some user fixes
This commit is contained in:
parent
33fd6621a2
commit
29502222f6
|
@ -63,15 +63,18 @@ while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
||||||
session_unset();
|
session_unset();
|
||||||
session_destroy();
|
session_destroy();
|
||||||
session_start();
|
session_start();
|
||||||
|
echo "killed inituser!";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($usersfound=="no"){
|
if ($usersfound=="no"){
|
||||||
|
$_SESSION['username']="inituser";
|
||||||
|
$_SESSION['isadmin']="1";
|
||||||
if (!isset($_POST['newusername'])){
|
if (!isset($_POST['newusername'])){
|
||||||
echo "<h1>You have no users in the datbase!</h1></br>";
|
echo "<h1>You have no users in the datbase!</h1></br>";
|
||||||
// echo "Aborting....";
|
// echo "Aborting....";
|
||||||
// exit;
|
// exit;
|
||||||
$_SESSION['username']="inituser";
|
|
||||||
$_SESSION['isadmin']="1";
|
|
||||||
$mode="usermgmt";
|
$mode="usermgmt";
|
||||||
}
|
}
|
||||||
} elseif ((isset($_POST['login']))&&(isset($_POST['username']))&&(isset($_POST['password']))){
|
} elseif ((isset($_POST['login']))&&(isset($_POST['username']))&&(isset($_POST['password']))){
|
||||||
|
@ -84,10 +87,11 @@ if ($usersfound=="no"){
|
||||||
$_SESSION['username']=$user;
|
$_SESSION['username']=$user;
|
||||||
$_SESSION['isadmin']=$row['admin'];
|
$_SESSION['isadmin']=$row['admin'];
|
||||||
} else {
|
} else {
|
||||||
echo "Password not correct! $pass";
|
echo "Password not correct!";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_SESSION['username'])){
|
if (isset($_SESSION['username'])){
|
||||||
if ((isset($_POST['deletevm']))&&(isset($_POST['deletename']))){
|
if ((isset($_POST['deletevm']))&&(isset($_POST['deletename']))){
|
||||||
if($_SESSION['isadmin']!=1){
|
if($_SESSION['isadmin']!=1){
|
||||||
|
@ -162,12 +166,14 @@ if (isset($_SESSION['username'])){
|
||||||
//usermanagement
|
//usermanagement
|
||||||
if ((isset($_POST['usermgmt']))||($mode=="usermgmt")){
|
if ((isset($_POST['usermgmt']))||($mode=="usermgmt")){
|
||||||
$mode="usermgmt";
|
$mode="usermgmt";
|
||||||
if (($_SESSEION['username']=="inituser")||($_SESSION['isadmin']=="1")){
|
if (($_SESSION['username']=="inituser")||($_SESSION['isadmin']=="1")){
|
||||||
$sql="SELECT * FROM users";
|
$sql="SELECT * FROM users";
|
||||||
$res = $db_handle->query($sql);
|
$res = $db_handle->query($sql);
|
||||||
echo "</br>";
|
echo "</br>";
|
||||||
//echo "<div class=row><div class=col>Username</div><div class=col>Is Admin</div><div class=col>New Password</div></div>";
|
//echo "<div class=row><div class=col>Username</div><div class=col>Is Admin</div><div class=col>New Password</div></div>";
|
||||||
|
if ($_SESSION['username']!="inituser"){
|
||||||
echo "<h2>Existing users</h2>";
|
echo "<h2>Existing users</h2>";
|
||||||
|
}
|
||||||
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
||||||
echo "<form id=uform$row[id] action=? method=post><div class=row><div class=col style=text-align:right><input class=form-control name=changeusername value=$row[username]></div>";
|
echo "<form id=uform$row[id] action=? method=post><div class=row><div class=col style=text-align:right><input class=form-control name=changeusername value=$row[username]></div>";
|
||||||
if ($row['admin']=="1"){
|
if ($row['admin']=="1"){
|
||||||
|
@ -196,7 +202,11 @@ if (isset($_SESSION['username'])){
|
||||||
//start vm
|
//start vm
|
||||||
if (isset($_REQUEST['start'])){
|
if (isset($_REQUEST['start'])){
|
||||||
$vmname = clean($_REQUEST['start']);
|
$vmname = clean($_REQUEST['start']);
|
||||||
$sql="SELECT * FROM vms WHERE vmname='$vmname'";
|
$sqllimit="";
|
||||||
|
if($_SESSION['isadmin']!="1"){
|
||||||
|
$sqllimit="WHERE username='$_SESSION[username]'";
|
||||||
|
}
|
||||||
|
$sql="SELECT * FROM vms WHERE vmname='$vmname' $sqllimit";
|
||||||
$res = $db_handle->query($sql);
|
$res = $db_handle->query($sql);
|
||||||
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
||||||
$shellout = shell_exec("/usr/bin/wrap-nlvmi start $vmname bla");
|
$shellout = shell_exec("/usr/bin/wrap-nlvmi start $vmname bla");
|
||||||
|
@ -205,7 +215,10 @@ if (isset($_SESSION['username'])){
|
||||||
}
|
}
|
||||||
if (isset($_REQUEST['stop'])){
|
if (isset($_REQUEST['stop'])){
|
||||||
$vmname = clean($_REQUEST['stop']);
|
$vmname = clean($_REQUEST['stop']);
|
||||||
$sql="SELECT * FROM vms WHERE vmname='$vmname'";
|
if($_SESSION['isadmin']!="1"){
|
||||||
|
$sqllimit="WHERE username='$_SESSION[username]'";
|
||||||
|
}
|
||||||
|
$sql="SELECT * FROM vms WHERE vmname='$vmname' $sqllimit";
|
||||||
$res = $db_handle->query($sql);
|
$res = $db_handle->query($sql);
|
||||||
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
|
||||||
if(checkvm($vmname)){
|
if(checkvm($vmname)){
|
||||||
|
@ -331,8 +344,9 @@ if (isset($_SESSION['username'])){
|
||||||
$sqlv = rtrim($sqlv, ',');
|
$sqlv = rtrim($sqlv, ',');
|
||||||
$sqlv.=")";
|
$sqlv.=")";
|
||||||
$sql = "$sqls$sqlc$sqlv";
|
$sql = "$sqls$sqlc$sqlv";
|
||||||
echo $sql;
|
//echo $sql;
|
||||||
$result = $db_handle->exec($sql);
|
$result = $db_handle->exec($sql);
|
||||||
|
$mode="";
|
||||||
} elseif ($_REQUEST['mode']=="editvm"){
|
} elseif ($_REQUEST['mode']=="editvm"){
|
||||||
$mode="editvm";
|
$mode="editvm";
|
||||||
$sql="UPDATE vms SET ";
|
$sql="UPDATE vms SET ";
|
||||||
|
@ -372,13 +386,14 @@ if (isset($_SESSION['username'])){
|
||||||
$button = "stop";
|
$button = "stop";
|
||||||
$buttonc = "btn-warning";
|
$buttonc = "btn-warning";
|
||||||
}
|
}
|
||||||
echo "<div class=col style=\"border:solid 1px;max-width:320px;\">$row[vmname]</br><a class=\"btn btn-primary\" href=# onclick=\"post('?', {edit: '$row[id]'});\">edit</a> ";
|
echo "<div class=col style=\"margin:10px;border:solid 1px;max-width:320px;\">$row[vmname]</br><a class=\"btn btn-primary\" href=# onclick=\"post('?', {edit: '$row[id]'});\">edit</a> ";
|
||||||
echo "<a href=# onclick=\"post('?', {'$button': '$row[vmname]'});\"class=\"btn $buttonc\">$button</a> ";
|
echo "<a href=# onclick=\"post('?', {'$button': '$row[vmname]'});\"class=\"btn $buttonc\">$button</a> ";
|
||||||
echo "<button class=\"btn btn-danger\" data-delete-text=\"Delete VM $row[vmname]!\" data-delete-vm=\"$row[id]\" data-delete-name=\"$row[vmname]\" data-toggle=\"modal\" data-target=\"#confirm-delete\">Delete VM</button> ";
|
echo "<button class=\"btn btn-danger\" data-delete-text=\"Delete VM $row[vmname]!\" data-delete-vm=\"$row[id]\" data-delete-name=\"$row[vmname]\" data-toggle=\"modal\" data-target=\"#confirm-delete\">Delete VM</button> ";
|
||||||
$server = gethostname();
|
$server = gethostname();
|
||||||
if (preg_match('/stop/', $button)) {
|
if (preg_match('/stop/', $button)) {
|
||||||
echo "<a target=_blank href=novnc/vnc.html?port=$row[websocket]&path=&host=$server class=\"btn btn-success\">VNC</a></div>";
|
echo "<a target=_blank href=novnc/vnc.html?port=$row[websocket]&path=&host=$server class=\"btn btn-success\">VNC</a></div>";
|
||||||
}
|
}
|
||||||
|
echo "</div>";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
echo "</div></div></body></html>";
|
echo "</div></div></body></html>";
|
||||||
|
|
Loading…
Reference in New Issue