<?php
    /* Some basic checks are in place */
    isset($r) || die("CVSroot must be set\n");
    isset($m) || die("CVSmodule must be set\n");
    isset($f) || die("File must be set\n");
    if(strchr($r, "'") || strchr($m, "'") || strchr($f, "'"))
        die("Invalid characters in arguments\n");

    /* I'll be paranoid, set root and module here so no one can get access elsewhere */
    /* Remove this or change it to suit your needs */
//    $r = "/home/cvsgraph";
//    $m = "cvsgraph";

    /* Shell escape, PHP4 has functions for this, use them */
    $r = "'" . $r . "'";
    $m = "'" . $m . "'";
    $f = "'" . $f . ",v'";

    /* I expose the paths here (accessible via the server). */
    /* Set this to a private place to make it secure. */
    $cvsgraph = "/home/bertho/public_html/cvsgraph/cvsgraph";
    $cvsgraph_conf = "/home/bertho/public_html/cvsgraph/conf/cvsgraph.conf";

    /* Default I generate PNG */
    Header("Content-Type: image/png");
    passthru("$cvsgraph -q -c $cvsgraph_conf -r $r -m $m $f");
?>