From a0e227e70377a00766424db993618f62c76de387 Mon Sep 17 00:00:00 2001
From: mad <mad@nativenet.ch>
Date: Wed, 15 Aug 2018 18:24:29 +0200
Subject: [PATCH] no drive and no cdrom option

---
 web/index.php | 36 ++++++++++++++++++++++++++----------
 web/nlvmi.js  |  3 +--
 2 files changed, 27 insertions(+), 12 deletions(-)

diff --git a/web/index.php b/web/index.php
index 25eacd7..56bce10 100644
--- a/web/index.php
+++ b/web/index.php
@@ -7,20 +7,20 @@ function clean($str) {
   return $str; 
 }
 if(isset($_REQUEST['logout'])){
-session_start();
-session_unset(); 
-session_destroy();
+    session_start();
+    session_unset(); 
+    session_destroy();
 } else {
-session_start();
+    session_start();
 }
 $mode="";
 
 function checkvm($vmname) {
-$shellout = shell_exec("/usr/bin/wrap-nlvmi checkvm $vmname bla");//){
-  if (preg_match_all('/running/', $shellout)){
-    return 0;
-  }
-return 1;
+    $shellout = shell_exec("/usr/bin/wrap-nlvmi checkvm $vmname bla");//){
+    if (preg_match_all('/running/', $shellout)){
+        return 0;
+    }
+    return 1;
 }
 	
 //read config file
@@ -92,10 +92,11 @@ if ($usersfound=="no"){
     }
 }
 
+//delete vms
 if (isset($_SESSION['username'])){
     if ((isset($_POST['deletevm']))&&(isset($_POST['deletename']))){
         if($_SESSION['isadmin']!=1){
-            echo "you are not allowed to change usernames!";
+            echo "you are not allowed to delete vms!";
         } else {
             $vmname = clean($_POST['deletename']);
             $vmid = clean($_POST['deletevm']);
@@ -213,6 +214,7 @@ if (isset($_SESSION['username'])){
             echo $shellout;
         }
     }
+//stop vm
     if (isset($_REQUEST['stop'])){
         $vmname = clean($_REQUEST['stop']);
         if($_SESSION['isadmin']!="1"){
@@ -269,6 +271,18 @@ if (isset($_SESSION['username'])){
                     echo "<a class=dropdown-item href=\"javascript:dropdown('bootoptionbutton','d')\">d</a>";
                     echo "</div></div></div></div><input type=hidden id=bootoptionbuttonh name=bootoption value=c>";
 //            echo "$arrColnames[$col] <select name=bootoption><option value=c>C</option><option value=d>D</option></select></br>";
+                } elseif ($arrColnames[$col] == "user"){
+                    if ($val=="") {
+                        $val=$_SESSION['username'];
+                    }
+                    echo "<div class=row><div class=col-md-1 style=text-align:right>user</div><div class=col-md-2><div class=dropdown><button class=\"btn btn-secondary dropdown-toggle\" type=button id=userbutton data-toggle=dropdown aria-haspopup=true aria-expanded=false>$val</button>";
+                    echo "<div class=dropdown-menu aria-labelledby=userbutton>";
+                    $sqlusers="SELECT username FROM users";
+                    $resusers=$db_handle->query($sqlusers);
+                    while ($rowusers = $resusers->fetchArray(SQLITE3_ASSOC)){
+                       echo "<a class=dropdown-item href=\"javascript:dropdown('userbutton','$rowusers[username]')\">$rowusers[username]</a>";
+                    }   
+                    echo "</div></div></div><input type=hidden id=userbuttonh name=user value=$_SESSION[username]></div>";
                 } elseif ($arrColnames[$col] == "arch"){
                     echo "<div class=row><div class=col-md-1 style=text-align:right>arch</div><div class=col-md-2><div class=dropdown><button class=\"btn btn-secondary dropdown-toggle\" type=button id=archbutton data-toggle=dropdown aria-haspopup=true aria-expanded=false>x86_64</button>";
                     echo "<div class=dropdown-menu aria-labelledby=archbutton>";
@@ -278,6 +292,7 @@ if (isset($_SESSION['username'])){
                 } elseif ($arrColnames[$col] == "cdrom"){
                     echo "<div class=row><div class=col-md-1 style=text-align:right>cdrom</div><div class=col-md-2><div class=dropdown><button class=\"btn btn-secondary dropdown-toggle\" type=button id=cdrombutton data-toggle=dropdown aria-haspopup=true aria-expanded=false>$val</button>";
                     echo "<div class=dropdown-menu aria-labelledby=cdrombutton>";
+                    echo "<a class=dropdown-item href=\"javascript:dropdown('cdrombutton','')\">no cdrom</a><div class=dropdown-divider></div>";
                     $isodirs = explode('|', $config['ISODIRECTORY']);
                     foreach($isodirs as $isodir){
                         $files = array_diff(scandir($isodir), array('.', '..'));
@@ -300,6 +315,7 @@ if (isset($_SESSION['username'])){
                 } elseif (preg_match('/drive/', $arrColnames[$col])){
                     echo "<div class=row><div class=col-md-1 style=text-align:right>$arrColnames[$col]</div><div class=col-md-2><div class=dropdown><button class=\"btn btn-secondary dropdown-toggle\" type=button id=$arrColnames[$col]button data-toggle=dropdown aria-haspopup=true aria-expanded=false>$val</button>";
                     echo "<div class=dropdown-menu aria-labelledby=$arrColnames[$col]button>";
+                    echo "<a class=dropdown-item href=\"javascript:dropdown('$arrColnames[$col]button','')\">no disk</a><div class=dropdown-divider></div>";
                     $vmdirs = explode('|', $config['VMDIRECTORY']);
                     foreach($vmdirs as $vmdir){
                         $files = array_diff(scandir($vmdir), array('.', '..'));
diff --git a/web/nlvmi.js b/web/nlvmi.js
index 954f415..31474b4 100644
--- a/web/nlvmi.js
+++ b/web/nlvmi.js
@@ -50,8 +50,7 @@ $('#confirm-delete').on('show.bs.modal', function(e) {
 function submitbutton(formid){
     console.log(formid);
     data = $('#'+ formid).serialize();
-    console.log(data);
-//           data: 'who='+ who +'&what='+ what, 
+    console.log(data); 
     $.ajax({
         type: 'POST',
         url: "?rand="+ makeid(),