github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-14 18:49:21 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Revert "[SECURITY] Fix OS command injection."

Browse source
This commit is contained in:
Serghey Rodin 2015-12-11 21:14:49 +02:00
commit 39e9b6397b
115 changed files with 1980 additions and 1340 deletions
Download patch file Download diff file Expand all files Collapse all files

33
web/schedule/restore/index.php
View file

@ -6,7 +6,7 @@ session_start();
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
$backup = $_GET['backup'];
$backup = escapeshellarg($_GET['backup']);
$web = 'no';
$dns = 'no';
@ -15,27 +15,30 @@ $db = 'no';
$cron = 'no';
$udir = 'no';
if ($_GET['type'] == 'web') $web = $_GET['object'];
if ($_GET['type'] == 'dns') $dns = $_GET['object'];
if ($_GET['type'] == 'mail') $mail = $_GET['object'];
if ($_GET['type'] == 'db') $db = $_GET['object'];
if ($_GET['type'] == 'web') $web = escapeshellarg($_GET['object']);
if ($_GET['type'] == 'dns') $dns = escapeshellarg($_GET['object']);
if ($_GET['type'] == 'mail') $mail = escapeshellarg($_GET['object']);
if ($_GET['type'] == 'db') $db = escapeshellarg($_GET['object']);
if ($_GET['type'] == 'cron') $cron = 'yes';
if ($_GET['type'] == 'udir') $udir = $_GET['object'];
if ($_GET['type'] == 'udir') $udir = escapeshellarg($_GET['object']);
if (!empty($_GET['type'])) {
$restore_args = [$user, $backup, $web, $dns, $mail, $db, $cron, $udir];
$restore_cmd = VESTA_CMD."v-schedule-user-restore ".$user." ".$backup." ".$web." ".$dns." ".$mail." ".$db." ".$cron." ".$udir;
} else {
$restore_args = [$user, $backup];
$restore_cmd = VESTA_CMD."v-schedule-user-restore ".$user." ".$backup;
}
$return_var = v_exec('v-schedule-user-restore', $restore_args);
switch ($return_var) {
case 0:
$_SESSION['error_msg'] = __('RESTORE_SCHEDULED');
break;
case 4:
exec ($restore_cmd, $output, $return_var);
if ($return_var == 0) {
$_SESSION['error_msg'] = __('RESTORE_SCHEDULED');
} else {
$_SESSION['error_msg'] = implode('<br>', $output);
if (empty($_SESSION['error_msg'])) {
$_SESSION['error_msg'] = __('Error: vesta did not return any output.');
}
if ($return_var == 4) {
$_SESSION['error_msg'] = __('RESTORE_EXISTS');
break;
}
}
header("Location: /list/backup/?backup=" . $_GET['backup']);