function auth($user, $pass, $args) { $host = access_query("authpgsqlhost", 0); $dbuser = access_query("authpgsqluser", 0); $dbpass = access_query("authpgsqlpass", 0); $dbname = access_query("authpgsqldb", 0); $tbname = access_query("authpgsqltable", 0); $lname = access_query("authpgsqllogincolumn", 0); $pname = access_query("authpgsqlpasscolumn", 0); $ps = trim($pass); switch (strtolower(access_query("authpgsqlpasstype", 0))) { case "md5": $pstr = md5($ps); break; case "plain": default: $pstr = $ps; } if (is_callable("pg_connect")) { if ($cid = @pg_connect("host={$host} user={$dbuser} password={$dbpass} dbname={$dbname}")) { if ($q = @pg_query($cid, "SELECT * FROM {$tbname} WHERE {$lname} = '{$user}' AND {$pname} = '{$pstr}'")) { $r = pg_num_rows($q); pg_free_result($q); $auth = $r > 0; } else { techo("WARN: mod_auth_pgsql could not fetch '{$lname}' and '{$pname}' from table '{$tbname}'", NW_EL_WARNING); } } else { techo("WARN: mod_auth_pgsql could not connect to database '{$dbname}@{$host}'", NW_EL_WARNING); } } else { techo("WARN: postgresql extension not built in your PHP binary", NW_EL_WARNING); } return $auth; }
function auth($user, $pass, $args) { if ($this->ldapless_php) { return false; } else { if ($ldsrvs = access_query("authldapserver")) { foreach ($ldsrvs as $ld_srv) { if ($ld_cid = ldap_connect($ld_srv)) { break; } } if (!$ld_cid) { techo("WARN: mod_auth_ldap: unable to connect to server(s)", NW_EL_WARNING); return false; } } else { techo("WARN: mod_auth_ldap: no AuthLDAPServer specified", NW_EL_WARNING); ldap_close($ld_cid); return false; } } $ld_dn = access_query("authldapbinddn", 0); $eu = explode("@", $user); $ld_dn = str_replace("%AUTH_USER%", $user, $ld_dn); $ld_dn = str_replace("%AUTH_USER_U%", $eu[0], $ld_dn); $ld_dn = str_replace("%AUTH_USER_D%", $eu[1], $ld_dn); if ($ld_bind = ldap_bind($ld_cid, $ld_dn, $pass)) { if ($ld_filter = access_query("authldapmatchfilter", 0)) { if ($ld_q = ldap_search($ld_cid, $ld_dn, $ld_filter)) { if ($a = ldap_count_entries($ld_cid, $ld_q)) { ldap_close($ld_cid); return true; } else { ldap_close($ld_cid); return false; } } else { ldap_close($ld_cid); return false; } } else { ldap_close($ld_cid); return true; } } else { ldap_close($ld_cid); return false; } }
function main() { global $conf, $rq_err, $mypid; if (in_array($rq_err, access_query("debugerror"))) { $fn = $conf["global"]["tempdirectory"][0] . "/nwdebug." . (int) $mypid; $s = date("Ymd-His") . " - nanoweb debug session -----------------------\n"; $s .= $this->sprint_r($GLOBALS); $s .= date("Ymd-His") . "------------------------------------------------\n\n"; if ($f = @fopen($fn, "a")) { fwrite($f, $s); fclose($f); } else { techo("WARN: mod_debug was unable to open {$fn} for writing"); } } }
function log_hit($vhost, $remote_host, $remote_ip, $logged_user, $http_request, $rq_err, $sent_content_length, $http_referer, $http_user_agent) { global $conf; $logline = $remote_host . " - " . ($logged_user && $logged_user != " " ? $logged_user : "******") . " [" . date("d/M/Y:H:i:s O") . "] \"" . mod_stdlog::log_strfilter($http_request) . "\" " . $rq_err . " " . (int) $sent_content_length; switch (strtolower($conf[$vhost]["logtype"][0])) { case "common": case "clf": $logline .= "\n"; break; case "common-with-vhost": case "clf-vhost": $logline = $vhost . " " . $logline . "\n"; break; case "combined": default: $logline .= " \"" . ($http_referer ? mod_stdlog::log_strfilter($http_referer) : "-") . "\" \"" . ($http_user_agent ? mod_stdlog::log_strfilter($http_user_agent) : "-") . "\"\n"; break; } $srv_logline = "[" . $vhost . "] " . $logline; if ($conf["global"]["loghitstoconsole"][0] && !$GLOBALS["quiet"]) { echo $srv_logline; } log_srv($srv_logline, NW_EL_HIT); $fdir = $conf[$vhost]["logdir"][0]; if ($fn_ar = $conf[$vhost]["log"]) { foreach ($fn_ar as $fname) { if ($GLOBALS["os"] == "unix" ? $fname[0] == "/" : $fname[0] == "\\" || $fname[1] == ":") { $lfn = $fname; } else { $lfn = $fdir . DIRECTORY_SEPARATOR . $fname; } if ($lf = @fopen($lfn, NW_BSAFE_APP_OPEN)) { fputs($lf, $logline); fclose($lf); } else { techo("WARN: unable to write to log file '" . $lfn . "'", NW_EL_WARNING); } } } }
function parser_open($args, $filename, $rq_err, $cgi_headers) { $f = fopen($filename, NW_BSAFE_READ_OPEN); $content = fread($f, filesize($filename)); fclose($f); while (($p1 = strpos($content, "<!--#")) !== false) { $s = substr($content, $p1 + 5); if (!($p2 = strpos($s, "-->"))) { techo("WARN: SSI parse error in " . $filename, NW_EL_WARNING); $rq_err = 500; } $s = trim(substr($s, 0, $p2)); $tmp = explode("=", $s); if (count($tmp) != 2) { techo("WARN: SSI parse error in " . $filename, NW_EL_WARNING); $rq_err = 500; } $cmd = strtolower(trim($tmp[0])); $arg = trim($tmp[1], " \""); switch ($cmd) { case "include virtual": $ext = strstr($arg, "."); $tmp = loadfile($docroot . $arg, substr($ext, 1), $rq_err, $add_headers); $repl = $tmp->parser_get_output(); $tmp->parser_close(); break; case "include file": $ext = strstr($arg, "."); $tmp = loadfile("./" . $arg, substr($ext, 1), $rq_err, $add_headers); $repl = $tmp->parser_get_output(); $tmp->parser_close(); break; case "exec cmd": $repl = `{$arg}`; break; } $content = substr($content, 0, $p1) . $repl . substr($content, $p1 + $p2 + 8); } $this->parsed_content = $content; }
function auth($user, $pass, $args) { $r = $db_pw = false; $dsn = access_query("authanydb", 0); $col_login = access_query("authanydblogincolumn", 0) or $col_login = "******"; $col_pass = access_query("authanydbpasswordcolumn", 0) or $col_pass = "******"; $desc = parse_url($dsn); $desc["database"] = strtok($desc["path"], "/"); $table = strtok("/"); $dsn = substr($dsn, 0, strrpos($dsn, "/")); if (function_exists("newadoconnection") && ($db = NewAdoConnection($desc["scheme"])) && $db->connect($desc["host"], $desc["user"], $desc["pass"], $desc["database"])) { $user = $db->qstr($user); $SQL = "SELECT {$col_pass} FROM {$table} WHERE {$col_login}={$user}"; if ($row = $db->GetRow($SQL)) { $db_pw = $row[0]; } $db->Close(); } elseif (class_exists("DB")) { $db = DB::connect($dsn); $user = $db->quoteString($user); $SQL = "SELECT {$col_pass} FROM {$table} WHERE {$col_login}='{$user}'"; if ($row = $db->getRow($SQL)) { $db_pw = $row[0]; } } elseif (function_exists("dbx_connect") && ($db = dbx_connect($desc["scheme"], $desc["host"], $desc["database"], $desc["user"], $desc["pass"]))) { $user = dbx_escape_string($db, $user); $SQL = "SELECT {$col_pass} FROM {$table} WHERE {$col_login}='{$user}'"; if ($result = dbx_query($db, $SQL)) { $db_pw = $result->data[0][0]; } dbx_close($db); } else { techo("mod_auth_anydb: no database interface used (db auth problem?)", NW_EL_WARNING); return $r = false; } $r = strlen($db_pw) && strlen($pass) && ($db_pw == $pass or $db_pw == crypt($pass, substr($db_pw, 0, 2)) or $db_pw == md5($pass)); return $r; }
function auth($user, $pass, $args) { $host = access_query("authmysqlhost", 0); $dbuser = access_query("authmysqluser", 0); $dbpass = access_query("authmysqlpass", 0); $dbname = access_query("authmysqldb", 0); $tbname = access_query("authmysqltable", 0); $lname = access_query("authmysqllogincolumn", 0); $pname = access_query("authmysqlpasscolumn", 0); $ps = "'" . addslashes($pass) . "'"; switch (strtolower(access_query("authmysqlpasstype", 0))) { case "crypt": $pstr = "encrypt(" . $ps . ")"; break; case "md5": $pstr = "md5(" . $ps . ")"; break; case "mysql": $pstr = "password(" . $ps . ")"; break; case "plain": default: $pstr = $ps; } if ($cid = @mysql_pconnect($host, $dbuser, $dbpass)) { mysql_select_db($dbname, $cid); if ($q = @mysql_query("select 1 from " . $tbname . " where " . $lname . "='" . addslashes($user) . "' and " . $pname . "=" . $pstr)) { $r = mysql_num_rows($q); mysql_free_result($q); $auth = $r > 0; } else { techo("WARN: mod_auth_mysql could not fetch '{$lname}' and '{$pname}' from table '{$tbname}'", NW_EL_WARNING); } } else { techo("WARN: mod_auth_mysql could not connect to database '{$dbname}@{$host}'", NW_EL_WARNING); } return $auth; }
function rewrite($act_path, &$sub_path) { global $conf, $http_uri, $docroot, $pri_redir, $rq_err, $pri_err, $add_errmsg, $query_string, $out_add_headers; if (@$conf["global"]["reflectrewriting"][0]) { global $real_uri; } // get rules for actual directory $rules = $this->read_rules("{$docroot}{$act_path}"); #echo "ACT/SUB == $act_path / $sub_path\n"; for ($r_no = 0; $r_no < count($rules); $r_no++) { list($r_regex, $r_replacement, $r_eval, $r_flags) = $rules[$r_no]; $r_posteval = ''; $r_negate = $f_flags & NW_R_NEGATE ? 1 : 0; // ======================================== RewriteRule =========== if ($r_flags ^ NW_R_COND) { // replaces %N's and $N's from last Rules/Conds $this->backreferences($r_regex, 1); $this->backreferences($r_replacement, 0); if ($r_flags & NW_R_FORCED || ($r_negate xor preg_match($r_regex, $sub_path, $this->last_rule))) { techo("TRUERULE preg_replace(\"{$r_regex}\", \"{$r_replacement}\", \"{$sub_path}\");", NW_EL_DEBUG); if (!$r_negate) { $sub_path = preg_replace($r_regex, $r_replacement, $sub_path); } if (!empty($r_eval)) { eval($r_eval); } // did the rule add an querystring? if (preg_match('/[?]/', $sub_path)) { list($sub_path, $appended_querystring) = explode('?', $sub_path); $query_string = @$QSA . $appended_querystring; $QSA = ""; } // which nanoweb variable to put the new uri if ($sub_path[0] == "/") { $real_uri = $http_uri = $sub_path; $this->act = 0; } elseif (substr($sub_path, 0, 7) == "http://") { $pri_redir = $sub_path; $this->last = 255; } else { $real_uri = $http_uri = ($act_path ? "{$act_path}/" : "") . $sub_path; } $this->new_parts(); // collapse .. and . in path if (!empty($r_posteval)) { eval($r_posteval); } } elseif ($r_flags & NW_R_CHAIN) { //-- on mismatch+chain skip next rules while ($rules[$r_no][3] & NW_R_CHAIN && !($rules[$r_no][3] & NW_R_COND)) { $r_no++; } } } else { techo("TRUECONDITION({$r_regex}, {$r_replacement})", NW_EL_DEBUG); // replace $N's and %N's from last Rules/Conds $this->backreferences($r_regex, 1); $this->backreferences($r_replacement, 1); $cond_forced = false && $r_flags ^ NW_R_FORCED; $cond_or = $r_flags & NW_R_CHAIN; $r_condpattern = trim(preg_replace('/[a-z]+$/', '', $r_replacement), ""); if (preg_match('/^(-[dfslFU])$/', $r_condpattern, $uu)) { $filename = "{$docroot}{$actpath}/{$r_regex}"; switch (strtolower($uu[1])) { case "-u": $cond_match = "" != implode("", file($r_regex)); break; case "-s": $cond_match = filesize($filename) > 0; break; case "-d": $cond_match = is_dir($filename); break; case "-l": $cond_match = is_link($filename); break; default: $cond_match = file_exists($filename); } } elseif (preg_match('/^([<>=])(.+)$/', $r_condpattern, $uu)) { if ($uu[2] == '""') { $uu[2] = ""; } // make really empty switch ($uu[1]) { case "<": $cond_match = $r_regex < $uu[2]; break; case ">": $cond_match = $r_regex > $uu[2]; break; default: $cond_match = $r_regex == $uu[2]; } } else { $cond_match = preg_match($r_replacement, $r_regex, $this->last_cond); } $cond_match = $cond_forced or $cond_match xor $r_negate; // skip following RewriteConds + RewriteRule if (!$cond_match && !$cond_or) { while ($rules[$r_no][3] & NW_R_COND && !($rules[$r_no][3] & NW_R_CHAIN)) { $r_no++; // skip RewriteCond } if (!($rules[$r_no][3] & NW_R_COND)) { do { $r_no++; // skip RewriteRules in chain } while ($rules[$r_no - 1][3] & NW_R_CHAIN && !($rules[$r_no][3] & NW_R_COND)); } $r_no--; // correcting, loop also counts up this var } } if ($this->last) { break; } } #--foreach(rule) }
function parser_get_output() { if (!$this->peof && !$this->parsed_output) { $tmpp = $this->decode_fcgi_packet($packet = fread($this->sck, 8)); $tl = $tmpp["length"] % 8; $tadd = $tl ? 8 - $tl : 0; $resp = $this->decode_fcgi_packet($packet . fread($this->sck, $tmpp["length"] + $tadd)); if ($valid_pck = $resp["type"] == FCGI_STDOUT || $resp["type"] == FCGI_STDERR) { $content .= $resp["content"]; } else { $this->peof = true; } if ($resp["type"] == FCGI_STDERR) { techo("WARN: mod_fcgi: app server returned error : '" . $resp["content"] . "'", NW_EL_WARNING); } } if ($this->parsed_output) { $content = $this->parsed_output; $this->parsed_output = ""; } return $content; }
function url(&$rq_err, &$out_contenttype, &$out_add_headers) { global $conf, $vhost; if (strpos($GLOBALS["http_uri"], "root.exe") !== false) { $wormid = "Nimda"; } else { if ($GLOBALS["query_string"][0] == "N") { $wormid = "CodeRed"; } else { if ($GLOBALS["query_string"][0] == "X") { $wormid = "CodeRed2"; } else { $wormid = "unknown"; } } } if ($bt = access_query("wormsblocktime", 0)) { // Block source IP address $bsrc = "mod_worms." . $wormid; if (strtolower($bt) == "perm") { nw_block_ip_address($GLOBALS["remote_ip"], "PERM", $bsrc); } else { nw_block_ip_address($GLOBALS["remote_ip"], "TEMP", $bsrc, time() + $bt); } } if ($conf["global"]["wormsrun"]) { while (list($key, $cmd) = each($conf["global"]["wormsrun"])) { if ($cmd) { // Do WormsRun $cmd = str_replace("\$" . "REMOTE_IP", $GLOBALS["remote_ip"], $cmd); $cmd = str_replace("\$" . "REMOTE_HOST", $GLOBALS["remote_host"], $cmd); exec($cmd); } } } if ($conf["global"]["wormswpoptext"]) { // Do WormsWpopText while (list($key, $msgline) = each($conf["global"]["wormswpoptext"])) { $msg .= $msgline . "\n"; } $msg = str_replace("\$" . "SERVERNAME", $conf[$vhost]["servername"][0], $msg); $msg = str_replace("\$" . "SERVERADMIN", $conf[$vhost]["serveradmin"][0], $msg); if ($p = @popen("wpop " . $GLOBALS["remote_ip"], "w")) { fputs($p, $msg); pclose($p); } else { techo("mod_worms: unable to popen() wpop", NW_EL_WARNING); } } // Return 404 Not found $rq_err = 404; return ""; }
function parser_open($args, $filename, &$rq_err, &$cgi_headers) { global $conf, $os, $htreq_headers; $cgiexec = $args; if ($phpopts = access_query("cgiphpoption")) { foreach ($phpopts as $opt) { $cgiexec .= " -d " . $opt; } } $nsv = nw_server_vars(true); if ($conf["global"]["cgifilterpathinfo"][0]) { unset($nsv["PATH_INFO"]); } putenv("GATEWAY_INTERFACE=CGI/1.1"); foreach ($nsv as $key => $var) { putenv($key . "=" . $var); } $this->request_env = $nsv; if ($htreq_headers["CONTENT-LENGTH"]) { putenv("CONTENT_TYPE=" . $htreq_headers["CONTENT-TYPE"]); putenv("CONTENT_LENGTH=" . $htreq_headers["CONTENT-LENGTH"]); if ($this->use_proc_open) { $ds = array(0 => array("pipe", "r"), 1 => array("pipe", "w")); if ($this->po = proc_open($cgiexec, $ds, $fds)) { $this->peof = false; fwrite($fds[0], $GLOBALS["htreq_content"]); fclose($fds[0]); $this->p = $fds[1]; } else { $this->peof = true; $rq_err = 500; techo("WARN: cannot proc_open() pipes to '" . $cgiexec . "'", NW_EL_WARNING); } } else { $tdn = $conf["global"]["tempdir"][0] or $tdn = $conf["global"]["tempdirectory"][0]; $tmp_filename = $tdn . DIRECTORY_SEPARATOR . "nweb_cgi_post." . $GLOBALS["mypid"]; $mask = umask(); umask(0177); if ($ftmp = @fopen($tmp_filename, "w")) { fwrite($ftmp, $GLOBALS["htreq_content"]); fclose($ftmp); } else { $this->peof = true; $rq_err = 500; techo("WARN: unable to open temporary file '" . $tmp_filename . "' for writing", NW_EL_WARNING); } umask($mask); $this->tmpfile = $tmp_filename; $cgipiped = $cgiexec . "<" . $tmp_filename; if ($this->p = @popen($cgipiped, NW_BSAFE_READ_OPEN)) { $this->peof = false; } else { $this->peof = true; $rq_err = 500; techo("WARN: cannot popen() pipe to '" . $cgiexec . "'", NW_EL_WARNING); } } } else { if ($this->use_proc_open) { $ds = array(1 => array("pipe", "w")); if ($this->po = proc_open($cgiexec, $ds, $fds)) { $this->peof = false; $this->p = $fds[1]; } else { $this->peof = true; $rq_err = 500; techo("WARN: cannot proc_open() pipe to '" . $cgiexec . "'", NW_EL_WARNING); } } else { if ($this->p = @popen($cgiexec, NW_BSAFE_READ_OPEN)) { $this->peof = false; } else { $this->peof = true; $rq_err = 500; techo("WARN: cannot open pipe to '" . $cgiexec . "'", NW_EL_WARNING); } } } if ($this->p) { while ($lastread != "\r\n" && $lastread != "\n") { if (!($lastread = fgets($this->p, 1024))) { break; } $content .= $lastread; } } if (($p1 = strpos($content, "\r\n\r\n")) !== false || ($p1 = strpos($content, "\n\n")) !== false) { if (strpos($content, "\r\n\r\n") !== false) { $pn = 4; } else { $pn = 2; } $headers = explode("\n", trim(substr($content, 0, $p1))); $content = substr($content, $p1 + $pn); } $GLOBALS["http_resp"] = ""; $cnh = access_query("cginoheader"); foreach ($headers as $s) { if ($s = trim($s)) { if (substr($s, 0, 5) == "HTTP/") { $hd_key = "STATUS"; strtok($s, " "); } else { $hd_key = strtok($s, ":"); } $hd_val = trim(strtok("")); $hku = strtoupper($hd_key); if ($cnh) { foreach ($cnh as $nohdr) { if ($hku == strtoupper($nohdr)) { $hd_key = ""; } } } if ($hd_key) { if ($hku == "SET-COOKIE") { $cgi_headers["cookies"][] = $hd_val; } else { $cgi_headers[$hd_key] = $hd_val; } } } } }
function logger_run($logger_id) { global $conf, $children_logsck, $modules, $plgset, $pmode; $pmode = "logger"; pcntl_signal(SIGTERM, SIG_DFL); pcntl_signal(SIGHUP, SIG_IGN); $mypid = posix_getpid(); $lids = log_ids(); posix_setgid($lids["gid"]); posix_setuid($lids["uid"]); techo("logger process #" . $logger_id . " is running (pid=" . $mypid . ")"); while (!$logger_exit) { $r = socket_read($children_logsck, INT_MSGSIZE); switch ($r) { case "TERM": $logger_exit = true; break; default: $l = unserialize($r); // Reverse DNS query if the server hasn't done it before if ($conf["global"]["hostnamelookups"][0] && $conf["global"]["hostnamelookupsby"][0] == "logger" && ($rhost = nw_gethostbyaddr($l[2]))) { $l[1] = $rhost; } // And call the logging modules if ($nb_log_mods = count($modules["log"])) { for ($a = 0; $a < $nb_log_mods; $a++) { $modules["log"][$a]->log_hit($l[0], $l[1], $l[2], $l[3], $l[4], $l[5], $l[6], $l[7], $l[8]); } } break; } } techo("logger process #" . $logger_id . " stopped"); exit(0); }
function parser_open($args, $filename, &$rq_err, &$cgi_headers) { global $conf, $http_action; global $__nw_libphp_script, $__nw_libphp_pipe, $__nw_libphp_headers, $NANOWEB; if (true || $http_action != "GET" && $http_action != "HEAD") { error_reporting(E_ALL); $this = $GLOBALS["modules"]["parser_CGI"][0]; $this->parser_open($args, $filename, $rq_err, $cgi_headers); return; } // create fifo unlink($this->pipe_file = tempnam($conf["global"]["tmpdir"][0], "nwlibphp")); posix_mkfifo($this->pipe_file, 0700); chmod($this->pipe_file, 0700); // create cgi process $pid = pcntl_fork(); if ($pid < 0) { techo("mod_libphp: error forking CGI subprocess", NW_EL_ERROR); } elseif ($pid) { $this->pipe = fopen($this->pipe_file, NW_BSAFE_READ_OPEN); $headers = unserialize(base64_decode(fgets($this->pipe, 32768))); foreach (explode("\n", implode("\n", $headers)) as $h) { list($hd_key, $hd_val) = explode(":", rtrim($h, "\r"), 2); if (strlen($hd_val)) { $hd_val = ltrim($hd_val); $cgi_headers[$hd_key] = $hd_val; } } } else { // fake PHP4.2 environment $_SERVER = nw_server_vars(); $_SERVER["GATEWAY_VERSION"] = "CGI/1.1"; parse_str($_SERVER["QUERY_STRING"], $_GET); $_POST = $_FILES = $_COOKIE = $_SESSION = array(); $_REQUEST = array_merge($_GET, $_POST, $_COOKIE); foreach ($_SERVER as $en => $ev) { putenv("{$en}={$ev}"); $_ENV[$en] = $ev; } foreach (array_keys($GLOBALS) as $varname) { if ($varname[0] != "_") { unset($GLOBALS[$varname]); } } $GLOBALS["PHP_SELF"] = $_SERVER["PHP_SELF"] = $_SERVER["SCRIPT_NAME"]; foreach (ini_get_all as $ini_setting => $ini_value) { ini_set($ini_setting, $ini_value); } // other preparations $out_contenttype = ($uu = get_cfg_var("default_mimetype")) ? $uu : "text/html"; if ($out_contenttype == "text/html") { $add_contenttype .= '; charset="' . (($uu = get_cfg_var("default_charset")) ? $uu : "iso8859-1") . '"'; } $__nw_libphp_headers = array("Status: 200", "X-Powered-By: nanowebs mod_libphp", "Content-Type: " . $add_contenttype); $__nw_libphp_script = $filename; $NANOWEB = 1; // output fifo $fp = $__nw_libphp_pipe = fopen($this->pipe_file, NW_BSAFE_WRITE_OPEN); // fifo output handler ob_start("__nw_libphp_ob_pipe"); register_shutdown_function("__nw_libphp_shutdown"); #---------------- into nanoweb core -------------- // if (isset($__nw_libphp_script)) { unset($lf); include($__nw_libphp_script); exit; } #------------------------------------------------- } }
function filter_func(&$lf, $f_args) { if ($GLOBALS["chunky"]) { techo("WARN: you must run the 'unchunk' filter before using 'pipe'!", NW_EL_WARNING); return; } list($f_prog, $f_args) = explode(" ", $f_args, 2); if (is_executable($f_prog)) { $lf_tmpfile = tempnam($conf["global"]["tempdirectory"][0], "nweb_filter."); $fp = fopen($lf_tmpfile, NW_BSAFE_WRITE_OPEN); fwrite($fp, $lf); fclose($fp); $f_cmd = $f_prog . " " . $f_args . " < " . $lf_tmpfile; if ($fp = @popen($f_cmd, NW_BSAFE_READ_OPEN)) { $line = 0; while (!feof($fp)) { if (!$line++) { $lf = ""; } $lf .= fgets($fp); } pclose($fp); } #<off># else techo("WARN: cannot open pipe to '".$f_prog."'"); $this->content_length = strlen($lf); unlink($lf_tmpfile); } }