github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-14 10:37:42 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Revert "[SECURITY] Fix OS command injection."

Browse source
This commit is contained in:
Serghey Rodin 2015-12-11 21:14:49 +02:00
commit 39e9b6397b
115 changed files with 1980 additions and 1340 deletions
Download patch file Download diff file Expand all files Collapse all files

65
web/add/dns/index.php
View file

@ -13,7 +13,7 @@ if (!empty($_POST['ok'])) {
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
// Check empty fields
@ -32,47 +32,56 @@ if (!empty($_POST['ok'])) {
// Protect input
$v_domain = preg_replace("/^www./i", "", $_POST['v_domain']);
$v_domain = escapeshellarg($v_domain);
$v_domain = strtolower($v_domain);
$v_ip = $_POST['v_ip'];
if (!empty($_POST['v_ns1'])) $v_ns1 = $_POST['v_ns1'];
if (!empty($_POST['v_ns2'])) $v_ns2 = $_POST['v_ns2'];
if (!empty($_POST['v_ns3'])) $v_ns3 = $_POST['v_ns3'];
if (!empty($_POST['v_ns4'])) $v_ns4 = $_POST['v_ns4'];
if (!empty($_POST['v_ns5'])) $v_ns5 = $_POST['v_ns5'];
if (!empty($_POST['v_ns6'])) $v_ns6 = $_POST['v_ns6'];
if (!empty($_POST['v_ns7'])) $v_ns7 = $_POST['v_ns7'];
if (!empty($_POST['v_ns8'])) $v_ns8 = $_POST['v_ns8'];
$v_ip = escapeshellarg($_POST['v_ip']);
if (!empty($_POST['v_ns1'])) $v_ns1 = escapeshellarg($_POST['v_ns1']);
if (!empty($_POST['v_ns2'])) $v_ns2 = escapeshellarg($_POST['v_ns2']);
if (!empty($_POST['v_ns3'])) $v_ns3 = escapeshellarg($_POST['v_ns3']);
if (!empty($_POST['v_ns4'])) $v_ns4 = escapeshellarg($_POST['v_ns4']);
if (!empty($_POST['v_ns5'])) $v_ns5 = escapeshellarg($_POST['v_ns5']);
if (!empty($_POST['v_ns6'])) $v_ns6 = escapeshellarg($_POST['v_ns6']);
if (!empty($_POST['v_ns7'])) $v_ns7 = escapeshellarg($_POST['v_ns7']);
if (!empty($_POST['v_ns8'])) $v_ns8 = escapeshellarg($_POST['v_ns8']);
// Add dns domain
if (empty($_SESSION['error_msg'])) {
v_exec('v-add-dns-domain', [$user, $v_domain, $v_ip, $v_ns1, $v_ns2, $v_ns3, $v_ns4, $v_ns5, $v_ns6, $v_ns7, $v_ns8, 'no']);
exec (VESTA_CMD."v-add-dns-domain ".$user." ".$v_domain." ".$v_ip." ".$v_ns1." ".$v_ns2." ".$v_ns3." ".$v_ns4." ".$v_ns5." ".$v_ns6." ".$v_ns7." ".$v_ns8." no", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Set expiriation date
if (empty($_SESSION['error_msg'])) {
if ((!empty($_POST['v_exp'])) && ($_POST['v_exp'] != date('Y-m-d', strtotime('+1 year')))) {
$v_exp = $_POST['v_exp'];
v_exec('v-change-dns-domain-exp', [$user, $v_domain, $v_exp, 'no']);
$v_exp = escapeshellarg($_POST['v_exp']);
exec (VESTA_CMD."v-change-dns-domain-exp ".$user." ".$v_domain." ".$v_exp." no", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
}
// Set ttl
if (empty($_SESSION['error_msg'])) {
if ((!empty($_POST['v_ttl'])) && ($_POST['v_ttl'] != '14400') && (empty($_SESSION['error_msg']))) {
$v_ttl = $_POST['v_ttl'];
v_exec('v-change-dns-domain-ttl', [$user, $v_domain, $v_ttl, 'no']);
$v_ttl = escapeshellarg($_POST['v_ttl']);
exec (VESTA_CMD."v-change-dns-domain-ttl ".$user." ".$v_domain." ".$v_ttl." no", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
}
// Restart dns server
if (empty($_SESSION['error_msg'])) {
v_exec('v-restart-dns');
exec (VESTA_CMD."v-restart-dns", $output, $return_var);
check_return_code($return_var,$output);
unset($output);
}
// Flush field values on success
if (empty($_SESSION['error_msg'])) {
$_SESSION['ok_msg'] = __('DNS_DOMAIN_CREATED_OK', htmlentities($_POST[v_domain]), htmlentities($_POST[v_domain]));
$_SESSION['ok_msg'] = __('DNS_DOMAIN_CREATED_OK',htmlentities($_POST[v_domain]),htmlentities($_POST[v_domain]));
unset($v_domain);
}
}
@ -84,7 +93,7 @@ if (!empty($_POST['ok_rec'])) {
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
// Check empty fields
@ -104,15 +113,18 @@ if (!empty($_POST['ok_rec'])) {
}
// Protect input
$v_domain = $_POST['v_domain'];
$v_rec = $_POST['v_rec'];
$v_type = $_POST['v_type'];
$v_val = $_POST['v_val'];
$v_priority = $_POST['v_priority'];
$v_domain = escapeshellarg($_POST['v_domain']);
$v_rec = escapeshellarg($_POST['v_rec']);
$v_type = escapeshellarg($_POST['v_type']);
$v_val = escapeshellarg($_POST['v_val']);
$v_priority = escapeshellarg($_POST['v_priority']);
// Add dns record
if (empty($_SESSION['error_msg'])) {
v_exec('v-add-dns-record', [$user, $v_domain, $v_rec, $v_type, $v_val, $v_priority]);
exec (VESTA_CMD."v-add-dns-record ".$user." ".$v_domain." ".$v_rec." ".$v_type." ".$v_val." ".$v_priority, $output, $return_var);
check_return_code($return_var,$output);
unset($output);
$v_type = $_POST['v_type'];
}
// Flush field values on success
@ -147,8 +159,8 @@ if (empty($_GET['domain'])) {
if (empty($v_ttl)) $v_ttl = 14400;
if (empty($v_exp)) $v_exp = date('Y-m-d', strtotime('+1 year'));
if (empty($v_ns1)) {
v_exec('v-list-user-ns', [$user, 'json'], false, $output);
$nameservers = json_decode($output, true);
exec (VESTA_CMD."v-list-user-ns ".$user." json", $output, $return_var);
$nameservers = json_decode(implode('', $output), true);
$v_ns1 = str_replace("'", "", $nameservers[0]);
$v_ns2 = str_replace("'", "", $nameservers[1]);
$v_ns3 = str_replace("'", "", $nameservers[2]);
@ -157,6 +169,7 @@ if (empty($_GET['domain'])) {
$v_ns6 = str_replace("'", "", $nameservers[5]);
$v_ns7 = str_replace("'", "", $nameservers[6]);
$v_ns8 = str_replace("'", "", $nameservers[7]);
unset($output);
}
include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/add_dns.html');
}