Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🎨 重启代码结构优化 #1737

Merged
merged 1 commit into from
Nov 22, 2024
Merged

🎨 重启代码结构优化 #1737

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
56 changes: 27 additions & 29 deletions zhenxun/builtin_plugins/restart/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,25 +3,26 @@
from pathlib import Path

import nonebot
import aiofiles
from nonebot import on_command
from nonebot.rule import to_me
from nonebot.adapters import Bot
from nonebot.params import ArgStr
from nonebot.permission import SUPERUSER
from nonebot_plugin_uninfo import Uninfo
from nonebot.plugin import PluginMetadata
from nonebot.rule import to_me
from nonebot_plugin_session import EventSession

from zhenxun.configs.config import BotConfig
from zhenxun.configs.utils import PluginExtraData
from zhenxun.services.log import logger
from zhenxun.utils.enum import PluginType
from zhenxun.configs.config import BotConfig
from zhenxun.utils.message import MessageUtils
from zhenxun.utils.platform import PlatformUtils
from zhenxun.configs.utils import PluginExtraData

__plugin_meta__ = PluginMetadata(
name="重启",
description="执行脚本重启真寻",
usage=f"""
usage="""
重启
""".strip(),
extra=PluginExtraData(
Expand All @@ -48,50 +49,47 @@

@_matcher.got(
"flag",
prompt=f"确定是否重启{BotConfig.self_nickname}?确定请回复[是|好|确定](重启失败咱们将失去联系,请谨慎!)",
prompt=f"确定是否重启{BotConfig.self_nickname}?\n确定请回复[是|好|确定]\n(重启失败咱们将失去联系,请谨慎!)",
)
async def _(bot: Bot, session: EventSession, flag: str = ArgStr("flag")):
if flag.lower() in ["true", "是", "好", "确定", "确定是"]:
async def _(bot: Bot, session: Uninfo, flag: str = ArgStr("flag")):
if flag.lower() in {"true", "是", "好", "确定", "确定是"}:
await MessageUtils.build_message(
f"开始重启{BotConfig.self_nickname}..请稍等..."
).send()
with open(RESTART_MARK, "w", encoding="utf8") as f:
f.write(f"{bot.self_id} {session.id1}")
async with aiofiles.open(RESTART_MARK, "w", encoding="utf8") as f:
await f.write(f"{bot.self_id} {session.user.id}")
logger.info("开始重启真寻...", "重启", session=session)
if str(platform.system()).lower() == "windows":
import sys

python = sys.executable
os.execl(python, python, *sys.argv)
else:
os.system("./restart.sh")
os.system("./restart.sh") # noqa: ASYNC221
else:
await MessageUtils.build_message("已取消操作...").send()


@driver.on_bot_connect
async def _(bot: Bot):
if str(platform.system()).lower() != "windows":
if not RESTART_FILE.exists():
with open(RESTART_FILE, "w", encoding="utf8") as f:
f.write(
f"pid=$(netstat -tunlp | grep "
+ str(bot.config.port)
+ " | awk '{print $7}')\n"
"pid=${pid%/*}\n"
"kill -9 $pid\n"
"sleep 3\n"
"python3 bot.py"
)
os.system("chmod +x ./restart.sh")
logger.info(
"已自动生成 restart.sh(重启) 文件,请检查脚本是否与本地指令符合..."
if str(platform.system()).lower() != "windows" and not RESTART_FILE.exists():
async with aiofiles.open(RESTART_FILE, "w", encoding="utf8") as f:
await f.write(
"pid=$(netstat -tunlp | grep "
+ str(bot.config.port)
Comment on lines +78 to +79
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚨 问题(安全性): grep 命令应使用适当的 shell 转义来处理端口号,以防止注入漏洞

考虑使用 shlex.quote() 来正确转义端口号,或者使用更稳健的方法,如 ps 和 awk 来查找进程。

Original comment in English

🚨 issue (security): The grep command should use proper shell escaping for the port number to prevent injection vulnerabilities

Consider using shlex.quote() to properly escape the port number, or use a more robust method like ps and awk to find the process.

+ " | awk '{print $7}')\n"
"pid=${pid%/*}\n"
"kill -9 $pid\n"
"sleep 3\n"
"python3 bot.py"
)
os.system("chmod +x ./restart.sh") # noqa: ASYNC221
logger.info("已自动生成 restart.sh(重启) 文件,请检查脚本是否与本地指令符合...")
if RESTART_MARK.exists():
with open(RESTART_MARK, "r", encoding="utf8") as f:
bot_id, session_id = f.read().split()
async with aiofiles.open(RESTART_MARK, encoding="utf8") as f:
bot_id, user_id = (await f.read()).split()
if bot := nonebot.get_bot(bot_id):
if target := PlatformUtils.get_target(bot, session_id):
if target := PlatformUtils.get_target(bot, user_id):
await MessageUtils.build_message(
f"{BotConfig.self_nickname}已成功重启!"
).send(target, bot=bot)
Expand Down
Loading