Changed cmd Query on Api index.php

To avoid  "Notice : undefined variables " changed the way the cmd query
is built by validating each argument Not empty into the cmd command
string

web/api/index.php

@@ -26,9 +26,7 @@ if (isset($_POST['user']) || isset($_POST['hash'])) {
         echo 'Error: only admin is allowed to use API';
         exit;
     }
-    // Not Declaring arguments may cause Notifies on the response on an API Call when the Directive Dysplay errors is enabled
-    // you may  initialize argument arg1, arg2,... arg9 to = '' here
-    // Or post the unused args to =''
+    
     
     // Prepare arguments
     if (isset($_POST['cmd'])) $cmd = escapeshellarg($_POST['cmd']);
@@ -42,8 +40,27 @@ if (isset($_POST['user']) || isset($_POST['hash'])) {
     if (isset($_POST['arg8'])) $arg8 = escapeshellarg($_POST['arg8']);
     if (isset($_POST['arg9'])) $arg9 = escapeshellarg($_POST['arg9']);
 
-    // Run query
-    exec (VESTA_CMD.$cmd." ".$arg1." ".$arg2." ".$arg3." ".$arg4." ".$arg5." ".$arg6." ".$arg7." ".$arg8." ".$arg9, $output, $return_var);
+ // Build query
+    $cmdquery = VESTA_CMD.$cmd." ".$arg1." ".$arg2." ";
+    if(!empty($arg3)){
+                     $cmdquery = $cmdquery.$arg3." "; }
+     if(!empty($arg4)){
+                     $cmdquery = $cmdquery.$arg4." "; }
+
+     if(!empty($arg5)){
+                     $cmdquery = $cmdquery.$arg5." "; }
+     if(!empty($arg6)){
+                     $cmdquery = $cmdquery.$arg6." "; }
+     if(!empty($arg7)){
+                     $cmdquery = $cmdquery.$arg7." "; }
+     if(!empty($arg8)){
+                     $cmdquery = $cmdquery.$arg8." "; }
+     if(!empty($arg9)){
+                     $cmdquery = $cmdquery.$arg9; }
+
+   // Run query
+    exec ($cmdquery, $output, $return_var);
+    
     if ((!empty($_POST['returncode'])) && ($_POST['returncode'] == 'yes')) {
         echo $return_var;
     } else {