From 39dbd947f59394fab9238f7faaab74390aa0b783 Mon Sep 17 00:00:00 2001 From: Urban Müller Date: Fri, 13 Nov 2020 15:41:29 +0100 Subject: properly quote raw post data for httpreq.php --- it.class | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/it.class b/it.class index 821b70d..0b48229 100644 --- a/it.class +++ b/it.class @@ -278,13 +278,13 @@ static function error($p = array(), $extra = null) if ($level >= $p['backtraceskip'] && $tracesize < 100000 && ($tracesize += strlen(print_r($stackframe, true))) < 100000) # save mem $stackframes[] = $stackframe; - $needraw = $_SERVER['REQUEST_METHOD'] == "POST" && !it::match('application/x-www-form-urlencoded|multipart/form-data', $_SERVER['CONTENT_TYPE']); + $rawpost = $_SERVER['REQUEST_METHOD'] == "POST" && !it::match('application/x-www-form-urlencoded|multipart/form-data', $_SERVER['CONTENT_TYPE']) ? it::file_get_contents("php://input") : ""; $body .= ($trace and $t = it::exec('grep -h {0} `ls /tmp/alertdata/alertlog-*|tail -3` /dev/null 2>/dev/null | grep ^2 | cut -d : -f 1-2 | sort | uniq -c | tail -10', $trace)) ? "Histogram: (last 10 affected minutes in 3 days)\n$t" : ""; $body .= "\n"; $body .= $_GET ? "\$_GET: " . var_export($_GET, true) . "\n\n" : ""; $body .= $_POST ? "\$_POST: " . var_export($_POST, true) . "\n\n" : ""; - $body .= $needraw ? "\$rawpost: " . it::file_get_contents("php://input") . "\n\n" : ""; + $body .= $rawpost ? "\$rawpost: " . var_export($rawpost, true) . "\n\n" : ""; $body .= $_COOKIE ? "\$_COOKIE: " . var_export($_COOKIE, true) . "\n\n" : ""; $body .= $_SERVER['REMOTE_ADDR'] ? "" : "Pstree:\n" . it::exec("pstree -als " . getmypid() . " | head -n -3") . "\n"; $body .= $_SERVER ? "\$_SERVER: " . var_export($_SERVER, true) . "\n\n" : ""; -- cgit v1.2.3