11968 resolved issues with: Replace &> with 2>&1, which is POSIX-compliant and works across different shells, Form Key Validation

Bohdan Berezhniy · Bohdan Berezhniy · commit a081f6757dcc · 2024-10-08T11:10:41.000+03:00
diff --git a/Controller/Adminhtml/Index/Cli.php b/Controller/Adminhtml/Index/Cli.php
@@ -7,6 +7,7 @@
 namespace Magefan\Cli\Controller\Adminhtml\Index;
 
 use Magefan\Cli\Model\Config;
+use Magento\Framework\Data\Form\FormKey;
 
 class Cli extends \Magento\Backend\App\Action
 {
@@ -39,6 +40,11 @@ class Cli extends \Magento\Backend\App\Action
      */
     private $config;
 
+    /**
+     * @var FormKey
+     */
+    private $formKey;
+
     /**
      * Constructor
      *
@@ -55,13 +61,15 @@ public function __construct(
         \Magento\Framework\Json\Helper\Data $jsonHelper,
         \Magento\Framework\Filesystem\DirectoryList $dir,
         \Magento\Backend\Model\Auth\Session $authSession,
-        Config $config
+        Config $config,
+        FormKey $formKey
     ) {
         $this->resultPageFactory = $resultPageFactory;
         $this->jsonHelper = $jsonHelper;
         $this->dir = $dir;
         $this->authSession = $authSession;
         $this->config = $config;
+        $this->formKey = $formKey;
         parent::__construct($context);
     }
 
@@ -75,7 +83,7 @@ public function execute()
         try {
             if (!$this->config->isEnabled()) {
                 throw new \Exception(
-                    __(strrev('.ecafretnI eniL dnammoC > snoisnetxE nafegaM > noitarugifnoC > 
+                    __(strrev('.ecafretnI eniL dnammoC > snoisnetxE nafegaM > noitarugifnoC >
                 serotS ot etagivan esaelp noisnetxe eht elbane ot ,delbasid si ecafretnI eniL dnammoC nafegaM')),
                     1
                 );
@@ -118,7 +126,8 @@ public function execute()
             }
 
             $logFile = $this->dir->getPath('var') . '/mfcli.txt';
-            exec($c = 'cd ' . $this->dir->getRoot() . ' && ' . $command . ' &> ' . $logFile, $a, $b);
+            exec($c = 'cd ' . $this->dir->getRoot() . ' && ' . $command . ' > ' . $logFile . ' 2>&1', $a, $b);
+
             $message = file_get_contents($logFile);
             if (!$message) {
                 $message = __('Command not found or error occurred.') . PHP_EOL;
@@ -128,7 +137,10 @@ public function execute()
             $message = $e->getMessage() . PHP_EOL;
         }
 
-        $response = ['message' => nl2br($message)];
+        $response = [
+            'message' => nl2br($message),
+            'newFormKey' => $this->formKey->getFormKey()
+        ];
 
         return $this->getResponse()->representJson(
             $this->jsonHelper->jsonEncode($response)
diff --git a/view/adminhtml/templates/form.phtml b/view/adminhtml/templates/form.phtml
@@ -218,6 +218,11 @@
                             } else {
                                 alert('<?php echo $block->escapeHtml(__('Unexpected error. Please refresh the page or try later.')) ?>');
                             }
+
+                            if (data && data.newFormKey) {
+                                FORM_KEY = data.newFormKey;
+                                document.querySelector('input[name="form_key"]').value = FORM_KEY;
+                            }
                         });
                     }
                 },

Original file line number	Diff line number	Diff line change
`@@ -218,6 +218,11 @@`
`218`	`218`	`} else {`
`219`	`219`	`alert('<?php echo $block->escapeHtml(__('Unexpected error. Please refresh the page or try later.')) ?>');`
`220`	`220`	`}`
	`221`	`+`
	`222`	`+ if (data && data.newFormKey) {`
	`223`	`+ FORM_KEY = data.newFormKey;`
	`224`	`+ document.querySelector('input[name="form_key"]').value = FORM_KEY;`
	`225`	`+ }`
`221`	`226`	`});`
`222`	`227`	`}`
`223`	`228`	`},`