Revert "[SECURITY] Fix OS command injection."

2025-08-22 14:24:07 -07:00 · 2015-12-11 21:14:49 +02:00 · 2015-12-11 21:14:49 +02:00 · 39e9b6397b
commit 39e9b6397b
parent 9620bfbf35
115 changed files with 1980 additions and 1340 deletions
--- a/web/bulk/user/index.php
+++ b/web/bulk/user/index.php
@ -9,7 +9,7 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 // Check token
 if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
    header('location: /login/');
-    exit;
+    exit();
 }

 $user = $_POST['user'];
@ -48,14 +48,15 @@ if ($_SESSION['user'] == 'admin') {
 }

 foreach ($user as $value) {
-    v_exec($cmd, [$value, $restart], false);
+    $value = escapeshellarg($value);
+    exec (VESTA_CMD.$cmd." ".$value." ".$restart, $output, $return_var);
    $changes = 'yes';
 }

 if ((!empty($restart)) && (!empty($changes))) {
-    v_exec('v-restart-web', [], false);
-    v_exec('v-restart-dns', [], false);
-    v_exec('v-restart-cron', [], false);
+    exec (VESTA_CMD."v-restart-web", $output, $return_var);
+    exec (VESTA_CMD."v-restart-dns", $output, $return_var);
+    exec (VESTA_CMD."v-restart-cron", $output, $return_var);
 }

 header("Location: /list/user/");