Fix the overzealous use of escapeshellcmd that breaks restarting monitors
Isaac Connor
parent
30455feef7
commit
d1a60dedc8
|
|
@ -19,7 +19,7 @@
|
|||
//
|
||||
|
||||
// Compatibility functions
|
||||
if ( version_compare( phpversion(), "4.3.0", "<") ) {
|
||||
if ( version_compare( phpversion(), '4.3.0', '<') ) {
|
||||
function ob_get_clean() {
|
||||
$buffer = ob_get_contents();
|
||||
ob_end_clean();
|
||||
|
|
@ -27,24 +27,24 @@ if ( version_compare( phpversion(), "4.3.0", "<") ) {
|
|||
}
|
||||
}
|
||||
|
||||
function userLogin( $username, $password="", $passwordHashed=false ) {
|
||||
function userLogin( $username, $password='', $passwordHashed=false ) {
|
||||
global $user, $cookies;
|
||||
|
||||
$sql = "select * from Users where Enabled = 1";
|
||||
$sql = 'SELECT * FROM Users WHERE Enabled = 1';
|
||||
$sql_values = NULL;
|
||||
if ( ZM_AUTH_TYPE == "builtin" ) {
|
||||
if ( ZM_AUTH_TYPE == 'builtin' ) {
|
||||
if ( $passwordHashed ) {
|
||||
$sql .= " AND Username=? AND Password=?";
|
||||
$sql .= ' AND Username=? AND Password=?';
|
||||
} else {
|
||||
$sql .= " AND Username=? AND Password=password(?)";
|
||||
$sql .= ' AND Username=? AND Password=password(?)';
|
||||
}
|
||||
$sql_values = array( $username, $password );
|
||||
} else {
|
||||
$sql .= " AND Username = ?";
|
||||
$sql .= ' AND Username = ?';
|
||||
$sql_values = array( $username );
|
||||
}
|
||||
$_SESSION['username'] = $username;
|
||||
if ( ZM_AUTH_RELAY == "plain" ) {
|
||||
if ( ZM_AUTH_RELAY == 'plain' ) {
|
||||
// Need to save this in session
|
||||
$_SESSION['password'] = $password;
|
||||
}
|
||||
|
|
@ -829,36 +829,38 @@ function packageControl( $command ) {
|
|||
}
|
||||
|
||||
function daemonControl( $command, $daemon=false, $args=false ) {
|
||||
$string = ZM_PATH_BIN."/zmdc.pl $command";
|
||||
$string = escapeshellcmd(ZM_PATH_BIN).'/zmdc.pl '.$command;
|
||||
if ( $daemon ) {
|
||||
$string .= escapeshellarg(" $daemon");
|
||||
#$string .= ' ' . $daemon;
|
||||
$string .= ' ' . $daemon;
|
||||
if ( $args ) {
|
||||
$string .= escapeshellarg(" $args");
|
||||
$string .= ' ' . $args;
|
||||
#$string .= ' ' . $args;
|
||||
}
|
||||
}
|
||||
$string .= " 2>/dev/null >&- <&- >/dev/null";
|
||||
$string .= ' 2>/dev/null >&- <&- >/dev/null';
|
||||
Debug("exec $string");
|
||||
exec( $string );
|
||||
}
|
||||
|
||||
function zmcControl( $monitor, $mode=false ) {
|
||||
if ( (!defined('ZM_SERVER_ID')) or ( ZM_SERVER_ID==$monitor['ServerId'] ) ) {
|
||||
$row = NULL;
|
||||
if ( $monitor['Type'] == "Local" ) {
|
||||
$row = dbFetchOne( "select count(if(Function!='None',1,NULL)) as ActiveCount from Monitors where Device = ?", NULL, array($monitor['Device']) );
|
||||
$zmcArgs = "-d ".$monitor['Device'];
|
||||
if ( $monitor['Type'] == 'Local' ) {
|
||||
$row = dbFetchOne( "SELECT count(if(Function!='None',1,NULL)) AS ActiveCount FROM Monitors WHERE Device = ?", NULL, array($monitor['Device']) );
|
||||
$zmcArgs = '-d '.escapeshellarg( $monitor['Device'] );
|
||||
} else {
|
||||
$row = dbFetchOne( "select count(if(Function!='None',1,NULL)) as ActiveCount from Monitors where Id = ?", NULL, array($monitor['Id']) );
|
||||
$zmcArgs = "-m ".$monitor['Id'];
|
||||
$row = dbFetchOne( "SELECT count(if(Function!='None',1,NULL)) AS ActiveCount FROM Monitors WHERE Id = ?", NULL, array($monitor['Id']) );
|
||||
$zmcArgs = '-m '.$monitor['Id'];
|
||||
}
|
||||
$activeCount = $row['ActiveCount'];
|
||||
|
||||
if ( !$activeCount || $mode == "stop" ) {
|
||||
daemonControl( "stop", "zmc", $zmcArgs );
|
||||
if ( (!$activeCount) || ($mode == 'stop') ) {
|
||||
daemonControl( 'stop', 'zmc', $zmcArgs );
|
||||
} else {
|
||||
if ( $mode == "restart" ) {
|
||||
daemonControl( "stop", "zmc", $zmcArgs );
|
||||
if ( $mode == 'restart' ) {
|
||||
daemonControl( 'stop', 'zmc', $zmcArgs );
|
||||
}
|
||||
daemonControl( "start", "zmc", $zmcArgs );
|
||||
daemonControl( 'start', 'zmc', $zmcArgs );
|
||||
}
|
||||
} else {
|
||||
$Server = new Server( $monitor['ServerId'] );
|
||||
|
|
@ -878,7 +880,6 @@ function zmcControl( $monitor, $mode=false ) {
|
|||
$context = stream_context_create($options);
|
||||
$result = file_get_contents($url, false, $context);
|
||||
if ($result === FALSE) { /* Handle error */ }
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -937,34 +938,34 @@ function daemonStatus( $daemon, $args=false ) {
|
|||
|
||||
initDaemonStatus();
|
||||
|
||||
$string = "$daemon";
|
||||
$string = $daemon;
|
||||
if ( $args )
|
||||
$string .= " $args";
|
||||
$string .= ' ' . $args;
|
||||
return( strpos( $daemon_status, "'$string' running" ) !== false );
|
||||
}
|
||||
|
||||
function zmcStatus( $monitor ) {
|
||||
if ( $monitor['Type'] == 'Local' ) {
|
||||
$zmcArgs = "-d ".$monitor['Device'];
|
||||
$zmcArgs = '-d '.$monitor['Device'];
|
||||
} else {
|
||||
$zmcArgs = "-m ".$monitor['Id'];
|
||||
$zmcArgs = '-m '.$monitor['Id'];
|
||||
}
|
||||
return( daemonStatus( "zmc", $zmcArgs ) );
|
||||
return( daemonStatus( 'zmc', $zmcArgs ) );
|
||||
}
|
||||
|
||||
function zmaStatus( $monitor ) {
|
||||
if ( is_array( $monitor ) ) {
|
||||
$monitor = $monitor['Id'];
|
||||
}
|
||||
return( daemonStatus( "zma", "-m $monitor" ) );
|
||||
return( daemonStatus( 'zma', "-m $monitor" ) );
|
||||
}
|
||||
|
||||
function daemonCheck( $daemon=false, $args=false ) {
|
||||
$string = ZM_PATH_BIN."/zmdc.pl check";
|
||||
if ( $daemon ) {
|
||||
$string .= escapeshellarg(" $daemon");
|
||||
$string .= ' ' . escapeshellarg( $daemon );
|
||||
if ( $args )
|
||||
$string .= escapeshellarg(" $args");
|
||||
$string .= ' ' . escapeshellarg( $args );
|
||||
}
|
||||
$result = exec( $string );
|
||||
return( preg_match( '/running/', $result ) );
|
||||
|
|
@ -972,18 +973,18 @@ function daemonCheck( $daemon=false, $args=false ) {
|
|||
|
||||
function zmcCheck( $monitor ) {
|
||||
if ( $monitor['Type'] == 'Local' ) {
|
||||
$zmcArgs = "-d ".$monitor['Device'];
|
||||
$zmcArgs = '-d '.$monitor['Device'];
|
||||
} else {
|
||||
$zmcArgs = "-m ".$monitor['Id'];
|
||||
$zmcArgs = '-m '.$monitor['Id'];
|
||||
}
|
||||
return( daemonCheck( "zmc", $zmcArgs ) );
|
||||
return( daemonCheck( 'zmc', $zmcArgs ) );
|
||||
}
|
||||
|
||||
function zmaCheck( $monitor ) {
|
||||
if ( is_array( $monitor ) ) {
|
||||
$monitor = $monitor['Id'];
|
||||
}
|
||||
return( daemonCheck( "zma", "-m $monitor" ) );
|
||||
return( daemonCheck( 'zma', "-m $monitor" ) );
|
||||
}
|
||||
|
||||
function getImageSrc( $event, $frame, $scale=SCALE_BASE, $captureOnly=false, $overwrite=false ) {
|
||||
|
|
@ -1404,9 +1405,9 @@ function sortHeader( $field, $querySep='&' ) {
|
|||
function sortTag( $field ) {
|
||||
if ( $_REQUEST['sort_field'] == $field )
|
||||
if ( $_REQUEST['sort_asc'] )
|
||||
return( "(^)" );
|
||||
return( '(^)' );
|
||||
else
|
||||
return( "(v)" );
|
||||
return( '(v)' );
|
||||
return( false );
|
||||
}
|
||||
|
||||
|
|
@ -1418,15 +1419,15 @@ function getLoad() {
|
|||
function getDiskPercent($path = ZM_DIR_EVENTS) {
|
||||
$total = disk_total_space($path);
|
||||
if ( $total === false ) {
|
||||
Error("disk_total_space returned false. Verify the web account user has access to " . $path );
|
||||
Error('disk_total_space returned false. Verify the web account user has access to ' . $path );
|
||||
return 0;
|
||||
} elseif ( $total == 0 ) {
|
||||
Error("disk_total_space indicates the following path has a filesystem size of zero bytes" . $path );
|
||||
Error('disk_total_space indicates the following path has a filesystem size of zero bytes' . $path );
|
||||
return 100;
|
||||
}
|
||||
$free = disk_free_space($path);
|
||||
if ( $free === false ) {
|
||||
Error("disk_free_space returned false. Verify the web account user has access to " . $path );
|
||||
Error('disk_free_space returned false. Verify the web account user has access to ' . $path );
|
||||
}
|
||||
$space = round((($total - $free) / $total) * 100);
|
||||
return( $space );
|
||||
|
|
|
|||
Loading…
Reference in New Issue