mirror of
https://github.com/myvesta/vesta
synced 2025-08-14 18:49:21 -07:00
🔒 ♻️ Implement secure exec wrapper functions.
This commit is contained in:
Flat
parent
6e13036780
commit
8e951ac72e
115 changed files with 1345 additions and 1986 deletions
|
|
@ -19,16 +19,14 @@ if (empty($_GET['ip'])) {
|
|||
exit;
|
||||
}
|
||||
|
||||
// List ip
|
||||
$v_ip = escapeshellarg($_GET['ip']);
|
||||
exec (VESTA_CMD."v-list-sys-ip ".$v_ip." 'json'", $output, $return_var);
|
||||
check_return_code($return_var,$output);
|
||||
$data = json_decode(implode('', $output), true);
|
||||
unset($output);
|
||||
|
||||
// Parse ip
|
||||
$v_username = $user;
|
||||
$v_ip = $_GET['ip'];
|
||||
|
||||
// List ip
|
||||
v_exec('v-list-sys-ip', [$v_ip, 'json'], true, $output);
|
||||
$data = json_decode($output, true);
|
||||
|
||||
// Parse ip
|
||||
$v_netmask = $data[$v_ip]['NETMASK'];
|
||||
$v_interace = $data[$v_ip]['INTERFACE'];
|
||||
$v_name = $data[$v_ip]['NAME'];
|
||||
|
|
@ -46,51 +44,39 @@ if ( $v_suspended == 'yes' ) {
|
|||
}
|
||||
|
||||
// List users
|
||||
exec (VESTA_CMD."v-list-sys-users 'json'", $output, $return_var);
|
||||
$users = json_decode(implode('', $output), true);
|
||||
unset($output);
|
||||
v_exec('v-list-sys-users', ['json'], false, $output);
|
||||
$users = json_decode($output, true);
|
||||
|
||||
// Check POST request
|
||||
if (!empty($_POST['save'])) {
|
||||
$v_ip = escapeshellarg($_POST['v_ip']);
|
||||
$v_ip = $_POST['v_ip'];
|
||||
|
||||
// Change Status
|
||||
if (($v_ipstatus == 'shared') && (empty($_POST['v_shared'])) && (empty($_SESSION['error_msg']))) {
|
||||
exec (VESTA_CMD."v-change-sys-ip-status ".$v_ip." 'dedicated'", $output, $return_var);
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
$v_dedicated = 'yes';
|
||||
v_exec('v-change-sys-ip-status', [$v_ip, 'dedicated']);
|
||||
$v_dedicated = 'yes';
|
||||
}
|
||||
if (($v_ipstatus == 'dedicated') && (!empty($_POST['v_shared'])) && (empty($_SESSION['error_msg']))) {
|
||||
exec (VESTA_CMD."v-change-sys-ip-status ".$v_ip." 'shared'", $output, $return_var);
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
v_exec('v-change-sys-ip-status', [$v_ip, 'shared']);
|
||||
unset($v_dedicated);
|
||||
}
|
||||
|
||||
// Change owner
|
||||
if (($v_owner != $_POST['v_owner']) && (empty($_SESSION['error_msg']))) {
|
||||
$v_owner = escapeshellarg($_POST['v_owner']);
|
||||
exec (VESTA_CMD."v-change-sys-ip-owner ".$v_ip." ".$v_owner, $output, $return_var);
|
||||
check_return_code($return_var,$output);
|
||||
$v_owner = $_POST['v_owner'];
|
||||
unset($output);
|
||||
v_exec('v-change-sys-ip-owner', [$v_ip, $v_owner]);
|
||||
}
|
||||
|
||||
// Change associated domain
|
||||
if (($v_name != $_POST['v_name']) && (empty($_SESSION['error_msg']))) {
|
||||
$v_name = escapeshellarg($_POST['v_name']);
|
||||
exec (VESTA_CMD."v-change-sys-ip-name ".$v_ip." ".$v_name, $output, $return_var);
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
$v_name = $_POST['v_name'];
|
||||
v_exec('v-change-sys-ip-name', [$v_ip, $v_name]);
|
||||
}
|
||||
|
||||
// Change NAT address
|
||||
if (($v_nat != $_POST['v_nat']) && (empty($_SESSION['error_msg']))) {
|
||||
$v_nat = escapeshellarg($_POST['v_nat']);
|
||||
exec (VESTA_CMD."v-change-sys-ip-nat ".$v_ip." ".$v_nat, $output, $return_var);
|
||||
check_return_code($return_var,$output);
|
||||
unset($output);
|
||||
$v_nat = $_POST['v_nat'];
|
||||
v_exec('v-change-sys-ip-nat', [$v_ip, $v_nat]);
|
||||
}
|
||||
|
||||
// Set success message
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue