github/vesta
1
0
Fork 0
mirror of https://github.com/serghey-rodin/vesta.git synced 2025-08-14 18:49:17 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Revert "[SECURITY] Fix OS command injection."

Browse source
This commit is contained in:
Serghey Rodin 2015-12-11 21:14:49 +02:00
commit 39e9b6397b
115 changed files with 1980 additions and 1340 deletions
Download patch file Download diff file Expand all files Collapse all files

18
web/reset/mail/index.php
View file

@ -102,21 +102,25 @@ function to64 ($v, $n)
// Check arguments
if ((!empty($_POST['email'])) && (!empty($_POST['password'])) && (!empty($_POST['new']))) {
list($v_account, $v_domain) = explode('@', $_POST['email']);
$v_domain = escapeshellarg($v_domain);
$v_account = escapeshellarg($v_account);
$v_password = $_POST['password'];
// Get domain owner
$return_var = v_exec('v-search-domain-owner', [$v_domain, 'mail'], false, $output);
exec (VESTA_CMD."v-search-domain-owner ".$v_domain." 'mail'", $output, $return_var);
if ($return_var == 0) {
$v_user = strtok($output, "\n");
$v_user = $output[0];
}
unset($output);
// Get current md5 hash
if (!empty($v_user)) {
$return_var = v_exec('v-get-mail-account-value', [$v_user, $v_domain, $v_account, 'md5'], false, $output);
exec (VESTA_CMD."v-get-mail-account-value '".$v_user."' ".$v_domain." ".$v_account." 'md5'", $output, $return_var);
if ($return_var == 0) {
$v_hash = strtok($output, "\n");
$v_hash = $output[0];
}
}
unset($output);
// Compare hashes
if (!empty($v_hash)) {
@ -125,14 +129,14 @@ if ((!empty($_POST['email'])) && (!empty($_POST['password'])) && (!empty($_POST[
$n_hash = '{MD5}'.$n_hash;
// Change password
if ($v_hash == $n_hash) {
if ( $v_hash == $n_hash ) {
$v_new_password = tempnam("/tmp","vst");
$fp = fopen($v_new_password, "w");
fwrite($fp, $_POST['new']."\n");
fclose($fp);
$return_var = v_exec('v-change-mail-account-password', [$v_user, $v_domain, $v_account, $v_new_password], false, $output);
exec (VESTA_CMD."v-change-mail-account-password '".$v_user."' ".$v_domain." ".$v_account." ".$v_new_password, $output, $return_var);
if ($return_var == 0) {
echo 'ok';
echo "ok";
exit;
}
}