#!/usr/local/bin/php ) */ if (($_POST['submit'] == "Download") && file_exists($_POST['dlPath'])) { session_cache_limiter('public'); $fd = fopen($_POST['dlPath'], "rb"); header("Content-Type: application/octet-stream"); header("Content-Length: " . filesize($_POST['dlPath'])); header("Content-Disposition: attachment; filename=\"" . trim(htmlentities(basename($_POST['dlPath']))) . "\""); fpassthru($fd); exit; } else if (($_POST['submit'] == "Upload") && is_uploaded_file($_FILES['ulfile']['tmp_name'])) { move_uploaded_file($_FILES['ulfile']['tmp_name'], "/tmp/" . $_FILES['ulfile']['name']); $ulmsg = "Uploaded file to /tmp/" . htmlentities($_FILES['ulfile']['name']); unset($_POST['txtCommand']); } require("guiconfig.inc"); ?>
=$Title ?>
Note: this function is unsupported. Use it on your own risk!
" . $ulmsg . "\n"; ?> "); puts("\$ " . htmlspecialchars($_POST['txtCommand'])); putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"); putenv("SCRIPT_FILENAME=" . strtok($_POST['txtCommand'], " ")); /* PHP scripts */ $ph = popen($_POST['txtCommand'], "r" ); while ($line = fgets($ph)) echo htmlspecialchars($line); pclose($ph); puts(""); } ?>