diff options
author | Stephen Beaver <sbeaver@netgate.com> | 2015-10-26 16:33:24 -0400 |
---|---|---|
committer | Stephen Beaver <sbeaver@netgate.com> | 2015-10-26 16:33:24 -0400 |
commit | fc8b158f86c6324a22661f86e06e1734908a34de (patch) | |
tree | bc4e4373b8c631315091f56ecb4190174c8177bd | |
parent | f5ba2db3129ca805aa42d75986bd252c237b43a9 (diff) | |
download | pfsense-fc8b158f86c6324a22661f86e06e1734908a34de.zip pfsense-fc8b158f86c6324a22661f86e06e1734908a34de.tar.gz |
Now uses tempnam() generated file name
-rw-r--r-- | src/usr/local/www/exec.php | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/usr/local/www/exec.php b/src/usr/local/www/exec.php index 8e5c70f..327b801 100644 --- a/src/usr/local/www/exec.php +++ b/src/usr/local/www/exec.php @@ -280,7 +280,8 @@ if (!isBlank($_POST['txtCommand'])):?> if (!isBlank($_POST['txtPHPCommand'])) { puts("<div class=\"panel panel-success responsive\"><div class=\"panel-heading\">PHP response</div>"); puts("<pre>"); - $phpfile = fopen("/tmp/phpfile", "w"); + $tmpname = tempnam("/tmp", ""); + $phpfile = fopen($tmpname, "w"); fwrite($phpfile, "<?php\n"); fwrite($phpfile, "require_once(\"/etc/inc/config.inc\");\n"); fwrite($phpfile, "require_once(\"/etc/inc/functions.inc\");\n\n"); @@ -288,13 +289,13 @@ if (!isBlank($_POST['txtCommand'])):?> fwrite($phpfile, "?>\n"); fclose($phpfile); - exec("/usr/local/bin/php /tmp/phpfile", $output); + exec("/usr/local/bin/php " . $tmpname, $output); for ($i=0; $i < count($output); $i++) { print($output[$i] . "\n"); } - unlink("/tmp/phpfile"); + unlink($tmpname); // echo eval($_POST['txtPHPCommand']); puts(" </pre>"); |