48 lines
1.7 KiB
PHP
48 lines
1.7 KiB
PHP
<?php
|
|
header("Content-Type: application/json");
|
|
$file = $_POST["file"] ?? "";
|
|
$action = $_POST["action"] ?? "read";
|
|
$search = $_POST["search"] ?? "";
|
|
$replace = $_POST["replace"] ?? "";
|
|
$append = $_POST["append"] ?? "";
|
|
|
|
$allowed = [
|
|
"/var/www/html/api/wevia-smart-router.php",
|
|
"/var/www/html/api/wevia-exec.php",
|
|
"/var/www/html/api/wevia-brain-orchestrator.php",
|
|
"/var/www/html/api/wevia-autowire.php",
|
|
"/var/www/html/api/architecture-index.json",
|
|
];
|
|
|
|
if(!in_array($file, $allowed)) die(json_encode(["error"=>"file not allowed","allowed"=>$allowed]));
|
|
|
|
if($action === "read") {
|
|
die(json_encode(["content"=>file_get_contents($file),"lines"=>count(file($file))]));
|
|
}
|
|
|
|
if($action === "replace" && $search && $replace) {
|
|
shell_exec("sudo chattr -i $file 2>/dev/null");
|
|
$content = file_get_contents($file);
|
|
if(strpos($content, $search) === false) die(json_encode(["error"=>"search string not found"]));
|
|
$new = str_replace($search, $replace, $content);
|
|
file_put_contents($file.".bak", $content);
|
|
file_put_contents($file, $new);
|
|
$lint = trim(shell_exec("php -l $file 2>&1"));
|
|
if(strpos($lint,"No syntax errors") === false) {
|
|
copy($file.".bak", $file);
|
|
die(json_encode(["error"=>"PHP error, rolled back","lint"=>$lint]));
|
|
}
|
|
die(json_encode(["status"=>"replaced","lint"=>$lint]));
|
|
}
|
|
|
|
if($action === "exec") {
|
|
$cmd = $_POST["cmd"] ?? "";
|
|
$safe_cmds = ["php -l","grep","wc","cat","head","tail","git","python3 /opt/weval-l99"];
|
|
$ok = false;
|
|
foreach($safe_cmds as $s) if(strpos($cmd,$s) === 0) $ok = true;
|
|
if(!$ok) die(json_encode(["error"=>"cmd not allowed"]));
|
|
die(json_encode(["output"=>trim(shell_exec($cmd." 2>&1"))]));
|
|
}
|
|
|
|
echo json_encode(["error"=>"unknown action"]);
|