From: Martin G. <mge...@us...> - 2006-01-13 17:11:49
|
Update of /cvsroot/phpshell/phpshell In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15145 Modified Files: AUTHORS ChangeLog README phpshell.php Log Message: Imported PHP Shell version 1.6. Index: phpshell.php =================================================================== RCS file: /cvsroot/phpshell/phpshell/phpshell.php,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- phpshell.php 13 Jan 2006 16:58:45 -0000 1.1 +++ phpshell.php 13 Jan 2006 17:11:37 -0000 1.2 @@ -1,6 +1,6 @@ <?php -define('PHPSHELL_VERSION', '1.5'); +define('PHPSHELL_VERSION', '1.6'); /* @@ -133,8 +133,9 @@ <?php if (!empty($command)) { if ($stderr) { - $command .= " 1> /tmp/output.txt 2>&1; " . - "cat /tmp/output.txt; rm /tmp/output.txt"; + $tmpfile = tempnam('/tmp', 'phpshell'); + $command .= " 1> $tmpfile 2>&1; " . + "cat $tmpfile; rm $tmpfile"; } else if ($command == 'ls') { /* ls looks much better with ' -F', IMHO. */ $command .= ' -F'; Index: README =================================================================== RCS file: /cvsroot/phpshell/phpshell/README,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- README 13 Jan 2006 16:58:45 -0000 1.1 +++ README 13 Jan 2006 17:11:37 -0000 1.2 @@ -1,4 +1,4 @@ -README for PHP Shell +README for PHP Shell 1.6 Copyright (C) 2000 Martin Geisler <gim...@gi...> Licensed under the GNU GPL. See the file COPYING for details. Index: AUTHORS =================================================================== RCS file: /cvsroot/phpshell/phpshell/AUTHORS,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- AUTHORS 13 Jan 2006 16:58:45 -0000 1.1 +++ AUTHORS 13 Jan 2006 17:11:37 -0000 1.2 @@ -5,3 +5,6 @@ ri...@jo... Fixed a problem the list of directories, if one accessed the root-directory. + +Robert Niess <st...@i-...> + Made me aware of a security hole in the handling of stderr-trapping. Index: ChangeLog =================================================================== RCS file: /cvsroot/phpshell/phpshell/ChangeLog,v retrieving revision 1.1 retrieving revision 1.2 diff -u -d -r1.1 -r1.2 --- ChangeLog 13 Jan 2006 16:58:45 -0000 1.1 +++ ChangeLog 13 Jan 2006 17:11:37 -0000 1.2 @@ -0,0 +1,94 @@ +2002-03-23 Martin Geisler <gim...@gi...> + + * AUTHORS 1.2: Added a notice about Robert Niess <st...@i-...>. + + * phpshell.php 1.16: + Added a PHPSHELL_VERSION constant. Also, when using stderr-trapping, + we now use a unique filename as returned by tempnam() - Robert Niess + <st...@i-...> made me aware of this, thanks. + + * phpshell.php 1.15: Small changes in the layout. + + * phpshell.php 1.14: + Updated copyright statements - they were getting quite old :-) + + * README 1.7: + Added a tip from Jeremy Miller <JM...@ma...> about how to + use PHP Shell together with Sudo to execute code as another user. + +2001-12-10 Martin Geisler <gim...@gi...> + + * phpshell.php 1.13: + I found out that 'ls -F' produced better output than 'ls -p'. + + * README 1.6: Told people about the rewriting of 'ls' into 'ls -F' + + * phpshell.php 1.12: + You can now travel through the filesystem by using the normal 'cd' + command. If your command involves 'cd', it will be intercepted and the + current working directory will be changed accordingly. + + * README 1.5: Updated the documentation a bit. + +2001-02-11 Martin Geisler <gim...@gi...> + + * phpshell.php 1.11: + Another suggestion from Thomas Langen <la...@la...>: some + people can't use the .php extension, so now the script uses $PHP_SELF + instead. + + * phpshell.php 1.10: + Expanded all PHP start-tags (<?) to <?php, as suggested by Thomas + Langen <la...@la...>. + +2000-11-20 Martin Geisler <gim...@gi...> + + * AUTHORS 1.1: New file. + + * phpshell.php 1.9: + Applied a patch from ri...@jo... which fixed a problem with + accessing the root-directory. + +2000-09-24 Martin Geisler <gim...@gi...> + + * phpshell.php 1.8: Removed a debug-comment. + +2000-09-09 Martin Geisler <gim...@gi...> + + * README 1.4: Expanded the brief explanation at the top. + + * README 1.3: Ups, I forgot to make a description of sample.htaccess. + + * README 1.2: + Added a description of all the files found in the tarball. + + * INSTALL 1.2: Made BUGS lowercase. + + * sample.htaccess 1.1, INSTALL 1.1, README 1.1: New file. + + * phpshell.php 1.7: + Removed 'Martin Geisler' from the title, putting my name on the bottom + of the page ought to be enough :-) + +2000-08-06 Martin Geisler <gim...@gi...> + + * phpshell.php 1.6: + Added a link to gimpster.com at the bottom of the page + +2000-08-05 Martin Geisler <gim...@gi...> + + * phpshell.php 1.5: + Removed references to php3 - I now use php4 so all my files end with + just a '.php' + +2000-06-21 Martin Geisler <gim...@gi...> + + * phpshell.php 1.4: + Fix - there were still references to the old name: shell.php3. + + * phpshell.php 1.3: Workaround for stderr-trapping. Seams to work... + + * phpshell.php 1.2: Initial commit + + * phpshell.php 1.1: New file. + |