set_magic_quotes_runtime(0);
ini_set('magic_quotes_gpc', 0);
/* Important security check!! */
$allowAccess = FALSE;
if (array_key_exists('REMOTE_ADDR', $_SERVER)) {
foreach ($PHPshConfig['allowedIPs'] as $ip) {
if ($ip == $_SERVER['REMOTE_ADDR']) {
$allowAccess = TRUE;
}
}
}
$shell = new PHPsh();
$CurDir = $shell->currentDir();
$Command = NULL;
$OutputEscapeFlag = TRUE;
$MySess =& $shell->getSession();
if (array_key_exists($PHPshConfig['sesskeys']['escape'], $MySess)) {
$OutputEscapeFlag = $MySess[$PHPshConfig['sesskeys']['escape']];
}
/* Take care of getfile requests right away, using the escape flag from session */
if ($allowAccess) {
if (is_array($_GET)) {
if (array_key_exists('getfile', $_GET)) {
$shell->showFile($_GET['getfile'], $OutputEscapeFlag);
exit(1);
}
}
}
$HaveUpload = FALSE;
if (is_array($_FILES) && array_key_exists('uploadfile', $_FILES) && is_array($_FILES['uploadfile']) && array_key_exists('name', $_FILES['uploadfile']) && strlen($_FILES['uploadfile']['name']) && array_key_exists('tmp_name', $_FILES['uploadfile']) && $_FILES['uploadfile']['tmp_name']) {
$HaveUpload = TRUE;
