function zreloadAppendToShell($shellid, $input, $withPrompt = false, $withXSS = false) { global $prompt, $noresponse; if ($withPrompt) { // $shellcfg = zreloadGetShellConfig($shellid); // $prompt = $shellcfg[1]; $input = $prompt . ' ' . $input; } if (!$withXSS) { $input = htmlspecialchars($input); # $input = nl2br($input); } $sessname = 'zreload_shell_' . $shellid; if (!GWF_Session::exists($sessname)) { GWF_Session::set($sessname, array()); } /* if ($noresponse === true) { $input = 'Authentication failed.'; }*/ $input = explode(PHP_EOL, $input); GWF_Session::set($sessname, array_merge(GWF_Session::get($sessname), $input)); }
/** * Validate token from get or post data. * @param array $array * @return $userdata */ public static function validateToken() { # POST or GET? if (count($_POST) > 1) { # Sometimes there is one var in the POST Oo $array =& $_POST; } else { $array =& $_GET; } if (count($array) > 0) { if (!isset($array[self::TOKEN_NAME]) || !is_string($array[self::TOKEN_NAME])) { return false; } if (!GWF_Session::exists(self::TOKEN_NAME)) { return false; } $token = $array[self::TOKEN_NAME]; $tokens =& GWF_Session::get(self::TOKEN_NAME); foreach ($tokens as $id => $d) { if (intval($d[0], 10) < time() - 7200) { unset($tokens[$id]); } elseif ($id === $token) { $back = (string) $d[1]; unset($tokens[$id]); unset($array[self::TOKEN_NAME]); return $back; } } return false; } return true; }