forked from hestiacp/hestiacp
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathexec.php
More file actions
85 lines (77 loc) · 3.08 KB
/
exec.php
File metadata and controls
85 lines (77 loc) · 3.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
<?php
// Secure `exec` wrapper functions
define('SUDO_CMD', '/usr/bin/sudo');
define('VESTA_BIN_DIR', '/usr/local/vesta/bin/');
define('VESTA_CMD', SUDO_CMD.' '.VESTA_BIN_DIR);
function check_error($return_var) {
if ($return_var > 0) {
header('Location: /error/');
exit;
}
}
function check_return_code($return_var, $output) {
if ($return_var != 0) {
$error = implode('<br>', $output);
if (empty($error)) $error = __('Error code:', $return_var);
$_SESSION['error_msg'] = $error;
}
}
/**
* Build shell command arguments from a string array.
* @param string[] $arguments Unescaped command line arguments. (eg. ['-a', "b'c"], default: [])
* @return string Escaped arguments.
*/
function build_shell_args($arguments=[]) {
$ret = [];
// Convert $arguments to an array
if (!is_array($arguments)) $arguments = !is_null($arguments) ? [$arguments] : [];
foreach ($arguments as $arg) {
// Convert $arg to a string if $arg is an array (for an argument like this: ?abc[def]=ghi)
if (is_array($arg)) $arg = implode('', $arg);
// Convert $arg to a string (just in case)
if (!is_string($arg)) $arg = (string)$arg;
// Append the argument
$ret[] = escapeshellarg($arg);
}
return implode(' ', $ret);
}
/**
* Execute a command.
* @param string $command Command to execute. (eg. ls)
* @param string[] $arguments (optional) Unescaped command line arguments. (eg. ['-a', '/'], default: [])
* @param string &$output (optional) Variable to contain output from the command.
* @return int Exit code (return status) of the executed command.
*/
function safe_exec($command, $arguments=[], &$output=null) {
$cmd = build_shell_args($command);
$arg = build_shell_args($arguments);
if (!empty($arg)) {
$cmd .= ' ' . $arg;
}
// Execute
exec($cmd, $rawOutput, $status);
$output = implode("\n", $rawOutput);
return $status;
}
/**
* Execute a vesta command line APIs (VESTA_CMD/v-*).
* (Wrapper function of `safe_exec`.)
* @see safe_exec
* @param string $command Command to execute. (eg. v-search-object)
* @param string[] $arguments (optional) Unescaped command line arguments. (eg. ["We've", 'json'], default: [])
* @param bool $checkReturn (optional) If this set to true, check_return_code will be called after the command executes. (default: true)
* @param string &$output (optional) Variable to contain output from the command.
* @return int Exit code (return status) of the executed command.
*/
function v_exec($command, $arguments=[], $checkReturn=true, &$output=null) {
// Check command
if (preg_match('#^\.*$|/#', $command)) return -1;
// Convert $arguments to an array
if (!is_array($arguments)) $arguments = !is_null($arguments) ? [$arguments] : [];
// Execute
$status = safe_exec([SUDO_CMD, VESTA_BIN_DIR.$command], $arguments, $output);
if ($checkReturn) {
check_return_code($status, explode("\n", $output));
}
return $status;
}