
- $texexp = str_replace('"','\"',$texexp);
- $cmd = str_replace(' ','^ ',$commandpath);
- $cmd .= " ++ -e \"$pathname\" \"$texexp\"";
- break;
- case "Darwin":
- $commandpath="$CFG->dirroot/$CFG->texfilterdir/mimetex.darwin";
- $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.darwin\" -e \"$pathname\" ". escapeshellarg($texexp);
- break;
- }
- if (!$cmd) {
- if (is_executable("$CFG->dirroot/$CFG->texfilterdir/mimetex")) { /// Use the custom binary
- $commandpath="$CFG->dirroot/$CFG->texfilterdir/mimetex";
- $cmd = "$CFG->dirroot/$CFG->texfilterdir/mimetex -e $pathname ". escapeshellarg($texexp);
- } else {
- error($error_message1);
- }
- }
- system($cmd, $status);
- }
- if ($return) {
- return $image;
- }
- if ($texexp && file_exists($pathname)) {
+ if ($texexp) {
+ $texexp = '\Large ' . $texexp;
+ $lifetime = 86400;
+ $image = $md5 . ".gif";
+ $filetype = 'image/gif';
+ if (!file_exists("$CFG->dataroot/$CFG->algebraimagedir")) {
+ make_upload_directory($CFG->algebraimagedir);
+ }
+ $pathname = "$CFG->dataroot/$CFG->algebraimagedir/$image";
+ if (file_exists($pathname)) {
+ unlink($pathname);
+ }
+ $commandpath = "";
+ $cmd = "";
+ $texexp = escapeshellarg($texexp);
+ switch (PHP_OS) {
+ case "Linux":
+ $commandpath="$CFG->dirroot/$CFG->texfilterdir/mimetex.linux";
+ $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.linux\" -e \"$pathname\" $texexp";
+ break;
+ case "WINNT":
+ case "WIN32":
+ case "Windows":
+ $commandpath="$CFG->dirroot/$CFG->texfilterdir/mimetex.exe";
+ $cmd = str_replace(' ','^ ',$commandpath);
+ $cmd .= " ++ -e \"$pathname\" $texexp";
+ break;
+ case "Darwin":
+ $commandpath="$CFG->dirroot/$CFG->texfilterdir/mimetex.darwin";
+ $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.darwin\" -e \"$pathname\" $texexp";
+ break;
+ }
+ if (!$cmd) {
+ if (is_executable("$CFG->dirroot/$CFG->texfilterdir/mimetex")) { /// Use the custom binary
+ $commandpath="$CFG->dirroot/$CFG->texfilterdir/mimetex";
+ $cmd = "$CFG->dirroot/$CFG->texfilterdir/mimetex -e $pathname $texexp";
+ } else {
+ error($error_message1);
+ }
+ }
+ system($cmd, $status);
+ }
+ if ($return) {
+ return $image;
+ }
+ if ($texexp && file_exists($pathname)) {
$lastmodified = filemtime($pathname);
header("Last-Modified: " . gmdate("D, d M Y H:i:s", $lastmodified) . " GMT");
header("Expires: " . gmdate("D, d M Y H:i:s", time() + $lifetime) . " GMT");
@@ -275,7 +274,7 @@ function tex2image($texexp, $md5, $return=false) {
header("Content-length: ".filesize($pathname));
header("Content-type: $filetype");
readfile("$pathname");
- } else {
+ } else {
$ecmd = "$cmd 2>&1";
echo `$ecmd` . "
\n";
echo "The shell command
$cmd
returned status = $status
\n";
@@ -301,7 +300,7 @@ function tex2image($texexp, $md5, $return=false) {
echo "mimetex executable $commandpath not found!
";
}
echo "Image not found!";
- }
+ }
}
function slasharguments($texexp, $md5) {
diff --git a/filter/algebra/filter.php b/filter/algebra/filter.php
index 0d5e3477365bb..3bb480df46ea3 100644
--- a/filter/algebra/filter.php
+++ b/filter/algebra/filter.php
@@ -164,11 +164,10 @@ function algebra_filter ($courseid, $text) {
$algebra = str_replace('epsilon','zepslon',$algebra);
$algebra = str_replace('upsilon','zupslon',$algebra);
$algebra = preg_replace('!\r\n?!',' ',$algebra);
+ $algebra = escapeshellarg($algebra);
if ( (PHP_OS == "WINNT") || (PHP_OS == "WIN32") || (PHP_OS == "Windows") ) {
- $algebra = "\"". str_replace('"','\"',$algebra) . "\"";
$cmd = "cd $CFG->dirroot\\$CFG->algebrafilterdirwin & algebra2tex.pl $algebra";
} else {
- $algebra = escapeshellarg($algebra);
$cmd = "cd $CFG->dirroot/$CFG->algebrafilterdir; ./algebra2tex.pl $algebra";
}
$texexp = `$cmd`;
diff --git a/filter/algebra/pix.php b/filter/algebra/pix.php
index 56d81639979b0..ee5eb9456a6dd 100644
--- a/filter/algebra/pix.php
+++ b/filter/algebra/pix.php
@@ -54,25 +54,25 @@
$texexp = str_replace('>','>',$texexp);
$texexp = preg_replace('!\r\n?!',' ',$texexp);
$texexp = '\Large ' . $texexp;
+ $texexp = escapeshellarg($texexp);
if ((PHP_OS == "WINNT") || (PHP_OS == "WIN32") || (PHP_OS == "Windows")) {
- $texexp = str_replace('"','\"',$texexp);
$cmd = "$CFG->dirroot/$CFG->texfilterdir/mimetex.exe";
$cmd = str_replace(' ','^ ',$cmd);
- $cmd .= " ++ -e \"$pathname\" -- \"$texexp\"";
+ $cmd .= " ++ -e \"$pathname\" -- $texexp";
} else if (is_executable("$CFG->dirroot/$CFG->texfilterdir/mimetex")) { /// Use the custom binary
- $cmd = "$CFG->dirroot/$CFG->texfilterdir/mimetex -e $pathname -- ". escapeshellarg($texexp);
+ $cmd = "$CFG->dirroot/$CFG->texfilterdir/mimetex -e $pathname -- $texexp";
} else { /// Auto-detect the right TeX binary
switch (PHP_OS) {
case "Linux":
- $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.linux\" -e \"$pathname\" -- ". escapeshellarg($texexp);
+ $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.linux\" -e \"$pathname\" -- $texexp";
break;
case "Darwin":
- $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.darwin\" -e \"$pathname\" -- ". escapeshellarg($texexp);
+ $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.darwin\" -e \"$pathname\" -- $texexp";
break;
default: /// Nothing was found, so tell them how to fix it.
diff --git a/filter/tex/pix.php b/filter/tex/pix.php
index b98d5fedd55ad..66d39c6751662 100644
--- a/filter/tex/pix.php
+++ b/filter/tex/pix.php
@@ -68,29 +68,29 @@
$texexp = str_replace('>','>',$texexp);
$texexp = preg_replace('!\r\n?!',' ',$texexp);
$texexp = '\Large ' . $texexp;
+ $texexp = escapeshellarg($texexp);
if ((PHP_OS == "WINNT") || (PHP_OS == "WIN32") || (PHP_OS == "Windows")) {
- $texexp = str_replace('"','\"',$texexp);
$cmd = "$CFG->dirroot/$CFG->texfilterdir/mimetex.exe";
$cmd = str_replace(' ','^ ',$cmd);
- $cmd .= " ++ -e \"$pathname\" -- \"$texexp\"";
+ $cmd .= " ++ -e \"$pathname\" -- $texexp";
} else if (is_executable("$CFG->dirroot/$CFG->texfilterdir/mimetex")) { /// Use the custom binary
- $cmd = "$CFG->dirroot/$CFG->texfilterdir/mimetex -e $pathname -- ". escapeshellarg($texexp);
+ $cmd = "$CFG->dirroot/$CFG->texfilterdir/mimetex -e $pathname -- $texexp";
} else { /// Auto-detect the right TeX binary
switch (PHP_OS) {
case "Linux":
- $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.linux\" -e \"$pathname\" -- ". escapeshellarg($texexp);
+ $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.linux\" -e \"$pathname\" -- $texexp";
break;
case "Darwin":
- $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.darwin\" -e \"$pathname\" -- ". escapeshellarg($texexp);
+ $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.darwin\" -e \"$pathname\" -- $texexp";
break;
case "FreeBSD":
- $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.freebsd\" -e \"$pathname\" ". escapeshellarg($texexp);
+ $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.freebsd\" -e \"$pathname\" $texexp";
break;
default: /// Nothing was found, so tell them how to fix it.
diff --git a/filter/tex/texdebug.php b/filter/tex/texdebug.php
index 6120f8c15770e..97fe91ad4e2a7 100644
--- a/filter/tex/texdebug.php
+++ b/filter/tex/texdebug.php
@@ -111,31 +111,31 @@ function tex2image($texexp, $return=false) {
}
$commandpath = "";
$cmd = "";
+ $texexp = escapeshellarg($texexp);
switch (PHP_OS) {
case "Linux":
$commandpath="$CFG->dirroot/$CFG->texfilterdir/mimetex.linux";
- $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.linux\" -e \"$pathname\" ". escapeshellarg($texexp);
+ $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.linux\" -e \"$pathname\" $texexp";
break;
case "WINNT":
- case "WIN32":
- case "Windows":
+ case "WIN32":
+ case "Windows":
$commandpath="$CFG->dirroot/$CFG->texfilterdir/mimetex.exe";
- $texexp = str_replace('"','\"',$texexp);
- $cmd = str_replace(' ','^ ',$commandpath);
- $cmd .= " ++ -e \"$pathname\" \"$texexp\"";
+ $cmd = str_replace(' ','^ ',$commandpath);
+ $cmd .= " ++ -e \"$pathname\" $texexp";
break;
case "Darwin":
$commandpath="$CFG->dirroot/$CFG->texfilterdir/mimetex.darwin";
- $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.darwin\" -e \"$pathname\" ". escapeshellarg($texexp);
+ $cmd = "\"$CFG->dirroot/$CFG->texfilterdir/mimetex.darwin\" -e \"$pathname\" $texexp";
break;
}
if (!$cmd) {
- if (is_executable("$CFG->dirroot/$CFG->texfilterdir/mimetex")) { /// Use the custom binary
- $commandpath="$CFG->dirroot/$CFG->texfilterdir/mimetex";
- $cmd = "$CFG->dirroot/$CFG->texfilterdir/mimetex -e $pathname ". escapeshellarg($texexp);
- } else {
- error($error_message1);
- }
+ if (is_executable("$CFG->dirroot/$CFG->texfilterdir/mimetex")) { /// Use the custom binary
+ $commandpath="$CFG->dirroot/$CFG->texfilterdir/mimetex";
+ $cmd = "$CFG->dirroot/$CFG->texfilterdir/mimetex -e $pathname $texexp";
+ } else {
+ error($error_message1);
+ }
}
system($cmd, $status);
}
diff --git a/filter/tex/texed.php b/filter/tex/texed.php
index d20fa9a66f789..bbb3c0a46f2c3 100644
--- a/filter/tex/texed.php
+++ b/filter/tex/texed.php
@@ -32,18 +32,19 @@
make_upload_directory($CFG->teximagedir);
}
$pathname = "$CFG->dataroot/$CFG->teximagedir/$image";
+ $texexp = escapeshellarg($texexp);
+
switch (PHP_OS) {
case "Linux":
- system("$CFG->dirroot/$CFG->texfilterdir/mimetex.linux -e $pathname -- ". escapeshellarg($texexp) );
+ system("$CFG->dirroot/$CFG->texfilterdir/mimetex.linux -e $pathname -- $texexp" );
break;
case "WINNT":
- case "WIN32":
- case "Windows":
- $texexp = str_replace('"','\"',$texexp);
- system("$CFG->dirroot/$CFG->texfilterdir/mimetex.exe -e $pathname -- \"$texexp\"");
+ case "WIN32":
+ case "Windows":
+ system("$CFG->dirroot/$CFG->texfilterdir/mimetex.exe -e $pathname -- $texexp");
break;
case "Darwin":
- system("$CFG->dirroot/$CFG->texfilterdir/mimetex.darwin -e $pathname -- ". escapeshellarg($texexp) );
+ system("$CFG->dirroot/$CFG->texfilterdir/mimetex.darwin -e $pathname -- $texexp" );
break;
}
if (file_exists($pathname)) {