Don't use ls to list directories

ht.php

@@ -7,10 +7,8 @@ define("IPV4_ADDRESS", "127.0.0.1");
 define("HTTPS_PORT", "42443");
 define("INTERNAL_ONION_HTTP_PORT", "9080");
 
-define("MANIVER_PATH", "/usr/local/bin/maniver");
 define("SYSTEMCTL_PATH", "/usr/bin/systemctl");
 define("CERTBOT_PATH", "/usr/bin/certbot");
-define("LS_PATH", "/usr/bin/ls");
 define("NGINX_CONFIG_PATH", "/etc/nginx/ht"); // Nginx configuration directory
 define("TOR_CONFIG_PATH", "/etc/tor/instances/niver/torrc"); // Tor configuration file
 define("TOR_KEYS_PATH", "/var/lib/tor-instances/niver/keys"); // Tor keys directory
@@ -34,12 +32,11 @@ function addNiverLog($message, $outputLines, $returnCode = false) {
 }
 
 function listFsDirs($username) {
-	exec(LS_PATH . " --format=single-column -d " . HT_PATH . "/" . $username . "/*/", $absoluteDirs);
+	$absoluteDirs = glob(HT_PATH . "/" . $username . "/*/", GLOB_ONLYDIR);
 	$relativeDirs = false;
 	foreach ($absoluteDirs as $i => $absoluteDir) {
-		$tree = explode("/", $absoluteDir); // The last key is NULL
-		end($tree);
-		$relativeDirs[$i] = prev($tree); // The name of the site dir is the before last key
+		if (preg_match("/^[a-z0-9-]{1,32}$/", basename($absoluteDir)))
+			$relativeDirs[$i] = basename($absoluteDir); // The name of the site dir is the before last key
 	}
 	return $relativeDirs;
 }

public/ht/https-domain.php

@@ -16,32 +16,36 @@
 
 		<?php
 
-		$fsDirs = listFsDirs($_SESSION['username']);
-		$dbUsedDirs = listDbDirs($_SESSION['username'], "dns", "http");
-		$i = 0;
-		$j = 0;
-		$alreadyEnabledDirs = NULL;
-		$notYetEnabledDirs = NULL;
-		if ($fsDirs) {
-			foreach ($fsDirs as $fsDir) {
-				if ($dbUsedDirs AND in_array($fsDir, $dbUsedDirs)) {
-					$alreadyEnabledDirs[$i] = $fsDir;
-					$i++;
-				} else {
-					$notYetEnabledDirs[$j] = $fsDir;
-					$j++;
+
+
+		if (isset($_SESSION['username'])) {
+			$fsDirs = listFsDirs($_SESSION['username']);
+			$dbUsedDirs = listDbDirs($_SESSION['username'], "dns", "http");
+			$i = 0;
+			$j = 0;
+			$alreadyEnabledDirs = NULL;
+			$notYetEnabledDirs = NULL;
+			if ($fsDirs) {
+				foreach ($fsDirs as $fsDir) {
+					if ($dbUsedDirs AND in_array($fsDir, $dbUsedDirs)) {
+						$alreadyEnabledDirs[$i] = $fsDir;
+						$i++;
+					} else {
+						$notYetEnabledDirs[$j] = $fsDir;
+						$j++;
+					}
 				}
-			}
 
-			if (!is_null($notYetEnabledDirs)) {
-				foreach ($notYetEnabledDirs as $dir) {
-					echo "<option value='" . $dir . "'>" . $dir . "</option>";
+				if (!is_null($notYetEnabledDirs)) {
+					foreach ($notYetEnabledDirs as $dir) {
+						echo "<option value='" . $dir . "'>" . $dir . "</option>";
+					}
 				}
-			}
 
-			if (!is_null($alreadyEnabledDirs)) {
-				foreach ($alreadyEnabledDirs as $dir) {
-					echo "<option disabled='' value='" . $dir . "'>" . $dir . "</option>";
+				if (!is_null($alreadyEnabledDirs)) {
+					foreach ($alreadyEnabledDirs as $dir) {
+						echo "<option disabled='' value='" . $dir . "'>" . $dir . "</option>";
+					}
 				}
 			}
 		}