forked from zakima/phpagi
-
Notifications
You must be signed in to change notification settings - Fork 0
/
phpagi-fastagi.php
executable file
·76 lines (64 loc) · 2.31 KB
/
phpagi-fastagi.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
#!/usr/local/bin/php -q
<?php
use mdc\phpagi\AGI;
/**
* phpagi-fastagi.php : PHP FastAGI bootstrap
*
* @see https://github.com/welltime/phpagi
* @filesource http://phpagi.sourceforge.net/
*
* $Id: phpagi-fastagi.php,v 1.2 2005/05/25 18:43:48 pinhole Exp $
*
* Copyright (c) 2004, 2005 Matthew Asham <[email protected]>, David Eder <[email protected]>
* All Rights Reserved.
*
* This software is released under the terms of the GNU Lesser General Public License v2.1
* A copy of which is available from http://www.gnu.org/copyleft/lesser.html
*
* We would be happy to list your phpagi based application on the phpagi
* website. Drop me an Email if you'd like us to list your program.
*
* @package phpAGI
* @version 2.0
* @example docs/fastagi.xinetd Example xinetd config file
*/
/**
* Written for PHP 4.3.4, should work with older PHP 4.x versions.
* Please submit bug reports, patches, etc to https://github.com/welltime/phpagi
*/
require_once 'vendor/autoload.php';
$fastagi = new AGI();
$fastagi->verbose(print_r($fastagi, true));
if (! isset($fastagi->config['fastagi']['basedir']))
$fastagi->config['fastagi']['basedir'] = dirname(__FILE__);
// perform some security checks
$script = $fastagi->config['fastagi']['basedir'] . DIRECTORY_SEPARATOR .
$fastagi->request['agi_network_script'];
// in the same directory (or subdirectory)
$mydir = dirname($fastagi->config['fastagi']['basedir']) . DIRECTORY_SEPARATOR;
$dir = dirname($script) . DIRECTORY_SEPARATOR;
if (substr($dir, 0, strlen($mydir)) != $mydir) {
$fastagi->conlog("$script is not allowed to execute.");
exit();
}
// make sure it exists
if (! file_exists($script)) {
$fastagi->conlog("$script does not exist.");
exit();
}
// drop privileges
if (isset($fastagi->config['fastagi']['setuid']) && $fastagi->config['fastagi']['setuid']) {
$owner = fileowner($script);
$group = filegroup($script);
if (! posix_setgid($group) || ! posix_setegid($group) || ! posix_setuid($owner) ||
! posix_seteuid($owner)) {
$fastagi->conlog("failed to lower privileges.");
exit();
}
}
// make sure script is still readable
if (! is_readable($script)) {
$fastagi->conlog("$script is not readable.");
exit();
}
require_once ($script);