submit.php

<?php include_once 'lang.php'; ?>
<!DOCTYPE html>
<html lang="<?php echo $lang['LANG']; ?>">
<head>
  <meta charset="utf-8">
  <title>UAAP | <?php echo $lang['S_INTRO']; ?></title>
  <link rel='stylesheet' href='/static/style.css' type='text/css' media='all' />
</head>
<body>
<div class="wrapper">

<h1><?php echo $lang['S_INTRO']; ?></h1>

<p><strong><a href="/"><?php echo $lang['S_BACK1']; ?></a></strong> <?php echo $lang['S_BACK2']; ?></p>

<table class="boxed"><tr><td>

<?php
// Reads variables of HTML form in index.php
$ACTION = $_POST['action'];
$USER = isset($_POST['user']) ? $_POST['user'] : ''; // surpress empty variable errors
$PASS = isset($_POST['pass']) ? $_POST['pass'] : '';
$SURE = isset($_POST['sure']) ? $_POST['sure'] : '';

// Sanitize variables
$ACTION = escapeshellarg($ACTION);
$USER = escapeshellarg($USER);

$RAND = mt_rand(100000, 999999);
$PASSFILE = '.' . $RAND . '.pass';
file_put_contents($PASSFILE, $PASS);


// Checks if checkbox is activated (default at most forms)
if($SURE == "yes")
{
  // Creates full command
  $command = '/bin/bash action.sh ' . $ACTION . ' ' . $USER . ' ' . $PASSFILE;

  // Execute command and give output
  $output = shell_exec($command);
  echo "<pre>$output</pre>";
}
else
{
  echo $lang['S_CHECKERR'];
}

// Delete passfile
unlink($PASSFILE);

?>

</td></tr></table>

<p><?php echo $lang['S_MESSAGE']; ?></p>

</div> <!-- /wrapper -->
<div class="footer">
  <p><?php echo $lang['FOOTER']; ?></p>
</div>

</body>
</html>
add multilanguage support (currently EN and DE) 2015-12-11 19:39:52 +01:00			`<?php include_once 'lang.php'; ?>`
fix validation errors 2015-07-11 17:41:47 +03:00			`<!DOCTYPE html>`
add multilanguage support (currently EN and DE) 2015-12-11 19:39:52 +01:00			`<html lang="<?php echo $lang['LANG']; ?>">`
initial commit 2015-07-09 00:06:31 +03:00			`<head>`
			`<meta charset="utf-8">`
add multilanguage support (currently EN and DE) 2015-12-11 19:39:52 +01:00			`<title>UAAP \| <?php echo $lang['S_INTRO']; ?></title>`
improve css 2015-07-09 13:40:57 +03:00			`<link rel='stylesheet' href='/static/style.css' type='text/css' media='all' />`
initial commit 2015-07-09 00:06:31 +03:00			`</head>`
			`<body>`
adapt css changes on all files 2015-07-09 14:49:54 +03:00			`<div class="wrapper">`

add multilanguage support (currently EN and DE) 2015-12-11 19:39:52 +01:00			`<h1><?php echo $lang['S_INTRO']; ?></h1>`
better usability 2015-07-09 01:14:14 +03:00
add multilanguage support (currently EN and DE) 2015-12-11 19:39:52 +01:00			`<p><strong><a href="/"><?php echo $lang['S_BACK1']; ?></a></strong> <?php echo $lang['S_BACK2']; ?></p>`
small layout improvement 2015-07-11 17:32:33 +03:00
initial commit 2015-07-09 00:06:31 +03:00			`<table class="boxed"><tr><td>`

			`<?php`
			`// Reads variables of HTML form in index.php`
			`$ACTION = $_POST['action'];`
fixes to surpress errors and avoid IP bans 2015-12-07 15:32:25 +01:00			`$USER = isset($_POST['user']) ? $_POST['user'] : ''; // surpress empty variable errors`
			`$PASS = isset($_POST['pass']) ? $_POST['pass'] : '';`
add multilanguage support (currently EN and DE) 2015-12-11 19:39:52 +01:00			`$SURE = isset($_POST['sure']) ? $_POST['sure'] : '';`
initial commit 2015-07-09 00:06:31 +03:00
further password disclosure avoidance 2015-07-10 13:49:23 +03:00			`// Sanitize variables`
			`$ACTION = escapeshellarg($ACTION);`
			`$USER = escapeshellarg($USER);`

first try to avoid passwords in arguments but instead using files 2015-07-10 13:41:14 +03:00			`$RAND = mt_rand(100000, 999999);`
fixing bug which removes mysql password instead of wordpress 2015-07-13 14:37:28 +03:00			`$PASSFILE = '.' . $RAND . '.pass';`
first try to avoid passwords in arguments but instead using files 2015-07-10 13:41:14 +03:00			`file_put_contents($PASSFILE, $PASS);`

further password disclosure avoidance 2015-07-10 13:49:23 +03:00
initial commit 2015-07-09 00:06:31 +03:00			`// Checks if checkbox is activated (default at most forms)`
			`if($SURE == "yes")`
			`{`
further password disclosure avoidance 2015-07-10 13:49:23 +03:00			`// Creates full command`
further password disclosure avoidance 2015-07-10 14:07:17 +03:00			`$command = '/bin/bash action.sh ' . $ACTION . ' ' . $USER . ' ' . $PASSFILE;`
initial commit 2015-07-09 00:06:31 +03:00
further password disclosure avoidance 2015-07-10 13:49:23 +03:00			`// Execute command and give output`
initial commit 2015-07-09 00:06:31 +03:00			`$output = shell_exec($command);`
			`echo "<pre>$output</pre>";`
			`}`
			`else`
			`{`
add multilanguage support (currently EN and DE) 2015-12-11 19:39:52 +01:00			`echo $lang['S_CHECKERR'];`
initial commit 2015-07-09 00:06:31 +03:00			`}`

small improvements 2015-07-13 14:29:27 +03:00			`// Delete passfile`
fixing bug which removes mysql password instead of wordpress 2015-07-13 14:37:28 +03:00			`unlink($PASSFILE);`
small improvements 2015-07-13 14:29:27 +03:00
initial commit 2015-07-09 00:06:31 +03:00			`?>`

fix validation errors 2015-07-11 17:41:47 +03:00			`</td></tr></table>`
initial commit 2015-07-09 00:06:31 +03:00
add multilanguage support (currently EN and DE) 2015-12-11 19:39:52 +01:00			`<p><?php echo $lang['S_MESSAGE']; ?></p>`
initial commit 2015-07-09 00:06:31 +03:00
adapt css changes on all files 2015-07-09 14:49:54 +03:00			`</div> <!-- /wrapper -->`
			`<div class="footer">`
add multilanguage support (currently EN and DE) 2015-12-11 19:39:52 +01:00			`<p><?php echo $lang['FOOTER']; ?></p>`
adapt css changes on all files 2015-07-09 14:49:54 +03:00			`</div>`
add signature 2015-07-09 01:15:52 +03:00
initial commit 2015-07-09 00:06:31 +03:00			`</body>`
			`</html>`