diff --git a/app/img/wifi-qr-code.php b/app/img/wifi-qr-code.php index f99bdcf9..d0be9670 100644 --- a/app/img/wifi-qr-code.php +++ b/app/img/wifi-qr-code.php @@ -2,6 +2,7 @@ require_once '../../includes/config.php'; require_once '../../includes/defaults.php'; +require_once '../../includes/functions.php'; function qr_encode($str) { @@ -34,7 +35,7 @@ $ssid = qr_encode($ssid); $password = qr_encode($password); $data = "WIFI:S:$ssid;T:$type;P:$password;$hidden;"; -$command = "qrencode -t svg -m 0 -o - " . escapeshellarg($data); +$command = "qrencode -t svg -m 0 -o - " . mb_escapeshellarg($data); $svg = shell_exec($command); $config_mtime = filemtime(RASPI_HOSTAPD_CONFIG); diff --git a/includes/functions.php b/includes/functions.php index 81fed816..b75cf170 100755 --- a/includes/functions.php +++ b/includes/functions.php @@ -332,3 +332,17 @@ function cache($key, $callback) return $data; } } + +// insspired by +// http://markushedlund.com/dev/php-escapeshellarg-with-unicodeutf-8-support +function mb_escapeshellarg($arg) +{ + $isWindows = strtolower(substr(PHP_OS, 0, 3)) === 'win'; + if ($isWindows) { + $escaped_arg = str_replace(array('"', '%'), '', $arg); + } else { + $escaped_arg = str_replace("'", "'\\''", $arg); + } + return "\"$escaped_arg\""; +} +