)
*/
if (($_POST['submit'] == "Download") && file_exists($_POST['dlPath'])) {
session_cache_limiter('public');
$fd = fopen($_POST['dlPath'], "rb");
header("Content-Type: application/octet-stream");
header("Content-Length: " . filesize($_POST['dlPath']));
header("Content-Disposition: attachment; filename=\"" .
trim(htmlentities(basename($_POST['dlPath']))) . "\"");
fpassthru($fd);
exit;
} else if (($_POST['submit'] == "Upload") && is_uploaded_file($_FILES['ulfile']['tmp_name'])) {
move_uploaded_file($_FILES['ulfile']['tmp_name'], "/tmp/" . $_FILES['ulfile']['name']);
$ulmsg = "Uploaded file to /tmp/" . htmlentities($_FILES['ulfile']['name']);
unset($_POST['txtCommand']);
}
require("guiconfig.inc");
conf_mount_rw();
// Function: is Blank
// Returns true or false depending on blankness of argument.
function isBlank( $arg ) { return ereg( "^\s*$", $arg ); }
// Function: Puts
// Put string, Ruby-style.
function puts( $arg ) { echo "$arg\n"; }
// "Constants".
$Version = '';
$ScriptName = $HTTP_SERVER_VARS['SCRIPT_NAME'];
// Get year.
$arrDT = localtime();
$intYear = $arrDT[5] + 1900;
$pgtitle = array("Diagnostics","Execute command");
include("head.inc");
?>
Note: this function is unsupported. Use it
on your own risk!
" . $ulmsg . "\n"; ?>
");
puts("\$ " . htmlspecialchars($_POST['txtCommand']));
putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin");
putenv("SCRIPT_FILENAME=" . strtok($_POST['txtCommand'], " ")); /* PHP scripts */
$ph = popen($_POST['txtCommand'], "r" );
while ($line = fgets($ph)) echo htmlspecialchars($line);
pclose($ph);
puts("");
}
if (!isBlank($_POST['txtPHPCommand'])) {
puts("");
require_once("config.inc");
require_once("functions.inc");
echo eval($_POST['txtPHPCommand']);
puts("");
}
?>