🔒 ♻️ Implement secure exec wrapper functions.

2025-08-21 05:44:07 -07:00 · 2015-12-02 21:24:34 +09:00 · 2015-12-02 21:24:34 +09:00 · 8e951ac72e
commit 8e951ac72e
parent 6e13036780
115 changed files with 1345 additions and 1986 deletions
--- a/web/generate/ssl/index.php
+++ b/web/generate/ssl/index.php
@ -31,7 +31,7 @@ $_SESSION['back'] = '';
 if (!isset($_POST['generate'])) {
    include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/generate_ssl.html');
    include($_SERVER['DOCUMENT_ROOT'].'/templates/footer.html');
-    exit();
+    exit;
 }

 // Check input
@ -41,6 +41,7 @@ if (empty($_POST['v_state'])) $errors[] = __('domain');
 if (empty($_POST['v_locality'])) $errors[] = __('city');
 if (empty($_POST['v_org'])) $errors[] = __('organization');
 if (empty($_POST['v_email'])) $errors[] = __('email');
+
 $v_domain = $_POST['v_domain'];
 $v_email = $_POST['v_email'];
 $v_country = $_POST['v_country'];
@ -61,44 +62,24 @@ if (!empty($errors[0])) {
    include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/generate_ssl.html');
    include($_SERVER['DOCUMENT_ROOT'].'/templates/footer.html');
    unset($_SESSION['error_msg']);
-    exit();
+    exit;
 }

-// Protect input
-$v_domain = escapeshellarg($_POST['v_domain']);
-$v_email = escapeshellarg($_POST['v_email']);
-$v_country = escapeshellarg($_POST['v_country']);
-$v_state = escapeshellarg($_POST['v_state']);
-$v_locality = escapeshellarg($_POST['v_locality']);
-$v_org = escapeshellarg($_POST['v_org']);
-
-exec (VESTA_CMD."v-generate-ssl-cert ".$v_domain." ".$v_email." ".$v_country." ".$v_state." ".$v_locality." ".$v_org." IT json", $output, $return_var);
-
-// Revert to raw values
-$v_domain = $_POST['v_domain'];
-$v_email = $_POST['v_email'];
-$v_country = $_POST['v_country'];
-$v_state = $_POST['v_state'];
-$v_locality = $_POST['v_locality'];
-$v_org = $_POST['v_org'];
+$return_var = v_exec('v-generate-ssl-cert', [$v_domain, $v_email, $v_country, $v_state, $v_locality, $v_org, 'IT', 'json'], true, $output);

 // Check return code
 if ($return_var != 0) {
-    $error = implode('<br>', $output);
-    if (empty($error)) $error = __('Error code:',$return_var);
-    $_SESSION['error_msg'] = $error;
    include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/generate_ssl.html');
    include($_SERVER['DOCUMENT_ROOT'].'/templates/footer.html');
    unset($_SESSION['error_msg']);
-    exit();
+    exit;
 }

 // OK message
 $_SESSION['ok_msg'] = __('SSL_GENERATED_OK');

 // Parse output
-$data = json_decode(implode('', $output), true);
-unset($output);
+$data = json_decode($output, true);
 $v_crt = $data[$v_domain]['CRT'];
 $v_key = $data[$v_domain]['KEY'];
 $v_csr = $data[$v_domain]['CSR'];