mkdir and rmdir commands
This commit is contained in:
parent
0b00de2a10
commit
5168c2c0f0
9 changed files with 520 additions and 192 deletions
|
@ -29,11 +29,11 @@ input.password
|
||||||
|
|
||||||
div#blashWindow
|
div#blashWindow
|
||||||
{
|
{
|
||||||
width : 800px;
|
/* width : 800px; */
|
||||||
height : 400px;
|
/* height : 400px; */
|
||||||
margin : auto;
|
margin : auto;
|
||||||
padding : 10px;
|
/* padding : 10px; */
|
||||||
border : 1px solid #888;
|
/* border : 1px solid #888; */
|
||||||
overflow : auto;
|
overflow : auto;
|
||||||
tabindex : -1;
|
tabindex : -1;
|
||||||
}
|
}
|
||||||
|
|
89
commands/mkdir.json
Normal file
89
commands/mkdir.json
Normal file
|
@ -0,0 +1,89 @@
|
||||||
|
{
|
||||||
|
"name" : "mkdir",
|
||||||
|
|
||||||
|
"info" : {
|
||||||
|
"syntax" : "mkdir <directory name>",
|
||||||
|
"brief" : "Create a new directory",
|
||||||
|
},
|
||||||
|
|
||||||
|
"action" : function ( arg )
|
||||||
|
{
|
||||||
|
if ( !arg || arg.length == 0 )
|
||||||
|
{
|
||||||
|
return "mkdir: Parameter expected<br/>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
shell.auto_prompt_focus = false;
|
||||||
|
shell.auto_prompt_refresh = false;
|
||||||
|
arg = shell.expandPath ( arg );
|
||||||
|
|
||||||
|
var users_php = window.location.href;
|
||||||
|
users_php = users_php.replace ( /\/([a-zA-Z\.]+)$/, '/modules/users/users.php' );
|
||||||
|
params = 'action=mkdir&dir=' + escape ( arg );
|
||||||
|
|
||||||
|
var http = new XMLHttpRequest();
|
||||||
|
http.open ( "POST", users_php, true );
|
||||||
|
http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
|
||||||
|
http.setRequestHeader("Content-length", params.length);
|
||||||
|
http.setRequestHeader("Connection", "close");
|
||||||
|
|
||||||
|
http.onreadystatechange = function ()
|
||||||
|
{
|
||||||
|
if ( http.readyState == 4 && http.status == 200 )
|
||||||
|
{
|
||||||
|
if ( http.responseText.length > 0 )
|
||||||
|
{
|
||||||
|
shell.cmdOut.innerHTML = http.responseText;
|
||||||
|
} else {
|
||||||
|
var files_config = window.location.href;
|
||||||
|
files_config = files_config.replace ( /\/([a-zA-Z\.]+)$/, '/modules/users/files.php' );
|
||||||
|
|
||||||
|
var http2 = new XMLHttpRequest();
|
||||||
|
http2.open ( "GET", files_config, true );
|
||||||
|
|
||||||
|
http2.onreadystatechange = function ()
|
||||||
|
{
|
||||||
|
if ( http2.readyState == 4 && http2.status == 200 )
|
||||||
|
{
|
||||||
|
shell.files = eval ( '(' + http2.responseText + ')' );
|
||||||
|
|
||||||
|
// Remove duplicates
|
||||||
|
var tmp = new Array();
|
||||||
|
|
||||||
|
for ( var i in shell.files )
|
||||||
|
{
|
||||||
|
var contains = false;
|
||||||
|
|
||||||
|
for ( var j=0; j < tmp.length && !contains; j++ )
|
||||||
|
{
|
||||||
|
if ( shell.files[i].path == tmp[j].path )
|
||||||
|
{
|
||||||
|
contains = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( !contains )
|
||||||
|
{
|
||||||
|
tmp.push ( shell.files[i] );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
shell.files = tmp;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
http2.send ( null );
|
||||||
|
shell.cmdOut.innerHTML = '';
|
||||||
|
}
|
||||||
|
|
||||||
|
shell.refreshPrompt ( false, false );
|
||||||
|
shell.auto_prompt_focus = true;
|
||||||
|
shell.auto_prompt_refresh = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
http.send ( params );
|
||||||
|
shell.cmdOut.innerHTML = '';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
89
commands/rmdir.json
Normal file
89
commands/rmdir.json
Normal file
|
@ -0,0 +1,89 @@
|
||||||
|
{
|
||||||
|
"name" : "rmdir",
|
||||||
|
|
||||||
|
"info" : {
|
||||||
|
"syntax" : "rmdir <directory name>",
|
||||||
|
"brief" : "Remove a directory (recursively if the directory is not empty)",
|
||||||
|
},
|
||||||
|
|
||||||
|
"action" : function ( arg )
|
||||||
|
{
|
||||||
|
if ( !arg || arg.length == 0 )
|
||||||
|
{
|
||||||
|
return "mkdir: Parameter expected<br/>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
shell.auto_prompt_focus = false;
|
||||||
|
shell.auto_prompt_refresh = false;
|
||||||
|
arg = shell.expandPath ( arg );
|
||||||
|
|
||||||
|
var users_php = window.location.href;
|
||||||
|
users_php = users_php.replace ( /\/([a-zA-Z\.]+)$/, '/modules/users/users.php' );
|
||||||
|
params = 'action=rmdir&dir=' + escape ( arg );
|
||||||
|
|
||||||
|
var http = new XMLHttpRequest();
|
||||||
|
http.open ( "POST", users_php, true );
|
||||||
|
http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
|
||||||
|
http.setRequestHeader("Content-length", params.length);
|
||||||
|
http.setRequestHeader("Connection", "close");
|
||||||
|
|
||||||
|
http.onreadystatechange = function ()
|
||||||
|
{
|
||||||
|
if ( http.readyState == 4 && http.status == 200 )
|
||||||
|
{
|
||||||
|
if ( http.responseText.length > 0 )
|
||||||
|
{
|
||||||
|
shell.cmdOut.innerHTML = http.responseText;
|
||||||
|
} else {
|
||||||
|
var files_config = window.location.href;
|
||||||
|
files_config = files_config.replace ( /\/([a-zA-Z\.]+)$/, '/modules/users/files.php' );
|
||||||
|
|
||||||
|
var http2 = new XMLHttpRequest();
|
||||||
|
http2.open ( "GET", files_config, true );
|
||||||
|
|
||||||
|
http2.onreadystatechange = function ()
|
||||||
|
{
|
||||||
|
if ( http2.readyState == 4 && http2.status == 200 )
|
||||||
|
{
|
||||||
|
shell.files = eval ( '(' + http2.responseText + ')' );
|
||||||
|
|
||||||
|
// Remove duplicates
|
||||||
|
var tmp = new Array();
|
||||||
|
|
||||||
|
for ( var i in shell.files )
|
||||||
|
{
|
||||||
|
var contains = false;
|
||||||
|
|
||||||
|
for ( var j=0; j < tmp.length && !contains; j++ )
|
||||||
|
{
|
||||||
|
if ( shell.files[i].path == tmp[j].path )
|
||||||
|
{
|
||||||
|
contains = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( !contains )
|
||||||
|
{
|
||||||
|
tmp.push ( shell.files[i] );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
shell.files = tmp;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
http2.send ( null );
|
||||||
|
shell.cmdOut.innerHTML = '';
|
||||||
|
}
|
||||||
|
|
||||||
|
shell.refreshPrompt ( false, false );
|
||||||
|
shell.auto_prompt_focus = true;
|
||||||
|
shell.auto_prompt_refresh = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
http.send ( params );
|
||||||
|
shell.cmdOut.innerHTML = '';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -22,18 +22,22 @@
|
||||||
|
|
||||||
if ( shell.__first_cmd )
|
if ( shell.__first_cmd )
|
||||||
{
|
{
|
||||||
shell.cmdOut.innerHTML = '<br/>';
|
shell.cmdOut.innerHTML = '<br/>Password: <input type="password" ' +
|
||||||
|
'name="password" class="password" ' +
|
||||||
|
'onkeyup="shell.getPassword ( event )">' +
|
||||||
|
'<br/>';
|
||||||
|
|
||||||
shell.__first_cmd = false;
|
shell.__first_cmd = false;
|
||||||
|
} else {
|
||||||
|
shell.cmdOut.innerHTML = 'Password: <input type="password" ' +
|
||||||
|
'name="password" class="password" ' +
|
||||||
|
'onkeyup="shell.getPassword ( event )">' +
|
||||||
|
'<br/>';
|
||||||
}
|
}
|
||||||
|
|
||||||
shell.getPassword = this.getPassword;
|
shell.getPassword = this.getPassword;
|
||||||
shell.newuser = arg;
|
shell.newuser = arg;
|
||||||
|
|
||||||
shell.cmdOut.innerHTML += 'Password: <input type="password" ' +
|
|
||||||
'name="password" class="password" ' +
|
|
||||||
'onkeyup="shell.getPassword ( event )">' +
|
|
||||||
'<br/>';
|
|
||||||
|
|
||||||
shell.auto_prompt_focus = false;
|
shell.auto_prompt_focus = false;
|
||||||
shell.auto_prompt_refresh = false;
|
shell.auto_prompt_refresh = false;
|
||||||
|
|
||||||
|
|
|
@ -39,6 +39,12 @@
|
||||||
{
|
{
|
||||||
shell.cmdOut.innerHTML = 'The passwords do not match';
|
shell.cmdOut.innerHTML = 'The passwords do not match';
|
||||||
} else {
|
} else {
|
||||||
|
if ( shell.newuser.match ( /[^0-9a-zA-Z_]/ ))
|
||||||
|
{
|
||||||
|
shell.cmdOut.innerHTML = 'The username contains invalid characters, out of the charset [0-9a-zA-Z_]';
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
var users_php = window.location.href;
|
var users_php = window.location.href;
|
||||||
users_php = users_php.replace ( /\/([a-zA-Z\.]+)$/, '/modules/users/users.php' );
|
users_php = users_php.replace ( /\/([a-zA-Z\.]+)$/, '/modules/users/users.php' );
|
||||||
params = 'action=add&user=' + escape ( shell.newuser ) + '&pass=' + md5 ( password.value );
|
params = 'action=add&user=' + escape ( shell.newuser ) + '&pass=' + md5 ( password.value );
|
||||||
|
@ -60,6 +66,8 @@
|
||||||
shell.cmdOut.innerHTML = '';
|
shell.cmdOut.innerHTML = '';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
shell.auto_prompt_focus = true;
|
||||||
|
shell.auto_prompt_refresh = true;
|
||||||
shell.refreshPrompt ( false, false );
|
shell.refreshPrompt ( false, false );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -67,10 +75,6 @@
|
||||||
http.send ( params );
|
http.send ( params );
|
||||||
shell.cmdOut.innerHTML = '';
|
shell.cmdOut.innerHTML = '';
|
||||||
}
|
}
|
||||||
|
|
||||||
shell.auto_prompt_focus = true;
|
|
||||||
shell.auto_prompt_refresh = true;
|
|
||||||
shell.refreshPrompt ( false, false );
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
||||||
|
@ -89,23 +93,35 @@
|
||||||
return "Usage: " + this.name + " <username><br/>\n";
|
return "Usage: " + this.name + " <username><br/>\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ( arg.match ( /[^0-9a-zA-Z_]/ ))
|
||||||
|
{
|
||||||
|
return "Invalid character(s) in the username, range [0-9a-zA-Z_] allowed<br/>\n";
|
||||||
|
}
|
||||||
|
|
||||||
shell.keyPassword = this.keyPassword;
|
shell.keyPassword = this.keyPassword;
|
||||||
shell.keyRepeatPassword = this.keyRepeatPassword;
|
shell.keyRepeatPassword = this.keyRepeatPassword;
|
||||||
shell.newuser = arg;
|
shell.newuser = arg;
|
||||||
|
|
||||||
if ( shell.__first_cmd )
|
if ( shell.__first_cmd )
|
||||||
{
|
{
|
||||||
shell.cmdOut.innerHTML = '<br/>';
|
shell.cmdOut.innerHTML = '<br/>Password: <input type="password" ' +
|
||||||
shell.__first_cmd = false;
|
'name="password" class="password" ' +
|
||||||
}
|
'onkeyup="shell.keyPassword ( event )">' +
|
||||||
|
'<br/><span id="repeatPasswordText" style="visibility: hidden">' +
|
||||||
|
'Repeat password: </span>' +
|
||||||
|
'<input type="password" name="repeatPassword" class="password" ' +
|
||||||
|
'style="visibility: hidden" onkeyup="shell.keyRepeatPassword ( event )"><br/>';
|
||||||
|
|
||||||
shell.cmdOut.innerHTML += 'Password: <input type="password" ' +
|
shell.__first_cmd = false;
|
||||||
'name="password" class="password" ' +
|
} else {
|
||||||
'onkeyup="shell.keyPassword ( event )">' +
|
shell.cmdOut.innerHTML = 'Password: <input type="password" ' +
|
||||||
'<br/><span id="repeatPasswordText" style="visibility: hidden">' +
|
'name="password" class="password" ' +
|
||||||
'Repeat password: </span>' +
|
'onkeyup="shell.keyPassword ( event )">' +
|
||||||
'<input type="password" name="repeatPassword" class="password" ' +
|
'<br/><span id="repeatPasswordText" style="visibility: hidden">' +
|
||||||
'style="visibility: hidden" onkeyup="shell.keyRepeatPassword ( event )"><br/>';
|
'Repeat password: </span>' +
|
||||||
|
'<input type="password" name="repeatPassword" class="password" ' +
|
||||||
|
'style="visibility: hidden" onkeyup="shell.keyRepeatPassword ( event )"><br/>';
|
||||||
|
}
|
||||||
|
|
||||||
shell.auto_prompt_focus = false;
|
shell.auto_prompt_focus = false;
|
||||||
shell.auto_prompt_refresh = false;
|
shell.auto_prompt_refresh = false;
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
$sudo_cmd = false;
|
||||||
|
|
||||||
function getUser ()
|
function getUser ()
|
||||||
{
|
{
|
||||||
include 'userlist.php';
|
include 'userlist.php';
|
||||||
|
@ -44,7 +46,7 @@ function getPerms ( $resource )
|
||||||
$user = getUser();
|
$user = getUser();
|
||||||
$resource = str_replace ( '"', '\"', $resource );
|
$resource = str_replace ( '"', '\"', $resource );
|
||||||
|
|
||||||
if ( $user == 'root' )
|
if ( $user == 'root' || $GLOBALS['sudo_cmd'] )
|
||||||
{
|
{
|
||||||
return '{ "resource" : "'.$resource.'", "read" : true, "write" : true }'."\n";
|
return '{ "resource" : "'.$resource.'", "read" : true, "write" : true }'."\n";
|
||||||
}
|
}
|
||||||
|
@ -205,4 +207,217 @@ function getPerms ( $resource )
|
||||||
return $response;
|
return $response;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function __json_encode( $data ) {
|
||||||
|
if ( is_array ($data) || is_object ($data) ) {
|
||||||
|
$islist = is_array ($data) && ( empty ($data) || array_keys ($data) === range (0,count($data)-1) );
|
||||||
|
|
||||||
|
if ( $islist ) {
|
||||||
|
$json = '['."\n" . implode(', ', array_map('__json_encode', $data) ) . ']'."\n";
|
||||||
|
} else {
|
||||||
|
$items = Array();
|
||||||
|
|
||||||
|
foreach ( $data as $key => $value ) {
|
||||||
|
$items[] = __json_encode("$key") . ': ' . __json_encode($value);
|
||||||
|
}
|
||||||
|
|
||||||
|
$json = '{' . implode(', ', $items) . '}'."\n";
|
||||||
|
}
|
||||||
|
} elseif ( is_string ( $data )) {
|
||||||
|
# Escape non-printable or Non-ASCII characters.
|
||||||
|
# I also put the \\ character first, as suggested in comments on the 'addclashes' page.
|
||||||
|
#$string = '"' . addcslashes($data, "\\\"\n\r\t/" . chr(8) . chr(12)) . '"';
|
||||||
|
$string = '"' . $data . '"';
|
||||||
|
$json = '';
|
||||||
|
$len = strlen ($string);
|
||||||
|
|
||||||
|
# Convert UTF-8 to Hexadecimal Codepoints.
|
||||||
|
for ( $i = 0; $i < $len; $i++ ) {
|
||||||
|
$char = $string[$i];
|
||||||
|
$c1 = ord($char);
|
||||||
|
|
||||||
|
# Single byte;
|
||||||
|
if( $c1 <128 ) {
|
||||||
|
$json .= ($c1 > 31) ? $char : sprintf("\\u%04x", $c1);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Double byte
|
||||||
|
$c2 = ord($string[++$i]);
|
||||||
|
if ( ($c1 & 32) === 0 ) {
|
||||||
|
$json .= sprintf("\\u%04x", ($c1 - 192) * 64 + $c2 - 128);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Triple
|
||||||
|
$c3 = ord($string[++$i]);
|
||||||
|
if( ($c1 & 16) === 0 ) {
|
||||||
|
$json .= sprintf("\\u%04x", (($c1 - 224) <<12) + (($c2 - 128) << 6) + ($c3 - 128));
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Quadruple
|
||||||
|
$c4 = ord($string[++$i]);
|
||||||
|
if( ($c1 & 8 ) === 0 ) {
|
||||||
|
$u = (($c1 & 15) << 2) + (($c2>>4) & 3) - 1;
|
||||||
|
|
||||||
|
$w1 = (54<<10) + ($u<<6) + (($c2 & 15) << 2) + (($c3>>4) & 3);
|
||||||
|
$w2 = (55<<10) + (($c3 & 15)<<6) + ($c4-128);
|
||||||
|
$json .= sprintf("\\u%04x\\u%04x", $w1, $w2);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
# int, floats, bools, null
|
||||||
|
$json = strtolower(var_export( $data, true ));
|
||||||
|
}
|
||||||
|
|
||||||
|
return $json;
|
||||||
|
}
|
||||||
|
|
||||||
|
function __mkdir ( $dir, $own_perms )
|
||||||
|
{
|
||||||
|
include "../../system/files_json.php";
|
||||||
|
|
||||||
|
if ( !$files_json || strlen ( $files_json ) == 0 )
|
||||||
|
{
|
||||||
|
return 'mkdir: Error: Empty JSON file container';
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( preg_match ( "@[^0-9a-zA-Z_\./\ ]@", $dir ))
|
||||||
|
{
|
||||||
|
return "mkdir: Invalid character(s) for a directory name out of range '[0-9a-zA-Z_./ ]'\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
$has_perms = false;
|
||||||
|
|
||||||
|
if ( $own_perms )
|
||||||
|
{
|
||||||
|
if ( is_array ( $own_perms ))
|
||||||
|
{
|
||||||
|
$has_perms = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$user = getUser();
|
||||||
|
$json = json_decode ( $files_json, true );
|
||||||
|
$parent_dir = preg_replace ( '@/[^/]+$@', '', $dir );
|
||||||
|
$parent_dir_found = false;
|
||||||
|
|
||||||
|
if ( preg_match ( "/^\s*$/", $parent_dir ))
|
||||||
|
{
|
||||||
|
$parent_dir = '/';
|
||||||
|
}
|
||||||
|
|
||||||
|
for ( $i=0; $i < count ( $json ); $i++ )
|
||||||
|
{
|
||||||
|
$path = $json[$i]['path'];
|
||||||
|
|
||||||
|
if ( !$path || strlen ( $path ) == 0 )
|
||||||
|
{
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( $path == $parent_dir )
|
||||||
|
{
|
||||||
|
$parent_dir_found = true;
|
||||||
|
$perms = getPerms ( $parent_dir );
|
||||||
|
$perms = json_decode ( $perms, true );
|
||||||
|
|
||||||
|
if ( $perms['write'] == false )
|
||||||
|
{
|
||||||
|
$dir = str_replace ( '<', '<', $dir );
|
||||||
|
$dir = str_replace ( '>', '>', $dir );
|
||||||
|
return "mkdir: Could not create directory $dir: Permission denied\n";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( $path == $dir )
|
||||||
|
{
|
||||||
|
$dir = str_replace ( '<', '<', $dir );
|
||||||
|
$dir = str_replace ( '>', '>', $dir );
|
||||||
|
return "mkdir: Could not create directory $dir: The file already exists\n";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( !$parent_dir_found )
|
||||||
|
{
|
||||||
|
$dir = str_replace ( '<', '<', $dir );
|
||||||
|
$dir = str_replace ( '>', '>', $dir );
|
||||||
|
return "mkdir: Could not create directory $dir: Parent directory not found\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
$newdir = array();
|
||||||
|
$newdir['path'] = "$dir";
|
||||||
|
$newdir['type'] = 'directory';
|
||||||
|
$newdir['owner'] = ($has_perms) ? $own_perms['owner'] : "$user";
|
||||||
|
$newdir['can_read'] = ($has_perms) ? $own_perms['can_read'] : '@all';
|
||||||
|
$newdir['can_write'] = ($has_perms) ? $own_perms['can_write'] : "$user";
|
||||||
|
|
||||||
|
array_push ( $json, $newdir );
|
||||||
|
|
||||||
|
if ( !( $fp = fopen ( "../../system/files_json.php", "w" )))
|
||||||
|
{
|
||||||
|
return "mkdir: Unable to write on directories file\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
fwrite ( $fp, "<?php\n\n\$files_json = <<<JSON\n".__json_encode ( $json )."\nJSON;\n\n?>");
|
||||||
|
fclose ( $fp );
|
||||||
|
return "";
|
||||||
|
}
|
||||||
|
|
||||||
|
function __rmdir ( $dir )
|
||||||
|
{
|
||||||
|
include "../../system/files_json.php";
|
||||||
|
|
||||||
|
if ( !$files_json || strlen ( $files_json ) == 0 )
|
||||||
|
{
|
||||||
|
return 'mkdir: Error: Empty JSON file container';
|
||||||
|
}
|
||||||
|
|
||||||
|
$user = getUser();
|
||||||
|
$json = json_decode ( $files_json, true );
|
||||||
|
$dir_found = false;
|
||||||
|
|
||||||
|
for ( $i=0; $i < count ( $json ) && !$dir_found; $i++ )
|
||||||
|
{
|
||||||
|
$path = $json[$i]['path'];
|
||||||
|
|
||||||
|
if ( !$path || strlen ( $path ) == 0 )
|
||||||
|
{
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( $path == $dir )
|
||||||
|
{
|
||||||
|
$dir_found = true;
|
||||||
|
$perms = getPerms ( $dir );
|
||||||
|
$perms = json_decode ( $perms, true );
|
||||||
|
|
||||||
|
if ( $perms['write'] == false )
|
||||||
|
{
|
||||||
|
$dir = str_replace ( '<', '<', $dir );
|
||||||
|
$dir = str_replace ( '>', '>', $dir );
|
||||||
|
return "rmdir: Could not remove directory $dir: Permission denied\n";
|
||||||
|
} else {
|
||||||
|
array_splice ( $json, $i, 1 );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( !$dir_found )
|
||||||
|
{
|
||||||
|
$dir = str_replace ( '<', '<', $dir );
|
||||||
|
$dir = str_replace ( '>', '>', $dir );
|
||||||
|
return "mkdir: Could not remove directory $dir: File not found\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( !( $fp = fopen ( "../../system/files_json.php", "w" )))
|
||||||
|
{
|
||||||
|
return "mkdir: Unable to write on directories file\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
fwrite ( $fp, "<?php\n\n\$files_json = <<<JSON\n".__json_encode ( $json )."\nJSON;\n\n?>");
|
||||||
|
fclose ( $fp );
|
||||||
|
return "";
|
||||||
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -3,6 +3,8 @@
|
||||||
include 'userlist.php';
|
include 'userlist.php';
|
||||||
include 'user_utils.php';
|
include 'user_utils.php';
|
||||||
|
|
||||||
|
global $sudo_cmd;
|
||||||
|
|
||||||
$action = $_REQUEST['action'];
|
$action = $_REQUEST['action'];
|
||||||
|
|
||||||
if ( $action == null )
|
if ( $action == null )
|
||||||
|
@ -24,19 +26,19 @@ switch ( $action )
|
||||||
if ( preg_match ( '/[^a-zA-Z0-9_]/', $username ))
|
if ( preg_match ( '/[^a-zA-Z0-9_]/', $username ))
|
||||||
{
|
{
|
||||||
print "The username can only contain characters in the charset '[a-zA-Z0-9_]'\n";
|
print "The username can only contain characters in the charset '[a-zA-Z0-9_]'\n";
|
||||||
return 1;
|
return '';
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( preg_match ( '/[^a-zA-Z0-9]/', $password ) || strlen ( $password ) != 32 )
|
if ( preg_match ( '/[^a-fA-F0-9]/', $password ) || strlen ( $password ) != 32 )
|
||||||
{
|
{
|
||||||
print "The provided password is not a valid hash\n";
|
print "The provided password is not a valid hash\n";
|
||||||
return 1;
|
return '';
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( !( $xml = new SimpleXMLElement ( $xmlcontent )))
|
if ( !( $xml = new SimpleXMLElement ( $xmlcontent )))
|
||||||
{
|
{
|
||||||
print "Unable to open the users XML file\n";
|
print "Unable to open the users XML file\n";
|
||||||
return 1;
|
return '';
|
||||||
}
|
}
|
||||||
|
|
||||||
for ( $i = 0; $i < count ( $xml->user ); $i++ )
|
for ( $i = 0; $i < count ( $xml->user ); $i++ )
|
||||||
|
@ -44,7 +46,7 @@ switch ( $action )
|
||||||
if ( !strcasecmp ( $xml->user[$i]['name'], $username ))
|
if ( !strcasecmp ( $xml->user[$i]['name'], $username ))
|
||||||
{
|
{
|
||||||
print "The specified user already exists\n";
|
print "The specified user already exists\n";
|
||||||
return 1;
|
return '';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -56,13 +58,22 @@ switch ( $action )
|
||||||
if ( !( $fp = fopen ( 'userlist.php', 'w' )))
|
if ( !( $fp = fopen ( 'userlist.php', 'w' )))
|
||||||
{
|
{
|
||||||
print "Unable to add the specified user, unknown error\n";
|
print "Unable to add the specified user, unknown error\n";
|
||||||
return 1;
|
return '';
|
||||||
}
|
}
|
||||||
|
|
||||||
fwrite ( $fp, '<?php'."\n\n".'$xmlcontent = <<<XML'."\n" . $xml->asXML() . "\nXML;\n\n?>\n" );
|
fwrite ( $fp, '<?php'."\n\n".'$xmlcontent = <<<XML'."\n" . $xml->asXML() . "\nXML;\n\n?>\n" );
|
||||||
fclose ( $fp );
|
fclose ( $fp );
|
||||||
|
|
||||||
print 'User "'.$username.' successfully added, home directory set to "/home/'.$username."\"\n";
|
$perms = array();
|
||||||
|
$perms['owner'] = $username;
|
||||||
|
$perms['can_read'] = $username;
|
||||||
|
$perms['can_write'] = $username;
|
||||||
|
|
||||||
|
$GLOBALS['sudo_cmd'] = true;
|
||||||
|
print __mkdir ( '/home/'.$username, $perms )."<br/>\n";
|
||||||
|
$GLOBALS['sudo_cmd'] = false;
|
||||||
|
|
||||||
|
print 'User "'.$username.'" successfully added, home directory set to "/home/'.$username."\"\n";
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'login':
|
case 'login':
|
||||||
|
@ -77,13 +88,13 @@ switch ( $action )
|
||||||
if ( preg_match ( '/[^a-zA-Z0-9_]/', $username ))
|
if ( preg_match ( '/[^a-zA-Z0-9_]/', $username ))
|
||||||
{
|
{
|
||||||
print "The username can only contain characters in the charset '[a-zA-Z0-9_]'\n";
|
print "The username can only contain characters in the charset '[a-zA-Z0-9_]'\n";
|
||||||
return 1;
|
return '';
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( !( $xml = new SimpleXMLElement ( $xmlcontent )))
|
if ( !( $xml = new SimpleXMLElement ( $xmlcontent )))
|
||||||
{
|
{
|
||||||
print "Unable to open the users XML file\n";
|
print "Unable to open the users XML file\n";
|
||||||
return 1;
|
return '';
|
||||||
}
|
}
|
||||||
|
|
||||||
for ( $i = 0; $i < count ( $xml->user ) && !$found; $i++ )
|
for ( $i = 0; $i < count ( $xml->user ) && !$found; $i++ )
|
||||||
|
@ -93,7 +104,7 @@ switch ( $action )
|
||||||
if ( strcasecmp ( $xml->user[$i]['pass'], $password ))
|
if ( strcasecmp ( $xml->user[$i]['pass'], $password ))
|
||||||
{
|
{
|
||||||
print "Wrong password provided for user '$username'\n";
|
print "Wrong password provided for user '$username'\n";
|
||||||
return 1;
|
return '';
|
||||||
} else {
|
} else {
|
||||||
$auth = md5 ( $xml->user[$i]['name'] . $xml->user[$i]['pass'] );
|
$auth = md5 ( $xml->user[$i]['name'] . $xml->user[$i]['pass'] );
|
||||||
setcookie ( 'username', $xml->user[$i]['name'], 0, "/" );
|
setcookie ( 'username', $xml->user[$i]['name'], 0, "/" );
|
||||||
|
@ -106,7 +117,7 @@ switch ( $action )
|
||||||
}
|
}
|
||||||
|
|
||||||
print "Username not found: '$username'\n";
|
print "Username not found: '$username'\n";
|
||||||
return 1;
|
return '';
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'getuser':
|
case 'getuser':
|
||||||
|
@ -129,13 +140,13 @@ switch ( $action )
|
||||||
if ( $cur_user != 'root' && $cur_user != $user )
|
if ( $cur_user != 'root' && $cur_user != $user )
|
||||||
{
|
{
|
||||||
print "You cannot change the password for the user '$user'\n";
|
print "You cannot change the password for the user '$user'\n";
|
||||||
return 1;
|
return '';
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( !( $xml = new SimpleXMLElement ( $xmlcontent )))
|
if ( !( $xml = new SimpleXMLElement ( $xmlcontent )))
|
||||||
{
|
{
|
||||||
print "Unable to open the users XML file\n";
|
print "Unable to open the users XML file\n";
|
||||||
return 1;
|
return '';
|
||||||
}
|
}
|
||||||
|
|
||||||
for ( $i = 0; $i < count ( $xml->user ); $i++ )
|
for ( $i = 0; $i < count ( $xml->user ); $i++ )
|
||||||
|
@ -151,7 +162,7 @@ switch ( $action )
|
||||||
if ( $xml->user[$i]['pass'] != $old_pass )
|
if ( $xml->user[$i]['pass'] != $old_pass )
|
||||||
{
|
{
|
||||||
print "The provided current password is wrong\n";
|
print "The provided current password is wrong\n";
|
||||||
return 1;
|
return '';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -160,7 +171,7 @@ switch ( $action )
|
||||||
if ( !( $fp = fopen ( 'userlist.php', 'w' )))
|
if ( !( $fp = fopen ( 'userlist.php', 'w' )))
|
||||||
{
|
{
|
||||||
print "Unable to change the password for the specified user, unknown error\n";
|
print "Unable to change the password for the specified user, unknown error\n";
|
||||||
return 1;
|
return '';
|
||||||
}
|
}
|
||||||
|
|
||||||
fwrite ( $fp, "<?php\n\n\$xmlcontent = <<<XML\n" . $xml->asXML() . "\nXML;\n\n?>\n" );
|
fwrite ( $fp, "<?php\n\n\$xmlcontent = <<<XML\n" . $xml->asXML() . "\nXML;\n\n?>\n" );
|
||||||
|
@ -183,7 +194,28 @@ switch ( $action )
|
||||||
|
|
||||||
print getPerms ( $res );
|
print getPerms ( $res );
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case 'mkdir':
|
||||||
|
$dir = $_REQUEST['dir'];
|
||||||
|
|
||||||
|
if ( !$dir )
|
||||||
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
print __mkdir ( $dir, null );
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'rmdir':
|
||||||
|
$dir = $_REQUEST['dir'];
|
||||||
|
|
||||||
|
if ( !$dir )
|
||||||
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
print __rmdir ( $dir );
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
||||||
|
|
|
@ -63,8 +63,10 @@
|
||||||
"logout",
|
"logout",
|
||||||
"ls",
|
"ls",
|
||||||
"man",
|
"man",
|
||||||
|
"mkdir",
|
||||||
"passwd",
|
"passwd",
|
||||||
"pwd",
|
"pwd",
|
||||||
|
"rmdir",
|
||||||
"su",
|
"su",
|
||||||
"useradd",
|
"useradd",
|
||||||
"whoami"
|
"whoami"
|
||||||
|
|
|
@ -2,157 +2,38 @@
|
||||||
|
|
||||||
$files_json = <<<JSON
|
$files_json = <<<JSON
|
||||||
[
|
[
|
||||||
{
|
{"path": "/", "type": "directory", "can_read": "@all", "can_write": "root"}
|
||||||
"path" : "/",
|
, {"path": "/blog", "type": "directory"}
|
||||||
"type" : "directory",
|
, {"path": "/news", "type": "directory"}
|
||||||
"can_read" : "@all",
|
, {"path": "/forum", "type": "directory"}
|
||||||
"can_write" : "root"
|
, {"path": "/tutorials", "type": "directory"}
|
||||||
},
|
, {"path": "/software", "type": "directory"}
|
||||||
{
|
, {"path": "/etc", "type": "directory"}
|
||||||
"path" : "/blog",
|
, {"path": "/home", "type": "directory"}
|
||||||
"type" : "directory"
|
, {"path": "/home/guest", "type": "directory"}
|
||||||
},
|
, {"path": "/home/guest/mbox", "type": "file", "content": "No new mail"}
|
||||||
{
|
, {"path": "/google", "type": "file", "href": "http://www.google.com"}
|
||||||
"path" : "/news",
|
, {"path": "/blog/post1", "type": "file", "content": "This is my first post"}
|
||||||
"type" : "directory"
|
, {"path": "/blog/post2", "type": "file", "content": "This is my second post"}
|
||||||
},
|
, {"path": "/blog/post3", "type": "file", "content": "This is my third post"}
|
||||||
{
|
, {"path": "/etc/blashrc", "type": "file", "content": "This is the default blash configuration file"}
|
||||||
"path" : "/forum",
|
, {"path": "/forum/post1", "type": "file", "content": "lol"}
|
||||||
"type" : "directory"
|
, {"path": "/forum/post2", "type": "file", "content": "lol"}
|
||||||
},
|
, {"path": "/home/guest/.blashrc", "type": "file", "content": "Custom blash configuration file"}
|
||||||
{
|
, {"path": "/news/news1", "type": "file", "content": "Nothing new under the sun"}
|
||||||
"path" : "/tutorials",
|
, {"path": "/software/soft1", "type": "file", "href": "/software/soft1.tar.gz"}
|
||||||
"type" : "directory"
|
, {"path": "/software/soft2", "type": "file", "href": "/software/soft2.tar.gz"}
|
||||||
},
|
, {"path": "/software/soft3", "type": "file", "href": "/software/soft3.tar.gz"}
|
||||||
{
|
, {"path": "/tutorials/tut1", "type": "file", "href": "/software/tut1.pdf"}
|
||||||
"path" : "/software",
|
, {"path": "/tutorials/tut2", "type": "file", "href": "/software/tut2.pdf"}
|
||||||
"type" : "directory"
|
, {"path": "/github", "type": "file", "href": "https://github.com/BlackLight/blash"}
|
||||||
},
|
, {"path": "/aboutme", "type": "file", "content": "Luke, I am your father"}
|
||||||
{
|
, {"path": "/contacts", "type": "file", "content": "Contact me at spam@montypython.com"}
|
||||||
"path" : "/etc",
|
, {"path": "/irc", "type": "file", "content": "IRC channel at #thegame@irc.randomstuff.com"}
|
||||||
"type" : "directory"
|
, {"path": "/root", "type": "directory", "can_read": "root", "can_write": "root"}
|
||||||
},
|
, {"path": "/home/blacklight", "type": "directory", "owner": "blacklight", "can_read": "blacklight", "can_write": "blacklight"}
|
||||||
{
|
|
||||||
"path" : "/home",
|
|
||||||
"type" : "directory"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/home/guest",
|
|
||||||
"type" : "directory"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/home/guest/mbox",
|
|
||||||
"type" : "file",
|
|
||||||
"content" : "No new mail"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/home/blacklight",
|
|
||||||
"type" : "directory",
|
|
||||||
"can_read" : "blacklight",
|
|
||||||
"can_write" : "blacklight"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/home/blacklight/mbox",
|
|
||||||
"type" : "file",
|
|
||||||
"content" : "No new mail"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/google",
|
|
||||||
"type" : "file",
|
|
||||||
"href" : "http://www.google.com"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/blog/post1",
|
|
||||||
"type" : "file",
|
|
||||||
"content" : "This is my first post"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/blog/post2",
|
|
||||||
"type" : "file",
|
|
||||||
"content" : "This is my second post"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/blog/post3",
|
|
||||||
"type" : "file",
|
|
||||||
"content" : "This is my third post"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/etc/blashrc",
|
|
||||||
"type" : "file",
|
|
||||||
"content" : "This is the default blash configuration file"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/forum/post1",
|
|
||||||
"type" : "file",
|
|
||||||
"content" : "lol"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/forum/post2",
|
|
||||||
"type" : "file",
|
|
||||||
"content" : "lol"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/home/guest/.blashrc",
|
|
||||||
"type" : "file",
|
|
||||||
"content" : "Custom blash configuration file"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/news/news1",
|
|
||||||
"type" : "file",
|
|
||||||
"content" : "Nothing new under the sun"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/software/soft1",
|
|
||||||
"type" : "file",
|
|
||||||
"href" : "/software/soft1.tar.gz"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/software/soft2",
|
|
||||||
"type" : "file",
|
|
||||||
"href" : "/software/soft2.tar.gz"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/software/soft3",
|
|
||||||
"type" : "file",
|
|
||||||
"href" : "/software/soft3.tar.gz"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/tutorials/tut1",
|
|
||||||
"type" : "file",
|
|
||||||
"href" : "/software/tut1.pdf"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/tutorials/tut2",
|
|
||||||
"type" : "file",
|
|
||||||
"href" : "/software/tut2.pdf"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/github",
|
|
||||||
"type" : "file",
|
|
||||||
"href" : "https://github.com/BlackLight/blash"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/aboutme",
|
|
||||||
"type" : "file",
|
|
||||||
"content" : "Luke, I am your father"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/contacts",
|
|
||||||
"type" : "file",
|
|
||||||
"content" : "Contact me at spam@montypython.com"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/irc",
|
|
||||||
"type" : "file",
|
|
||||||
"content" : "IRC channel at #thegame@irc.randomstuff.com"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"path" : "/root",
|
|
||||||
"type" : "directory",
|
|
||||||
"can_read" : "root",
|
|
||||||
"can_write" : "root"
|
|
||||||
}
|
|
||||||
]
|
]
|
||||||
|
|
||||||
JSON;
|
JSON;
|
||||||
|
|
||||||
?>
|
?>
|
Loading…
Reference in a new issue