nlvmi/index.php

<?php
function clean($str) { 
  $search  = array('&'    , '"'     , "'"    , '<'   , '>'    ); 
  $replace = array('&amp;', '&quot;', '&#39;', '&lt;', '&gt;' ); 

  $str = str_replace($search, $replace, $str); 
  return $str; 
}
//read config file
$configfile = new SplFileObject("/etc/nlvmi/nlvmi.conf");
while (!$configfile->eof()) {
    $line = $configfile->fgets();
    if (!preg_match('/^#/', $line)){
        if (!preg_match('/^$/', $line)){
            if (preg_match('/=/', $line)){
                $configparam = explode('=', $line);
                $p = rtrim($configparam[1]);
                //echo "B$p";
                $config[$configparam[0]]=str_replace('"', '', $p);
            }
        }
    }
}
$file = null;

//check db connection
if ($config['DATABASETYPE']=="sqlite"){
    $db_handle = new SQLite3($config['SQLITEFILE']);
    $query = "SELECT name FROM sqlite_master WHERE type='table' AND name='vms';";
    $db_handle->exec($query);
    $result = $db_handle->query($query);
    $row = $result->fetchArray();
    if (!$row['name']=="vms"){
        echo "DB connection failed!";
        exit;
    }
}

//form for edit and new vms
if (isset($_REQUEST['edit'])){
    $formname="editvm";
    $eid=clean($_REQUEST['edit']);
    $sql="SELECT * FROM vms WHERE id='$eid'";
    $res = $db_handle->query($sql);
    $editid = "<input type=hidden name=editid value=$eid>";
    while ($row = $res->fetchArray(SQLITE3_ASSOC)){
    $e = $row;
    }
} elseif(isset($_REQUEST['newvm'])) {
    $formname="newvm";
    $editid="";
}
//echo $e[vmname];
if (isset($formname)){
echo "<h2>$formname</h2></br>";
echo "<form name=$formname action=? method=post>";
$res = $db_handle->query('PRAGMA table_info(vms)');
while ($col = $res->fetchArray(SQLITE3_ASSOC)) {
    $arrColnames[]=$col['name'];
}
for ($col=0; $col <count($arrColnames); $col++){
    if ($arrColnames[$col]!="id"){
        if ($arrColnames[$col] == "bootoption"){
            echo "$arrColnames[$col] <select name=bootoption><option value=c>C</option><option value=d>D</option></select></br>";
        } elseif ($arrColnames[$col] == "arch"){
            echo "$arrColnames[$col] <select name=arch><option value=qemu-system-x86_64>x86_64</option></select></br>";
        } else {
            if (isset($e[$arrColnames[$col]])){
                $val = $e[$arrColnames[$col]];
            } else {
                $val = "";
            }
            echo "$arrColnames[$col] <input type=text name=$arrColnames[$col] value=$val></br>";
        }
    }
}

echo "$editid<input type=hidden name=mode value=$formname><input type=submit></form>";
}


echo "<a href=?newvm>Create a new VM</a></br>";

//getting vms from DB
$sql="SELECT * FROM vms";
$res = $db_handle->query($sql);
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
echo "<div style=\"border:solid 1px;float:left;min-width:100px;\">$row[vmname]</br><a href=?edit=$row[id]>edit</a></div>";
}

//insert in db
if(isset($_REQUEST['mode'])){
if($_REQUEST['mode']=="newvm"){
$sqls="INSERT INTO vms ";
$sqlc="(";
$sqlv=" VALUES (";
foreach(array_keys($_REQUEST) as $rkey){
    if ($rkey!="mode"){
    $rvalue = clean($_REQUEST[$rkey]);
    $sqlc .= "$rkey,";
    $sqlv .= "'$rvalue',";    
    }
}
$sqlc = rtrim($sqlc, ',');
$sqlc.=")";
$sqlv = rtrim($sqlv, ',');
$sqlv.=")";
$sql = "$sqls$sqlc$sqlv";
echo $sql;
$result = $db_handle->exec($sql);
//$result = $db_handle->query($sql);
    print_r($result);
} elseif ($_REQUEST['mode']=="editvm"){
$sql="UPDATE vms SET ";
foreach(array_keys($_REQUEST) as $rkey){
    if (($rkey!="mode")&&($rkey!="editid")){
    $rvalue = clean($_REQUEST[$rkey]);
    $sql .= " $rkey='$rvalue',";
    }
}
$sql = rtrim($sql, ',');
$eid=clean($_REQUEST['editid']);
$sql .= " WHERE id='$eid'";
$result = $db_handle->exec($sql);
}
}
?>
test link 2018-08-11 20:07:23 +02:00			`<?php`
			`function clean($str) {`
			`$search = array('&' , '"' , "'" , '<' , '>' );`
			`$replace = array('&', '"', ''', '<', '>' );`

			`$str = str_replace($search, $replace, $str);`
			`return $str;`
			`}`
			`//read config file`
			`$configfile = new SplFileObject("/etc/nlvmi/nlvmi.conf");`
			`while (!$configfile->eof()) {`
			`$line = $configfile->fgets();`
			`if (!preg_match('/^#/', $line)){`
			`if (!preg_match('/^$/', $line)){`
			`if (preg_match('/=/', $line)){`
			`$configparam = explode('=', $line);`
			`$p = rtrim($configparam[1]);`
			`//echo "B$p";`
			`$config[$configparam[0]]=str_replace('"', '', $p);`
			`}`
			`}`
			`}`
			`}`
			`$file = null;`

			`//check db connection`
			`if ($config['DATABASETYPE']=="sqlite"){`
			`$db_handle = new SQLite3($config['SQLITEFILE']);`
			`$query = "SELECT name FROM sqlite_master WHERE type='table' AND name='vms';";`
			`$db_handle->exec($query);`
			`$result = $db_handle->query($query);`
			`$row = $result->fetchArray();`
			`if (!$row['name']=="vms"){`
			`echo "DB connection failed!";`
			`exit;`
			`}`
			`}`

			`//form for edit and new vms`
			`if (isset($_REQUEST['edit'])){`
			`$formname="editvm";`
			`$eid=clean($_REQUEST['edit']);`
			`$sql="SELECT * FROM vms WHERE id='$eid'";`
			`$res = $db_handle->query($sql);`
			`$editid = "<input type=hidden name=editid value=$eid>";`
			`while ($row = $res->fetchArray(SQLITE3_ASSOC)){`
			`$e = $row;`
			`}`
			`} elseif(isset($_REQUEST['newvm'])) {`
			`$formname="newvm";`
			`$editid="";`
			`}`
			`//echo $e[vmname];`
			`if (isset($formname)){`
			`echo "<h2>$formname</h2></br>";`
			`echo "<form name=$formname action=? method=post>";`
			`$res = $db_handle->query('PRAGMA table_info(vms)');`
			`while ($col = $res->fetchArray(SQLITE3_ASSOC)) {`
			`$arrColnames[]=$col['name'];`
			`}`
			`for ($col=0; $col <count($arrColnames); $col++){`
			`if ($arrColnames[$col]!="id"){`
			`if ($arrColnames[$col] == "bootoption"){`
			`echo "$arrColnames[$col] <select name=bootoption><option value=c>C</option><option value=d>D</option></select></br>";`
			`} elseif ($arrColnames[$col] == "arch"){`
			`echo "$arrColnames[$col] <select name=arch><option value=qemu-system-x86_64>x86_64</option></select></br>";`
			`} else {`
			`if (isset($e[$arrColnames[$col]])){`
			`$val = $e[$arrColnames[$col]];`
			`} else {`
			`$val = "";`
			`}`
			`echo "$arrColnames[$col] <input type=text name=$arrColnames[$col] value=$val></br>";`
			`}`
			`}`
			`}`

			`echo "$editid<input type=hidden name=mode value=$formname><input type=submit></form>";`
			`}`


			`echo "<a href=?newvm>Create a new VM</a></br>";`

			`//getting vms from DB`
			`$sql="SELECT * FROM vms";`
			`$res = $db_handle->query($sql);`
			`while ($row = $res->fetchArray(SQLITE3_ASSOC)){`
			`echo "<div style=\"border:solid 1px;float:left;min-width:100px;\">$row[vmname]</br><a href=?edit=$row[id]>edit</a></div>";`
			`}`

			`//insert in db`
			`if(isset($_REQUEST['mode'])){`
			`if($_REQUEST['mode']=="newvm"){`
			`$sqls="INSERT INTO vms ";`
			`$sqlc="(";`
			`$sqlv=" VALUES (";`
			`foreach(array_keys($_REQUEST) as $rkey){`
			`if ($rkey!="mode"){`
			`$rvalue = clean($_REQUEST[$rkey]);`
			`$sqlc .= "$rkey,";`
			`$sqlv .= "'$rvalue',";`
			`}`
			`}`
			`$sqlc = rtrim($sqlc, ',');`
			`$sqlc.=")";`
			`$sqlv = rtrim($sqlv, ',');`
			`$sqlv.=")";`
			`$sql = "$sqls$sqlc$sqlv";`
			`echo $sql;`
			`$result = $db_handle->exec($sql);`
			`//$result = $db_handle->query($sql);`
			`print_r($result);`
			`} elseif ($_REQUEST['mode']=="editvm"){`
			`$sql="UPDATE vms SET ";`
			`foreach(array_keys($_REQUEST) as $rkey){`
			`if (($rkey!="mode")&&($rkey!="editid")){`
			`$rvalue = clean($_REQUEST[$rkey]);`
			`$sql .= " $rkey='$rvalue',";`
			`}`
			`}`
			`$sql = rtrim($sql, ',');`
			`$eid=clean($_REQUEST['editid']);`
			`$sql .= " WHERE id='$eid'";`
			`$result = $db_handle->exec($sql);`
			`}`
			`}`
			`?>`