Portions created by the Initial Developer are Copyright (C) 2008-2023 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane James Rose */ //includes files require_once dirname(__DIR__, 2) . "/resources/require.php"; require_once "resources/check_auth.php"; //permissions if (permission_exists('command_view')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text; $text = $language->get(); //load editor preferences/defaults $setting_size = !empty($_SESSION["editor"]["font_size"]["text"]) ? $_SESSION["editor"]["font_size"]["text"] : '12px'; $setting_theme = !empty($_SESSION["editor"]["theme"]["text"]) ? $_SESSION["editor"]["theme"]["text"] : 'cobalt'; $setting_invisibles = isset($_SESSION["editor"]["invisibles"]["boolean"]) && $_SESSION["editor"]["invisibles"]["boolean"] != '' ? $_SESSION["editor"]["invisibles"]["boolean"] : 'false'; $setting_indenting = isset($_SESSION["editor"]["indent_guides"]["boolean"]) && $_SESSION["editor"]["indent_guides"]["boolean"] != '' ? $_SESSION["editor"]["indent_guides"]["boolean"] : 'false'; $setting_numbering = isset($_SESSION["editor"]["line_numbers"]["boolean"]) && $_SESSION["editor"]["line_numbers"]["boolean"] != '' ? $_SESSION["editor"]["line_numbers"]["boolean"] : 'true'; //get the html values and set them as variables $handler = trim($_REQUEST["handler"] ?? ''); $code = trim($_REQUEST["code"] ?? ''); $command = trim($_REQUEST["command"] ?? ''); //run the command if the token is valid if (!empty($_POST) && empty($_POST["persistformvar"])) { //validate the token $token = new token; if ($token->validate($_SERVER['PHP_SELF'])) { $command_authorized = true; } else { message::add($text['message-invalid_token'],'negative'); $command_result = 'invalid token'; $command_authorized = false; } //run the command if ($command_authorized) { if (!empty($command)) { $command_result = ''; switch ($handler) { case 'shell': if (permission_exists('command_shell')) { $command_result = shell_exec($command . " 2>&1"); } break; case 'php': if (permission_exists('command_php')) { ob_start(); eval($command); $command_result = ob_get_contents(); ob_end_clean(); } break; case 'switch': if (permission_exists('command_switch')) { $fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']); if ($fp) { $command_result = event_socket_request($fp, 'api '.$command); } } break; } } } } //set editor moder switch ($handler) { case 'php': $mode = 'php'; break; case 'sql': $mode = 'sql'; break; default: $mode = 'text'; } //create token $object = new token; $token = $object->create($_SERVER['PHP_SELF']); //show the header require_once "resources/header.php"; $document['title'] = $text['title-command']; //scripts and styles ?> \n"; echo ""; echo " "; echo " "; echo " "; echo " "; echo " \n"; echo "

"; echo " ".$text['title-command']."\n"; echo "	"; if (permission_exists('command_switch') \|\| permission_exists('command_php') \|\| permission_exists('command_shell')) { echo " \n"; } echo " "; echo " "; echo "
\n"; echo $text['description-command']."\n"; echo "

"; echo "
"; //html form echo "

\n"; echo " \n"; //sql db id echo " "; echo " \n"; echo " "; echo " "; echo " \n"; echo "

"; echo " "; if (permission_exists('edit_view') && file_exists($_SERVER["PROJECT_ROOT"]."/app/edit/")) { echo " "; echo " "; echo " "; } echo "

"; echo " \n"; echo "

"; echo "

" ?>

"; echo "

\n"; echo "\n"; echo ""; echo "

"; ?> "; echo "".$text['label-response']."\n"; echo "

\n"; echo ($handler == 'switch') ? "\n" : "

".escape($command_result)."

"; echo ""; } //show the footer require_once "resources/footer.php"; ?>