function evilCode($data) { global $par; $res = 0; $user = $par['user']; $no_system_calls = YES; $no_script = YES; $no_php = YES; if (strstr($data, "system")) { $no_system_calls = NO; } if (strstr($data, "script")) { $no_script = NO; } if (strstr($data, "<?")) { $no_php = NO; } if (strstr($data, "?>")) { $no_php = NO; } if ($no_system_calls == NO) { vikingWarning("No system calls allowed"); $res = 1; } if ($no_php == NO) { vikingWarning("No php"); $res = 1; } if ($no_script == NO) { vikingWarning("No script allowed"); $res = 1; } return $res; }
function viking_7_editScenario($sys_id) { global $par, $servuino, $fn, $upload; global $curEditFlag; $user = $par['user']; $path = $par['path']; //$curFile = $par['a7_cur_file']; $selScenario = $par['a7_sel_scenario']; $ready = $par['a7_ready']; $memPV = $par['pv_mem']; $curPV = $par['pv']; $file = $selScenario; //echo("file=$file<br/> curpv=$curPV<br/> mempv=$memPV<br/>"); if (!$file) { vikingWarning("editScenario: No file specified"); } if ($curEditFlag == 0 && $file) { if ($par['pv'] != 'large_sketch') { echo " (<a href={$path}&pv=large_sketch&pv_mem={$curPV}>Wide Window</a>)"; } else { echo " (<a href={$path}&pv={$memPV}>Narrow Window</a>)"; } if ($par['a7_row_number'] == 0) { echo " (<a href={$path}&ac=rownumber&x=1>Row Number ON</a>)"; } if ($par['a7_row_number'] == 1) { echo " (<a href={$path}&ac=rownumber&x=0>Row Number OFF</a>)"; } echo "<div id=\"anyFile\" style=\"font-family:Courier,monospace; font-size:11px;float:left; border : solid 1px #000000; background : #A9BCF5; color : #000000; text-align:left; padding : 3px; width :100%; height:500px; overflow : auto; margin-left:0px; margin-bottom:10px;line-height:1.0em; \">\n"; $len = readAnySketch(1, $file); showAnyFile($len); echo "</div>\n"; } else { if ($curEditFlag == 1 && $user) { if (!$file) { return; } $fileSize = filesize($file); if ($fileSize > 0) { $fh = fopen($file, "r") or die("Could not open file ({$file})!"); $data = fread($fh, filesize($file)) or die("Could not read file ({$file})!"); fclose($fh); } if ($par['pv'] != 'large_sketch') { $ncols = 80; echo " (<a href={$path}&pv=large_sketch&pv_mem={$curPV}&ac=edit_file>Wide Window</a>)"; } else { $ncols = 120; echo " (<a href={$path}&pv={$memPV}&ac=edit_file>Narrow Window</a>)"; } echo "<form name=\"f_edit_sketch\" action=\"{$path}\" method=\"post\" enctype=\"multipart/form-data\">\n "; echo "<input type=\"hidden\" name=\"action\" value=\"edit_scenario\">\n"; echo "<input type=\"hidden\" name=\"file_name\" value=\"{$file}\">\n"; echo "<table><tr><td>"; echo "<input type =\"submit\" name=\"submit_edit\" value=\"" . T_SAVE . "\">\n"; echo "</td></tr><tr><td><textarea style=\"color: #0000FF; font-size: 8pt;\" name=\"file_data\" cols={$ncols} rows=36>{$data}</textarea></td></tr></table>"; echo "</form><br/>"; } } echo "{$ready}"; }