Improve output filters.

Fix filters that could lead to filtered HTML output.
Do not remove empty lines anymore, except for the last line.
Do not try to loop over each line of the output if no filter are
defined.

1 files changed, 1 insertions, 34 deletions

diff --git a/execute.php b/execute.php
index 26e91af..18c5051 100644
--- a/execute.php
+++ b/execute.php
@@ -30,39 +30,6 @@ if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
   $requester = $_SERVER['REMOTE_ADDR'];
 }
 
-function process_output($output) {
-  global $config;
-
-  $return = '';
-
-  foreach (preg_split("/((\r?\n)|(\r\n?))/", $output) as $line) {
-    // Get rid of empty lines
-    if (empty($line)) {
-      continue;
-    }
-
-    $valid = true;
-
-    if (isset($config['filters'])) {
-      foreach ($config['filters'] as $filter) {
-        // Line has been marked as invalid
-        // Or filtered based on the configuration
-        if (!$valid || (preg_match($filter, $line) === 1)) {
-          $valid = false;
-          break;
-        }
-      }
-    }
-
-    if ($valid) {
-      // The line is valid, print it
-      $return .= $line."\n";
-    }
-  }
-
-  return $return;
-}
-
 // Obvious spam
 if (!isset($_POST['dontlook']) || !empty($_POST['dontlook'])) {
   log_to_file('Spam detected from '.$requester.'.');
@@ -93,7 +60,7 @@ if (isset($_POST['query']) && !empty($_POST['query']) &&
 
   if (isset($output)) {
     // Display the result of the command
-    $data = array('result' => process_output($output));
+    $data = array('result' => $output);
   } else {
     // Display the error
     $data = array('error' => $error);