avoid out-of-memory serving large logfiles (#2741)

* avoid out-of-memory serving large logfiles

large logfiles previously resulted in out-of-memory errors, see https://github.com/hestiacp/hestiacp/issues/2736

* formatting

* Update php version + Resolve PHP issue

Remove
pcntl_exec, passthru, system, popen
From disabled functions list 
Requires rebuild hestia-php

* fix double-escape issue

Co-authored-by: Jaap Marcus <9754650+jaapmarcus@users.noreply.github.com>

src/deb/php/control

@@ -1,7 +1,7 @@
 Source: hestia-php
 Package: hestia-php
 Priority: optional
-Version: 8.1.7
+Version: 8.1.8
 Section: admin
 Maintainer: HestaCP <info@hestiacp.com>
 Homepage: https://www.hestiacp.com

src/deb/php/php.ini

@@ -309,7 +309,7 @@ serialize_precision = -1
 ; This directive allows you to disable certain functions.
 ; It receives a comma-delimited list of function names.
 ; http://php.net/disable-functions
-disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,passthru,system,popen,show_source,
+disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,show_source,
 
 ; This directive allows you to disable certain classes.
 ; It receives a comma-delimited list of class names.

web/download/web-log/index.php

@@ -5,8 +5,6 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 // Check token
 verify_csrf($_GET);
 
-$v_domain = $_GET['domain'];
-$v_domain = escapeshellarg($_GET['domain']);
 if ($_GET['type'] == 'access') {
     $type = 'access';
 }
@@ -20,17 +18,23 @@ header("Content-Disposition: attachment; filename=".$_GET['domain'].".".$type."-
 header("Content-Type: application/octet-stream; ");
 header("Content-Transfer-Encoding: binary");
 
-$v_domain = escapeshellarg($_GET['domain']);
+$v_domain = $_GET['domain'];
 if ($_GET['type'] == 'access') {
     $type = 'access';
 }
 if ($_GET['type'] == 'error') {
     $type = 'error';
 }
-
-exec(HESTIA_CMD."v-list-web-domain-".$type."log $user ".$v_domain." 5000", $output, $return_var);
-if ($return_var == 0) {
-    foreach ($output as $file) {
-        echo $file . "\n";
-    }
+$cmd = implode(" ", array(
+    escapeshellarg(HESTIA_CMD . "v-list-web-domain-" . $type . "log"),
+    // $user is already shell-escaped
+    $user,
+    escapeshellarg($v_domain),
+    "5000",
+));
+passthru($cmd, $return_var);
+if ($return_var != 0) {
+    $errstr = "Internal server error: command returned non-zero: {$return_var}: {$cmd}";
+    echo $errstr;
+    throw new Exception($errstr); // make sure it ends up in an errorlog somewhere
 }