delete buttons

This commit is contained in:
mad 2018-08-21 14:00:09 +02:00
parent 96edf459f1
commit 6c296d90fb
2 changed files with 48 additions and 21 deletions

View File

@ -123,12 +123,12 @@ function checkmacfree($vmname,$mac,$db_handle){
//delete vms //delete vms
if (isset($_SESSION['username'])){ if (isset($_SESSION['username'])){
if ((isset($_POST['deletevm']))&&(isset($_POST['deletename']))){ if ((isset($_POST['deleteid']))&&(isset($_POST['deletename']))&&($_POST['delwhat']=="vm")){
if($_SESSION['isadmin']!=1){ if($_SESSION['isadmin']!=1){
echo "you are not allowed to delete vms!"; echo "you are not allowed to delete vms!";
} else { } else {
$vmname = clean($_POST['deletename']); $vmname = clean($_POST['deletename']);
$vmid = clean($_POST['deletevm']); $vmid = clean($_POST['deleteid']);
$sql="SELECT id FROM vms WHERE vmname='$vmname' AND id='$vmid'"; $sql="SELECT id FROM vms WHERE vmname='$vmname' AND id='$vmid'";
$res = $db_handle->query($sql); $res = $db_handle->query($sql);
while ($row = $res->fetchArray(SQLITE3_ASSOC)){ while ($row = $res->fetchArray(SQLITE3_ASSOC)){
@ -138,6 +138,36 @@ if (isset($_SESSION['username'])){
} }
} }
} }
} elseif ((isset($_POST['deleteid']))&&(isset($_POST['deletename']))&&($_POST['delwhat']=="user")){
if($_SESSION['isadmin']!=1){
echo "you are not allowed to delete users!";
} else {
$uname = clean($_POST['deletename']);
$uid = clean($_POST['deleteid']);
$sql="SELECT id FROM users WHERE username='$uname' AND id='$uid'";
$res = $db_handle->query($sql);
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
$sqld="DELETE FROM users WHERE id='$uid'";
if ($db_handle->query($sqld)){
echo "User $uname deleted!";
}
}
}
} elseif ((isset($_POST['deleteid']))&&(isset($_POST['deletename']))&&($_POST['delwhat']=="server")){
if($_SESSION['isadmin']!=1){
echo "you are not allowed to delete vms!";
} else {
$sname = clean($_POST['deletename']);
$sid = clean($_POST['deleteid']);
$sql="SELECT id FROM servers WHERE hostname='$sname' AND id='$sid'";
$res = $db_handle->query($sql);
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
$sqld="DELETE FROM servers WHERE id='$sid'";
if ($db_handle->query($sqld)){
echo "Server $sname deleted!";
}
}
}
} }
//insert new user in db //insert new user in db
if(isset($_POST['newusername'])){ if(isset($_POST['newusername'])){
@ -194,7 +224,7 @@ if (isset($_SESSION['username'])){
} }
} }
//insert new server in db //insert new server in db
if(isset($_POST['newservername'])){ if(isset($_POST['newhostname'])){
if($_SESSION['isadmin']!=1){ if($_SESSION['isadmin']!=1){
echo "you are not allowed to add servers!"; echo "you are not allowed to add servers!";
} else { } else {
@ -202,7 +232,8 @@ if (isset($_SESSION['username'])){
$connectstring = clean($_POST['connectstring']); $connectstring = clean($_POST['connectstring']);
$vmdirectory = clean($_POST['vmdirectory']); $vmdirectory = clean($_POST['vmdirectory']);
$isodirectory = clean($_POST['isodirectory']); $isodirectory = clean($_POST['isodirectory']);
$sqlu="INSERT INTO servers ('hostname','connectstring','vmdirectory','isodirectory') VALUES('$newservername',$connectstring','$vmdirectory','$isodirectory')"; $sqlu="INSERT INTO servers ('hostname','connectstring','vmdirectory','isodirectory') VALUES('$newservername','$connectstring','$vmdirectory','$isodirectory')";
//echo $sqlu;
$res = $db_handle->query($sqlu); $res = $db_handle->query($sqlu);
echo "success"; echo "success";
exit; exit;
@ -236,7 +267,7 @@ if (isset($_SESSION['username'])){
$sqlc="("; $sqlc="(";
$sqlv=" VALUES ("; $sqlv=" VALUES (";
foreach(array_keys($_REQUEST) as $rkey){ foreach(array_keys($_REQUEST) as $rkey){
if (($rkey!="mode")||($rkey!="rand")){ if (($rkey!="mode")&&($rkey!="rand")){
if ((preg_match('/macaddr/', $rkey))&&($rvalue!="")){ if ((preg_match('/macaddr/', $rkey))&&($rvalue!="")){
$cm = checkmacfree(clean($_REQUEST['vmname']), $rvalue, $db_handle); $cm = checkmacfree(clean($_REQUEST['vmname']), $rvalue, $db_handle);
if ($cm != "0") { if ($cm != "0") {
@ -340,7 +371,7 @@ if (isset($_SESSION['username'])){
echo "<h2>Existing users</h2>"; echo "<h2>Existing users</h2>";
} }
while ($row = $res->fetchArray(SQLITE3_ASSOC)){ while ($row = $res->fetchArray(SQLITE3_ASSOC)){
echo "<form id=uform$row[id] action=? method=post><div class=row><div class=col style=text-align:right><input class=form-control name=changeusername value=$row[username]></div>"; echo "<div class=row><div class=col style=text-align:right><form id=uform$row[id] action=? method=post><input class=form-control name=changeusername value=$row[username]></div>";
if ($row['admin']=="1"){ if ($row['admin']=="1"){
$checked="checked"; $checked="checked";
} else { } else {
@ -348,7 +379,8 @@ if (isset($_SESSION['username'])){
} }
echo "<div class=col-ms><input data-onstyle=\"danger\" data-offstyle=success name=isadmin id=\"isadmin$row[id]\" type=\"checkbox\" data-toggle=\"toggle\" data-on=\"user is Admin\" data-off=\"user is no Admin\" $checked></div>"; echo "<div class=col-ms><input data-onstyle=\"danger\" data-offstyle=success name=isadmin id=\"isadmin$row[id]\" type=\"checkbox\" data-toggle=\"toggle\" data-on=\"user is Admin\" data-off=\"user is no Admin\" $checked></div>";
echo "<input type=hidden name=userchange value=$row[id]>"; echo "<input type=hidden name=userchange value=$row[id]>";
echo "<div class=col><input class=form-control type=password name=passwordchange placeholder=newpassword></div><div class=col><a href=# class=\"btn btn-success\" onclick=\"javascript:submitbutton('uform$row[id]');\">save user</a></div></div></form>"; echo "<div class=col><input class=form-control type=password name=passwordchange placeholder=newpassword></div><div class=col><a href=# class=\"btn btn-success\" onclick=\"javascript:submitbutton('uform$row[id]');\">save user</a></form></div>";
echo "<div class=col><button class=\"btn btn-danger\" data-delete-text=\"Delete user $row[username]!\" data-delete-what=user data-delete-id=\"$row[id]\" data-delete-name=\"$row[username]\" data-toggle=\"modal\" data-target=\"#confirm-delete\">Delete user</button></div></div>";
} }
//newuserform //newuserform
echo "<h2>Create a new user</h2><form id=newuserform action=? method=post><div class=row><div class=col><input type=text class=form-control name=newusername placeholder=Username></div>"; echo "<h2>Create a new user</h2><form id=newuserform action=? method=post><div class=row><div class=col><input type=text class=form-control name=newusername placeholder=Username></div>";
@ -373,11 +405,12 @@ if (isset($_SESSION['username'])){
echo "<h2>Existing servers</h2>"; echo "<h2>Existing servers</h2>";
echo "<div class=row><div class=col>hostname</div><div class=col>connectstring</div><div class=col>VM directory</div><div class=col>ISO directory</div><div class=col></div></div>"; echo "<div class=row><div class=col>hostname</div><div class=col>connectstring</div><div class=col>VM directory</div><div class=col>ISO directory</div><div class=col></div></div>";
while ($row = $res->fetchArray(SQLITE3_ASSOC)){ while ($row = $res->fetchArray(SQLITE3_ASSOC)){
echo "<form id=sform$row[id] action=? method=post><div class=row><div class=col style=text-align:right><input class=form-control name=changehostname value=$row[hostname]></div>"; echo "<div class=row><div class=col style=text-align:right><form id=sform$row[id] action=? method=post><input class=form-control name=changehostname value=$row[hostname]></div>";
echo "<div class=col><input name=connectstring id=\"connectstring\" type=\"text\" value=$row[connectstring]></div>"; echo "<div class=col><input name=connectstring id=\"connectstring\" type=\"text\" value=$row[connectstring]></div>";
echo "<div class=col><input name=vmdirectory id=\"connectstring\" type=\"text\" value=$row[vmdirectory]></div>"; echo "<div class=col><input name=vmdirectory id=\"connectstring\" type=\"text\" value=$row[vmdirectory]></div>";
echo "<div class=col><input name=isodirectory id=\"connectstring\" type=\"text\" value=$row[isodirectory]></div>"; echo "<div class=col><input name=isodirectory id=\"connectstring\" type=\"text\" value=$row[isodirectory]></div>";
echo "<div class=col><input type=hidden name=changeid value=$row[id]><a href=# class=\"btn btn-success\" onclick=\"javascript:submitbutton('sform$row[id]');\">save server</a></div></div></form>"; echo "<div class=col><input type=hidden name=changeid value=$row[id]><a href=# class=\"btn btn-success\" onclick=\"javascript:submitbutton('sform$row[id]');\">save server</a></form></div>";
echo "<div class=col><button class=\"btn btn-danger\" data-delete-text=\"Delete server $row[hostname]!\" data-delete-what=server data-delete-id=\"$row[id]\" data-delete-name=\"$row[hostname]\" data-toggle=\"modal\" data-target=\"#confirm-delete\">Delete server</button></div></div>";
} }
//newserverform //newserverform
echo "<h2>Create a new server</h2><form id=newserverform action=? method=post><div class=row><div class=col><input type=text class=form-control name=newhostname placeholder=hostname></div>"; echo "<h2>Create a new server</h2><form id=newserverform action=? method=post><div class=row><div class=col><input type=text class=form-control name=newhostname placeholder=hostname></div>";
@ -575,7 +608,7 @@ if (isset($_SESSION['username'])){
} }
echo "<div class=col style=\"margin:10px;border:solid 1px;max-width:320px;\">$row[vmname]</br><a class=\"btn btn-primary\" href=# onclick=\"post('?', {edit: '$row[id]'});\">edit</a> "; echo "<div class=col style=\"margin:10px;border:solid 1px;max-width:320px;\">$row[vmname]</br><a class=\"btn btn-primary\" href=# onclick=\"post('?', {edit: '$row[id]'});\">edit</a> ";
echo "<a href=# onclick=\"post('?', {'$button': '$row[vmname]'});\"class=\"btn $buttonc\">$button</a> "; echo "<a href=# onclick=\"post('?', {'$button': '$row[vmname]'});\"class=\"btn $buttonc\">$button</a> ";
echo "<button class=\"btn btn-danger\" data-delete-text=\"Delete VM $row[vmname]!\" data-delete-vm=\"$row[id]\" data-delete-name=\"$row[vmname]\" data-toggle=\"modal\" data-target=\"#confirm-delete\">Delete VM</button> "; echo "<button class=\"btn btn-danger\" data-delete-text=\"Delete VM $row[vmname]!\" data-delete-id=\"$row[id]\" data-delete-name=\"$row[vmname]\" data-toggle=\"modal\" data-target=\"#confirm-delete\" data-delete-what=vm>Delete VM</button> ";
$server = gethostname(); $server = gethostname();
if (preg_match('/stop/', $button)) { if (preg_match('/stop/', $button)) {
echo "<a target=_blank href=novnc/vnc.html?path=pussyvm&host=$server class=\"btn btn-success\">VNC</a>"; echo "<a target=_blank href=novnc/vnc.html?path=pussyvm&host=$server class=\"btn btn-success\">VNC</a>";

View File

@ -12,8 +12,6 @@ function dropdown(i,e) {
document.getElementById(i).innerHTML = e; document.getElementById(i).innerHTML = e;
document.getElementById(i +'h').value = e; document.getElementById(i +'h').value = e;
if (i == "serverbutton") { if (i == "serverbutton") {
console.log("here");
$.ajax({ $.ajax({
type: 'POST', type: 'POST',
url: "?rand="+ makeid(), url: "?rand="+ makeid(),
@ -22,7 +20,6 @@ function dropdown(i,e) {
document.getElementById('cdromdiv').innerHTML = response; document.getElementById('cdromdiv').innerHTML = response;
}, },
}); });
console.log("a");
$.ajax({ $.ajax({
type: 'POST', type: 'POST',
url: "?rand="+ makeid(), url: "?rand="+ makeid(),
@ -31,8 +28,6 @@ function dropdown(i,e) {
document.getElementById('drive1div').innerHTML = response; document.getElementById('drive1div').innerHTML = response;
}, },
}); });
console.log("b");
$.ajax({ $.ajax({
type: 'POST', type: 'POST',
url: "?rand="+ makeid(), url: "?rand="+ makeid(),
@ -41,8 +36,6 @@ function dropdown(i,e) {
document.getElementById('drive2div').innerHTML = response; document.getElementById('drive2div').innerHTML = response;
}, },
}); });
console.log("c");
$.ajax({ $.ajax({
type: 'POST', type: 'POST',
url: "?rand="+ makeid(), url: "?rand="+ makeid(),
@ -78,15 +71,16 @@ function post(path, params, method) {
$('#confirm-delete').on('click', '.btn-ok', function(e) { $('#confirm-delete').on('click', '.btn-ok', function(e) {
var $modalDiv = $('#confirm-detele'.delegateTarget); var $modalDiv = $('#confirm-detele'.delegateTarget);
var vmname = $(this).data('deleteName'); var dname = $(this).data('deleteName');
var vmid = $(this).data('deleteVm'); var did = $(this).data('deleteId');
post('?', {deletevm: vmid,deletename: vmname}); var delwhat = $(this).data('deleteWhat');
post('?', {delwhat: delwhat,deleteid: did,deletename: dname});
}); });
$('#confirm-delete').on('show.bs.modal', function(e) { $('#confirm-delete').on('show.bs.modal', function(e) {
var data = $(e.relatedTarget).data(); var data = $(e.relatedTarget).data();
$('.title', this).text(data.deleteVm); $('.title', this).text(data.deleteVm);
document.getElementById('modaltext2').innerHTML = data.deleteText; document.getElementById('modaltext2').innerHTML = data.deleteText;
$('.btn-ok', this).data({'deleteName': data.deleteName,'deleteVm': data.deleteVm}); $('.btn-ok', this).data({'deleteWhat': data.deleteWhat,'deleteName': data.deleteName,'deleteId': data.deleteId});
}); });
function submitbutton(formid){ function submitbutton(formid){