<?php
function clean($str) {
$search = array('&' , '"' , "'" , '<' , '>' );
$replace = array('&', '"', ''', '<', '>' );
$str = str_replace($search, $replace, $str);
return $str;
}
if(isset($_REQUEST['logout'])){
session_start();
session_unset();
session_destroy();
} else {
session_start();
}
$mode="";
function checkvm($vmname) {
$shellout = shell_exec("/usr/bin/nlvmi checkvm $vmname bla");//){
if (preg_match_all('/not running/', $shellout)){
return 1;
}
return 0;
}
function serverdepropdown($server, $val, $what){
if ($what == "cdrom"){
$dir = "isodirectory";
$enddiv = "</div>";
} elseif (preg_match('/drive/', $what)) {
$dir = "vmdirectory";
$enddiv="";
}
echo "<div class=row><div class=col-md-1 style=text-align:right>$what</div><div class=col-md-2><div class=dropdown><button class=\"btn btn-secondary dropdown-toggle\" type=button id=".$what."button data-toggle=dropdown aria-haspopup=true aria-expanded=false>$val</button>";
echo "<div class=dropdown-menu aria-labelledby=".$what."button>";
echo "<a class=dropdown-item href=\"javascript:dropdown('".$what."button','')\">no $what</a><div class=dropdown-divider></div>";
$shellout=shell_exec("/usr/bin/nlvmi listdir $server $dir");
$files = explode("\n", $shellout);
for ($f=0; $f<count($files); $f++){
$file = explode(" ", $files[$f]);
$lastpart = count($file) -1;
if((preg_match('/\//', $file[$lastpart]))&&(!preg_match('/^d/', $file[0]))){
echo "<a class=dropdown-item href=\"javascript:dropdown('".$what."button','$file[$lastpart]')\">$file[$lastpart]</a>";
}
}
echo "$enddiv</div></div></div><input type=hidden id=".$what."buttonh name=$what value=$val>";
}
//read config file
$configfile = new SplFileObject("/etc/nlvmi/nlvmi.conf");
while (!$configfile->eof()) {
$line = $configfile->fgets();
if (!preg_match('/^#/', $line)){
if (!preg_match('/^$/', $line)){
if (preg_match('/=/', $line)){
$configparam = explode('=', $line);
$p = rtrim($configparam[1]);
//echo "B$p";
$config[$configparam[0]]=str_replace('"', '', $p);
}
}
}
}
$file = null;
//check db connection
if ($config['DATABASETYPE']=="sqlite"){
$db_handle = new SQLite3($config['SQLITEFILE']);
$query = "SELECT name FROM sqlite_master WHERE type='table' AND name='vms';";
$db_handle->exec($query);
$result = $db_handle->query($query);
$row = $result->fetchArray();
if (!$row['name']=="vms"){
echo "DB connection failed!";
exit;
}
}
//check login
$usersfound = "no";
$sql="SELECT * FROM users LIMIT 1";
$res = $db_handle->query($sql);
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
$usersfound="yes";
if ($_SESSION['username']=="inituser"){
session_unset();
session_destroy();
session_start();
echo "killed inituser!";
}
}
if ($usersfound=="no"){
$_SESSION['username']="inituser";
$_SESSION['isadmin']="1";
if (!isset($_POST['newusername'])){
echo "<h1>You have no users in the datbase!</h1></br>";
$mode="usermgmt";
}
} elseif ((isset($_POST['login']))&&(isset($_POST['username']))&&(isset($_POST['password']))){
$user = clean($_POST['username']);
$pass = clean($_POST['password']);
$sql="SELECT password,admin FROM users WHERE username='$user'";
$res = $db_handle->query($sql);
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
if (password_verify($pass, $row['password'])){
$_SESSION['username']=$user;
$_SESSION['isadmin']=$row['admin'];
} else {
echo "Password not correct!";
}
}
}
function checkmacfree($vmname,$mac,$db_handle){
$sql="SELECT vmname FROM vms WHERE (macaddr1='$mac' OR macaddr2='$mac' OR macaddr3='$mac') AND NOT vmname='$vmname'";
//echo "na";
$res = $db_handle->query($sql);
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
return "$row[vmname] uses the mac $mac already!";
}
return 0;
}
//delete vms
if (isset($_SESSION['username'])){
if ((isset($_POST['deletevm']))&&(isset($_POST['deletename']))){
if($_SESSION['isadmin']!=1){
echo "you are not allowed to delete vms!";
} else {
$vmname = clean($_POST['deletename']);
$vmid = clean($_POST['deletevm']);
$sql="SELECT id FROM vms WHERE vmname='$vmname' AND id='$vmid'";
$res = $db_handle->query($sql);
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
$sqld="DELETE FROM vms WHERE id='$vmid'";
if ($db_handle->query($sqld)){
echo "VM $vmname deleted!";
}
}
}
}
//insert new user in db
if(isset($_POST['newusername'])){
if($_SESSION['isadmin']!=1){
echo "you are not allowed to add usernames!";
} else {
$newusername = clean($_POST['newusername']);
$newpassword = password_hash(clean($_POST['newpassword']), PASSWORD_DEFAULT);
if ($_POST['isadmin']=="on"){
$isadmin = "1";
} else {
$isadmin = "0";
}
$sqlu="SELECT id FROM users WHERE username='$newusername'";
$res = $db_handle->query($sqlu);
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
echo "username already exist!";
exit;
}
$sql="INSERT INTO users (username,password,admin) VALUES('$newusername', '$newpassword', '$isadmin')";
$res=$db_handle->query($sql);
$res=$db_handle->query($sqlu);
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
echo "success";
exit;
}
echo "Failed to insert into DB!";
exit;
}
}
//update user in db
if(isset($_POST['changeusername'])){
if($_SESSION['isadmin']!=1){
echo "you are not allowed to change usernames!";
} else {
$userchange=clean($_POST['userchange']);
$username=clean($_POST['changeusername']);
if($_POST['passwordchange']==""){
$passwd ="";
} else {
$pass=password_hash(clean($_POST['passwordchange']), PASSWORD_DEFAULT);
$passwd="password='$pass',";
}
if ($_POST['isadmin']=="on"){
$isadmin = "1";
} else {
$isadmin = "0";
}
$sql="UPDATE users SET username='$username', $passwd admin='$isadmin' where id='$userchange'";
if($db_handle->query($sql)){
echo "success";
exit;
}
}
}
//insert new server in db
if(isset($_POST['newservername'])){
if($_SESSION['isadmin']!=1){
echo "you are not allowed to add servers!";
} else {
$newservername = clean($_POST['newhostname']);
$connectstring = clean($_POST['connectstring']);
$vmdirectory = clean($_POST['vmdirectory']);
$isodirectory = clean($_POST['isodirectory']);
$sqlu="INSERT INTO servers ('hostname','connectstring','vmdirectory','isodirectory') VALUES('$newservername',$connectstring','$vmdirectory','$isodirectory')";
$res = $db_handle->query($sqlu);
echo "success";
exit;
}
}
//update server in db
if(isset($_POST['changehostname'])){
if($_SESSION['isadmin']!=1){
echo "you are not allowed to change servers!";
} else {
$newservername = clean($_POST['changehostname']);
$connectstring = clean($_POST['connectstring']);
$vmdirectory = clean($_POST['vmdirectory']);
$isodirectory = clean($_POST['isodirectory']);
$changeid = clean($_POST['changeid']);
$sql="UPDATE servers SET hostname='$newservername', connectstring='$connectstring', vmdirectory='$vmdirectory', isodirectory='$isodirectory' where id='$changeid'";
if($db_handle->query($sql)){
echo "success";
exit;
} else {
echo "$sql";
exit;
}
}
}
//insert or update vm in db
if(isset($_REQUEST['mode'])){
if($_REQUEST['mode']=="newvm"){
$mode="newvm";
$sqls="INSERT INTO vms ";
$sqlc="(";
$sqlv=" VALUES (";
foreach(array_keys($_REQUEST) as $rkey){
if (($rkey!="mode")||($rkey!="rand")){
if ((preg_match('/macaddr/', $rkey))&&($rvalue!="")){
$cm = checkmacfree(clean($_REQUEST['vmname']), $rvalue, $db_handle);
if ($cm != "0") {
echo $cm;
exit;
}
}
$rvalue = clean($_REQUEST[$rkey]);
if ($rvalue == "x86_64"){
$rvalue = "qemu-system-x86_64";
}
$sqlc .= "$rkey,";
$sqlv .= "'$rvalue',";
}
}
$sqlc = rtrim($sqlc, ',');
$sqlc.=")";
$sqlv = rtrim($sqlv, ',');
$sqlv.=")";
$sql = "$sqls$sqlc$sqlv";
//echo $sql;
$res = $db_handle->exec($sql);
echo "success";
exit;
} elseif ($_REQUEST['mode']=="editvm"){
$sql="UPDATE vms SET ";
foreach(array_keys($_REQUEST) as $rkey){
if (($rkey!="mode")&&($rkey!="editid")&&($rkey!="rand")){
$rvalue = clean($_REQUEST[$rkey]);
if ((preg_match('/macaddr/', $rkey))&&($rvalue!="")){
$cm = checkmacfree(clean($_REQUEST['vmname']), $rvalue, $db_handle);
if ($cm != "0") {
echo $cm;
exit;
}
}
if ($rvalue == "x86_64"){
$rvalue = "qemu-system-x86_64";
}
$sql .= " $rkey='$rvalue',";
}
}
$sql = rtrim($sql, ',');
$eid=clean($_REQUEST['editid']);
$sql .= " WHERE id='$eid'";
$res = $db_handle->exec($sql);
echo "success";
exit;
}
}
if (isset($_POST['serverbuttoni'])){
serverdepropdown($_POST['serverbuttoni'], "no cdrom", 'cdrom');
exit;
//not nice, i know... Will do a function later...
} elseif (isset($_POST['serverbuttona'])){
serverdepropdown($_POST['serverbuttona'], "no drive1", 'drive1');
echo "<div class=row><div class=col>format1</div><div class=col><div class=dropdown><button class=\"btn btn-secondary dropdown-toggle\" type=button id=format1buttonformat1 data-toggle=dropdown aria-haspopup=true aria-expanded=false></button>";
echo "<div class=dropdown-menu aria-labelledby=formatbuttonformat1>";
echo "<a class=dropdown-item href=\"javascript:dropdown('format1buttonformat1','')\"> </a>";
echo "<div class=dropdown-divider></div>";
echo "<a class=dropdown-item href=\"javascript:dropdown('format1buttonformat1','raw')\">raw</a>";
echo "<a class=dropdown-item href=\"javascript:dropdown('format1buttonformat1','qcow2')\">qcow2</a>";
echo "</div></div></div></div></div></div></div><input type=hidden id=format1buttonformat1h name=format1 value=\"no drive1\">";
exit;
} elseif (isset($_POST['serverbuttonb'])){
serverdepropdown($_POST['serverbuttonb'], "no drive2", 'drive2');
echo "<div class=row><div class=col>format2</div><div class=col><div class=dropdown><button class=\"btn btn-secondary dropdown-toggle\" type=button id=format2buttonformat2 data-toggle=dropdown aria-haspopup=true aria-expanded=false></button>";
echo "<div class=dropdown-menu aria-labelledby=formatbuttonformat2>";
echo "<a class=dropdown-item href=\"javascript:dropdown('format2buttonformat2','')\"> </a>";
echo "<div class=dropdown-divider></div>";
echo "<a class=dropdown-item href=\"javascript:dropdown('format2buttonformat2','raw')\">raw</a>";
echo "<a class=dropdown-item href=\"javascript:dropdown('format2buttonformat2','qcow2')\">qcow2</a>";
echo "</div></div></div></div></div><input type=hidden id=format2buttonformat2h name=format2 value=\"no drive1\">";
exit;
} elseif (isset($_POST['serverbuttonc'])){
serverdepropdown($_POST['serverbuttonc'], "no drive3", 'drive3');
echo "<div class=row><div class=col>format3</div><div class=col><div class=dropdown><button class=\"btn btn-secondary dropdown-toggle\" type=button id=format3buttonformat3 data-toggle=dropdown aria-haspopup=true aria-expanded=false></button>";
echo "<div class=dropdown-menu aria-labelledby=formatbuttonformat3>";
echo "<a class=dropdown-item href=\"javascript:dropdown('format3buttonformat3','')\"> </a>";
echo "<div class=dropdown-divider></div>";
echo "<a class=dropdown-item href=\"javascript:dropdown('format3buttonformat3','raw')\">raw</a>";
echo "<a class=dropdown-item href=\"javascript:dropdown('format3buttonformat3','qcow2')\">qcow2</a>";
echo "</div></div></div></div></div><input type=hidden id=format3buttonformat3h name=format3 value=\"no drive1\">";
exit;
}
//ajax queries are all done, time for the header
include('header.php');
//usermanagement
if ((isset($_POST['usermgmt']))||($mode=="usermgmt")){
$mode="usermgmt";
if (($_SESSION['username']=="inituser")||($_SESSION['isadmin']=="1")){
$sql="SELECT * FROM users";
$res = $db_handle->query($sql);
echo "</br>";
//echo "<div class=row><div class=col>Username</div><div class=col>Is Admin</div><div class=col>New Password</div></div>";
if ($_SESSION['username']!="inituser"){
echo "<h2>Existing users</h2>";
}
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
echo "<form id=uform$row[id] action=? method=post><div class=row><div class=col style=text-align:right><input class=form-control name=changeusername value=$row[username]></div>";
if ($row['admin']=="1"){
$checked="checked";
} else {
$checked="";
}
echo "<div class=col-ms><input data-onstyle=\"danger\" data-offstyle=success name=isadmin id=\"isadmin$row[id]\" type=\"checkbox\" data-toggle=\"toggle\" data-on=\"user is Admin\" data-off=\"user is no Admin\" $checked></div>";
echo "<input type=hidden name=userchange value=$row[id]>";
echo "<div class=col><input class=form-control type=password name=passwordchange placeholder=newpassword></div><div class=col><a href=# class=\"btn btn-success\" onclick=\"javascript:submitbutton('uform$row[id]');\">save user</a></div></div></form>";
}
//newuserform
echo "<h2>Create a new user</h2><form id=newuserform action=? method=post><div class=row><div class=col><input type=text class=form-control name=newusername placeholder=Username></div>";
if ($_SESSION['username']!="inituser"){
echo "<div class=col-ms><input data-onstyle=\"danger\" data-offstyle=success name=isadmin id=\"isadmin\" type=\"checkbox\" data-toggle=\"toggle\" data-on=\"user is Admin\" data-off=\"user is no Admin\" checked></div>";
} else {
echo "<input type=hidden name=isadmin value=on>";
}
echo "<div class=col><input class=form-control type=password name=newpassword placeholder=newpassword></div><div class=col><a href=# class=\"btn btn-success\" onclick=\"javascript:submitbutton('newuserform');\">Create user</a></div></div></form>";
}
}
//servermanagement
if (isset($_POST['servermgmt'])){
$mode="servermgmt";
if ($_SESSION['isadmin']=="1"){
$sql="SELECT * FROM servers";
$res = $db_handle->query($sql);
echo "</br>";
//echo "<div class=row><div class=col>Username</div><div class=col>Is Admin</div><div class=col>New Password</div></div>";
echo "<h2>Existing servers</h2>";
echo "<div class=row><div class=col>hostname</div><div class=col>connectstring</div><div class=col>VM directory</div><div class=col>ISO directory</div><div class=col></div></div>";
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
echo "<form id=sform$row[id] action=? method=post><div class=row><div class=col style=text-align:right><input class=form-control name=changehostname value=$row[hostname]></div>";
echo "<div class=col><input name=connectstring id=\"connectstring\" type=\"text\" value=$row[connectstring]></div>";
echo "<div class=col><input name=vmdirectory id=\"connectstring\" type=\"text\" value=$row[vmdirectory]></div>";
echo "<div class=col><input name=isodirectory id=\"connectstring\" type=\"text\" value=$row[isodirectory]></div>";
echo "<div class=col><input type=hidden name=changeid value=$row[id]><a href=# class=\"btn btn-success\" onclick=\"javascript:submitbutton('sform$row[id]');\">save server</a></div></div></form>";
}
//newserverform
echo "<h2>Create a new server</h2><form id=newserverform action=? method=post><div class=row><div class=col><input type=text class=form-control name=newhostname placeholder=hostname></div>";
echo "<div class=col><input class=form-control name=connectstring type=\"text\" placeholder=\"nlvmi@192.168.0.X\"></div>";
echo "<div class=col><input class=form-control type=test name=vmdirectory placeholder=\"multiple directories like /directorya;/directoryb\"></div>";
echo "<div class=col><input class=form-control type=test name=isoirectory placeholder=\"multiple directories like /directorya;/directoryb\"></div>";
echo "<div class=col><a href=# class=\"btn btn-success\" onclick=\"javascript:submitbutton('newserverform');\">Create server</a></div></div></form>";
}
}
//start vm
if (isset($_REQUEST['start'])){
$vmname = clean($_REQUEST['start']);
$sqllimit="";
if($_SESSION['isadmin']!="1"){
$sqllimit="WHERE username='$_SESSION[username]'";
}
$sql="SELECT * FROM vms WHERE vmname='$vmname' $sqllimit";
$res = $db_handle->query($sql);
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
$shellout = shell_exec("/usr/bin/nlvmi start $vmname bla");
echo $shellout;
}
}
//stop vm
if (isset($_REQUEST['stop'])){
$vmname = clean($_REQUEST['stop']);
if($_SESSION['isadmin']!="1"){
$sqllimit="WHERE username='$_SESSION[username]'";
}
$sql="SELECT * FROM vms WHERE vmname='$vmname' $sqllimit";
$res = $db_handle->query($sql);
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
if(!checkvm($vmname)){
$shellout = shell_exec("/usr/bin/nlvmi stop $vmname bla");
echo $shellout;
}
}
}
//form for edit and new vms
if (isset($_REQUEST['edit'])){
$mode="editvm";
$formname="editvm";
$eid=clean($_REQUEST['edit']);
$sql="SELECT * FROM vms WHERE id='$eid'";
$res = $db_handle->query($sql);
$editid = "<input type=hidden name=editid value=$eid>";
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
$e = $row;
}
} elseif(isset($_REQUEST['newvm'])) {
$formname="newvm";
$editid="";
$mode="newvm";
}
if (isset($formname)){
$placehold['vmname']="Name of the VM";
$placehold['server']="ip or name of host server";
$placehold['cputype']="normally just 'host'";
$placehold['cpus']="Number of core for the VM";
$placehold['memory']="Amount of RAM for the VM im Mb";
$placehold['usbdev']="Normally just 'tablet' to get a mouse";
$placehold['kblang']="Qemu keyboard layout. Like 'de-ch'";
$placehold['custom']="Customstring to add to the qemu command";
$placehold['tapdev1']="tapname of first netinterface";
$placehold['tapdev2']="tapname of second netinterface";
$placehold['tapdev3']="tapname of third netinterface";
$placehold['macaddr1']="macaddress of first netinterface";
$placehold['macaddr2']="macaddress of second netinterface";
$placehold['macaddr3']="macaddress of third netinterface";
$placehold['brdev1']="bridge on host to add first netinterface";
$placehold['brdev2']="bridge on host to add second netinterface";
$placehold['brdev3']="bridge on host to add third netinterface";
$placehold['vncport']="VNC displaynumber like '1'";
$placehold['websocket']="port to bind the VNC websocket";
$placehold['vncpasswort']="the password for VNC";
echo "<h2>$formname</h2></br>";
echo "<form id=$formname name=$formname action=? method=post>";
$res = $db_handle->query('PRAGMA table_info(vms)');
while ($col = $res->fetchArray(SQLITE3_ASSOC)) {
$arrColnames[]=$col['name'];
}
$server = $e['server'];
for ($col=0; $col <count($arrColnames); $col++){
if ($arrColnames[$col]!="id"){
if (isset($e[$arrColnames[$col]])){
$val = $e[$arrColnames[$col]];
} else {
$val = "";
}
$colname=$arrColnames[$col];
if ($arrColnames[$col] == "bootoption"){
if($val=="") {
$val="c";
}
echo "<div class=row><div class=col-md-1 style=text-align:right>bootoption</div><div class=col-md-2><div class=dropdown><button class=\"btn btn-secondary dropdown-toggle\" type=button id=bootoptionbutton data-toggle=dropdown aria-haspopup=true aria-expanded=false>$val</button>";
echo "<div class=dropdown-menu aria-labelledby=bootoptionbutton>";
echo "<a class=dropdown-item href=\"javascript:dropdown('bootoptionbutton','c')\">c</a>";
echo "<a class=dropdown-item href=\"javascript:dropdown('bootoptionbutton','d')\">d</a>";
echo "</div></div></div></div><input type=hidden id=bootoptionbuttonh name=bootoption value=$val>";
} elseif ($arrColnames[$col] == "user"){
if ($val=="") {
$val=$_SESSION['username'];
}
echo "<div class=row><div class=col-md-1 style=text-align:right>user</div><div class=col-md-2><div class=dropdown><button class=\"btn btn-secondary dropdown-toggle\" type=button id=userbutton data-toggle=dropdown aria-haspopup=true aria-expanded=false>$val</button>";
echo "<div class=dropdown-menu aria-labelledby=userbutton>";
$sqlusers="SELECT username FROM users";
$resusers=$db_handle->query($sqlusers);
while ($rowusers = $resusers->fetchArray(SQLITE3_ASSOC)){
echo "<a class=dropdown-item href=\"javascript:dropdown('userbutton','$rowusers[username]')\">$rowusers[username]</a>";
}
echo "</div></div></div><input type=hidden id=userbuttonh name=user value=$val></div>";
} elseif ($arrColnames[$col] == "arch"){
echo "<div class=row><div class=col-md-1 style=text-align:right>arch</div><div class=col-md-2><div class=dropdown><button class=\"btn btn-secondary dropdown-toggle\" type=button id=archbutton data-toggle=dropdown aria-haspopup=true aria-expanded=false>x86_64</button>";
echo "<div class=dropdown-menu aria-labelledby=archbutton>";
echo "<a class=dropdown-item href=\"javascript:dropdown('archbutton','x86_64')\">x86_64</a>";
echo "</div></div></div></div><input type=hidden id=archbuttonh name=arch value=x86_64>";
// echo "$arrColnames[$col] <select name=arch><option value=qemu-system-x86_64>x86_64</option></select></br>";
} elseif (preg_match('/format/', $arrColnames[$col])){
echo "<div class=row><div class=col>$arrColnames[$col]</div><div class=col><div class=dropdown><button class=\"btn btn-secondary dropdown-toggle\" type=button id=$arrColnames[$col]button$arrColnames[$col] data-toggle=dropdown aria-haspopup=true aria-expanded=false>$val</button>";
echo "<div class=dropdown-menu aria-labelledby=formatbutton$arrColnames[$col]>";
echo "<a class=dropdown-item href=\"javascript:dropdown('$arrColnames[$col]button$arrColnames[$col]','')\"> </a>";
echo "<div class=dropdown-divider></div>";
echo "<a class=dropdown-item href=\"javascript:dropdown('$arrColnames[$col]button$arrColnames[$col]','raw')\">raw</a>";
echo "<a class=dropdown-item href=\"javascript:dropdown('$arrColnames[$col]button$arrColnames[$col]','qcow2')\">qcow2</a>";
echo "</div></div></div></div></div></div><input type=hidden id=$arrColnames[$col]button$arrColnames[$col]h name=$arrColnames[$col] value=\"$val\">";
} elseif ($arrColnames[$col] == "autostart"){
$checked="";
if ($val=="1"){
$checked="checked";
}
echo "<div class=row><div class=col-md-1 style=text-align:right>autostart</div><div class=col-md-2><input data-onstyle=\"success\" data-offstyle=danger name=autostart id=\"autostart\" type=\"checkbox\" data-toggle=\"toggle\" data-on=\"boot with host\" data-off=\"no autostart\" $checked></div></div>";
} elseif ($arrColnames[$col] == "cdrom"){
echo "<div id=cdromdiv>";
serverdepropdown($server, $val, "cdrom");
echo "</div>";
} elseif (preg_match('/tapdev/', $arrColnames[$col])) {
echo "<div class=row><div class=col-md-1 style=text-align:right>$arrColnames[$col]</div><div class=col-md-2><input class=form-control type=text name=$arrColnames[$col] value=\"$val\" placeholder=\"$placehold[$colname]\"></div>";
} elseif (preg_match('/macaddr/', $arrColnames[$col])) {
echo "<div class=col-md-1 style=text-align:right>$arrColnames[$col]</div><div class=col-md-2><input class=form-control type=text name=$arrColnames[$col] value=\"$val\" placeholder=\"$placehold[$colname]\"></div>";
} elseif (preg_match('/brdev/', $arrColnames[$col])) {
echo "<div class=col-md-1 style=text-align:right>$arrColnames[$col]</div><div class=col-md-2><input class=form-control type=text name=$arrColnames[$col] value=\"$val\" placeholder=\"$placehold[$colname]\"></div></div>";
} elseif (preg_match('/drive/', $arrColnames[$col])){
echo "<div id=$arrColnames[$col]div>";
serverdepropdown($server, $val, $arrColnames[$col]);
} elseif ($arrColnames[$col] == "server"){
echo "<div class=row><div class=col-md-1 style=text-align:right>$arrColnames[$col]</div><div class=col-md-2><div class=dropdown><button class=\"btn btn-secondary dropdown-toggle\" type=button id=$arrColnames[$col]button data-toggle=dropdown aria-haspopup=true aria-expanded=false>$val</button>";
echo "<div class=dropdown-menu aria-labelledby=$arrColnames[$col]button>";
$sqls="SELECT hostname FROM servers";
$ress = $db_handle->query($sqls);
while ($rows = $ress->fetchArray(SQLITE3_ASSOC)){
echo "<a class=dropdown-item href=\"javascript:dropdown('$arrColnames[$col]button','$rows[hostname]')\">$rows[hostname]</a>";
}
echo "</div></div></div></div><input type=hidden id=$arrColnames[$col]buttonh name=$arrColnames[$col] value=$val>";
} else {
echo "<div class=row><div class=col-md-1 style=text-align:right>$arrColnames[$col]</div><div class=col-md-2><input class=form-control type=text name=$arrColnames[$col] value=\"$val\" placeholder=\"$placehold[$colname]\"></div></div>";
}
}
}
echo "$editid<input type=hidden name=mode value=$formname><a href=# onclick=\"submitbutton('$formname')\" class=\"btn btn-primary\">save vm</a></form>";
}
if(($mode!="newvm")&&($mode!="editvm")&&($mode!='usermgmt')){
if ($_SESSION['isadmin']=="1"){
$sqllimit="";
echo "</br><a class=\"btn btn-primary\" href=# onclick=\"post('?', {newvm: 'newvm'});\">Create a new VM</a></br></br>";
} else {
$sqllimit="WHERE user='$_SESSION[username]'";
}
//getting vms from DB
$sql="SELECT * FROM vms $sqllimit";
$res = $db_handle->query($sql);
echo "<div class=row>";
while ($row = $res->fetchArray(SQLITE3_ASSOC)){
if (checkvm($row['vmname'])){
$button = "start";
$buttonc = "btn-success";
} else {
$button = "stop";
$buttonc = "btn-warning";
}
echo "<div class=col style=\"margin:10px;border:solid 1px;max-width:320px;\">$row[vmname]</br><a class=\"btn btn-primary\" href=# onclick=\"post('?', {edit: '$row[id]'});\">edit</a> ";
echo "<a href=# onclick=\"post('?', {'$button': '$row[vmname]'});\"class=\"btn $buttonc\">$button</a> ";
echo "<button class=\"btn btn-danger\" data-delete-text=\"Delete VM $row[vmname]!\" data-delete-vm=\"$row[id]\" data-delete-name=\"$row[vmname]\" data-toggle=\"modal\" data-target=\"#confirm-delete\">Delete VM</button> ";
$server = gethostname();
if (preg_match('/stop/', $button)) {
echo "<a target=_blank href=novnc/vnc.html?path=pussyvm&host=$server class=\"btn btn-success\">VNC</a>";
}
echo "</div>";
}
}
echo "</div></div></body></html>";
} elseif (!isset($_SESSION['username'])){
echo "<h1>Welcome to nlvmi!</h1><h2>You need to log in</h2></br>";
echo "<form action=? method=post>Username: <input type=text name=username> Password: <input type=password name=password> <input name=login type=submit></form>";
exit;
}
?>