Update of /cvsroot/phpshell/phpshell
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15145

Modified Files:
        AUTHORS ChangeLog README phpshell.php 
Log Message:
Imported PHP Shell version 1.6.

Index: phpshell.php
===================================================================
RCS file: /cvsroot/phpshell/phpshell/phpshell.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- phpshell.php        13 Jan 2006 16:58:45 -0000      1.1
+++ phpshell.php        13 Jan 2006 17:11:37 -0000      1.2
@@ -1,6 +1,6 @@
 <?php
 
-define('PHPSHELL_VERSION', '1.5');
+define('PHPSHELL_VERSION', '1.6');
 
 /*
 
@@ -133,8 +133,9 @@
 <?php
 if (!empty($command)) {
   if ($stderr) {
-    $command .= " 1> /tmp/output.txt 2>&1; " .
-    "cat /tmp/output.txt; rm /tmp/output.txt";
+    $tmpfile = tempnam('/tmp', 'phpshell');
+    $command .= " 1> $tmpfile 2>&1; " .
+    "cat $tmpfile; rm $tmpfile";
   } else if ($command == 'ls') {
     /* ls looks much better with ' -F', IMHO. */
     $command .= ' -F';

Index: README
===================================================================
RCS file: /cvsroot/phpshell/phpshell/README,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- README      13 Jan 2006 16:58:45 -0000      1.1
+++ README      13 Jan 2006 17:11:37 -0000      1.2
@@ -1,4 +1,4 @@
-README for PHP Shell
+README for PHP Shell 1.6
 Copyright (C) 2000 Martin Geisler <[EMAIL PROTECTED]>
 Licensed under the GNU GPL. See the file COPYING for details.
 

Index: AUTHORS
===================================================================
RCS file: /cvsroot/phpshell/phpshell/AUTHORS,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- AUTHORS     13 Jan 2006 16:58:45 -0000      1.1
+++ AUTHORS     13 Jan 2006 17:11:37 -0000      1.2
@@ -5,3 +5,6 @@
 [EMAIL PROTECTED]
   Fixed a problem the list of directories, if one accessed the
   root-directory.
+
+Robert Niess <[EMAIL PROTECTED]>
+  Made me aware of a security hole in the handling of stderr-trapping.

Index: ChangeLog
===================================================================
RCS file: /cvsroot/phpshell/phpshell/ChangeLog,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- ChangeLog   13 Jan 2006 16:58:45 -0000      1.1
+++ ChangeLog   13 Jan 2006 17:11:37 -0000      1.2
@@ -0,0 +1,94 @@
+2002-03-23  Martin Geisler  <[EMAIL PROTECTED]>
+
+       * AUTHORS 1.2: Added a notice about Robert Niess <[EMAIL PROTECTED]>.
+
+       * phpshell.php 1.16:
+       Added a PHPSHELL_VERSION constant. Also, when using stderr-trapping,
+       we now use a unique filename as returned by tempnam() - Robert Niess
+       <[EMAIL PROTECTED]> made me aware of this, thanks.
+
+       * phpshell.php 1.15: Small changes in the layout.
+
+       * phpshell.php 1.14:
+       Updated copyright statements - they were getting quite old :-)
+
+       * README 1.7:
+       Added a tip from Jeremy Miller <[EMAIL PROTECTED]> about how to
+       use PHP Shell together with Sudo to execute code as another user.
+
+2001-12-10  Martin Geisler  <[EMAIL PROTECTED]>
+
+       * phpshell.php 1.13:
+       I found out that 'ls -F' produced better output than 'ls -p'.
+
+       * README 1.6: Told people about the rewriting of 'ls' into 'ls -F'
+
+       * phpshell.php 1.12:
+       You can now travel through the filesystem by using the normal 'cd'
+       command. If your command involves 'cd', it will be intercepted and the
+       current working directory will be changed accordingly.
+
+       * README 1.5: Updated the documentation a bit.
+
+2001-02-11  Martin Geisler  <[EMAIL PROTECTED]>
+
+       * phpshell.php 1.11:
+       Another suggestion from Thomas Langen <[EMAIL PROTECTED]>: some
+       people can't use the .php extension, so now the script uses $PHP_SELF
+       instead.
+
+       * phpshell.php 1.10:
+       Expanded all PHP start-tags (<?) to <?php, as suggested by Thomas
+       Langen <[EMAIL PROTECTED]>.
+
+2000-11-20  Martin Geisler  <[EMAIL PROTECTED]>
+
+       * AUTHORS 1.1: New file.
+
+       * phpshell.php 1.9:
+       Applied a patch from [EMAIL PROTECTED] which fixed a problem with
+       accessing the root-directory.
+
+2000-09-24  Martin Geisler  <[EMAIL PROTECTED]>
+
+       * phpshell.php 1.8: Removed a debug-comment.
+
+2000-09-09  Martin Geisler  <[EMAIL PROTECTED]>
+
+       * README 1.4: Expanded the brief explanation at the top.
+
+       * README 1.3: Ups, I forgot to make a description of sample.htaccess.
+
+       * README 1.2:
+       Added a description of all the files found in the tarball.
+
+       * INSTALL 1.2: Made BUGS lowercase.
+
+       * sample.htaccess 1.1, INSTALL 1.1, README 1.1: New file.
+
+       * phpshell.php 1.7:
+       Removed 'Martin Geisler' from the title, putting my name on the bottom
+       of the page ought to be enough :-)
+
+2000-08-06  Martin Geisler  <[EMAIL PROTECTED]>
+
+       * phpshell.php 1.6:
+       Added a link to gimpster.com at the bottom of the page
+
+2000-08-05  Martin Geisler  <[EMAIL PROTECTED]>
+
+       * phpshell.php 1.5:
+       Removed references to php3 - I now use php4 so all my files end with
+       just a '.php'
+
+2000-06-21  Martin Geisler  <[EMAIL PROTECTED]>
+
+       * phpshell.php 1.4:
+       Fix - there were still references to the old name: shell.php3.
+
+       * phpshell.php 1.3: Workaround for stderr-trapping. Seams to work...
+
+       * phpshell.php 1.2: Initial commit
+
+       * phpshell.php 1.1: New file.
+



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
phpshell-commits mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/phpshell-commits

Reply via email to