<?php
	/* Some basic checks are in place */
	isset($r) || die("CVSroot must be set\n");
	isset($m) || die("CVSmodule must be set\n");
	isset($f) || die("File must be set\n");
	if(strchr($r, "'") || strchr($m, "'") || strchr($f, "'"))
		die("Invalid characters in arguments\n");

	/* I'll be paranoid, set root and module here so no one can get access elsewhere */
	/* Remove this or change it to suit your needs */
//	$r = "/home/cvsgraph";
//	$m = "cvsgraph";

	/* Shell escape, PHP4 has functions for this, use them */
	$r = "'" . $r . "'";
	$m = "'" . $m . "'";
	$f = "'" . $f . ",v'";

	/* I expose the paths here (accessible via the server). */
	/* Set this to a private place to make it secure. */
	$prefix = "/usr";
	$exec_prefix = "${prefix}";
	$cvsgraph = "${exec_prefix}/bin/cvsgraph";
	$cvsgraph_conf = "/etc/cvsgraph/cvsgraph.conf";

	/* Default I generate PNG */
	Header("Content-Type: image/png");
	passthru("$cvsgraph -q -c $cvsgraph_conf -r $r -m $m $f");
?>