some user fixes
This commit is contained in:
parent
33fd6621a2
commit
29502222f6
|
|
@ -63,15 +63,18 @@ while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
|||
session_unset();
|
||||
session_destroy();
|
||||
session_start();
|
||||
echo "killed inituser!";
|
||||
}
|
||||
}
|
||||
|
||||
if ($usersfound=="no"){
|
||||
$_SESSION['username']="inituser";
|
||||
$_SESSION['isadmin']="1";
|
||||
if (!isset($_POST['newusername'])){
|
||||
echo "<h1>You have no users in the datbase!</h1></br>";
|
||||
// echo "Aborting....";
|
||||
// exit;
|
||||
$_SESSION['username']="inituser";
|
||||
$_SESSION['isadmin']="1";
|
||||
|
||||
$mode="usermgmt";
|
||||
}
|
||||
} elseif ((isset($_POST['login']))&&(isset($_POST['username']))&&(isset($_POST['password']))){
|
||||
|
|
@ -84,10 +87,11 @@ if ($usersfound=="no"){
|
|||
$_SESSION['username']=$user;
|
||||
$_SESSION['isadmin']=$row['admin'];
|
||||
} else {
|
||||
echo "Password not correct! $pass";
|
||||
echo "Password not correct!";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($_SESSION['username'])){
|
||||
if ((isset($_POST['deletevm']))&&(isset($_POST['deletename']))){
|
||||
if($_SESSION['isadmin']!=1){
|
||||
|
|
@ -162,12 +166,14 @@ if (isset($_SESSION['username'])){
|
|||
//usermanagement
|
||||
if ((isset($_POST['usermgmt']))||($mode=="usermgmt")){
|
||||
$mode="usermgmt";
|
||||
if (($_SESSEION['username']=="inituser")||($_SESSION['isadmin']=="1")){
|
||||
if (($_SESSION['username']=="inituser")||($_SESSION['isadmin']=="1")){
|
||||
$sql="SELECT * FROM users";
|
||||
$res = $db_handle->query($sql);
|
||||
echo "</br>";
|
||||
//echo "<div class=row><div class=col>Username</div><div class=col>Is Admin</div><div class=col>New Password</div></div>";
|
||||
echo "<h2>Existing users</h2>";
|
||||
if ($_SESSION['username']!="inituser"){
|
||||
echo "<h2>Existing users</h2>";
|
||||
}
|
||||
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
||||
echo "<form id=uform$row[id] action=? method=post><div class=row><div class=col style=text-align:right><input class=form-control name=changeusername value=$row[username]></div>";
|
||||
if ($row['admin']=="1"){
|
||||
|
|
@ -196,7 +202,11 @@ if (isset($_SESSION['username'])){
|
|||
//start vm
|
||||
if (isset($_REQUEST['start'])){
|
||||
$vmname = clean($_REQUEST['start']);
|
||||
$sql="SELECT * FROM vms WHERE vmname='$vmname'";
|
||||
$sqllimit="";
|
||||
if($_SESSION['isadmin']!="1"){
|
||||
$sqllimit="WHERE username='$_SESSION[username]'";
|
||||
}
|
||||
$sql="SELECT * FROM vms WHERE vmname='$vmname' $sqllimit";
|
||||
$res = $db_handle->query($sql);
|
||||
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
||||
$shellout = shell_exec("/usr/bin/wrap-nlvmi start $vmname bla");
|
||||
|
|
@ -205,7 +215,10 @@ if (isset($_SESSION['username'])){
|
|||
}
|
||||
if (isset($_REQUEST['stop'])){
|
||||
$vmname = clean($_REQUEST['stop']);
|
||||
$sql="SELECT * FROM vms WHERE vmname='$vmname'";
|
||||
if($_SESSION['isadmin']!="1"){
|
||||
$sqllimit="WHERE username='$_SESSION[username]'";
|
||||
}
|
||||
$sql="SELECT * FROM vms WHERE vmname='$vmname' $sqllimit";
|
||||
$res = $db_handle->query($sql);
|
||||
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
||||
if(checkvm($vmname)){
|
||||
|
|
@ -331,8 +344,9 @@ if (isset($_SESSION['username'])){
|
|||
$sqlv = rtrim($sqlv, ',');
|
||||
$sqlv.=")";
|
||||
$sql = "$sqls$sqlc$sqlv";
|
||||
echo $sql;
|
||||
//echo $sql;
|
||||
$result = $db_handle->exec($sql);
|
||||
$mode="";
|
||||
} elseif ($_REQUEST['mode']=="editvm"){
|
||||
$mode="editvm";
|
||||
$sql="UPDATE vms SET ";
|
||||
|
|
@ -372,13 +386,14 @@ if (isset($_SESSION['username'])){
|
|||
$button = "stop";
|
||||
$buttonc = "btn-warning";
|
||||
}
|
||||
echo "<div class=col style=\"border:solid 1px;max-width:320px;\">$row[vmname]</br><a class=\"btn btn-primary\" href=# onclick=\"post('?', {edit: '$row[id]'});\">edit</a> ";
|
||||
echo "<div class=col style=\"margin:10px;border:solid 1px;max-width:320px;\">$row[vmname]</br><a class=\"btn btn-primary\" href=# onclick=\"post('?', {edit: '$row[id]'});\">edit</a> ";
|
||||
echo "<a href=# onclick=\"post('?', {'$button': '$row[vmname]'});\"class=\"btn $buttonc\">$button</a> ";
|
||||
echo "<button class=\"btn btn-danger\" data-delete-text=\"Delete VM $row[vmname]!\" data-delete-vm=\"$row[id]\" data-delete-name=\"$row[vmname]\" data-toggle=\"modal\" data-target=\"#confirm-delete\">Delete VM</button> ";
|
||||
$server = gethostname();
|
||||
if (preg_match('/stop/', $button)) {
|
||||
echo "<a target=_blank href=novnc/vnc.html?port=$row[websocket]&path=&host=$server class=\"btn btn-success\">VNC</a></div>";
|
||||
}
|
||||
echo "</div>";
|
||||
}
|
||||
}
|
||||
echo "</div></div></body></html>";
|
||||
|
|
|
|||
Loading…
Reference in New Issue