github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-14 02:28:05 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Vesta CP 0.9.8–20 rXSS to RCE / solves #1558

Browse source
This commit is contained in:
Serghey Rodin 2018-05-11 16:17:23 +03:00
commit dd2a57e408
2 changed files with 6 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

35
web/upload/UploadHandler.php
View file

@ -1117,37 +1117,12 @@ class UploadHandler
$append_file = $content_range && is_file($file_path) &&
$file->size > $this->get_file_size($file_path);
if ($uploaded_file && is_uploaded_file($uploaded_file)) {
// multipart/formdata uploads (POST method uploads)
if ($append_file) {
file_put_contents(
$file_path,
fopen($uploaded_file, 'r'),
FILE_APPEND
);
} else {
chmod($uploaded_file, 0644);
// move_uploaded_file($uploaded_file, $file_path);
exec (VESTA_CMD . "v-copy-fs-file ". USERNAME ." {$uploaded_file} '{$file_path}'", $output, $return_var);
$error = check_return_code($return_var, $output);
if ($return_var != 0) {
//var_dump(VESTA_CMD . "v-copy-fs-file {$user} {$fn} {$path}");
//var_dump($path);
//var_dump($output);
$file->error = 'Error while saving file ';
// var_dump(VESTA_CMD . "v-copy-fs-file ". USERNAME ." {$uploaded_file} {$file_path}");
// var_dump($return_var);
// var_dump($output);
// exit();
}
chmod($uploaded_file, 0644);
exec (VESTA_CMD . "v-copy-fs-file ". USERNAME ." {$uploaded_file} '{$file_path}'", $output, $return_var);
$error = check_return_code($return_var, $output);
if ($return_var != 0) {
$file->error = 'Error while saving file ';
}
} else {
// Non-multipart uploads (PUT method support)
file_put_contents(
$file_path,
fopen('php://input', 'r'),
$append_file ? FILE_APPEND : 0
);
}
$file_size = $this->get_file_size($file_path, $append_file);