github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-14 18:49:21 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

🔒 ♻️ Implement secure exec wrapper functions.

Browse source
This commit is contained in:
Flat 2015-12-02 21:24:34 +09:00
commit 8e951ac72e
115 changed files with 1345 additions and 1986 deletions
Download patch file Download diff file Expand all files Collapse all files

11
web/bulk/user/index.php
View file

@ -9,7 +9,7 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
header('location: /login/');
exit();
exit;
}
$user = $_POST['user'];
@ -48,15 +48,14 @@ if ($_SESSION['user'] == 'admin') {
}
foreach ($user as $value) {
$value = escapeshellarg($value);
exec (VESTA_CMD.$cmd." ".$value." ".$restart, $output, $return_var);
v_exec($cmd, [$value, $restart], false);
$changes = 'yes';
}
if ((!empty($restart)) && (!empty($changes))) {
exec (VESTA_CMD."v-restart-web", $output, $return_var);
exec (VESTA_CMD."v-restart-dns", $output, $return_var);
exec (VESTA_CMD."v-restart-cron", $output, $return_var);
v_exec('v-restart-web', [], false);
v_exec('v-restart-dns', [], false);
v_exec('v-restart-cron', [], false);
}
header("Location: /list/user/");