diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-02-04 12:33:29 -0200 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-02-04 12:47:20 -0200 |
commit | 1eb03024fe15fcd8cdd20f32a9ba7c7f1fb75821 (patch) | |
tree | 6c5186c0184447c633776c795c3f10553e3c3876 /usr/local/www/crash_reporter.php | |
parent | 46b12609e51b9b3113abc9c22a1b0ad5a2b37d11 (diff) | |
download | pfsense-1eb03024fe15fcd8cdd20f32a9ba7c7f1fb75821.zip pfsense-1eb03024fe15fcd8cdd20f32a9ba7c7f1fb75821.tar.gz |
Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Conflicts:
usr/local/www/diag_logs_vpn.php
usr/local/www/firewall_aliases_edit.php
usr/local/www/guiconfig.inc
Diffstat (limited to 'usr/local/www/crash_reporter.php')
-rwxr-xr-x | usr/local/www/crash_reporter.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/usr/local/www/crash_reporter.php b/usr/local/www/crash_reporter.php index d3146b8..853be0a 100755 --- a/usr/local/www/crash_reporter.php +++ b/usr/local/www/crash_reporter.php @@ -102,10 +102,10 @@ exec("/usr/bin/grep -vi warning /tmp/PHP_errors.log", $php_errors); if (gettext($_POST['Submit']) == "Yes") { echo gettext("Processing..."); if (!is_dir("/var/crash")) - mwexec("/bin/mkdir -p /var/crash"); + mkdir("/var/crash", 0750, true); @file_put_contents("/var/crash/crashreport_header.txt", $crash_report_header); if(file_exists("/tmp/PHP_errors.log")) - exec("cp /tmp/PHP_errors.log /var/crash/"); + copy("/tmp/PHP_errors.log", "/var/crash/"); exec("/usr/bin/gzip /var/crash/*"); $files_to_upload = glob("/var/crash/*"); echo "<p/>"; @@ -114,7 +114,7 @@ exec("/usr/bin/grep -vi warning /tmp/PHP_errors.log", $php_errors); flush(); if(is_array($files_to_upload)) { $resp = upload_crash_report($files_to_upload); - exec("rm /var/crash/*"); + array_map('unlink', glob("/var/crash/*")); // Erase the contents of the PHP error log fclose(fopen("/tmp/PHP_errors.log", 'w')); echo "<p/>"; @@ -124,7 +124,7 @@ exec("/usr/bin/grep -vi warning /tmp/PHP_errors.log", $php_errors); echo "Could not find any crash files."; } } else if(gettext($_POST['Submit']) == "No") { - exec("rm /var/crash/*"); + array_map('unlink', glob("rm /var/crash/*")); // Erase the contents of the PHP error log fclose(fopen("/tmp/PHP_errors.log", 'w')); Header("Location: /"); |