dolibarr  x.y.z
test_exec.php
1 <?php
2 if (!defined('NOREQUIREUSER')) {
3  define('NOREQUIREUSER', '1');
4 }
5 if (!defined('NOREQUIREDB')) {
6  define('NOREQUIREDB', '1');
7 }
8 if (!defined('NOREQUIRESOC')) {
9  define('NOREQUIRESOC', '1');
10 }
11 if (!defined('NOREQUIRETRAN')) {
12  define('NOREQUIRETRAN', '1');
13 }
14 if (!defined('NOSTYLECHECK')) {
15  define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data
16 }
17 if (!defined('NOREQUIREMENU')) {
18  define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu
19 }
20 if (!defined('NOREQUIREHTML')) {
21  define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php
22 }
23 if (!defined('NOREQUIREAJAX')) {
24  define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library
25 }
26 if (!defined("NOLOGIN")) {
27  define("NOLOGIN", '1'); // If this page is public (can be called outside logged session)
28 }
29 // If you don't need session management (can't be logged if no session used). You must also set
30 // NOCSRFCHECK, NOTOKENRENEWAL, NOLOGIN
31 // Disable module with GETPOST('disablemodules') won't work. Variable 'dol_...' will not be set.
32 // $_SESSION are then simple vars if sessions are not active.
33 // TODO We can close session with session_write_close() as soon as we just need read access everywhere in code.
34 if (!defined("NOSESSION")) {
35  define("NOSESSION", '1');
36 }
37 
38 // Load Dolibarr environment
39 require '../../main.inc.php';
40 
41 // Security
42 if ($dolibarr_main_prod) {
43  accessforbidden('Access forbidden when $dolibarr_main_prod is set to 1');
44 }
45 
46 
47 /*
48  * View
49  */
50 
51 header("Content-type: text/html; charset=UTF8");
52 
53 // Security options
54 header("X-Content-Type-Options: nosniff"); // With the nosniff option, if the server says the content is text/html, the browser will render it as text/html (note that most browsers now force this option to on)
55 header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks)
56 
57 print "*** TEST READ OF /tmp/test.txt FILE<br>\n";
58 
59 $out='';
60 $ret=0;
61 
62 $file = '/tmp/test.txt';
63 $f=fopen($file, 'r');
64 if ($f) {
65  $s=fread($f, 4096);
66  print $s;
67  fclose($f);
68 } else {
69  print "Failed to open file ".$file."<br>\n";
70 }
71 
72 print '<br><br>'."\n";
73 
74 
75 print "*** TEST READ OF /test.txt FILE AND LS /dev/std*<br>\n";
76 
77 exec('cat /test.txt; ls /dev/std*; sleep 1;', $out, $ret);
78 print "ret=".$ret."<br>\n";
79 print_r($out);
80 print '<br>';
81 
82 print '<br><br>'."\n";
83 
84 
85 print "*** TRY TO RUN CLAMDSCAN<br>\n";
86 
87 $ret = 0;
88 $out = null;
89 exec('/usr/bin/clamdscan --fdpass filethatdoesnotexists.php', $out, $ret);
90 print "ret=".$ret."<br>\n";
91 print_r($out);
accessforbidden
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.
Definition: security.lib.php:1084
Generated on Wed Jan 4 2023 18:05:32 for dolibarr by Doxygen 1.9.1