<?php// WebSVN - Subversion repository viewing via the web using PHP// Copyright (C) 2004-2006 Tim Armes//// This program is free software; you can redistribute it and/or modify// it under the terms of the GNU General Public License as published by// the Free Software Foundation; either version 2 of the License, or// (at your option) any later version.//// This program is distributed in the hope that it will be useful,// but WITHOUT ANY WARRANTY; without even the implied warranty of// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the// GNU General Public License for more details.//// You should have received a copy of the GNU General Public License// along with this program; if not, write to the Free Software// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA//// --//// command.php//// External command handlingfunction detectCharacterEncoding($str) {$list = array('UTF-8', 'ISO-8859-1', 'windows-1252');if (function_exists('mb_detect_encoding')) {foreach ($list as $item) {if (mb_check_encoding($str, $item)) return $item;}} else if (function_exists('iconv')) {foreach ($list as $item) {$encstr = iconv($item, $item.'//TRANSLIT//IGNORE', $str);if (md5($encstr) == md5($str)) return $item;}}return null;}// {{{ toOutputEncodingfunction toOutputEncoding($str) {$enc = detectCharacterEncoding($str);if ($enc !== null && function_exists('mb_convert_encoding')) {$str = mb_convert_encoding($str, 'UTF-8', $enc);} else if ($enc !== null && function_exists('iconv')) {$str = iconv($enc, 'UTF-8//TRANSLIT//IGNORE', $str);} else {// @see http://w3.org/International/questions/qa-forms-utf-8.html$isUtf8 = preg_match('%^(?:[\x09\x0A\x0D\x20-\x7E] # ASCII| [\xC2-\xDF][\x80-\xBF] # non-overlong 2-byte| \xE0[\xA0-\xBF][\x80-\xBF] # excluding overlongs| [\xE1-\xEC\xEE\xEF][\x80-\xBF]{2} # straight 3-byte| \xED[\x80-\x9F][\x80-\xBF] # excluding surrogates| \xF0[\x90-\xBF][\x80-\xBF]{2} # planes 1-3| [\xF1-\xF3][\x80-\xBF]{3} # planes 4-15| \xF4[\x80-\x8F][\x80-\xBF]{2} # plane 16)*$%xs', $str);if (!$isUtf8) $str = utf8_encode($str);}return $str;}// }}}// {{{ escape//// Escape a string to outputfunction escape($str) {$entities = array();$entities['&'] = '&';$entities['<'] = '<';$entities['>'] = '>';$entities['"'] = '"';$entities['\''] = ''';return str_replace(array_keys($entities), array_values($entities), $str ?? '');}// }}}// {{{ execCommandfunction execCommand($cmd, &$retcode) {return @exec($cmd, $tmp, $retcode);}// }}}// {{{ popenCommandfunction popenCommand($cmd, $mode) {return popen($cmd, $mode);}// }}}// {{{ passthruCommandfunction passthruCommand($cmd) {return passthru($cmd);}// }}}// {{{ runCommandfunction runCommand($cmd, $mayReturnNothing = false, &$errorIf = 'NOT_USED') {global $config, $lang;$output = array();$error = '';$opts = null;// https://github.com/websvnphp/websvn/issues/75// https://github.com/websvnphp/websvn/issues/78if ($config->serverIsWindows) {if (!strpos($cmd, '>') && !strpos($cmd, '|')) {$opts = array('bypass_shell' => true);} else {$cmd = '"'.$cmd.'"';}}$descriptorspec = array(0 => array('pipe', 'r'), 1 => array('pipe', 'w'), 2 => array('pipe', 'w'));$resource = proc_open($cmd, $descriptorspec, $pipes, null, null, $opts);if (!is_resource($resource)) {echo '<p>'.$lang['BADCMD'].': <code>'.stripCredentialsFromCommand($cmd).'</code></p>';exit;}$handle = $pipes[1];$firstline = true;while (!feof($handle)) {$line = rtrim(fgets($handle), "\n\r");if ($firstline && empty($line) && !$mayReturnNothing) {$error = 'No output on STDOUT.';break;}$firstline = false;$output[] = toOutputEncoding($line);}while (!feof($pipes[2])) {$error .= fgets($pipes[2]);}$error = toOutputEncoding(trim($error));fclose($pipes[0]);fclose($pipes[1]);fclose($pipes[2]);proc_close($resource);# Some commands are expected to return no output, but warnings on STDERR.if ((count($output) > 0) || $mayReturnNothing) {return $output;}if ($errorIf != 'NOT_USED') {$errorIf = $error;return $output;}echo '<p>'.$lang['BADCMD'].': <code>'.stripCredentialsFromCommand($cmd).'</code></p>';echo '<p>'.nl2br($error).'</p>';exit;}// }}}function stripCredentialsFromCommand($cmd) {global $config;$quotingChar = ($config->serverIsWindows ? '"' : "'");$quotedString = $quotingChar.'([^'.$quotingChar.'\\\\]*(\\\\.[^'.$quotingChar.'\\\\]*)*)'.$quotingChar;$patterns = array('|--username '.$quotedString.' |U', '|--password '.$quotedString.' |U');$replacements = array('--username '.quote('***').' ', '--password '.quote('***').' ');$cmd = preg_replace($patterns, $replacements, $cmd, 1);return $cmd;}// {{{ quote//// Quote a string to send to the command linefunction quote($str) {global $config;if ($config->serverIsWindows) {return '"'.$str.'"';} else {return escapeshellarg($str);}}// }}}