Home Verkennen Help
Inloggen
yosoyhendrix
/
vesta
1
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Boom: 9620bfbf35
Aftakkingen Labels
vesta
/
web
/
inc
/
exec.php

exec.php 3.1 KB
Geschiedenis Ruwe

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. <?php
    2. 

  2. // Secure `exec` wrapper functions
    3. 

  3. 

  4. define('SUDO_CMD', '/usr/bin/sudo');
    5. 

  5. define('VESTA_BIN_DIR', '/usr/local/vesta/bin/');
    6. 

  6. 

  7. define('VESTA_CMD', SUDO_CMD.' '.VESTA_BIN_DIR);
    8. 

  8. 

  9. 

  10. function check_error($return_var) {
    11. 

  11.     if ($return_var > 0) {
    12. 

  12.         header('Location: /error/');
    13. 

  13.         exit;
    14. 

  14.     }
    15. 

  15. }
    16. 

  16. 

  17. function check_return_code($return_var, $output) {
    18. 

  18.     if ($return_var != 0) {
    19. 

  19.         $error = implode('<br>', $output);
    20. 

  20.         if (empty($error)) $error = __('Error code:', $return_var);
    21. 

  21.         $_SESSION['error_msg'] = $error;
    22. 

  22.     }
    23. 

  23. }
    24. 

  24. 

  25. /**
    26. 

  26.  * Build shell command arguments from a string array.
    27. 

  27.  * @param string[] $arguments Unescaped command line arguments. (eg. ['-a', "b'c"], default: [])
    28. 

  28.  * @return string Escaped arguments.
    29. 

  29.  */
    30. 

  30. function build_shell_args($arguments=[]) {
    31. 

  31.     $ret = [];
    32. 

  32.     // Convert $arguments to an array
    33. 

  33.     if (!is_array($arguments)) $arguments = !is_null($arguments) ? [$arguments] : [];
    34. 

  34.     foreach ($arguments as $arg) {
    35. 

  35.         // Convert $arg to a string if $arg is an array (for an argument like this: ?abc[def]=ghi)
    36. 

  36.         if (is_array($arg)) $arg = implode('', $arg);
    37. 

  37.         // Convert $arg to a string (just in case)
    38. 

  38.         if (!is_string($arg)) $arg = (string)$arg;
    39. 

  39.         // Append the argument
    40. 

  40.         $ret[] = escapeshellarg($arg);
    41. 

  41.     }
    42. 

  42.     return implode(' ', $ret);
    43. 

  43. }
    44. 

  44. 

  45. /**
    46. 

  46.  * Execute a command.
    47. 

  47.  * @param string   $command   Command to execute. (eg. ls)
    48. 

  48.  * @param string[] $arguments (optional) Unescaped command line arguments. (eg. ['-a', '/'], default: [])
    49. 

  49.  * @param string   &$output   (optional) Variable to contain output from the command.
    50. 

  50.  * @return int Exit code (return status) of the executed command.
    51. 

  51.  */
    52. 

  52. function safe_exec($command, $arguments=[], &$output=null) {
    53. 

  53.     $cmd = build_shell_args($command);
    54. 

  54.     $arg = build_shell_args($arguments);
    55. 

  55.     if (!empty($arg)) {
    56. 

  56.         $cmd .= ' ' . $arg;
    57. 

  57.     }
    58. 

  58.     // Execute
    59. 

  59.     exec($cmd, $rawOutput, $status);
    60. 

  60.     $output = implode("\n", $rawOutput);
    61. 

  61.     return $status;
    62. 

  62. }
    63. 

  63. 

  64. /**
    65. 

  65.  * Execute a vesta command line APIs (VESTA_CMD/v-*).
    66. 

  66.  * (Wrapper function of `safe_exec`.)
    67. 

  67.  * @see safe_exec
    68. 

  68.  * @param string   $command     Command to execute. (eg. v-search-object)
    69. 

  69.  * @param string[] $arguments   (optional) Unescaped command line arguments. (eg. ["We've", 'json'], default: [])
    70. 

  70.  * @param bool     $checkReturn (optional) If this set to true, check_return_code will be called after the command executes. (default: true)
    71. 

  71.  * @param string   &$output     (optional) Variable to contain output from the command.
    72. 

  72.  * @return int Exit code (return status) of the executed command.
    73. 

  73.  */
    74. 

  74. function v_exec($command, $arguments=[], $checkReturn=true, &$output=null) {
    75. 

  75.     // Check command
    76. 

  76.     if (preg_match('#^\.*$|/#', $command)) return -1;
    77. 

  77.     // Convert $arguments to an array
    78. 

  78.     if (!is_array($arguments)) $arguments = !is_null($arguments) ? [$arguments] : [];
    79. 

  79.     // Execute
    80. 

  80.     $status = safe_exec([SUDO_CMD, VESTA_BIN_DIR.$command], $arguments, $output);
    81. 

  81.     if ($checkReturn) {
    82. 

  82.         check_return_code($status, explode("\n", $output));
    83. 

  83.     }
    84. 

  84.     return $status;
    85. 

  85. }
    86.