2018-08-11 20:07:23 +02:00
< ? php
function clean ( $str ) {
$search = array ( '&' , '"' , " ' " , '<' , '>' );
$replace = array ( '&' , '"' , ''' , '<' , '>' );
2018-10-26 18:21:18 +02:00
$str = str_replace ( $search , $replace , $str );
$strf = htmlspecialchars ( $str , ENT_QUOTES , 'UTF-8' );
return $strf ;
2018-08-11 20:07:23 +02:00
}
2018-10-24 17:53:40 +02:00
2018-08-15 13:50:00 +02:00
if ( isset ( $_REQUEST [ 'logout' ])){
2018-08-15 18:24:29 +02:00
session_start ();
session_unset ();
session_destroy ();
2018-08-15 13:50:00 +02:00
} else {
2018-08-15 18:24:29 +02:00
session_start ();
2018-08-15 13:50:00 +02:00
}
2018-10-24 17:53:40 +02:00
2018-08-15 13:50:00 +02:00
$mode = " " ;
2018-08-12 20:21:33 +02:00
function checkvm ( $vmname ) {
2018-08-18 11:47:47 +02:00
$shellout = shell_exec ( " /usr/bin/nlvmi checkvm $vmname bla " ); //){
if ( preg_match_all ( '/not running/' , $shellout )){
return 1 ;
2018-08-15 18:24:29 +02:00
}
2018-08-18 11:47:47 +02:00
return 0 ;
2018-08-12 20:21:33 +02:00
}
2018-10-24 17:53:40 +02:00
2018-08-20 18:56:48 +02:00
function serverdepropdown ( $server , $val , $what ){
2018-08-20 20:19:52 +02:00
if ( $what == " cdrom " ){
$dir = " isodirectory " ;
$enddiv = " </div> " ;
} elseif ( preg_match ( '/drive/' , $what )) {
$dir = " vmdirectory " ;
$enddiv = " " ;
}
echo " <div class=row><div class=col-md-1 style=text-align:right> $what </div><div class=col-md-2><div class=dropdown><button class= \" btn btn-secondary dropdown-toggle \" type=button id= " . $what . " button data-toggle=dropdown aria-haspopup=true aria-expanded=false> $val </button> " ;
echo " <div class=dropdown-menu aria-labelledby= " . $what . " button> " ;
echo " <a class=dropdown-item href= \" javascript:dropdown(' " . $what . " button','') \" >no $what </a><div class=dropdown-divider></div> " ;
$shellout = shell_exec ( " /usr/bin/nlvmi listdir $server $dir " );
$files = explode ( " \n " , $shellout );
for ( $f = 0 ; $f < count ( $files ); $f ++ ){
$file = explode ( " " , $files [ $f ]);
$lastpart = count ( $file ) - 1 ;
if (( preg_match ( '/\//' , $file [ $lastpart ])) && ( ! preg_match ( '/^d/' , $file [ 0 ]))){
echo " <a class=dropdown-item href= \" javascript:dropdown(' " . $what . " button',' $file[$lastpart] ') \" > $file[$lastpart] </a> " ;
}
}
2018-09-23 15:51:44 +02:00
echo " $enddiv </div></div></div><input type=hidden id= " . $what . " buttonh name= $what value= \" $val\ " > " ;
2018-08-20 18:56:48 +02:00
}
2018-10-24 17:53:40 +02:00
2018-08-21 14:25:19 +02:00
function formatbuttons ( $label , $val ){
echo " <div class=row><div class=col> $label </div><div class=col><div class=dropdown><button class= \" btn btn-secondary dropdown-toggle \" type=button id= " . $label . " button $label data-toggle=dropdown aria-haspopup=true aria-expanded=false> $val </button> " ;
echo " <div class=dropdown-menu aria-labelledby=formatbutton $label > " ;
echo " <a class=dropdown-item href= \" javascript:dropdown(' " . $label . " button $label ','') \" > </a> " ;
echo " <div class=dropdown-divider></div> " ;
echo " <a class=dropdown-item href= \" javascript:dropdown(' " . $label . " button $label ','raw') \" >raw</a> " ;
echo " <a class=dropdown-item href= \" javascript:dropdown(' " . $label . " button $label ','qcow2') \" >qcow2</a> " ;
echo " </div></div></div></div></div><input type=hidden id= " . $label . " button " . $label . " h name= $label value= \" $val\ " > " ;
}
2018-08-11 20:07:23 +02:00
//read config file
$configfile = new SplFileObject ( " /etc/nlvmi/nlvmi.conf " );
while ( ! $configfile -> eof ()) {
$line = $configfile -> fgets ();
if ( ! preg_match ( '/^#/' , $line )){
if ( ! preg_match ( '/^$/' , $line )){
if ( preg_match ( '/=/' , $line )){
$configparam = explode ( '=' , $line );
$p = rtrim ( $configparam [ 1 ]);
//echo "B$p";
$config [ $configparam [ 0 ]] = str_replace ( '"' , '' , $p );
}
}
}
}
$file = null ;
//check db connection
if ( $config [ 'DATABASETYPE' ] == " sqlite " ){
$db_handle = new SQLite3 ( $config [ 'SQLITEFILE' ]);
$query = " SELECT name FROM sqlite_master WHERE type='table' AND name='vms'; " ;
$db_handle -> exec ( $query );
$result = $db_handle -> query ( $query );
$row = $result -> fetchArray ();
if ( ! $row [ 'name' ] == " vms " ){
echo " DB connection failed! " ;
exit ;
}
}
2018-08-13 20:11:24 +02:00
2018-08-15 13:50:00 +02:00
//check login
$usersfound = " no " ;
$sql = " SELECT * FROM users LIMIT 1 " ;
$res = $db_handle -> query ( $sql );
while ( $row = $res -> fetchArray ( SQLITE3_ASSOC )){
$usersfound = " yes " ;
if ( $_SESSION [ 'username' ] == " inituser " ){
session_unset ();
session_destroy ();
session_start ();
2018-08-15 17:38:14 +02:00
echo " killed inituser! " ;
2018-08-15 13:50:00 +02:00
}
}
2018-08-15 17:38:14 +02:00
2018-08-15 13:50:00 +02:00
if ( $usersfound == " no " ){
2018-08-15 17:38:14 +02:00
$_SESSION [ 'username' ] = " inituser " ;
$_SESSION [ 'isadmin' ] = " 1 " ;
2018-08-15 13:50:00 +02:00
if ( ! isset ( $_POST [ 'newusername' ])){
echo " <h1>You have no users in the datbase!</h1></br> " ;
$mode = " usermgmt " ;
}
} elseif (( isset ( $_POST [ 'login' ])) && ( isset ( $_POST [ 'username' ])) && ( isset ( $_POST [ 'password' ]))){
$user = clean ( $_POST [ 'username' ]);
$pass = clean ( $_POST [ 'password' ]);
2018-08-25 12:40:14 +02:00
if ( $pass == " " ){
2018-11-09 14:39:03 +01:00
echo " $user is not allowed to login without a password. " ;
2018-08-25 12:40:14 +02:00
} else {
$sql = " SELECT password,admin FROM users WHERE username=' $user ' " ;
$res = $db_handle -> query ( $sql );
while ( $row = $res -> fetchArray ( SQLITE3_ASSOC )){
if ( password_verify ( $pass , $row [ 'password' ])){
$_SESSION [ 'username' ] = $user ;
$_SESSION [ 'isadmin' ] = $row [ 'admin' ];
} else {
echo " Password not correct! " ;
}
2018-08-15 13:50:00 +02:00
}
}
}
2018-08-15 17:38:14 +02:00
2018-08-18 13:53:25 +02:00
function checkmacfree ( $vmname , $mac , $db_handle ){
$sql = " SELECT vmname FROM vms WHERE (macaddr1=' $mac ' OR macaddr2=' $mac ' OR macaddr3=' $mac ') AND NOT vmname=' $vmname ' " ;
//echo "na";
$res = $db_handle -> query ( $sql );
while ( $row = $res -> fetchArray ( SQLITE3_ASSOC )){
return " $row[vmname] uses the mac $mac already! " ;
}
return 0 ;
}
2018-08-15 18:24:29 +02:00
//delete vms
2018-08-15 13:50:00 +02:00
if ( isset ( $_SESSION [ 'username' ])){
2018-08-21 14:00:09 +02:00
if (( isset ( $_POST [ 'deleteid' ])) && ( isset ( $_POST [ 'deletename' ])) && ( $_POST [ 'delwhat' ] == " vm " )){
2018-08-15 16:52:34 +02:00
if ( $_SESSION [ 'isadmin' ] != 1 ){
2018-08-15 18:24:29 +02:00
echo " you are not allowed to delete vms! " ;
2018-08-15 16:52:34 +02:00
} else {
$vmname = clean ( $_POST [ 'deletename' ]);
2018-08-21 14:00:09 +02:00
$vmid = clean ( $_POST [ 'deleteid' ]);
2018-10-24 14:49:05 +02:00
$sql = " SELECT vms.id AS vid,prio,hostname,connectstring,autostart FROM vms LEFT JOIN servers ON vms.server = servers.hostname WHERE vmname=' $vmname ' AND vid=' $vmid ' " ;
2018-08-15 16:52:34 +02:00
$res = $db_handle -> query ( $sql );
while ( $row = $res -> fetchArray ( SQLITE3_ASSOC )){
2018-10-24 12:20:36 +02:00
$prio = $row [ 'prio' ];
$nextprio = $prio + 1 ;
$lastprio = " no " ;
while ( $lastprio == " no " ){
$sqln = " SELECT id FROM vms WHERE prio=' $nextprio ' " ;
$nid = $db_handle -> query ( $sqln ) -> fetchArray ( SQLITE3_ASSOC )[ 'id' ];
if ( $nid == " " ){
$lastprio = " yes " ;
} else {
$sqlu = " UPDATE vms SET prio=' $prio ' WHERE id=' $nid ' " ;
if ( ! $db_handle -> query ( $sqlu )){
echo " SQL $sqlu failed! " ;
exit ;
} else {
$nextprio = $nextprio + 1 ;
$prio = $prio + 1 ;
}
}
}
2018-10-24 14:49:05 +02:00
if ( $row [ 'autostart' ] == " 1 " ){
if ( $row [ 'connectstring' ] == " " ){
$shellout = shell_exec ( " /usr/bin/nlvmi delautostart local $vmname " );
} else {
$shellout = shell_exec ( " /usr/bin/nlvmi delautostart $row[connectstring] $vmname " );
}
}
2018-10-24 17:53:40 +02:00
if ( isset ( $config [ 'NGINXCONFIGPATH' ])){
$shellout = shell_exec ( " /usr/bin/nlvmi delnginx local $vmname " );
}
2018-08-15 16:52:34 +02:00
$sqld = " DELETE FROM vms WHERE id=' $vmid ' " ;
if ( $db_handle -> query ( $sqld )){
echo " VM $vmname deleted! " ;
}
}
2018-08-13 16:49:49 +02:00
}
2018-10-23 17:39:54 +02:00
} elseif
//delete user
(( isset ( $_POST [ 'deleteid' ])) && ( isset ( $_POST [ 'deletename' ])) && ( $_POST [ 'delwhat' ] == " user " )){
2018-08-21 14:00:09 +02:00
if ( $_SESSION [ 'isadmin' ] != 1 ){
echo " you are not allowed to delete users! " ;
} else {
$uname = clean ( $_POST [ 'deletename' ]);
$uid = clean ( $_POST [ 'deleteid' ]);
$sql = " SELECT id FROM users WHERE username=' $uname ' AND id=' $uid ' " ;
$res = $db_handle -> query ( $sql );
while ( $row = $res -> fetchArray ( SQLITE3_ASSOC )){
$sqld = " DELETE FROM users WHERE id=' $uid ' " ;
if ( $db_handle -> query ( $sqld )){
echo " User $uname deleted! " ;
}
}
}
2018-10-23 17:39:54 +02:00
} elseif
//delete server
(( isset ( $_POST [ 'deleteid' ])) && ( isset ( $_POST [ 'deletename' ])) && ( $_POST [ 'delwhat' ] == " server " )){
2018-08-21 14:00:09 +02:00
if ( $_SESSION [ 'isadmin' ] != 1 ){
echo " you are not allowed to delete vms! " ;
} else {
$sname = clean ( $_POST [ 'deletename' ]);
$sid = clean ( $_POST [ 'deleteid' ]);
$sql = " SELECT id FROM servers WHERE hostname=' $sname ' AND id=' $sid ' " ;
$res = $db_handle -> query ( $sql );
while ( $row = $res -> fetchArray ( SQLITE3_ASSOC )){
$sqld = " DELETE FROM servers WHERE id=' $sid ' " ;
if ( $db_handle -> query ( $sqld )){
echo " Server $sname deleted! " ;
}
}
}
2018-08-13 16:49:49 +02:00
}
2018-08-15 13:50:00 +02:00
//insert new user in db
2018-08-15 16:52:34 +02:00
if ( isset ( $_POST [ 'newusername' ])){
if ( $_SESSION [ 'isadmin' ] != 1 ){
echo " you are not allowed to add usernames! " ;
} else {
$newusername = clean ( $_POST [ 'newusername' ]);
$newpassword = password_hash ( clean ( $_POST [ 'newpassword' ]), PASSWORD_DEFAULT );
if ( $_POST [ 'isadmin' ] == " on " ){
$isadmin = " 1 " ;
} else {
$isadmin = " 0 " ;
}
$sqlu = " SELECT id FROM users WHERE username=' $newusername ' " ;
$res = $db_handle -> query ( $sqlu );
while ( $row = $res -> fetchArray ( SQLITE3_ASSOC )){
echo " username already exist! " ;
exit ;
}
$sql = " INSERT INTO users (username,password,admin) VALUES(' $newusername ', ' $newpassword ', ' $isadmin ') " ;
$res = $db_handle -> query ( $sql );
$res = $db_handle -> query ( $sqlu );
while ( $row = $res -> fetchArray ( SQLITE3_ASSOC )){
echo " success " ;
exit ;
}
echo " Failed to insert into DB! " ;
exit ;
}
2018-08-15 13:50:00 +02:00
}
//update user in db
2018-08-15 16:52:34 +02:00
if ( isset ( $_POST [ 'changeusername' ])){
if ( $_SESSION [ 'isadmin' ] != 1 ){
echo " you are not allowed to change usernames! " ;
} else {
2018-08-16 16:00:08 +02:00
$userchange = clean ( $_POST [ 'userchange' ]);
2018-08-15 16:52:34 +02:00
$username = clean ( $_POST [ 'changeusername' ]);
2018-08-16 16:00:08 +02:00
if ( $_POST [ 'passwordchange' ] == " " ){
$passwd = " " ;
} else {
$pass = password_hash ( clean ( $_POST [ 'passwordchange' ]), PASSWORD_DEFAULT );
$passwd = " password=' $pass ', " ;
}
2018-08-15 13:50:00 +02:00
if ( $_POST [ 'isadmin' ] == " on " ){
$isadmin = " 1 " ;
} else {
$isadmin = " 0 " ;
}
2018-08-16 16:00:08 +02:00
$sql = " UPDATE users SET username=' $username ', $passwd admin=' $isadmin ' where id=' $userchange ' " ;
2018-08-15 16:52:34 +02:00
if ( $db_handle -> query ( $sql )){
echo " success " ;
exit ;
}
2018-08-15 13:50:00 +02:00
}
}
2018-08-20 20:19:52 +02:00
//insert new server in db
2018-08-21 14:00:09 +02:00
if ( isset ( $_POST [ 'newhostname' ])){
2018-08-20 20:19:52 +02:00
if ( $_SESSION [ 'isadmin' ] != 1 ){
echo " you are not allowed to add servers! " ;
} else {
$newservername = clean ( $_POST [ 'newhostname' ]);
$connectstring = clean ( $_POST [ 'connectstring' ]);
$vmdirectory = clean ( $_POST [ 'vmdirectory' ]);
$isodirectory = clean ( $_POST [ 'isodirectory' ]);
2018-08-21 14:00:09 +02:00
$sqlu = " INSERT INTO servers ('hostname','connectstring','vmdirectory','isodirectory') VALUES(' $newservername ',' $connectstring ',' $vmdirectory ',' $isodirectory ') " ;
//echo $sqlu;
2018-08-20 20:19:52 +02:00
$res = $db_handle -> query ( $sqlu );
echo " success " ;
exit ;
}
}
//update server in db
if ( isset ( $_POST [ 'changehostname' ])){
if ( $_SESSION [ 'isadmin' ] != 1 ){
echo " you are not allowed to change servers! " ;
} else {
$newservername = clean ( $_POST [ 'changehostname' ]);
$connectstring = clean ( $_POST [ 'connectstring' ]);
$vmdirectory = clean ( $_POST [ 'vmdirectory' ]);
$isodirectory = clean ( $_POST [ 'isodirectory' ]);
$changeid = clean ( $_POST [ 'changeid' ]);
$sql = " UPDATE servers SET hostname=' $newservername ', connectstring=' $connectstring ', vmdirectory=' $vmdirectory ', isodirectory=' $isodirectory ' where id=' $changeid ' " ;
if ( $db_handle -> query ( $sql )){
echo " success " ;
exit ;
} else {
echo " $sql " ;
exit ;
}
}
}
2018-08-18 13:53:25 +02:00
//insert or update vm in db
if ( isset ( $_REQUEST [ 'mode' ])){
if ( $_REQUEST [ 'mode' ] == " newvm " ){
2018-10-23 17:39:54 +02:00
$psql = " SELECT MAX(prio) AS prio FROM vms " ;
$pres = $db_handle -> query ( $psql );
$prioa = $pres -> fetchArray ( SQLITE3_ASSOC );
$prio = $prioa [ 'prio' ] + 1 ;
2018-08-18 13:53:25 +02:00
$mode = " newvm " ;
$sqls = " INSERT INTO vms " ;
$sqlc = " ( " ;
$sqlv = " VALUES ( " ;
foreach ( array_keys ( $_REQUEST ) as $rkey ){
2018-08-21 14:00:09 +02:00
if (( $rkey != " mode " ) && ( $rkey != " rand " )){
2018-10-24 14:49:05 +02:00
$rvalue = clean ( $_REQUEST [ $rkey ]);
2018-08-18 13:53:25 +02:00
if (( preg_match ( '/macaddr/' , $rkey )) && ( $rvalue != " " )){
$cm = checkmacfree ( clean ( $_REQUEST [ 'vmname' ]), $rvalue , $db_handle );
if ( $cm != " 0 " ) {
echo $cm ;
exit ;
}
}
2018-10-10 20:23:40 +02:00
if ( $rkey == " autostart " ){
if ( $rvalue == " on " ){
$rvalue = " 1 " ;
} else {
$rvalue = " 0 " ;
}
}
2018-08-18 13:53:25 +02:00
if ( $rvalue == " x86_64 " ){
$rvalue = " qemu-system-x86_64 " ;
2018-09-23 15:51:44 +02:00
} elseif (( preg_match ( '/no drive/' , $rvalue )) || ( $rvalue == " no cdrom " )){
$rvalue = " " ;
2018-08-18 13:53:25 +02:00
}
$sqlc .= " $rkey , " ;
$sqlv .= " ' $rvalue ', " ;
}
}
2018-10-23 17:39:54 +02:00
$sqlc .= " 'prio') " ;
$sqlv .= " ' $prio ') " ;
2018-08-18 13:53:25 +02:00
$sql = " $sqls $sqlc $sqlv " ;
$res = $db_handle -> exec ( $sql );
2018-10-24 14:49:05 +02:00
echo " success " ;
exit ;
2018-08-18 13:53:25 +02:00
} elseif ( $_REQUEST [ 'mode' ] == " editvm " ){
$sql = " UPDATE vms SET " ;
2018-10-10 20:23:40 +02:00
$autostartfound = " 0 " ;
2018-08-18 13:53:25 +02:00
foreach ( array_keys ( $_REQUEST ) as $rkey ){
if (( $rkey != " mode " ) && ( $rkey != " editid " ) && ( $rkey != " rand " )){
$rvalue = clean ( $_REQUEST [ $rkey ]);
if (( preg_match ( '/macaddr/' , $rkey )) && ( $rvalue != " " )){
$cm = checkmacfree ( clean ( $_REQUEST [ 'vmname' ]), $rvalue , $db_handle );
if ( $cm != " 0 " ) {
echo $cm ;
exit ;
}
}
2018-10-10 20:23:40 +02:00
if ( $rkey == " autostart " ){
$autostartfound = " 1 " ;
if ( $rvalue == " on " ){
$rvalue = " 1 " ;
} else {
$rvalue = " 0 " ;
}
}
2018-08-18 13:53:25 +02:00
if ( $rvalue == " x86_64 " ){
$rvalue = " qemu-system-x86_64 " ;
2018-09-23 15:51:44 +02:00
} elseif (( preg_match ( '/no drive/' , $rvalue )) || ( $rvalue == " no cdrom " )){
$rvalue = " " ;
2018-08-18 13:53:25 +02:00
}
$sql .= " $rkey =' $rvalue ', " ;
}
}
2018-10-10 20:23:40 +02:00
if ( $autostartfound == " 0 " ){
$sql .= " autostart='0' " ;
} else {
$sql = rtrim ( $sql , ',' );
}
2018-08-18 13:53:25 +02:00
$eid = clean ( $_REQUEST [ 'editid' ]);
$sql .= " WHERE id=' $eid ' " ;
$res = $db_handle -> exec ( $sql );
echo " success " ;
exit ;
}
}
2018-10-23 17:39:54 +02:00
if ( isset ( $_REQUEST [ 'neworder' ])){
if ( isset ( $_REQUEST [ 'vid' ])){
$vid = clean ( $_REQUEST [ 'vid' ]);
$sql = " SELECT prio FROM vms WHERE id=' $vid ' " ;
$oldprio = $db_handle -> query ( $sql ) -> fetchArray ( SQLITE3_ASSOC )[ 'prio' ];
//print_r($res);
//echo "buu";
if ( $_REQUEST [ 'neworder' ] == " up " ){
$newprio = $oldprio - 1 ;
$sqlu = " SELECT id FROM vms WHERE prio=' $newprio ' " ;
$oldid = $db_handle -> query ( $sqlu ) -> fetchArray ( SQLITE3_ASSOC )[ 'id' ];
$sqlm = " UPDATE vms SET prio=' $newprio ' WHERE id=' $vid ' " ;
$sqln = " UPDATE vms SET prio=' $oldprio ' WHERE id=' $oldid ' " ;
if (( $db_handle -> exec ( $sqlm )) && ( $db_handle -> exec ( $sqln ))){
echo " success " ;
exit ;
}
} elseif ( $_REQUEST [ 'neworder' ] == " down " ){
$newprio = $oldprio + 1 ;
$sqlu = " SELECT id FROM vms WHERE prio=' $newprio ' " ;
$oldid = $db_handle -> query ( $sqlu ) -> fetchArray ( SQLITE3_ASSOC )[ 'id' ];
$sqlm = " UPDATE vms SET prio=' $newprio ' WHERE id=' $vid ' " ;
$sqln = " UPDATE vms SET prio=' $oldprio ' WHERE id=' $oldid ' " ;
if (( $db_handle -> exec ( $sqlm )) && ( $db_handle -> exec ( $sqln ))){
echo " success " ;
exit ;
}
}
}
}
2018-08-20 18:56:48 +02:00
if ( isset ( $_POST [ 'serverbuttoni' ])){
2018-08-21 14:25:19 +02:00
serverdepropdown ( $_POST [ 'serverbuttoni' ], " no drive1 " , 'drive1' );
formatbuttons ( 'format1' , '' );
serverdepropdown ( $_POST [ 'serverbuttoni' ], " no drive2 " , 'drive2' );
formatbuttons ( 'format2' , '' );
serverdepropdown ( $_POST [ 'serverbuttoni' ], " no drive3 " , 'drive3' );
formatbuttons ( 'format3' , '' );
2018-08-20 18:56:48 +02:00
serverdepropdown ( $_POST [ 'serverbuttoni' ], " no cdrom " , 'cdrom' );
exit ;
}
2018-08-20 20:19:52 +02:00
2018-08-18 11:47:47 +02:00
//ajax queries are all done, time for the header
2018-08-15 16:52:34 +02:00
include ( 'header.php' );
2018-08-15 13:50:00 +02:00
//usermanagement
2018-08-15 16:52:34 +02:00
if (( isset ( $_POST [ 'usermgmt' ])) || ( $mode == " usermgmt " )){
$mode = " usermgmt " ;
2018-08-15 17:38:14 +02:00
if (( $_SESSION [ 'username' ] == " inituser " ) || ( $_SESSION [ 'isadmin' ] == " 1 " )){
2018-08-15 16:52:34 +02:00
$sql = " SELECT * FROM users " ;
$res = $db_handle -> query ( $sql );
2018-10-24 12:20:36 +02:00
echo " </br> " ;
2018-08-15 17:38:14 +02:00
if ( $_SESSION [ 'username' ] != " inituser " ){
echo " <h2>Existing users</h2> " ;
}
2018-08-15 16:52:34 +02:00
while ( $row = $res -> fetchArray ( SQLITE3_ASSOC )){
2018-08-21 14:00:09 +02:00
echo " <div class=row><div class=col style=text-align:right><form id=uform $row[id] action=? method=post><input class=form-control name=changeusername value= $row[username] ></div> " ;
2018-08-15 16:52:34 +02:00
if ( $row [ 'admin' ] == " 1 " ){
$checked = " checked " ;
} else {
$checked = " " ;
}
2018-08-16 16:00:08 +02:00
echo " <div class=col-ms><input data-onstyle= \" danger \" data-offstyle=success name=isadmin id= \" isadmin $row[id] \" type= \" checkbox \" data-toggle= \" toggle \" data-on= \" user is Admin \" data-off= \" user is no Admin \" $checked ></div> " ;
2018-08-15 16:52:34 +02:00
echo " <input type=hidden name=userchange value= $row[id] > " ;
2018-08-25 12:40:14 +02:00
echo " <div class=col><input class=form-control type=password name=passwordchange placeholder=newpassword></div><div class=col><a href=# class= \" btn btn-success \" onclick= \" javascript:submitbutton('uform $row[id] '); \" >save user</a></form> " ;
echo " <button class= \" btn btn-danger \" data-delete-text= \" Delete user $row[username] ! \" data-delete-what=user data-delete-id= \" $row[id] \" data-delete-name= \" $row[username] \" data-toggle= \" modal \" data-target= \" #confirm-delete \" >Delete user</button></div></div> " ;
2018-08-15 13:50:00 +02:00
}
//newuserform
2018-08-15 16:52:34 +02:00
echo " <h2>Create a new user</h2><form id=newuserform action=? method=post><div class=row><div class=col><input type=text class=form-control name=newusername placeholder=Username></div> " ;
if ( $_SESSION [ 'username' ] != " inituser " ){
echo " <div class=col-ms><input data-onstyle= \" danger \" data-offstyle=success name=isadmin id= \" isadmin \" type= \" checkbox \" data-toggle= \" toggle \" data-on= \" user is Admin \" data-off= \" user is no Admin \" checked></div> " ;
} else {
echo " <input type=hidden name=isadmin value=on> " ;
}
echo " <div class=col><input class=form-control type=password name=newpassword placeholder=newpassword></div><div class=col><a href=# class= \" btn btn-success \" onclick= \" javascript:submitbutton('newuserform'); \" >Create user</a></div></div></form> " ;
2018-08-15 13:50:00 +02:00
}
}
2018-08-20 20:19:52 +02:00
//servermanagement
if ( isset ( $_POST [ 'servermgmt' ])){
$mode = " servermgmt " ;
if ( $_SESSION [ 'isadmin' ] == " 1 " ){
$sql = " SELECT * FROM servers " ;
$res = $db_handle -> query ( $sql );
echo " </br> " ;
echo " <h2>Existing servers</h2> " ;
echo " <div class=row><div class=col>hostname</div><div class=col>connectstring</div><div class=col>VM directory</div><div class=col>ISO directory</div><div class=col></div></div> " ;
while ( $row = $res -> fetchArray ( SQLITE3_ASSOC )){
2018-08-21 14:00:09 +02:00
echo " <div class=row><div class=col style=text-align:right><form id=sform $row[id] action=? method=post><input class=form-control name=changehostname value= $row[hostname] ></div> " ;
2018-08-20 20:19:52 +02:00
echo " <div class=col><input name=connectstring id= \" connectstring \" type= \" text \" value= $row[connectstring] ></div> " ;
echo " <div class=col><input name=vmdirectory id= \" connectstring \" type= \" text \" value= $row[vmdirectory] ></div> " ;
echo " <div class=col><input name=isodirectory id= \" connectstring \" type= \" text \" value= $row[isodirectory] ></div> " ;
2018-08-25 12:40:14 +02:00
echo " <div class=col><input type=hidden name=changeid value= $row[id] ><a href=# class= \" btn btn-success \" onclick= \" javascript:submitbutton('sform $row[id] '); \" >save server</a></form> " ;
echo " <button class= \" btn btn-danger \" data-delete-text= \" Delete server $row[hostname] ! \" data-delete-what=server data-delete-id= \" $row[id] \" data-delete-name= \" $row[hostname] \" data-toggle= \" modal \" data-target= \" #confirm-delete \" >Delete server</button></div></div> " ;
2018-08-20 20:19:52 +02:00
}
//newserverform
echo " <h2>Create a new server</h2><form id=newserverform action=? method=post><div class=row><div class=col><input type=text class=form-control name=newhostname placeholder=hostname></div> " ;
echo " <div class=col><input class=form-control name=connectstring type= \" text \" placeholder= \" nlvmi@192.168.0.X \" ></div> " ;
echo " <div class=col><input class=form-control type=test name=vmdirectory placeholder= \" multiple directories like /directorya;/directoryb \" ></div> " ;
2018-10-10 16:56:44 +02:00
echo " <div class=col><input class=form-control type=test name=isodirectory placeholder= \" multiple directories like /directorya;/directoryb \" ></div> " ;
2018-08-20 20:19:52 +02:00
echo " <div class=col><a href=# class= \" btn btn-success \" onclick= \" javascript:submitbutton('newserverform'); \" >Create server</a></div></div></form> " ;
}
}
2018-08-15 13:50:00 +02:00
2018-08-15 16:52:34 +02:00
//start vm
if ( isset ( $_REQUEST [ 'start' ])){
$vmname = clean ( $_REQUEST [ 'start' ]);
2018-08-15 17:38:14 +02:00
$sqllimit = " " ;
if ( $_SESSION [ 'isadmin' ] != " 1 " ){
$sqllimit = " WHERE username=' $_SESSION[username] ' " ;
}
$sql = " SELECT * FROM vms WHERE vmname=' $vmname ' $sqllimit " ;
2018-08-15 16:52:34 +02:00
$res = $db_handle -> query ( $sql );
while ( $row = $res -> fetchArray ( SQLITE3_ASSOC )){
2018-08-18 11:47:47 +02:00
$shellout = shell_exec ( " /usr/bin/nlvmi start $vmname bla " );
2018-08-12 20:21:33 +02:00
echo $shellout ;
}
}
2018-08-15 18:24:29 +02:00
//stop vm
2018-08-15 16:52:34 +02:00
if ( isset ( $_REQUEST [ 'stop' ])){
$vmname = clean ( $_REQUEST [ 'stop' ]);
2018-08-15 17:38:14 +02:00
if ( $_SESSION [ 'isadmin' ] != " 1 " ){
$sqllimit = " WHERE username=' $_SESSION[username] ' " ;
}
$sql = " SELECT * FROM vms WHERE vmname=' $vmname ' $sqllimit " ;
2018-08-15 16:52:34 +02:00
$res = $db_handle -> query ( $sql );
while ( $row = $res -> fetchArray ( SQLITE3_ASSOC )){
2018-08-18 11:47:47 +02:00
if ( ! checkvm ( $vmname )){
$shellout = shell_exec ( " /usr/bin/nlvmi stop $vmname bla " );
2018-08-15 16:52:34 +02:00
echo $shellout ;
}
}
}
2018-08-11 20:07:23 +02:00
//form for edit and new vms
2018-08-15 16:52:34 +02:00
if ( isset ( $_REQUEST [ 'edit' ])){
$mode = " editvm " ;
$formname = " editvm " ;
$eid = clean ( $_REQUEST [ 'edit' ]);
$sql = " SELECT * FROM vms WHERE id=' $eid ' " ;
$res = $db_handle -> query ( $sql );
$editid = " <input type=hidden name=editid value= $eid > " ;
while ( $row = $res -> fetchArray ( SQLITE3_ASSOC )){
$e = $row ;
}
} elseif ( isset ( $_REQUEST [ 'newvm' ])) {
$formname = " newvm " ;
$editid = " " ;
$mode = " newvm " ;
2018-08-11 20:07:23 +02:00
}
2018-08-12 15:09:47 +02:00
2018-08-15 16:52:34 +02:00
if ( isset ( $formname )){
2018-08-16 17:15:56 +02:00
$placehold [ 'vmname' ] = " Name of the VM " ;
$placehold [ 'server' ] = " ip or name of host server " ;
$placehold [ 'cputype' ] = " normally just 'host' " ;
$placehold [ 'cpus' ] = " Number of core for the VM " ;
$placehold [ 'memory' ] = " Amount of RAM for the VM im Mb " ;
$placehold [ 'usbdev' ] = " Normally just 'tablet' to get a mouse " ;
$placehold [ 'kblang' ] = " Qemu keyboard layout. Like 'de-ch' " ;
$placehold [ 'custom' ] = " Customstring to add to the qemu command " ;
$placehold [ 'tapdev1' ] = " tapname of first netinterface " ;
$placehold [ 'tapdev2' ] = " tapname of second netinterface " ;
$placehold [ 'tapdev3' ] = " tapname of third netinterface " ;
$placehold [ 'macaddr1' ] = " macaddress of first netinterface " ;
$placehold [ 'macaddr2' ] = " macaddress of second netinterface " ;
$placehold [ 'macaddr3' ] = " macaddress of third netinterface " ;
$placehold [ 'brdev1' ] = " bridge on host to add first netinterface " ;
$placehold [ 'brdev2' ] = " bridge on host to add second netinterface " ;
$placehold [ 'brdev3' ] = " bridge on host to add third netinterface " ;
$placehold [ 'vncport' ] = " VNC displaynumber like '1' " ;
$placehold [ 'websocket' ] = " port to bind the VNC websocket " ;
$placehold [ 'vncpasswort' ] = " the password for VNC " ;
2018-08-15 16:52:34 +02:00
echo " <h2> $formname </h2></br> " ;
2018-08-18 13:53:25 +02:00
echo " <form id= $formname name= $formname action=? method=post> " ;
2018-08-15 16:52:34 +02:00
$res = $db_handle -> query ( 'PRAGMA table_info(vms)' );
while ( $col = $res -> fetchArray ( SQLITE3_ASSOC )) {
$arrColnames [] = $col [ 'name' ];
}
2018-08-20 18:56:48 +02:00
$server = $e [ 'server' ];
2018-08-15 16:52:34 +02:00
for ( $col = 0 ; $col < count ( $arrColnames ); $col ++ ){
2018-10-24 12:20:36 +02:00
if (( $arrColnames [ $col ] != " id " ) && ( $arrColnames [ $col ] != " prio " )){
2018-08-15 16:52:34 +02:00
if ( isset ( $e [ $arrColnames [ $col ]])){
$val = $e [ $arrColnames [ $col ]];
} else {
$val = " " ;
2018-08-13 20:11:24 +02:00
}
2018-08-16 17:15:56 +02:00
$colname = $arrColnames [ $col ];
2018-08-15 16:52:34 +02:00
if ( $arrColnames [ $col ] == " bootoption " ){
if ( $val == " " ) {
$val = " c " ;
}
echo " <div class=row><div class=col-md-1 style=text-align:right>bootoption</div><div class=col-md-2><div class=dropdown><button class= \" btn btn-secondary dropdown-toggle \" type=button id=bootoptionbutton data-toggle=dropdown aria-haspopup=true aria-expanded=false> $val </button> " ;
echo " <div class=dropdown-menu aria-labelledby=bootoptionbutton> " ;
echo " <a class=dropdown-item href= \" javascript:dropdown('bootoptionbutton','c') \" >c</a> " ;
echo " <a class=dropdown-item href= \" javascript:dropdown('bootoptionbutton','d') \" >d</a> " ;
2018-08-20 16:55:32 +02:00
echo " </div></div></div></div><input type=hidden id=bootoptionbuttonh name=bootoption value= $val > " ;
2018-08-15 18:24:29 +02:00
} elseif ( $arrColnames [ $col ] == " user " ){
if ( $val == " " ) {
$val = $_SESSION [ 'username' ];
}
echo " <div class=row><div class=col-md-1 style=text-align:right>user</div><div class=col-md-2><div class=dropdown><button class= \" btn btn-secondary dropdown-toggle \" type=button id=userbutton data-toggle=dropdown aria-haspopup=true aria-expanded=false> $val </button> " ;
echo " <div class=dropdown-menu aria-labelledby=userbutton> " ;
$sqlusers = " SELECT username FROM users " ;
$resusers = $db_handle -> query ( $sqlusers );
while ( $rowusers = $resusers -> fetchArray ( SQLITE3_ASSOC )){
echo " <a class=dropdown-item href= \" javascript:dropdown('userbutton',' $rowusers[username] ') \" > $rowusers[username] </a> " ;
}
2018-08-20 16:55:32 +02:00
echo " </div></div></div><input type=hidden id=userbuttonh name=user value= $val ></div> " ;
2018-08-15 16:52:34 +02:00
} elseif ( $arrColnames [ $col ] == " arch " ){
echo " <div class=row><div class=col-md-1 style=text-align:right>arch</div><div class=col-md-2><div class=dropdown><button class= \" btn btn-secondary dropdown-toggle \" type=button id=archbutton data-toggle=dropdown aria-haspopup=true aria-expanded=false>x86_64</button> " ;
echo " <div class=dropdown-menu aria-labelledby=archbutton> " ;
echo " <a class=dropdown-item href= \" javascript:dropdown('archbutton','x86_64') \" >x86_64</a> " ;
echo " </div></div></div></div><input type=hidden id=archbuttonh name=arch value=x86_64> " ;
2018-08-16 17:15:56 +02:00
} elseif ( preg_match ( '/format/' , $arrColnames [ $col ])){
2018-08-21 14:25:19 +02:00
formatbuttons ( $arrColnames [ $col ], $val );
2018-08-16 17:15:56 +02:00
} elseif ( $arrColnames [ $col ] == " autostart " ){
$checked = " " ;
if ( $val == " 1 " ){
$checked = " checked " ;
}
echo " <div class=row><div class=col-md-1 style=text-align:right>autostart</div><div class=col-md-2><input data-onstyle= \" success \" data-offstyle=danger name=autostart id= \" autostart \" type= \" checkbox \" data-toggle= \" toggle \" data-on= \" boot with host \" data-off= \" no autostart \" $checked ></div></div> " ;
2018-08-15 16:52:34 +02:00
} elseif ( $arrColnames [ $col ] == " cdrom " ){
2018-08-20 18:56:48 +02:00
serverdepropdown ( $server , $val , " cdrom " );
echo " </div> " ;
2018-08-15 16:52:34 +02:00
} elseif ( preg_match ( '/tapdev/' , $arrColnames [ $col ])) {
2018-08-16 17:15:56 +02:00
echo " <div class=row><div class=col-md-1 style=text-align:right> $arrColnames[$col] </div><div class=col-md-2><input class=form-control type=text name= $arrColnames[$col] value= \" $val\ " placeholder = \ " $placehold[$colname] \" ></div> " ;
2018-08-15 16:52:34 +02:00
} elseif ( preg_match ( '/macaddr/' , $arrColnames [ $col ])) {
2018-08-16 17:15:56 +02:00
echo " <div class=col-md-1 style=text-align:right> $arrColnames[$col] </div><div class=col-md-2><input class=form-control type=text name= $arrColnames[$col] value= \" $val\ " placeholder = \ " $placehold[$colname] \" ></div> " ;
2018-08-15 16:52:34 +02:00
} elseif ( preg_match ( '/brdev/' , $arrColnames [ $col ])) {
2018-08-16 17:15:56 +02:00
echo " <div class=col-md-1 style=text-align:right> $arrColnames[$col] </div><div class=col-md-2><input class=form-control type=text name= $arrColnames[$col] value= \" $val\ " placeholder = \ " $placehold[$colname] \" ></div></div> " ;
2018-08-15 16:52:34 +02:00
} elseif ( preg_match ( '/drive/' , $arrColnames [ $col ])){
2018-08-21 14:25:19 +02:00
if ( $arrColnames [ $col ] == " drive1 " ){
echo " <div id=drivesdiv> " ;
}
2018-08-20 18:56:48 +02:00
serverdepropdown ( $server , $val , $arrColnames [ $col ]);
} elseif ( $arrColnames [ $col ] == " server " ){
2018-08-15 16:52:34 +02:00
echo " <div class=row><div class=col-md-1 style=text-align:right> $arrColnames[$col] </div><div class=col-md-2><div class=dropdown><button class= \" btn btn-secondary dropdown-toggle \" type=button id= $arrColnames[$col] button data-toggle=dropdown aria-haspopup=true aria-expanded=false> $val </button> " ;
echo " <div class=dropdown-menu aria-labelledby= $arrColnames[$col] button> " ;
2018-08-20 18:56:48 +02:00
$sqls = " SELECT hostname FROM servers " ;
$ress = $db_handle -> query ( $sqls );
while ( $rows = $ress -> fetchArray ( SQLITE3_ASSOC )){
echo " <a class=dropdown-item href= \" javascript:dropdown(' $arrColnames[$col] button',' $rows[hostname] ') \" > $rows[hostname] </a> " ;
2018-08-13 20:11:24 +02:00
}
2018-08-20 18:56:48 +02:00
echo " </div></div></div></div><input type=hidden id= $arrColnames[$col] buttonh name= $arrColnames[$col] value= $val > " ;
2018-08-15 16:52:34 +02:00
} else {
2018-08-16 17:15:56 +02:00
echo " <div class=row><div class=col-md-1 style=text-align:right> $arrColnames[$col] </div><div class=col-md-2><input class=form-control type=text name= $arrColnames[$col] value= \" $val\ " placeholder = \ " $placehold[$colname] \" ></div></div> " ;
2018-08-12 17:22:18 +02:00
}
}
2018-08-11 20:07:23 +02:00
}
2018-08-18 13:53:25 +02:00
echo " $editid <input type=hidden name=mode value= $formname ><a href=# onclick= \" submitbutton(' $formname ') \" class= \" btn btn-primary \" >save vm</a></form> " ;
2018-08-11 20:07:23 +02:00
}
2018-08-12 15:09:47 +02:00
2018-08-15 16:52:34 +02:00
if (( $mode != " newvm " ) && ( $mode != " editvm " ) && ( $mode != 'usermgmt' )){
2018-10-24 12:20:36 +02:00
if ( $_SESSION [ 'isadmin' ] == " 1 " ){
2018-08-15 17:00:23 +02:00
$sqllimit = " " ;
echo " </br><a class= \" btn btn-primary \" href=# onclick= \" post('?', { newvm: 'newvm'}); \" >Create a new VM</a></br></br> " ;
} else {
$sqllimit = " WHERE user=' $_SESSION[username] ' " ;
}
2018-08-13 19:21:12 +02:00
2018-08-12 15:09:47 +02:00
//getting vms from DB
2018-10-23 17:39:54 +02:00
$sql = " SELECT * FROM vms $sqllimit ORDER BY prio " ;
2018-08-15 16:52:34 +02:00
$res = $db_handle -> query ( $sql );
2018-10-23 17:39:54 +02:00
2018-08-15 16:52:34 +02:00
while ( $row = $res -> fetchArray ( SQLITE3_ASSOC )){
2018-10-23 17:39:54 +02:00
echo " <div class=row> " ;
2018-08-15 16:52:34 +02:00
if ( checkvm ( $row [ 'vmname' ])){
$button = " start " ;
$buttonc = " btn-success " ;
} else {
$button = " stop " ;
$buttonc = " btn-warning " ;
}
2018-09-23 17:25:17 +02:00
$vncport = sprintf ( " %02d " , $row [ 'vncport' ]);
2018-10-24 12:20:36 +02:00
echo " <div><button type=button onclick= \" arrow('up', ' $row[id] '); \" class= \" btn btn-default \" aria-label= \" Left Align \" ><span><img src=arrowup.png width=6px ></span></button><br/> " ;
2018-10-23 17:39:54 +02:00
echo " <button type=button onclick= \" arrow('down', ' $row[id] '); \" class= \" btn btn-default \" aria-label= \" Left Align \" ><span><img src=arrowdown.png width=6px></span></button></div> " ;
echo " <div class=col-sm><b> $row[vmname] </b></div><div class=col-sm> $row[server] </div><div class=col-sm> $row[cpus] CPUs, $row[memory] MB RAM</div><div class=col-sm> $row[drive1] </div> " ;
echo " <div class=col-sm>VNC port: 59 $vncport </div><div class-col-sm><a class= \" btn btn-primary \" href=# onclick= \" post('?', { edit: ' $row[id] '}); \" >edit</a> " ;
2018-08-15 16:52:34 +02:00
echo " <a href=# onclick= \" post('?', { ' $button ': ' $row[vmname] '}); \" class= \" btn $buttonc\ " > $button </ a > " ;
2018-08-21 14:00:09 +02:00
echo " <button class= \" btn btn-danger \" data-delete-text= \" Delete VM $row[vmname] ! \" data-delete-id= \" $row[id] \" data-delete-name= \" $row[vmname] \" data-toggle= \" modal \" data-target= \" #confirm-delete \" data-delete-what=vm>Delete VM</button> " ;
2018-08-25 12:40:14 +02:00
if ( $row [ 'websocket' ] != " " ){
2018-10-24 17:53:40 +02:00
$server = $_SERVER [ 'HTTP_HOST' ];
$websocketport = $row [ 'websocket' ] + 5700 ;
$wpath = " " ;
if ( isset ( $_SERVER [ 'HTTP_X_FORWARDED_PROTO' ])){
if ( $_SERVER [ 'HTTP_X_FORWARDED_PROTO' ] == " https " ){
$wpath = " $row[vmname] / " ;
$websocketport = " 443 " ;
}
} elseif ( isset ( $_SERVER [ 'REQUEST_SCHEME' ])){
if ( $_SERVER [ 'REQUEST_SCHEME' ] == " https " ){
$wpath = " $row[vmname] / " ;
$websocketport = " 443 " ;
}
}
2018-08-25 12:40:14 +02:00
if ( preg_match ( '/stop/' , $button )) {
2018-10-24 17:53:40 +02:00
echo " <a target=_blank href=novnc/vnc.html?host= $server &port= $websocketport &path= $wpath class= \" btn btn-success \" >VNC</a> " ;
2018-08-25 12:40:14 +02:00
}
2018-08-15 16:52:34 +02:00
}
2018-10-23 17:39:54 +02:00
echo " </div></div><hr> " ;
2018-08-15 16:52:34 +02:00
}
2018-08-13 18:25:05 +02:00
}
2018-10-23 17:39:54 +02:00
echo " </div></body></html> " ;
2018-08-15 13:50:00 +02:00
} elseif ( ! isset ( $_SESSION [ 'username' ])){
echo " <h1>Welcome to nlvmi!</h1><h2>You need to log in</h2></br> " ;
echo " <form action=? method=post>Username: <input type=text name=username> Password: <input type=password name=password> <input name=login type=submit></form> " ;
exit ;
}
2018-10-23 17:39:54 +02:00
2018-08-11 20:07:23 +02:00
?>