diff --git a/web/index.php b/web/index.php index d168df5..bd2f47b 100644 --- a/web/index.php +++ b/web/index.php @@ -107,14 +107,18 @@ if ($usersfound=="no"){ } elseif ((isset($_POST['login']))&&(isset($_POST['username']))&&(isset($_POST['password']))){ $user = clean($_POST['username']); $pass = clean($_POST['password']); - $sql="SELECT password,admin FROM users WHERE username='$user'"; - $res = $db_handle->query($sql); - while ($row = $res->fetchArray(SQLITE3_ASSOC)){ - if (password_verify($pass, $row['password'])){ - $_SESSION['username']=$user; - $_SESSION['isadmin']=$row['admin']; - } else { - echo "Password not correct!"; + if ($pass == ""){ + echo "$user is not allowed to login withou password."; + } else { + $sql="SELECT password,admin FROM users WHERE username='$user'"; + $res = $db_handle->query($sql); + while ($row = $res->fetchArray(SQLITE3_ASSOC)){ + if (password_verify($pass, $row['password'])){ + $_SESSION['username']=$user; + $_SESSION['isadmin']=$row['admin']; + } else { + echo "Password not correct!"; + } } } } @@ -362,8 +366,8 @@ if (isset($_SESSION['username'])){ } echo "
"; echo ""; - echo "
save user
"; - echo "
"; + echo "
save user "; + echo "
"; } //newuserform echo "

Create a new user

"; @@ -392,8 +396,8 @@ if (isset($_SESSION['username'])){ echo "
"; echo "
"; echo "
"; - echo "
save server
"; - echo "
"; + echo "
save server "; + echo "
"; } //newserverform echo "

Create a new server

"; @@ -581,12 +585,16 @@ if (isset($_SESSION['username'])){ $button = "stop"; $buttonc = "btn-warning"; } - echo "
$row[vmname]
edit "; + $vncport = sprintf("%02d", $row[vncport]); + echo "

$row[vmname]

$row[server]
$row[cpus] CPUs, $row[memory] MB RAM
$row[drive1]
"; + echo "VNC port: 59$vncport
edit "; echo "$button "; echo " "; - $server = gethostname(); - if (preg_match('/stop/', $button)) { - echo "VNC"; + if ($row['websocket']!=""){ + $server = gethostname(); + if (preg_match('/stop/', $button)) { + echo "VNC"; + } } echo "
"; }