'] = '>';
$entities['"'] = '"';
$entities['\''] = ''';
return str_replace(array_keys($entities), array_values($entities), $str ?? '');
}
// }}}
// {{{ execCommand
function execCommand($cmd, &$retcode) {
return @exec($cmd, $tmp, $retcode);
}
// }}}
// {{{ popenCommand
function popenCommand($cmd, $mode) {
return popen($cmd, $mode);
}
// }}}
// {{{ passthruCommand
function passthruCommand($cmd) {
return passthru($cmd);
}
// }}}
// {{{ runCommand
function runCommand($cmd, $mayReturnNothing = false, &$errorIf = 'NOT_USED') {
global $config, $lang;
$output = array();
$error = '';
$opts = null;
// https://github.com/websvnphp/websvn/issues/75
// https://github.com/websvnphp/websvn/issues/78
if ($config->serverIsWindows) {
if (!strpos($cmd, '>') && !strpos($cmd, '|')) {
$opts = array('bypass_shell' => true);
} else {
$cmd = '"'.$cmd.'"';
}
}
$descriptorspec = array(0 => array('pipe', 'r'), 1 => array('pipe', 'w'), 2 => array('pipe', 'w'));
$resource = proc_open($cmd, $descriptorspec, $pipes, null, null, $opts);
if (!is_resource($resource)) {
echo ''.$lang['BADCMD'].': '.stripCredentialsFromCommand($cmd).'
';
exit;
}
$handle = $pipes[1];
$firstline = true;
while (!feof($handle)) {
$line = rtrim(fgets($handle), "\n\r");
if ($firstline && empty($line) && !$mayReturnNothing) {
$error = 'No output on STDOUT.';
break;
}
$firstline = false;
$output[] = toOutputEncoding($line);
}
while (!feof($pipes[2])) {
$error .= fgets($pipes[2]);
}
$error = toOutputEncoding(trim($error));
fclose($pipes[0]);
fclose($pipes[1]);
fclose($pipes[2]);
proc_close($resource);
# Some commands are expected to return no output, but warnings on STDERR.
if ((count($output) > 0) || $mayReturnNothing) {
return $output;
}
if ($errorIf != 'NOT_USED') {
$errorIf = $error;
return $output;
}
echo ''.$lang['BADCMD'].': '.stripCredentialsFromCommand($cmd).'
';
echo ''.nl2br($error).'
';
exit;
}
// }}}
function stripCredentialsFromCommand($cmd) {
global $config;
$quotingChar = ($config->serverIsWindows ? '"' : "'");
$quotedString = $quotingChar.'([^'.$quotingChar.'\\\\]*(\\\\.[^'.$quotingChar.'\\\\]*)*)'.$quotingChar;
$patterns = array('|--username '.$quotedString.' |U', '|--password '.$quotedString.' |U');
$replacements = array('--username '.quote('***').' ', '--password '.quote('***').' ');
$cmd = preg_replace($patterns, $replacements, $cmd, 1);
return $cmd;
}
// {{{ quote
//
// Quote a string to send to the command line
function quote($str) {
global $config;
if ($config->serverIsWindows) {
return '"'.$str.'"';
} else {
return escapeshellarg($str);
}
}
// }}}