-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathWEBCOMMAND
80 lines (66 loc) · 2.48 KB
/
WEBCOMMAND
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
SUBROUTINE WEBCOMMAND
* A standard default message for web
*$Copyright (c) 2010 TO 2012 to 2008 [email protected], All Rights Reserved
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2, or (at your option)
* any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* Written by Mike Ryder @pwchest.com 16 March 2012
$CATALOG
$MODE UV.LOCATE
$INCLUDE I_WEBCOMMON
THE.TITLE = "Web Command Line"
METHOD = 'POST'
RESPONSE$NAME = 'webcommand'
CMD = HTTP$DATA<2,1>
* print the html header
PRINT "Content-Type: text/html"
PRINT
* now send the document
PRINT '<!doctype html>'
PRINT '<html>'
PRINT '<head><TITLE>':THE.TITLE:'</TITLE></head>'
PRINT '<body bgcolor="#F7FFCE" text="#000000" link="#0000FF" vlink="#FF00FF" background="">'
PRINT '<h2 align=center><font face="arial" color="#666666">':THE.TITLE:'</h2>'
PRINT '<P>'
PRINT '<form action=':DQUOTE(RESPONSE$NAME):' enctype="application/x-www-form-urlencoded" method=':DQUOTE(METHOD):'>'
PRINT '<fieldset>'
PRINT '<legend>User Command Line</legend>'
PRINT '<table>'
PRINT '<tr>'
PRINT '<td><input type="submit" value="send"></td>'
PRINT '<td><input id="TclEntry" type="text" name="Command" size=140 value="" autofocus="autofocus"></td>'
PRINT '</tr>'
PRINT '</table>'
PRINT '</fieldset>'
PRINT '</form>'
BEGIN CASE
CASE UPCASE(CMD) = 'TOP'
CMD = 'sh top -b -n 1'
CASE UPCASE(CMD[1,3]) = 'SH ' OR CMD[1,1] = '!'
* you cannot execute shell command here baby!
CMD = "DISPLAY command not allowed - nice try X"
END CASE
IF CMD THEN
PRINT '<fieldset>'
PRINT '<legend>':CMD:'</legend>'
PRINT '<pre>'
* deal with the command *
* this is very dangerous! You can do ANYTHING *
EXECUTE CMD CAPTURING REPLY
CONVERT LF:CR TO FM:FM IN REPLY
N.REPLY = DCOUNT(REPLY,FM)
FOR J = 1 TO N.REPLY
V = REPLY<J>
PRINT XMLENCODE(V)
NEXT J
PRINT '</pre></fieldset>'
END
PRINT '</body></html>'
RETURN
******
END