a bit beauty

This commit is contained in:
mad 2018-08-25 12:40:14 +02:00
parent edc5dddb8c
commit 1f4d824338
1 changed files with 24 additions and 16 deletions

View File

@ -107,14 +107,18 @@ if ($usersfound=="no"){
} elseif ((isset($_POST['login']))&&(isset($_POST['username']))&&(isset($_POST['password']))){
$user = clean($_POST['username']);
$pass = clean($_POST['password']);
$sql="SELECT password,admin FROM users WHERE username='$user'";
$res = $db_handle->query($sql);
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
if (password_verify($pass, $row['password'])){
$_SESSION['username']=$user;
$_SESSION['isadmin']=$row['admin'];
} else {
echo "Password not correct!";
if ($pass == ""){
echo "$user is not allowed to login withou password.";
} else {
$sql="SELECT password,admin FROM users WHERE username='$user'";
$res = $db_handle->query($sql);
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
if (password_verify($pass, $row['password'])){
$_SESSION['username']=$user;
$_SESSION['isadmin']=$row['admin'];
} else {
echo "Password not correct!";
}
}
}
}
@ -362,8 +366,8 @@ if (isset($_SESSION['username'])){
}
echo "<div class=col-ms><input data-onstyle=\"danger\" data-offstyle=success name=isadmin id=\"isadmin$row[id]\" type=\"checkbox\" data-toggle=\"toggle\" data-on=\"user is Admin\" data-off=\"user is no Admin\" $checked></div>";
echo "<input type=hidden name=userchange value=$row[id]>";
echo "<div class=col><input class=form-control type=password name=passwordchange placeholder=newpassword></div><div class=col><a href=# class=\"btn btn-success\" onclick=\"javascript:submitbutton('uform$row[id]');\">save user</a></form></div>";
echo "<div class=col><button class=\"btn btn-danger\" data-delete-text=\"Delete user $row[username]!\" data-delete-what=user data-delete-id=\"$row[id]\" data-delete-name=\"$row[username]\" data-toggle=\"modal\" data-target=\"#confirm-delete\">Delete user</button></div></div>";
echo "<div class=col><input class=form-control type=password name=passwordchange placeholder=newpassword></div><div class=col><a href=# class=\"btn btn-success\" onclick=\"javascript:submitbutton('uform$row[id]');\">save user</a></form> ";
echo "<button class=\"btn btn-danger\" data-delete-text=\"Delete user $row[username]!\" data-delete-what=user data-delete-id=\"$row[id]\" data-delete-name=\"$row[username]\" data-toggle=\"modal\" data-target=\"#confirm-delete\">Delete user</button></div></div>";
}
//newuserform
echo "<h2>Create a new user</h2><form id=newuserform action=? method=post><div class=row><div class=col><input type=text class=form-control name=newusername placeholder=Username></div>";
@ -392,8 +396,8 @@ if (isset($_SESSION['username'])){
echo "<div class=col><input name=connectstring id=\"connectstring\" type=\"text\" value=$row[connectstring]></div>";
echo "<div class=col><input name=vmdirectory id=\"connectstring\" type=\"text\" value=$row[vmdirectory]></div>";
echo "<div class=col><input name=isodirectory id=\"connectstring\" type=\"text\" value=$row[isodirectory]></div>";
echo "<div class=col><input type=hidden name=changeid value=$row[id]><a href=# class=\"btn btn-success\" onclick=\"javascript:submitbutton('sform$row[id]');\">save server</a></form></div>";
echo "<div class=col><button class=\"btn btn-danger\" data-delete-text=\"Delete server $row[hostname]!\" data-delete-what=server data-delete-id=\"$row[id]\" data-delete-name=\"$row[hostname]\" data-toggle=\"modal\" data-target=\"#confirm-delete\">Delete server</button></div></div>";
echo "<div class=col><input type=hidden name=changeid value=$row[id]><a href=# class=\"btn btn-success\" onclick=\"javascript:submitbutton('sform$row[id]');\">save server</a></form> ";
echo "<button class=\"btn btn-danger\" data-delete-text=\"Delete server $row[hostname]!\" data-delete-what=server data-delete-id=\"$row[id]\" data-delete-name=\"$row[hostname]\" data-toggle=\"modal\" data-target=\"#confirm-delete\">Delete server</button></div></div>";
}
//newserverform
echo "<h2>Create a new server</h2><form id=newserverform action=? method=post><div class=row><div class=col><input type=text class=form-control name=newhostname placeholder=hostname></div>";
@ -581,12 +585,16 @@ if (isset($_SESSION['username'])){
$button = "stop";
$buttonc = "btn-warning";
}
echo "<div class=col style=\"margin:10px;border:solid 1px;max-width:320px;\">$row[vmname]</br><a class=\"btn btn-primary\" href=# onclick=\"post('?', {edit: '$row[id]'});\">edit</a> ";
$vncport = sprintf("%02d", $row[vncport]);
echo "<div class=col style=\"margin:5px;padding:5px;border:solid 1px;max-width:295px;\"><h3>$row[vmname]</h3>$row[server]</br>$row[cpus] CPUs, $row[memory] MB RAM</br>$row[drive1]</br>";
echo "VNC port: 59$vncport</br><a class=\"btn btn-primary\" href=# onclick=\"post('?', {edit: '$row[id]'});\">edit</a> ";
echo "<a href=# onclick=\"post('?', {'$button': '$row[vmname]'});\"class=\"btn $buttonc\">$button</a> ";
echo "<button class=\"btn btn-danger\" data-delete-text=\"Delete VM $row[vmname]!\" data-delete-id=\"$row[id]\" data-delete-name=\"$row[vmname]\" data-toggle=\"modal\" data-target=\"#confirm-delete\" data-delete-what=vm>Delete VM</button> ";
$server = gethostname();
if (preg_match('/stop/', $button)) {
echo "<a target=_blank href=novnc/vnc.html?path=pussyvm&host=$server class=\"btn btn-success\">VNC</a>";
if ($row['websocket']!=""){
$server = gethostname();
if (preg_match('/stop/', $button)) {
echo "<a target=_blank href=novnc/vnc.html?path=pussyvm&host=$server class=\"btn btn-success\">VNC</a>";
}
}
echo "</div>";
}