github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-20 21:34:12 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Revert "[SECURITY] Fix OS command injection."

Browse source
This commit is contained in:
Serghey Rodin 2015-12-11 21:14:49 +02:00
commit 39e9b6397b
115 changed files with 1980 additions and 1340 deletions
Download patch file Download diff file Expand all files Collapse all files

11
web/list/web-log/index.php
View file

@ -7,14 +7,15 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Header
include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/list_weblog.html');
$v_domain = $_GET['domain'];
$v_domain = escapeshellarg($_GET['domain']);
if ($_GET['type'] == 'access') $type = 'access';
if ($_GET['type'] == 'error') $type = 'error';
$return_var = v_exec("v-list-web-domain-{$type}log", [$user, $v_domain], false, $output);
exec (VESTA_CMD."v-list-web-domain-".$type."log $user ".$v_domain, $output, $return_var);
if ($return_var == 0) {
print $output . "\n";
if ($return_var == 0 ) {
foreach($output as $file) {
echo $file . "\n";
}
}
echo " </pre>\n</body>\n</html>\n";