Inserting command output into multiline stringFunctions for scanning command line optionsRunning a shell command and getting outputShortcut script for elusive grep commandBash command helper in C++Command line google searchingSimple Command Line Password ManagerBash function to generate colored output

How to find better food in airports

From non-IT background to being a programmer

Displaying Time in HH:MM Format

Table alignment (make the content centre)

New coworker has strange workplace requirements - how should I deal with them?

Why did the VIC-II and SID use 6 µm technology in the era of 3 µm and 1.5 µm?

What is the definition of Product

Why do fuses burn at a specific current?

How do you manage to study and have a balance in your life at the same time?

Would there be balance issues if I allowed opportunity attacks against any creature, not just hostile ones?

Tiny image scraper for xkcd.com

extending lines in 3d graph

Why are CEOs generally fired rather being demoted?

Playing boules... IN SPACE!

How can I portray a character with no fear of death, without them sounding utterly bored?

How can an F-22 Raptor reach supersonic speeds without having supersonic inlets?

Polarity of gas discharge tubes?

Is there anything in the universe that cannot be compressed?

Can the Tasha's Hideous Laughter spell affect a deaf creature?

Punishment in pacifist society

Received email from ISP saying one of my devices has malware

Using font to highlight a god's speech in dialogue

Get rows that exist exactly once per day for a given period

Missing $ inserted. Extra }, or forgotten $. Missing } inserted



Inserting command output into multiline string


Functions for scanning command line optionsRunning a shell command and getting outputShortcut script for elusive grep commandBash command helper in C++Command line google searchingSimple Command Line Password ManagerBash function to generate colored output






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








2












$begingroup$


I'm writing a bash script to that picks up a user password from an environment variable, hashes this, and inserts the results into a postgres database.



What I have works and looks fairly readable to me but I'm no expert on bash. Are there better conventions I could be following for what I'm doing?



#!/bin/bash
HASHED=$(echo -n $GUAC_PASSWORD | sha256sum | head -c 64)

PGPASSWORD=$POSTGRES_PASSWORD psql -U postgres << EOF
INSERT INTO guacamole_entity (name, type) VALUES ('guacadmin', 'USER');
INSERT INTO guacamole_user (entity_id, password_hash, password_salt, password_date)
SELECT
entity_id,
decode('$HASHED', 'hex'),
null,
CURRENT_TIMESTAMP
FROM guacamole_entity WHERE name = 'guacadmin' AND guacamole_entity.type = 'USER';
EOF


Edit: I thought up a way to do it without sed feels neater to me.










share|improve this question











$endgroup$




















    2












    $begingroup$


    I'm writing a bash script to that picks up a user password from an environment variable, hashes this, and inserts the results into a postgres database.



    What I have works and looks fairly readable to me but I'm no expert on bash. Are there better conventions I could be following for what I'm doing?



    #!/bin/bash
    HASHED=$(echo -n $GUAC_PASSWORD | sha256sum | head -c 64)

    PGPASSWORD=$POSTGRES_PASSWORD psql -U postgres << EOF
    INSERT INTO guacamole_entity (name, type) VALUES ('guacadmin', 'USER');
    INSERT INTO guacamole_user (entity_id, password_hash, password_salt, password_date)
    SELECT
    entity_id,
    decode('$HASHED', 'hex'),
    null,
    CURRENT_TIMESTAMP
    FROM guacamole_entity WHERE name = 'guacadmin' AND guacamole_entity.type = 'USER';
    EOF


    Edit: I thought up a way to do it without sed feels neater to me.










    share|improve this question











    $endgroup$
















      2












      2








      2





      $begingroup$


      I'm writing a bash script to that picks up a user password from an environment variable, hashes this, and inserts the results into a postgres database.



      What I have works and looks fairly readable to me but I'm no expert on bash. Are there better conventions I could be following for what I'm doing?



      #!/bin/bash
      HASHED=$(echo -n $GUAC_PASSWORD | sha256sum | head -c 64)

      PGPASSWORD=$POSTGRES_PASSWORD psql -U postgres << EOF
      INSERT INTO guacamole_entity (name, type) VALUES ('guacadmin', 'USER');
      INSERT INTO guacamole_user (entity_id, password_hash, password_salt, password_date)
      SELECT
      entity_id,
      decode('$HASHED', 'hex'),
      null,
      CURRENT_TIMESTAMP
      FROM guacamole_entity WHERE name = 'guacadmin' AND guacamole_entity.type = 'USER';
      EOF


      Edit: I thought up a way to do it without sed feels neater to me.










      share|improve this question











      $endgroup$




      I'm writing a bash script to that picks up a user password from an environment variable, hashes this, and inserts the results into a postgres database.



      What I have works and looks fairly readable to me but I'm no expert on bash. Are there better conventions I could be following for what I'm doing?



      #!/bin/bash
      HASHED=$(echo -n $GUAC_PASSWORD | sha256sum | head -c 64)

      PGPASSWORD=$POSTGRES_PASSWORD psql -U postgres << EOF
      INSERT INTO guacamole_entity (name, type) VALUES ('guacadmin', 'USER');
      INSERT INTO guacamole_user (entity_id, password_hash, password_salt, password_date)
      SELECT
      entity_id,
      decode('$HASHED', 'hex'),
      null,
      CURRENT_TIMESTAMP
      FROM guacamole_entity WHERE name = 'guacadmin' AND guacamole_entity.type = 'USER';
      EOF


      Edit: I thought up a way to do it without sed feels neater to me.







      bash






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited 5 hours ago







      russau

















      asked 8 hours ago









      russaurussau

      1385 bronze badges




      1385 bronze badges























          1 Answer
          1






          active

          oldest

          votes


















          3













          $begingroup$

          If GUAC_PASSWORD is a string like -e foo or /etc/*, that's going to create problems.



          Quote the input and avoid echo altogether. While you're at it, whitelist the checksum output, making head redundant:



          HASHED=$( sha256sum <<<"$GUAC_PASSWORD" | tr -dc a-f0-9 )





          share|improve this answer









          $endgroup$














          • $begingroup$
            Is this to avoid an injection attack?
            $endgroup$
            – russau
            4 hours ago













          Your Answer






          StackExchange.ifUsing("editor", function ()
          StackExchange.using("externalEditor", function ()
          StackExchange.using("snippets", function ()
          StackExchange.snippets.init();
          );
          );
          , "code-snippets");

          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "196"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader:
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          ,
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );













          draft saved

          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f227285%2finserting-command-output-into-multiline-string%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes









          3













          $begingroup$

          If GUAC_PASSWORD is a string like -e foo or /etc/*, that's going to create problems.



          Quote the input and avoid echo altogether. While you're at it, whitelist the checksum output, making head redundant:



          HASHED=$( sha256sum <<<"$GUAC_PASSWORD" | tr -dc a-f0-9 )





          share|improve this answer









          $endgroup$














          • $begingroup$
            Is this to avoid an injection attack?
            $endgroup$
            – russau
            4 hours ago















          3













          $begingroup$

          If GUAC_PASSWORD is a string like -e foo or /etc/*, that's going to create problems.



          Quote the input and avoid echo altogether. While you're at it, whitelist the checksum output, making head redundant:



          HASHED=$( sha256sum <<<"$GUAC_PASSWORD" | tr -dc a-f0-9 )





          share|improve this answer









          $endgroup$














          • $begingroup$
            Is this to avoid an injection attack?
            $endgroup$
            – russau
            4 hours ago













          3














          3










          3







          $begingroup$

          If GUAC_PASSWORD is a string like -e foo or /etc/*, that's going to create problems.



          Quote the input and avoid echo altogether. While you're at it, whitelist the checksum output, making head redundant:



          HASHED=$( sha256sum <<<"$GUAC_PASSWORD" | tr -dc a-f0-9 )





          share|improve this answer









          $endgroup$



          If GUAC_PASSWORD is a string like -e foo or /etc/*, that's going to create problems.



          Quote the input and avoid echo altogether. While you're at it, whitelist the checksum output, making head redundant:



          HASHED=$( sha256sum <<<"$GUAC_PASSWORD" | tr -dc a-f0-9 )






          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered 4 hours ago









          Oh My GoodnessOh My Goodness

          3,1161 gold badge3 silver badges20 bronze badges




          3,1161 gold badge3 silver badges20 bronze badges














          • $begingroup$
            Is this to avoid an injection attack?
            $endgroup$
            – russau
            4 hours ago
















          • $begingroup$
            Is this to avoid an injection attack?
            $endgroup$
            – russau
            4 hours ago















          $begingroup$
          Is this to avoid an injection attack?
          $endgroup$
          – russau
          4 hours ago




          $begingroup$
          Is this to avoid an injection attack?
          $endgroup$
          – russau
          4 hours ago

















          draft saved

          draft discarded
















































          Thanks for contributing an answer to Code Review Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid


          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.

          Use MathJax to format equations. MathJax reference.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f227285%2finserting-command-output-into-multiline-string%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Canceling a color specificationRandomly assigning color to Graphics3D objects?Default color for Filling in Mathematica 9Coloring specific elements of sets with a prime modified order in an array plotHow to pick a color differing significantly from the colors already in a given color list?Detection of the text colorColor numbers based on their valueCan color schemes for use with ColorData include opacity specification?My dynamic color schemes

          Invision Community Contents History See also References External links Navigation menuProprietaryinvisioncommunity.comIPS Community ForumsIPS Community Forumsthis blog entry"License Changes, IP.Board 3.4, and the Future""Interview -- Matt Mecham of Ibforums""CEO Invision Power Board, Matt Mecham Is a Liar, Thief!"IPB License Explanation 1.3, 1.3.1, 2.0, and 2.1ArchivedSecurity Fixes, Updates And Enhancements For IPB 1.3.1Archived"New Demo Accounts - Invision Power Services"the original"New Default Skin"the original"Invision Power Board 3.0.0 and Applications Released"the original"Archived copy"the original"Perpetual licenses being done away with""Release Notes - Invision Power Services""Introducing: IPS Community Suite 4!"Invision Community Release Notes

          199年 目錄 大件事 到箇年出世嗰人 到箇年死嗰人 節慶、風俗習慣 導覽選單