diff --git a/src/main/java/org/cobbzilla/util/daemon/ZillaRuntime.java b/src/main/java/org/cobbzilla/util/daemon/ZillaRuntime.java index f762be1..f9ac33d 100644 --- a/src/main/java/org/cobbzilla/util/daemon/ZillaRuntime.java +++ b/src/main/java/org/cobbzilla/util/daemon/ZillaRuntime.java @@ -34,6 +34,7 @@ import static org.apache.commons.lang3.exception.ExceptionUtils.getStackTrace; import static org.cobbzilla.util.io.FileUtil.abs; import static org.cobbzilla.util.io.FileUtil.list; import static org.cobbzilla.util.reflect.ReflectionUtil.instantiate; +import static org.cobbzilla.util.security.ShaUtil.sha256_hex; import static org.cobbzilla.util.string.StringUtil.truncate; import static org.cobbzilla.util.system.Sleep.sleep; import static org.cobbzilla.util.time.TimeUtil.formatDuration; @@ -339,10 +340,15 @@ public class ZillaRuntime { public static String hashOf (Object... things) { final StringBuilder b = new StringBuilder(); for (Object thing : things) { - if (b.length() > 0) b.append(":::"); - b.append(thing == null ? "null" : (thing instanceof Collection ? hashOf(thing) : ""+thing)); + if (b.length() > 0) b.append("\t"); + b.append(thing == null ? "null" : (thing instanceof Object[]) ? Arrays.deepHashCode((Object[]) thing) : thing.hashCode()); } - return b.toString(); + return sha256_hex(b.toString()); + } + + // from https://stackoverflow.com/a/8563667/1251543 + public static String hexToBase36(String hex) { + return new BigInteger(hex, 16).toString(36); } public static Collection stringRange(Number start, Number end) { diff --git a/src/main/java/org/cobbzilla/util/handlebars/HandlebarsUtil.java b/src/main/java/org/cobbzilla/util/handlebars/HandlebarsUtil.java index 9d9e3b1..59ca2c0 100644 --- a/src/main/java/org/cobbzilla/util/handlebars/HandlebarsUtil.java +++ b/src/main/java/org/cobbzilla/util/handlebars/HandlebarsUtil.java @@ -275,6 +275,15 @@ public class HandlebarsUtil extends AbstractTemplateLoader { return new Handlebars.SafeString(src.toString()); }); + hb.registerHelper("safeSql", (src, options) -> { + if (empty(src)) return ""; + final String illegalChars = src.toString().replaceAll("[A-Za-z0-9=<>_\\()\\s\\.]+", ""); + if (illegalChars.length() != 0) { + return die("safeSql: found illegal SQL chars ("+illegalChars+") in: "+src); + } + return new Handlebars.SafeString(src.toString()); + }); + hb.registerHelper("format_epoch", (val, options) -> { if (empty(val)) return ""; if (options.params.length != 2) return die("format_epoch: Usage: {{format_epoch expr format timezone}}"); diff --git a/src/main/java/org/cobbzilla/util/http/URIUtil.java b/src/main/java/org/cobbzilla/util/http/URIUtil.java index 59968a5..63252dc 100644 --- a/src/main/java/org/cobbzilla/util/http/URIUtil.java +++ b/src/main/java/org/cobbzilla/util/http/URIUtil.java @@ -75,6 +75,7 @@ public class URIUtil { // adapted from https://stackoverflow.com/a/13592567/1251543 public static Map queryParams(String query) { + if (query.contains("?")) query = query.substring(query.indexOf("?")+1); final Map query_pairs = new LinkedHashMap<>(); final String[] pairs = query.split("&"); for (String pair : pairs) {