From 25b7d56e417ca87b6ba148000718bdb7be42dcf8 Mon Sep 17 00:00:00 2001
From: olevole <olevole@home.olevole.ru>
Date: Sun, 26 Feb 2023 23:51:44 +0300
Subject: [PATCH] wip

---
 php/forms.php                                 |  6 +++++-
 php/utils.php                                 |  1 -
 public/novnc/node_modules/.package-lock.json  |  8 ++++----
 public/novnc/node_modules/engine.io/README.md |  1 -
 .../engine.io/build/parser-v3/index.js        |  8 ++++----
 .../node_modules/engine.io/build/server.js    |  7 +++++--
 .../novnc/node_modules/engine.io/package.json | 12 ++++++------
 public/vnc.php                                | 19 +++++++++++++++----
 8 files changed, 39 insertions(+), 23 deletions(-)

diff --git a/php/forms.php b/php/forms.php
index 543d948c..9c4963ef 100644
--- a/php/forms.php
+++ b/php/forms.php
@@ -42,7 +42,8 @@ class Forms
 
 	private function fetch_from_db($link)
 	{
-		return $this->db->select("select * from ? order by order_id asc", array([$link]));
+//		return $this->db->select("select * from ? order by order_id asc", array([$link]));
+		return $this->db->select("select * from {$link} order by order_id asc", array());
 	}
 
 	function generate(){
@@ -184,6 +185,9 @@ class Forms
 				$tpl.='<option>'.$opt['text'].'</option>';
 			}
 			$tpl.='</datalist>';
+
+			Utils::clonos_syslog("forms.php template: " . $tpl);
+
 			return array('list'=>$id,'datalist'=>$tpl);
 		}else {
 			return false;
diff --git a/php/utils.php b/php/utils.php
index 9c6c5ef8..b40648cc 100644
--- a/php/utils.php
+++ b/php/utils.php
@@ -2,7 +2,6 @@
 
 class Utils
 {
-
 	public static function clonos_syslog($msg)
 	{
 		file_put_contents('/tmp/clonos.log', date("j.n.Y").":".$msg . "\n", FILE_APPEND);
diff --git a/public/novnc/node_modules/.package-lock.json b/public/novnc/node_modules/.package-lock.json
index 41775890..33db2451 100644
--- a/public/novnc/node_modules/.package-lock.json
+++ b/public/novnc/node_modules/.package-lock.json
@@ -1,7 +1,7 @@
 {
   "name": "@novnc/novnc",
   "version": "1.3.0",
-  "lockfileVersion": 2,
+  "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "node_modules/@ampproject/remapping": {
@@ -3314,9 +3314,9 @@
       }
     },
     "node_modules/engine.io": {
-      "version": "6.2.0",
-      "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.2.0.tgz",
-      "integrity": "sha512-4KzwW3F3bk+KlzSOY57fj/Jx6LyRQ1nbcyIadehl+AnXjKT7gDO0ORdRi/84ixvMKTym6ZKuxvbzN62HDDU1Lg==",
+      "version": "6.2.1",
+      "resolved": "https://registry.npmjs.org/engine.io/-/engine.io-6.2.1.tgz",
+      "integrity": "sha512-ECceEFcAaNRybd3lsGQKas3ZlMVjN3cyWwMP25D2i0zWfyiytVbTpRPa34qrr+FHddtpBVOmq4H/DCv1O0lZRA==",
       "dev": true,
       "dependencies": {
         "@types/cookie": "^0.4.1",
diff --git a/public/novnc/node_modules/engine.io/README.md b/public/novnc/node_modules/engine.io/README.md
index 163077f9..da038e19 100644
--- a/public/novnc/node_modules/engine.io/README.md
+++ b/public/novnc/node_modules/engine.io/README.md
@@ -87,7 +87,6 @@ For more information on the client refer to the
 - **Future proof**
 - **100% Node.JS core style**
   - No API sugar (left for higher level projects)
-  - Written in readable vanilla JavaScript
 
 ## API
 
diff --git a/public/novnc/node_modules/engine.io/build/parser-v3/index.js b/public/novnc/node_modules/engine.io/build/parser-v3/index.js
index 3f58d803..aad22692 100644
--- a/public/novnc/node_modules/engine.io/build/parser-v3/index.js
+++ b/public/novnc/node_modules/engine.io/build/parser-v3/index.js
@@ -119,7 +119,7 @@ function decodePacket(data, binaryType, utf8decode) {
     if (typeof data === 'string') {
         type = data.charAt(0);
         if (type === 'b') {
-            return decodeBase64Packet(data.substr(1), binaryType);
+            return decodeBase64Packet(data.slice(1), binaryType);
         }
         if (utf8decode) {
             data = tryDecode(data);
@@ -131,7 +131,7 @@ function decodePacket(data, binaryType, utf8decode) {
             return err;
         }
         if (data.length > 1) {
-            return { type: packetslist[type], data: data.substring(1) };
+            return { type: packetslist[type], data: data.slice(1) };
         }
         else {
             return { type: packetslist[type] };
@@ -169,7 +169,7 @@ function tryDecode(data) {
  */
 function decodeBase64Packet(msg, binaryType) {
     var type = packetslist[msg.charAt(0)];
-    var data = Buffer.from(msg.substr(1), 'base64');
+    var data = Buffer.from(msg.slice(1), 'base64');
     if (binaryType === 'arraybuffer') {
         var abv = new Uint8Array(data.length);
         for (var i = 0; i < abv.length; i++) {
@@ -268,7 +268,7 @@ function decodePayload(data, binaryType, callback) {
             // parser error - ignoring payload
             return callback(err, 0, 1);
         }
-        msg = data.substr(i + 1, n);
+        msg = data.slice(i + 1, i + 1 + n);
         if (length != msg.length) {
             // parser error - ignoring payload
             return callback(err, 0, 1);
diff --git a/public/novnc/node_modules/engine.io/build/server.js b/public/novnc/node_modules/engine.io/build/server.js
index 52cb46f8..86ff3e67 100644
--- a/public/novnc/node_modules/engine.io/build/server.js
+++ b/public/novnc/node_modules/engine.io/build/server.js
@@ -391,7 +391,7 @@ class Server extends BaseServer {
                 abortUpgrade(socket, errorCode, errorContext);
                 return;
             }
-            const head = Buffer.from(upgradeHead); // eslint-disable-line node/no-deprecated-api
+            const head = Buffer.from(upgradeHead);
             upgradeHead = null;
             // delegate to ws
             this.ws.handleUpgrade(req, socket, head, websocket => {
@@ -468,7 +468,7 @@ class Server extends BaseServer {
         // normalize path
         path += "/";
         function check(req) {
-            return path === req.url.substr(0, path.length);
+            return path === req.url.slice(0, path.length);
         }
         // cache and clean up listeners
         const listeners = server.listeners("request").slice(0);
@@ -502,6 +502,9 @@ class Server extends BaseServer {
                     setTimeout(function () {
                         // @ts-ignore
                         if (socket.writable && socket.bytesWritten <= 0) {
+                            socket.on("error", e => {
+                                debug("error while destroying upgrade: %s", e.message);
+                            });
                             return socket.end();
                         }
                     }, destroyUpgradeTimeout);
diff --git a/public/novnc/node_modules/engine.io/package.json b/public/novnc/node_modules/engine.io/package.json
index ff3daf62..a4eb2541 100644
--- a/public/novnc/node_modules/engine.io/package.json
+++ b/public/novnc/node_modules/engine.io/package.json
@@ -1,6 +1,6 @@
 {
   "name": "engine.io",
-  "version": "6.2.0",
+  "version": "6.2.1",
   "description": "The realtime engine behind Socket.IO. Provides the foundation of a bidirectional connection between client and server",
   "type": "commonjs",
   "main": "./build/engine.io.js",
@@ -44,7 +44,7 @@
   },
   "devDependencies": {
     "babel-eslint": "^8.0.2",
-    "eiows": "^3.8.0",
+    "eiows": "^4.1.2",
     "engine.io-client": "6.2.0",
     "engine.io-client-v3": "npm:engine.io-client@3.5.2",
     "expect.js": "^0.3.1",
@@ -53,17 +53,17 @@
     "rimraf": "^3.0.2",
     "superagent": "^3.8.1",
     "typescript": "^4.4.3",
-    "uWebSockets.js": "github:uNetworking/uWebSockets.js#v20.0.0"
+    "uWebSockets.js": "github:uNetworking/uWebSockets.js#v20.15.0"
   },
   "scripts": {
     "compile": "rimraf ./build && tsc",
-    "test": "npm run compile && npm run format:check && npm run test:default && npm run test:compat-v3 && npm run test:eiows && npm run test:uws",
+    "test": "npm run compile && npm run format:check && npm run test:default && npm run test:compat-v3",
     "test:default": "mocha --bail --exit",
     "test:compat-v3": "EIO_CLIENT=3 mocha --exit",
     "test:eiows": "EIO_WS_ENGINE=eiows mocha --exit",
     "test:uws": "EIO_WS_ENGINE=uws mocha --exit",
-    "format:check": "prettier --check 'lib/**/*.ts' 'test/**/*.js'",
-    "format:fix": "prettier --write 'lib/**/*.ts' 'test/**/*.js'",
+    "format:check": "prettier --check \"lib/**/*.ts\" \"test/**/*.js\"",
+    "format:fix": "prettier --write \"lib/**/*.ts\" \"test/**/*.js\"",
     "prepack": "npm run compile"
   },
   "repository": {
diff --git a/public/vnc.php b/public/vnc.php
index c1279a94..8b6978bb 100644
--- a/public/vnc.php
+++ b/public/vnc.php
@@ -1,17 +1,27 @@
 <?php
-
 if(!isset($_GET['jname'])){
 	echo 'You forgot to specify a name of jail!';
 	exit;
 }
-
+
+function clonos_syslog($msg)
+{
+	file_put_contents('/tmp/clonos.log', date("j.n.Y").":".$msg . "\n", FILE_APPEND);
+	return 0;
+}
+
 function runVNC($jname)
 {
 	$res = (new Db('base','local'))->selectOne("SELECT vnc_password FROM bhyve WHERE jname=?", array([$jname]));
 
 	$pass = ($res !== false) ? $res['vnc_password'] : 'cbsd';
 
-	CBSD::run("vm_vncwss jname=%s permit=%s", array($jname, $_SERVER['REMOTE_ADDR']));
+	$permit=$_SERVER['REMOTE_ADDR'];
+
+//	clonos_syslog("vnc.php run: vm_vncwss jname={$jname} permit={$permit}");
+
+	$res=CBSD::run("vm_vncwss jname={$jname} permit={$permit}",array());
+//	, array($jname, $_SERVER['REMOTE_ADDR']));
 
 	// HTTP_HOST is preferred for href
 	if (isset($_SERVER['HTTP_HOST']) && !empty(trim($_SERVER['HTTP_HOST']))){
@@ -51,4 +61,5 @@ if ($jname != escapeshellcmd($jname)){
 	die("Shell escape attempt");
 }
 
-runVNC(Validate::long_string($jname));
+//runVNC(Validate::long_string($jname));
+runVNC($jname);