Check we can use shell_exec before usage

classes/System.php

@@ -4,6 +4,13 @@ namespace ICEcoder;
 
 class System
 {
+    /**
+     * @param $name
+     */
+    public function functionEnabled($name) {
+        return is_callable($name) && false === stripos(ini_get('disable_functions'), $name);
+    }
+
     /**
      * @param $path
      */

editor.php

@@ -162,11 +162,11 @@ h2 {color: rgba(0,198,255,0.7)}
 		<?php
 		// If we have a .git dir, get the Git short commit hash to display as a link
 		$gitCommitTextLink = "";
-		if (is_dir(dirname(__FILE__) . "/.git")) {
-			$gitCommit = trim(exec('git log --pretty="%h" -n1 HEAD'));
+		if (true === $systemClass->functionEnabled("shell_exec") && is_dir(dirname(__FILE__) . "/.git")) {
+			$gitCommit = trim(shell_exec('git log --pretty="%h" -n1 HEAD'));
 			$gitCommitTextLink = ' (Git commit: <a href="https://github.com/icecoder/ICEcoder/commit/' . $gitCommit . '" style="color: #eee; text-decoration: none" target="_blank">' . $gitCommit . '</a>)';
 		}
-		echo "v" . $ICEcoder["versionNo"] . $gitCommitTextLink;
+		echo $ICEcoder["versionNo"] . $gitCommitTextLink;
 		?><br><br>
 		<span class="heading"><?php echo $t['codemirror version'];?></span><br>
 		<script>
@@ -316,7 +316,7 @@ parent.ICEcoder.switchMode = function(mode) {
             cMdiff.setOption("mode", mode);
         }
     } else if (cM && fileName) {
-        <?php include(dirname(__FILE__) . "/assets/js/language-modes-partial.js");?>
+		<?php include(dirname(__FILE__) . "/assets/js/language-modes-partial.js");?>
         if (mode != cM.getOption("mode")) {
             cM.setOption("mode", mode);
             cM.setOption("lint", ("js" === fileExt || "json" === fileExt) && parent.ICEcoder.codeAssist ? true : false);

lib/settings-screen.php

@@ -56,12 +56,12 @@ if (true === isset($_GET['tab'])) {
 	<?php
 	// If we have a .git dir, get the Git short commit hash to display as a link
 	$gitCommitTextLink = "";
-	if (is_dir(dirname(__FILE__) . "/../.git")) {
-		$gitCommit = trim(exec('git log --pretty="%h" -n1 HEAD'));
+	if (true === $systemClass->functionEnabled("shell_exec") && is_dir(dirname(__FILE__) . "/../.git")) {
+		$gitCommit = trim(shell_exec('git log --pretty="%h" -n1 HEAD'));
 		$gitCommitTextLink = ' (Git commit: <a href="https://github.com/icecoder/ICEcoder/commit/' . $gitCommit . '" target="_blank">' . $gitCommit . '</a>)';
 	}
 	?>
-	v<?php echo $ICEcoder["versionNo"] . $gitCommitTextLink;?>
+	<?php echo $ICEcoder["versionNo"] . $gitCommitTextLink;?>
 	<br><br>
 
 	<?php echo $t['website'];?>:<br>

lib/terminal-xhr.php

@@ -17,8 +17,13 @@ if (false === isset($_SESSION['cwd'])) {
 chdir($_SESSION['cwd']);
 
 // Get current user and cwd
-$user = str_replace("\n", "", shell_exec("whoami"));
-$cwd = str_replace("\n", "", shell_exec("pwd"));
+if (true === $systemClass->functionEnabled("shell_exec")) {
+	$user = str_replace("\n", "", shell_exec("whoami"));
+	$cwd = str_replace("\n", "", shell_exec("pwd"));
+} else {
+	$user = "";
+	$cwd = "";
+}
 
 // Check if we have proc_open_enabled
 // (Used later to handle commands)
@@ -142,8 +147,13 @@ if (preg_match('/^[[:blank:]]*cd[[:blank:]]*$/', $_REQUEST['command'])) {
 chdir($_SESSION['cwd']);
 
 // and again ask for current user and working dir
-$user = str_replace("\n", "", shell_exec("whoami"));
-$cwd = str_replace("\n", "", shell_exec("pwd"));
+if (true === $systemClass->functionEnabled("shell_exec")) {
+	$user = str_replace("\n", "", shell_exec("whoami"));
+	$cwd = str_replace("\n", "", shell_exec("pwd"));
+} else {
+	$user = "";
+	$cwd = "";
+}
 
 // Finally, output our JSON data
 echo json_encode([

server/run-tasks.php

@@ -32,6 +32,7 @@ function requireReIndexNextTime() {
 
 // Run continuously
 while(true) {
+    if (true === is_callable("shell_exec") && false === stripos(ini_get('disable_functions'), "shell_exec")) {
         // Get git diff output as a string and MD5 it as a checksum
         $thisMD5 = shell_exec("cd .. && git diff | md5sum");
         // If we have a previous checksum value and the current is different to it
@@ -63,9 +64,11 @@ while(true) {
                 }
                 file_put_contents(dirname(__FILE__)."/../data/git-content.php", "<?php\n/*\n\n".serialize($output)."\n\n*/\n?".">");
         }
-        // Set prev MD5 to this one, ready for next time, sleep for 2 secs before loop starts again
+        // Set prev MD5 to this one, ready for next time
         $prevMD5 = $thisMD5;
-        sleep(2);
+    }
+    // sleep for 2 secs before loop starts again
+    sleep(2);
 
 }
 ?>

terminal.php

@@ -101,9 +101,10 @@ if (false === isset($_SESSION['cwd'])) {
 // Change to cwd
 chdir($_SESSION['cwd']);
 
-// Get current user and cwd
-$user = str_replace("\n", "", shell_exec("whoami"));
-$cwd = str_replace("\n", "", shell_exec("pwd"));
+if (true === $systemClass->functionEnabled("shell_exec")) {
+	// Get current user and cwd
+	$user = str_replace("\n", "", shell_exec("whoami"));
+	$cwd = str_replace("\n", "", shell_exec("pwd"));
 ?>
 
 <form name="shell" onsubmit="sendCmd(document.getElementById('command').value); return false" method="POST">
@@ -113,6 +114,11 @@ The more access rights you give that user, the more this terminal has.
 
 <div class="commandLine" id="commandLine"><div class="user" id="user">&nbsp;&nbsp;<?php echo $user;?>&nbsp;</div><div class="cwd" id="cwd">&nbsp;<?php echo $cwd;?>&nbsp;</div> : <?php echo date("H:m:s");?><br><div class="promptVLine"></div><div class="promptHLine">─<div class="promptArrow">▶</div></div> <input type="text" class="command" id="command" onkeyup="key(event)" tabindex="1" autocomplete="off"></div></pre>
 </form>
+<?php
+} else {
+?>
+<pre class="output" id="output">shell_exec not available on the server, unable to use terminal.</pre>
+<?php } ?>
 
 </body>
 </html>