github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-14 10:37:42 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Revert "[SECURITY] Fix OS command injection."

Browse source
This commit is contained in:
Serghey Rodin 2015-12-11 21:14:49 +02:00
commit 39e9b6397b
115 changed files with 1980 additions and 1340 deletions
Download patch file Download diff file Expand all files Collapse all files

3
web/bulk/backup/exclusions/index.php
View file

@ -16,7 +16,8 @@ switch ($action) {
}
foreach ($backup as $value) {
v_exec($cmd, [$user, $value], false);
$value = escapeshellarg($value);
exec (VESTA_CMD.$cmd." ".$user." ".$value, $output, $return_var);
}
header("Location: /list/backup/exclusions");

5
web/bulk/backup/index.php
View file

@ -12,7 +12,7 @@ $action = $_POST['action'];
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
switch ($action) {
@ -22,7 +22,8 @@ switch ($action) {
}
foreach ($backup as $value) {
v_exec($cmd, [$user, $value], false);
$value = escapeshellarg($value);
exec (VESTA_CMD.$cmd." ".$user." ".$value, $output, $return_var);
}
header("Location: /list/backup/");

23
web/bulk/cron/index.php
View file

@ -9,7 +9,7 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
$job = $_POST['job'];
@ -24,15 +24,19 @@ if ($_SESSION['user'] == 'admin') {
case 'unsuspend': $cmd='v-unsuspend-cron-job';
break;
case 'delete-cron-reports': $cmd='v-delete-cron-reports';
v_exec($cmd, [$user], false);
exec (VESTA_CMD.$cmd." ".$user, $output, $return_var);
$_SESSION['error_msg'] = __('Cronjob email reporting has been successfully diabled');
unset($output);
header("Location: /list/cron/");
exit;
break;
case 'add-cron-reports': $cmd='v-add-cron-reports';
v_exec($cmd, [$user], false);
exec (VESTA_CMD.$cmd." ".$user, $output, $return_var);
$_SESSION['error_msg'] = __('Cronjob email reporting has been successfully enabled');
unset($output);
header("Location: /list/cron/");
exit;
break;
default: header("Location: /list/cron/"); exit;
}
} else {
@ -40,26 +44,31 @@ if ($_SESSION['user'] == 'admin') {
case 'delete': $cmd='v-delete-cron-job';
break;
case 'delete-cron-reports': $cmd='v-delete-cron-reports';
v_exec($cmd, [$user], false);
exec (VESTA_CMD.$cmd." ".$user, $output, $return_var);
$_SESSION['error_msg'] = __('Cronjob email reporting has been successfully diabled');
unset($output);
header("Location: /list/cron/");
exit;
break;
case 'add-cron-reports': $cmd='v-add-cron-reports';
v_exec($cmd, [$user], false);
exec (VESTA_CMD.$cmd." ".$user, $output, $return_var);
$_SESSION['error_msg'] = __('Cronjob email reporting has been successfully enabled');
unset($output);
header("Location: /list/cron/");
exit;
break;
default: header("Location: /list/cron/"); exit;
}
}
foreach ($job as $value) {
v_exec($cmd, [$user, $value, 'no'], false);
$value = escapeshellarg($value);
exec (VESTA_CMD.$cmd." ".$user." ".$value." no", $output, $return_var);
$restart = 'yes';
}
if (!empty($restart)) {
v_exec('v-restart-cron', [], false);
exec (VESTA_CMD."v-restart-cron", $output, $return_var);
}
header("Location: /list/cron/");

5
web/bulk/db/index.php
View file

@ -9,7 +9,7 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
$database = $_POST['database'];
@ -34,7 +34,8 @@ if ($_SESSION['user'] == 'admin') {
}
foreach ($database as $value) {
v_exec($cmd, [$user, $value], false);
$value = escapeshellarg($value);
exec (VESTA_CMD.$cmd." ".$user." ".$value, $output, $return_var);
}
header("Location: /list/db/");

13
web/bulk/dns/index.php
View file

@ -9,7 +9,7 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
$domain = $_POST['domain'];
@ -58,22 +58,25 @@ if ($_SESSION['user'] == 'admin') {
if (empty($record)) {
foreach ($domain as $value) {
// DNS
v_exec($cmd, [$user, $value, 'no'], false);
$value = escapeshellarg($value);
exec (VESTA_CMD.$cmd." ".$user." ".$value." no", $output, $return_var);
$restart = 'yes';
}
} else {
foreach ($record as $value) {
// DNS Record
v_exec($cmd, [$user, $domain, $value, 'no'], false);
$value = escapeshellarg($value);
$dom = escapeshellarg($domain);
exec (VESTA_CMD.$cmd." ".$user." ".$dom." ".$value." no", $output, $return_var);
$restart = 'yes';
}
}
if (!empty($restart)) {
v_exec('v-restart-dns', [], false);
exec (VESTA_CMD."v-restart-dns", $output, $return_var);
}
if (empty($record)) {
if (empty($record)) {
header("Location: /list/dns/");
exit;
} else {

13
web/bulk/firewall/banlist/index.php
View file

@ -10,7 +10,7 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
// Check user
@ -22,7 +22,10 @@ if ($_SESSION['user'] != 'admin') {
$ipchain = $_POST['ipchain'];
/*if (!empty($_POST['ipchain'])) {
$ipchain = $_POST['ipchain'];
list($ip, $chain) = explode(':', $ipchain);
list($ip,$chain) = split(":",$ipchain);
$v_ip = escapeshellarg($ip);
$v_chain = escapeshellarg($chain);
}*/
$action = $_POST['action'];
@ -34,8 +37,10 @@ switch ($action) {
}
foreach ($ipchain as $value) {
list($ip, $chain) = explode(':', $value);
v_exec($cmd, [$ip, $chain], false);
list($ip,$chain) = split(":",$value);
$v_ip = escapeshellarg($ip);
$v_chain = escapeshellarg($chain);
exec (VESTA_CMD.$cmd." ".$v_ip." ".$v_chain, $output, $return_var);
}
header("Location: /list/firewall/banlist");

5
web/bulk/firewall/index.php
View file

@ -10,7 +10,7 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
// Check user
@ -34,7 +34,8 @@ switch ($action) {
}
foreach ($rule as $value) {
v_exec($cmd, [$value], false);
$value = escapeshellarg($value);
exec (VESTA_CMD.$cmd." ".$value, $output, $return_var);
$restart = 'yes';
}

15
web/bulk/ip/index.php
View file

@ -9,7 +9,7 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
$ip = $_POST['ip'];
@ -17,11 +17,11 @@ $action = $_POST['action'];
if ($_SESSION['user'] == 'admin') {
switch ($action) {
case 'reread IP': $cmd = 'v-update-sys-ip';
v_exec($cmd, [], false);
header('Location: /list/ip/');
exit;
case 'delete': $cmd = 'v-delete-sys-ip';
case 'reread IP': exec(VESTA_CMD."v-update-sys-ip", $output, $return_var);
header("Location: /list/ip/");
exit;
break;
case 'delete': $cmd='v-delete-sys-ip';
break;
default: header("Location: /list/ip/"); exit;
}
@ -31,7 +31,8 @@ if ($_SESSION['user'] == 'admin') {
}
foreach ($ip as $value) {
v_exec($cmd, [$value], false);
$value = escapeshellarg($value);
exec (VESTA_CMD.$cmd." ".$value, $output, $return_var);
}
header("Location: /list/ip/");

11
web/bulk/mail/index.php
View file

@ -9,7 +9,7 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
$domain = $_POST['domain'];
@ -58,18 +58,21 @@ if ($_SESSION['user'] == 'admin') {
if (empty($account)) {
foreach ($domain as $value) {
// Mail
v_exec($cmd, [$user, $value], false);
$value = escapeshellarg($value);
exec (VESTA_CMD.$cmd." ".$user." ".$value, $output, $return_var);
$restart = 'yes';
}
} else {
foreach ($account as $value) {
// Mail Account
v_exec($cmd, [$user, $domain, $value], false);
$value = escapeshellarg($value);
$dom = escapeshellarg($domain);
exec (VESTA_CMD.$cmd." ".$user." ".$dom." ".$value, $output, $return_var);
$restart = 'yes';
}
}
if (empty($account)) {
if (empty($account)) {
header("Location: /list/mail/");
exit;
} else {

5
web/bulk/package/index.php
View file

@ -9,7 +9,7 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
$package = $_POST['package'];
@ -27,7 +27,8 @@ if ($_SESSION['user'] == 'admin') {
}
foreach ($package as $value) {
v_exec($cmd, [$value], false);
$value = escapeshellarg($value);
exec (VESTA_CMD.$cmd." ".$value, $output, $return_var);
$restart = 'yes';
}

31
web/bulk/restore/index.php
View file

@ -9,11 +9,11 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
$action = $_POST['action'];
$backup = $_POST['backup'];
$backup = escapeshellarg($_POST['backup']);
$web = 'no';
$dns = 'no';
@ -22,22 +22,25 @@ $db = 'no';
$cron = 'no';
$udir = 'no';
if (!empty($_POST['web'])) $web = implode(',', $_POST['web']);
if (!empty($_POST['dns'])) $dns = implode(',', $_POST['dns']);
if (!empty($_POST['mail'])) $mail = implode(',', $_POST['mail']);
if (!empty($_POST['db'])) $db = implode(',', $_POST['db']);
if (!empty($_POST['web'])) $web = escapeshellarg(implode(",",$_POST['web']));
if (!empty($_POST['dns'])) $dns = escapeshellarg(implode(",",$_POST['dns']));
if (!empty($_POST['mail'])) $mail = escapeshellarg(implode(",",$_POST['mail']));
if (!empty($_POST['db'])) $db = escapeshellarg(implode(",",$_POST['db']));
if (!empty($_POST['cron'])) $cron = 'yes';
if (!empty($_POST['udir'])) $udir = implode(',', $_POST['udir']);
if (!empty($_POST['udir'])) $udir = escapeshellarg(implode(",",$_POST['udir']));
if ($action == 'restore') {
$return_var = v_exec('v-schedule-user-restore', [$user, $backup, $web, $dns, $mail, $db, $cron, $udir]);
switch ($return_var) {
case 0:
$_SESSION['error_msg'] = __('RESTORE_SCHEDULED');
break;
case 4:
exec (VESTA_CMD."v-schedule-user-restore ".$user." ".$backup." ".$web." ".$dns." ".$mail." ".$db." ".$cron." ".$udir, $output, $return_var);
if ($return_var == 0) {
$_SESSION['error_msg'] = __('RESTORE_SCHEDULED');
} else {
$_SESSION['error_msg'] = implode('<br>', $output);
if (empty($_SESSION['error_msg'])) {
$_SESSION['error_msg'] = __('Error: vesta did not return any output.');
}
if ($return_var == 4) {
$_SESSION['error_msg'] = __('RESTORE_EXISTS');
break;
}
}
}

8
web/bulk/service/index.php
View file

@ -9,7 +9,7 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
$service = $_POST['service'];
@ -27,14 +27,16 @@ if ($_SESSION['user'] == 'admin') {
}
if ((!empty($_POST['system'])) && ($action == 'restart')) {
v_exec('v-restart-system', ['yes'], false);
exec (VESTA_CMD."v-restart-system yes", $output, $return_var);
$_SESSION['error_srv'] = 'The system is going down for reboot NOW!';
unset($output);
header("Location: /list/server/");
exit;
}
foreach ($service as $value) {
v_exec($cmd, [$value], false);
$value = escapeshellarg($value);
exec (VESTA_CMD.$cmd." ".$value, $output, $return_var);
}
}

11
web/bulk/user/index.php
View file

@ -9,7 +9,7 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
$user = $_POST['user'];
@ -48,14 +48,15 @@ if ($_SESSION['user'] == 'admin') {
}
foreach ($user as $value) {
v_exec($cmd, [$value, $restart], false);
$value = escapeshellarg($value);
exec (VESTA_CMD.$cmd." ".$value." ".$restart, $output, $return_var);
$changes = 'yes';
}
if ((!empty($restart)) && (!empty($changes))) {
v_exec('v-restart-web', [], false);
v_exec('v-restart-dns', [], false);
v_exec('v-restart-cron', [], false);
exec (VESTA_CMD."v-restart-web", $output, $return_var);
exec (VESTA_CMD."v-restart-dns", $output, $return_var);
exec (VESTA_CMD."v-restart-cron", $output, $return_var);
}
header("Location: /list/user/");

5
web/bulk/vesta/index.php
View file

@ -9,7 +9,7 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
@ -23,7 +23,8 @@ if ($_SESSION['user'] == 'admin') {
default: header("Location: /list/updates/"); exit;
}
foreach ($pkg as $value) {
v_exec($cmd, [$value], false);
$value = escapeshellarg($value);
exec (VESTA_CMD.$cmd." ".$value, $output, $return_var);
}
}

13
web/bulk/web/index.php
View file

@ -9,7 +9,7 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit;
exit();
}
$domain = $_POST['domain'];
@ -34,14 +34,15 @@ if ($_SESSION['user'] == 'admin') {
}
foreach ($domain as $value) {
v_exec($cmd, [$user, $value, 'no'], false);
$restart = 'yes';
$value = escapeshellarg($value);
exec (VESTA_CMD.$cmd." ".$user." ".$value." no", $output, $return_var);
$restart='yes';
}
if (isset($restart)) {
v_exec('v-restart-web', [], false);
v_exec('v-restart-proxy', [], false);
v_exec('v-restart-dns', [], false);
exec (VESTA_CMD."v-restart-web", $output, $return_var);
exec (VESTA_CMD."v-restart-proxy", $output, $return_var);
exec (VESTA_CMD."v-restart-dns", $output, $return_var);
}
header("Location: /list/web/");