yetangitu/Oinktube
1
0
Fork 0
mirror of https://github.com/DanielnetoDotCom/YouPHPTube synced 2025-10-03 09:49:28 +02:00
Code Issues Releases Wiki Activity

Update

Browse source
This commit is contained in:
Daniel Neto 2024-12-04 11:47:31 -03:00
parent ea34484625
commit e9e59edd73
1 changed files with 36 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

62
plugin/API/standAlone/ffmpeg.json.php
View file

@ -87,7 +87,6 @@
* *
* Replace `https://yourSite.com/` with your actual website URL. * Replace `https://yourSite.com/` with your actual website URL.
*/ */
$global_timeLimit = 300; $global_timeLimit = 300;
ini_set("memory_limit", -1); ini_set("memory_limit", -1);
@ -100,7 +99,10 @@ header('Content-Type: application/json');
require_once __DIR__ . "/../../../objects/functionsStandAlone.php"; require_once __DIR__ . "/../../../objects/functionsStandAlone.php";
_error_log("Script initiated: FFMPEG command execution script started");
if (empty($streamerURL)) { if (empty($streamerURL)) {
_error_log("Error: streamerURL is not defined");
echo json_encode(['error' => true, 'message' => 'streamerURL not defined']); echo json_encode(['error' => true, 'message' => 'streamerURL not defined']);
exit; exit;
} }
@ -109,6 +111,7 @@ function _decryptString($string)
{ {
global $global; global $global;
$url = "{$global['webSiteRootURL']}plugin/API/get.json.php?APIName=decryptString&string={$string}"; $url = "{$global['webSiteRootURL']}plugin/API/get.json.php?APIName=decryptString&string={$string}";
_error_log("Decrypting string using URL: $url");
$content = file_get_contents($url); $content = file_get_contents($url);
$json = json_decode($content); $json = json_decode($content);
@ -116,10 +119,11 @@ function _decryptString($string)
if (!empty($json) && empty($json->error)) { if (!empty($json) && empty($json->error)) {
$json2 = json_decode($json->message); $json2 = json_decode($json->message);
if ($json2->time > strtotime('30 seconds ago')) { if ($json2->time > strtotime('30 seconds ago')) {
_error_log("String decrypted successfully");
return $json2; return $json2;
} }
} }
return $json2; _error_log("Failed to decrypt string or invalid time");
return false; return false;
} }
@ -146,65 +150,59 @@ function getInput($key, $default = '')
function sanitizeFFmpegCommand($command) function sanitizeFFmpegCommand($command)
{ {
$allowedPrefixes = ['ffmpeg', '/usr/bin/ffmpeg', '/bin/ffmpeg']; $allowedPrefixes = ['ffmpeg', '/usr/bin/ffmpeg', '/bin/ffmpeg'];
_error_log("Sanitizing FFMPEG command: $command");
// Remove dangerous characters // Remove dangerous characters
$command = str_replace('&&', '', $command); $command = str_replace('&&', '', $command);
$command = str_replace('rtmp://live/', 'rtmp://vlu.me/', $command); $command = str_replace('rtmp://live/', 'rtmp://vlu.me/', $command);
$command = str_replace('https://live:8443/', 'https://vlu.me:8443/', $command); $command = str_replace('https://live:8443/', 'https://vlu.me:8443/', $command);
// Remove existing log file redirection (e.g., '> /path/to/log 2>&1' or '> /path/to/log')
$command = preg_replace('/\s*>.*(?:2>&1)?/', '', $command); $command = preg_replace('/\s*>.*(?:2>&1)?/', '', $command);
$command = preg_replace('/[;|`<>]/', '', $command); $command = preg_replace('/[;|`<>]/', '', $command);
// Ensure it starts with an allowed prefix // Ensure it starts with an allowed prefix
foreach ($allowedPrefixes as $prefix) { foreach ($allowedPrefixes as $prefix) {
if (strpos(trim($command), $prefix) === 0) { if (strpos(trim($command), $prefix) === 0) {
_error_log("Command sanitized successfully");
return $command; return $command;
} }
} }
// If it doesn't start with an allowed prefix, return an empty string _error_log("Sanitization failed: Command does not start with an allowed prefix");
return ''; return '';
} }
_error_log("Fetching inputs...");
// Fetch and sanitize inputs
$codeToExecEncrypted = getInput('codeToExecEncrypted', ''); $codeToExecEncrypted = getInput('codeToExecEncrypted', '');
$codeToExec = _decryptString($codeToExecEncrypted); $codeToExec = _decryptString($codeToExecEncrypted);
if (empty($codeToExec)) { if (empty($codeToExec)) {
_error_log("Invalid or missing codeToExecEncrypted");
die('Invalid Request'); die('Invalid Request');
} }
if(!empty($codeToExec->ffmpegCommand)){ $ffmpegCommand = !empty($codeToExec->ffmpegCommand) ? sanitizeFFmpegCommand($codeToExec->ffmpegCommand) : '';
$ffmpegCommand = sanitizeFFmpegCommand($codeToExec->ffmpegCommand); $keyword = !empty($codeToExec->keyword) ? preg_replace('/[^a-zA-Z0-9_-]/', '', $codeToExec->keyword) : '';
}else{
$ffmpegCommand = '';
}
if(!empty($codeToExec->keyword)){ _error_log("Code to Execute: " . json_encode($codeToExec));
$keyword = preg_replace('/[^a-zA-Z0-9_-]/', '', $codeToExec->keyword); _error_log("Sanitized FFMPEG Command: $ffmpegCommand");
}else{ _error_log("Keyword: $keyword");
$keyword = '';
}
// Kill processes associated with the keyword // Kill processes associated with the keyword
if (!empty($keyword)) { if (!empty($keyword)) {
_error_log("Killing process with keyword: $keyword");
killProcessFromKeyword($keyword); killProcessFromKeyword($keyword);
} }
// Get the system's temporary directory
$tempDir = "{$global['systemRootPath']}videos/ffmpegLogs/"; $tempDir = "{$global['systemRootPath']}videos/ffmpegLogs/";
make_path($tempDir); make_path($tempDir);
// Ensure the temp directory ends with a directory separator
$tempDir = rtrim($tempDir, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR; $tempDir = rtrim($tempDir, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR;
// Create a unique log file path
$logFile = "{$tempDir}ffmpeg_{$keyword}.log"; $logFile = "{$tempDir}ffmpeg_{$keyword}.log";
_error_log("Log file set to: $logFile");
if (!empty($codeToExec->test)) { if (!empty($codeToExec->test)) {
$microtime = microtime(true); $microtime = microtime(true);
_error_log("Test mode triggered");
echo json_encode([ echo json_encode([
'error' => false, 'error' => false,
'msg' => sprintf('Remote FFmpeg responded successfully in %.4f seconds.', $microtime - $codeToExec->microtime), 'msg' => sprintf('Remote FFmpeg responded successfully in %.4f seconds.', $microtime - $codeToExec->microtime),
@ -214,9 +212,10 @@ if (!empty($codeToExec->test)) {
]); ]);
exit; exit;
} else if (!empty($codeToExec->log)) { } else if (!empty($codeToExec->log)) {
_error_log("Log retrieval mode triggered");
$time = time(); $time = time();
$modified = @filemtime($logFile); $modified = @filemtime($logFile);
$secondsAgo = $time - $obj->modified; $secondsAgo = $time - $modified;
$isActive = $secondsAgo < 10; $isActive = $secondsAgo < 10;
echo json_encode([ echo json_encode([
'error' => !file_exists($logFile), 'error' => !file_exists($logFile),
@ -229,7 +228,7 @@ if (!empty($codeToExec->test)) {
]); ]);
exit; exit;
} else if (!empty($codeToExec->stop) && !empty($keyword)) { } else if (!empty($codeToExec->stop) && !empty($keyword)) {
$cmd = "pkill -f 'ffmpeg.*$keyword'"; _error_log("Stop mode triggered for keyword: $keyword");
echo json_encode([ echo json_encode([
'error' => !file_exists($logFile), 'error' => !file_exists($logFile),
'msg' => '', 'msg' => '',
@ -239,26 +238,24 @@ if (!empty($codeToExec->test)) {
'unlink' => unlink($logFile), 'unlink' => unlink($logFile),
]); ]);
exit; exit;
} else }
// Validate that ffmpegCommand is not empty after sanitization
if (empty($ffmpegCommand)) { if (empty($ffmpegCommand)) {
_error_log("Error: Invalid or empty FFMPEG command");
echo json_encode([ echo json_encode([
'error' => true, 'error' => true,
'msg' => 'Invalid or empty ffmpeg command', 'msg' => 'Invalid or empty ffmpeg command',
'codeToExec' => $codeToExec, 'codeToExec' => $codeToExec,
]); ]);
exit; exit;
} }
// Redirect all output to the log file
$ffmpegCommand .= " > {$logFile} 2>&1"; $ffmpegCommand .= " > {$logFile} 2>&1";
_error_log("Executing FFMPEG Command [$keyword]: $ffmpegCommand");
// Debug output (optional)
error_log("Constructed FFMPEG Command [$keyword]: $ffmpegCommand");
try { try {
$pid = execAsync($ffmpegCommand, $keyword); $pid = execAsync($ffmpegCommand, $keyword);
_error_log("Command executed successfully with PID: $pid");
echo json_encode([ echo json_encode([
'error' => false, 'error' => false,
'msg' => 'Command executed', 'msg' => 'Command executed',
@ -267,6 +264,7 @@ try {
'logFile' => $logFile, 'logFile' => $logFile,
]); ]);
} catch (Exception $e) { } catch (Exception $e) {
_error_log("Error executing command: " . $e->getMessage());
echo json_encode([ echo json_encode([
'error' => true, 'error' => true,
'msg' => 'Failed to execute command', 'msg' => 'Failed to execute command',