system() has been disabled

soclose

Greetings

I got the warning: system() has been disabled for security reasons

So I contacted my webhost and they had indeed disabled it. Unfortunetly itis needed to running a part of my scipt which uploads images.

The relevant coding is


function convertIM($size, $from, $to)
   {
      //echo "<br>",
      $command = CONVERT_PATH . " -geometry  $size \"$from\" \"$to\"";
      system($command);
   }

There's more coding around it but this is the stated error.

Can anyone offer an alternative method on this?

Thanks

etully

Sorry to be a wise ass but, honestly, you need to find a new host. From experience I can tell you that if they do something like this, then you are going to find more and more things that you don't like about them over time.

soclose

Yep your the second person today to say that.

So it's no really a security issue?

etully

It's a security issue if you don't know how to be careful with it. For example, let's say you were using Image Magick to place text on an image and you gave the user an <input name=user_input> field on the form where they could type any text they want. And then you passed $user_input to the system command without checking it. They could put semicolons and whatnot to end the IM command and then run their own system command.

So it's a security issue for beginner programmers. (Actually, intermediates make this mistake too. Oh, and Microsoft, they make that kind of mistake too.)

Someone at the hosting company probably said, "We wasted 10 hours on the phone with a newbie trying to explain why their site got erased. We can eliminate those wasted calls if we disable the system() command."

soclose

So basically you have it or don't have it.

Is there an alternative command that does the same thing but isn't likely to get stopped?

soclose

Someone was kind enought to suggest using GD as an alternative.

The script already has GD in the page in question but I don't really know how to get everything in order to exclude the system command and get GD running as an alternative.

I know someone is going to have a cardiac infarction because of the size of this page but I think I'm developing a brain tumour trying to create an alternative without having to bypass this page and then reconfigue the admin section.

Oh yeah its a modified oscommerce scipt.


<?

class im
{
   var $file, $filename, $destination, $permissions, $extensions, $tmp_filename, $message_location;

   function im($file = '', $destination = '', $permissions = '777', $extensions = '')
   {
      $this->set_file($file);
      $this->set_destination($destination);
      $this->set_permissions($permissions);
      $this->set_extensions($extensions);

  $this->set_output_messages('direct');

  if (tep_not_null($this->file) && tep_not_null($this->destination))
  {
     $this->set_output_messages('session');
     return  ( ($this->parse() == true) && ($this->save() == true) );
  }
   }

   function parse()
   {
      global $messageStack;

  if (isset($_FILES[$this->file]))
  {
     $file = array('name' => $_FILES[$this->file]['name'],
     'type' => $_FILES[$this->file]['type'],
     'size' => $_FILES[$this->file]['size'],
     'tmp_name' => $_FILES[$this->file]['tmp_name']);
  }
  elseif (isset($GLOBALS['HTTP_POST_FILES'][$this->file]))
  {
     global $HTTP_POST_FILES;

     $file = array('name' => $HTTP_POST_FILES[$this->file]['name'],
     'type' => $HTTP_POST_FILES[$this->file]['type'],
     'size' => $HTTP_POST_FILES[$this->file]['size'],
     'tmp_name' => $HTTP_POST_FILES[$this->file]['tmp_name']);
  }
  else
  {
     $file = array('name' => (isset($GLOBALS[$this->file . '_name']) ? $GLOBALS[$this->file . '_name'] : ''),
     'type' => (isset($GLOBALS[$this->file . '_type']) ? $GLOBALS[$this->file . '_type'] : ''),
     'size' => (isset($GLOBALS[$this->file . '_size']) ? $GLOBALS[$this->file . '_size'] : ''),
     'tmp_name' => (isset($GLOBALS[$this->file]) ? $GLOBALS[$this->file] : ''));
  }

  if ( tep_not_null($file['tmp_name']) && ($file['tmp_name'] != 'none') && is_uploaded_file($file['tmp_name']) )
  {
     if (sizeof($this->extensions) > 0)
     {
        if (!in_array(strtolower(substr($file['name'], strrpos($file['name'], '.')+1)), $this->extensions))
        {
           if ($this->message_location == 'direct')
           {
              $messageStack->add(ERROR_FILETYPE_NOT_ALLOWED, 'error');
           }
           else
           {
              $messageStack->add_session(ERROR_FILETYPE_NOT_ALLOWED, 'error');
           }

           return false;
        }
     }

     $this->set_file($file);
     $this->set_filename($file['name']);
     $this->set_tmp_filename($file['tmp_name']);

     return true;
     return $this->check_destination();
  }
  else
  {
     if ($this->message_location == 'direct')
     {
        //$messageStack->add(WARNING_NO_FILE_UPLOADED, 'warning');
     }
     else
     {
        //$messageStack->add_session(WARNING_NO_FILE_UPLOADED, 'warning');
     }

     return false;
  }
   }

   function save()
   {
      global $messageStack;

  if (substr($this->destination, -1) != '/') $this->destination .= '/';

  if (defined("CONVERT_PATH") && defined("COVERT_IMAGE_TO"))
  {
     $path_parts = pathinfo($this->filename);
     $this->filename = md5(uniqid(time() . "The game is over.")) . "." . strtolower($path_parts["extension"]);

     foreach (preg_split("/\s+/", COVERT_IMAGE_TO) as $imageClass)
     {
        $jk++;
        if (trim($imageClass) && preg_match("/^(\w+)\<\-(.+)$/", $imageClass, $match))
        {
           $subdir = $match[1];
           $size = $match[2];

           $newDestination = preg_replace("~images/$~", "photos/product/", $this->destination);
           $dst = "{$newDestination}{$subdir}/{$this->filename}";

           switch (CONVERT_PATH)
           {
              case "gd":
                 $this->convertGD($size, $this->file["tmp_name"], $dst);
                 break;

              default:
                 $this->convertIM($size, $this->file["tmp_name"], $dst);
                 break;
           }
  #if ($jk > 2) echo "ddd", exit;
           //$field = "products_image";
           //if ($i > 1) $field .= "_$i";
           //$query = "UPDATE products SET $field = '$this->filename' WHERE products_id = {$pID}";
           //tep_db_query($query);
        }
     }
     #echo "FIN", exit;
  }
  else
  {
     #echo "xxxxx"; exit;
  }

  return true;
   }

   function convertIM($size, $from, $to)
   {
      //echo "<br>",
      $command = CONVERT_PATH . " -geometry  $size \"$from\" \"$to\"";
      system($command);
   }

   function convertGD($size, $from, $to)
   {
      //echo "gd: $size, $from, $to<br/>";
      // gd transformation here
      $pi = pathinfo($to);
      //echo "<br>",
      $extension = strtolower($pi["extension"]);

  switch ($extension)
  {
     case  'jpg':
     case 'jpeg':
        $image = imagecreatefromjpeg($from);
        break;

     case 'gif':
        $image = imagecreatefromgif($from);
        break;

     default:
        return false;
  }
  $x = imagesx($image);
  $y = imagesy($image);

  if (!preg_match("/^(\d+)x(\d+)(.*)$/", $size, $match)) return false;
  array_shift($match);
  list ($nx, $ny, $flags) = $match;
  $ax = $nx/$x;
  $ay = $ny/$y;
  if (preg_match("/>/", $flags) && $x <= $nx && $y <= $ny)
  {
     $aspect = 1;
  }
  else $aspect = ($ax < $ay ? $ax : $ay);
  $ne = imagecreatetruecolor($aspect*$x, $aspect*$y);
  imagecopyresized($ne, $image, 0,0,0,0,$aspect*$x, $aspect*$y, $x,$y);
  imagejpeg($ne, $to);
   }

   function set_file($file)
   {
      $this->file = $file;
   }

   function set_destination($destination)
   {
      $this->destination = $destination;
   }

   function set_permissions($permissions)
   {
      $this->permissions = octdec($permissions);
   }

   function set_filename($filename)
   {
      $this->filename = $filename;
   }

   function set_tmp_filename($filename)
   {
      $this->tmp_filename = $filename;
   }

   function set_extensions($extensions)
   {
      if (tep_not_null($extensions)) {
         if (is_array($extensions)) {
            $this->extensions = $extensions;
         } else {
            $this->extensions = array($extensions);
         }
      } else {
         $this->extensions = array();
      }
   }

   function check_destination()
   {
      global $messageStack;

  if (!is_writeable($this->destination)) {
     if (is_dir($this->destination)) {
        if ($this->message_location == 'direct') {
           $messageStack->add(sprintf(ERROR_DESTINATION_NOT_WRITEABLE, $this->destination), 'error');
        } else {
           $messageStack->add_session(sprintf(ERROR_DESTINATION_NOT_WRITEABLE, $this->destination), 'error');
        }
     } else {
        if ($this->message_location == 'direct') {
           $messageStack->add(sprintf(ERROR_DESTINATION_DOES_NOT_EXIST, $this->destination), 'error');
        } else {
           $messageStack->add_session(sprintf(ERROR_DESTINATION_DOES_NOT_EXIST, $this->destination), 'error');
        }
     }

     return false;
  } else {
     return true;
  }
   }

   function set_output_messages($location)
   {
      switch ($location) {
         case 'session':
            $this->message_location = 'session';
            break;
         case 'direct':
         default:
            $this->message_location = 'direct';
            break;
      }
   }
}

Any suggestions or solutions are greatly appreciated.