From fb0380f48203a11584773f3db335eaadd9cc6fdf Mon Sep 17 00:00:00 2001
From: Luke Shumaker <LukeShu@sbcglobal.net>
Date: Sun, 27 Nov 2011 11:23:55 -0500
Subject: This zip file was identified as ltshell-3.5.zip

---
 shell/exec.php | 38 +++++++++++++++++++++++++++++++-------
 1 file changed, 31 insertions(+), 7 deletions(-)

(limited to 'shell/exec.php')

diff --git a/shell/exec.php b/shell/exec.php
index f3dc8d1..b842ea8 100644
--- a/shell/exec.php
+++ b/shell/exec.php
@@ -6,6 +6,8 @@ function php_chdir($dir) {
 	return $ret;
 }
 
+abstract class prog { public static abstract function main($args, $env); }
+
 function php_exec($com, $cwd='') {
 	if ($cwd != '') { php_chdir($cwd); }
 	if ($com=='') { return 0; }
@@ -17,7 +19,7 @@ function php_exec($com, $cwd='') {
 
 	$env = array('IFS' => $ifs, 'PATH' => $path);
 
-	$coms = array();
+	$coms = array(); $stdout_dest = array();
 	$a = 0;
 	$c = 0;
 	$q = '';
@@ -37,22 +39,44 @@ function php_exec($com, $cwd='') {
 				$a++;
 			}
 		} elseif (substr_count (';',$char)!==0) {
-			$c++;
+			$stdout_dest[$c] = '/dev/stdout';
+			$c++; $a=0;
+		} elseif (substr_count ('|',$char)!==0) {
+			$stdout_dest[$c] = '/dev/stdin';
+			$c++; $a=0;
 		} else {
 			$coms[$c][$a].=$char;
 		}
 	}
+	if (!isset($stdout_dest[$c])) {
+		$stdout_dest[$c] = '/dev/stdout';
+	}
 	
 	$ret=0;
-	foreach ($coms as $args) {
-		$file=$path.'/'.$args[0].'.php';
-		if (file_exists($file)) {
-			include($file);
-			$ret = main($args,$env);
+	if (!isset($_POST['stdin'])) { $_POST['stdin']=''; }
+	foreach ($coms as $key => $args) {
+		if ($stdout_dest[$key] != '/dev/stdout') {
+			ob_start();
+		}
+		if (!class_exists('p_'.$args[0])) {
+			$file=$path.'/'.$args[0].'.php';
+			if (file_exists($file)) {
+				include($file);
+			}
+		}
+		if (class_exists('p_'.$args[0])) {
+			$ret = call_user_func(array('p_'.$args[0],'main'),$args,$env);//main($args,$env);
 		} else {
 			echo 'sh: command not found: `'.$args[0]."'\n";
 			$ret = 1;
 		}
+		if ($stdout_dest[$key] != '/dev/stdout') {
+			switch ($stdout_dest[$key]) {
+				case '/dev/stdin': $_POST['stdin']=ob_get_contents(); break;
+				default: file_put_contents($stdout_dest[$key],ob_get_contents()); break;
+			}
+			ob_end_clean();
+		}
 	}
 	return $ret;
 }
-- 
cgit v1.2.3