debugging old code, WIP

php/cbsd.php

@@ -17,15 +17,16 @@ class CBSD {
 
 		$cmd = vsprintf($cmd, $args); # make sure we deal with a string
 		$cmd = strtr($cmd, $defines);
+		// olevole: add trim tabs + \r\n
+		$cmd = trim(preg_replace('/\t+|\r|\n/', '', $cmd));
 		$full_cmd = $prepend.trim($cmd);
 
 		if ($cmd != escapeshellcmd($cmd)){
+			Utils::clonos_syslog("cmd.php SHELL ESCAPE:". $cmd);
 			die("Shell escape attempt");
 		}
 
-		// olevole: to generic log_() function
-		// file_put_contents('/tmp/clonos-run_'.date("j.n.Y").'.log', $full_cmd . "\n", FILE_APPEND);
-
+		Utils::clonos_syslog("cmd.php:". $full_cmd);
 		$process = proc_open($full_cmd,$specs,$pipes,null,null);
 
 		$error=false;
@@ -46,6 +47,8 @@ class CBSD {
 				$error_message=$buf;
 			}
 
+			Utils::clonos_syslog("cmd.php:"."ret:".$return_value." msg:[".$message."] "."error:[".$error."] "."error_message:[".$error_message." ]");
+
 			return array(
 				'cmd'=>$cmd,
 				'full_cmd'=>$full_cmd,
@@ -54,6 +57,8 @@ class CBSD {
 				'error'=>$error,
 				'error_message'=>$error_message
 			);
+		} else {
+			Utils::clonos_syslog("cmd.php: empty process resource");
 		}
 	}
 

php/clonos.php

@@ -78,9 +78,16 @@ class ClonOS {
 		} else {
 			$this->server_name=$_SERVER['SERVER_ADDR'];
 		}
-
+
+		// olevole: where $uri came from? is_emtpy
+		// public/index.php:$uri=trim($_SERVER['REQUEST_URI'],'/');    not work?
 		if (is_null($uri_chunks)) { # TODO Do we need this ?
-			$this->uri_chunks=Utils::gen_uri_chunks($uri);
+			//  a.json.php not work ?
+			//Utils::clonos_syslog("clonos.php: \$uri_chunks is empty, force to \$uri values:".$_SERVER['REQUEST_URI']);
+			//$uri=trim($_SERVER['REQUEST_URI'],'/');
+
+			// HP Warning:  Undefined variable $uri in /usr/local/www/clonos/php/clonos.php on line 88
+			$this->uri_chunks=Utils::gen_uri_chunks("");
 		} else {
 			$this->uri_chunks=$uri_chunks;
 		}
@@ -1400,20 +1407,28 @@ class ClonOS {
 			}
 		}
 
-		$key_name='/usr/home/olevole/.ssh/authorized_keys';
+		//$key_name='/usr/home/olevole/.ssh/authorized_keys';
 		if(!isset($form['vm_authkey'])) $form['vm_authkey']=0;
 		$key_id=(int)$form['vm_authkey'];
-
-		$db=new Db('base','authkey');
-		if(!$db->isConnected())  return array('error'=>true,'errorMessage'=>'Database error!');
-
-		//if($nres['name']!==false) $key_name=$nres['name'];
-		$nres=$db->selectOne('SELECT authkey FROM authkey WHERE idx=?', array([$key_id, PDO::PARAM_INT]));
-		if($nres['authkey']!==false) $authkey=$nres['authkey']; else $authkey='';
-		//var_dump($nres);exit;
-
+		Utils::clonos_syslog("clonos.php: key_id: [".$key_id."]");
+
+		if($key_id>0) {
+			$db=new Db('base','authkey');
+			if(!$db->isConnected())  return array('error'=>true,'errorMessage'=>'Database error!');
+			if($nres['name']!==false) $key_name=$nres['name'];
+			Utils::clonos_syslog("clonos.php:". 'SELECT authkey FROM authkey WHERE idx=?'. array([$key_id, PDO::PARAM_INT]));
+			$nres=$db->selectOne('SELECT authkey FROM authkey WHERE idx=?', array([$key_id, PDO::PARAM_INT]));
+			//var_dump($nres);exit;
+
+	//		[22-Jul-2022 13:15:19 UTC] PHP Warning:  Trying to access array offset on value of type bool in /usr/local/www/clonos/php/clonos.php on line 1416
+			if($nres['authkey']!==false) $authkey=$nres['authkey']; else $authkey='';
+		} else {
+			$authkey='';
+		}
+
 		$user_pw=(!empty($form['user_password']))?' ci_user_pw_user='.$form['user_password'].' ':'';
-
+
+		// olevole: SHELL ESCAPE here - tabs + \r\n
 		$res=CBSD::run( // TODO: THIS SEEMS WRONG pw_user={$form['vm_password']} {$user_pw}vnc_password={$form['vnc_password']}";
 			'task owner=%s mode=new {cbsd_loc} bcreate jname=%s 
 			vm_os_profile="%s" imgsize=%s vm_cpus=%s vm_ram=%s vm_os_type=%s mask=%s 
@@ -1436,7 +1451,7 @@ class ClonOS {
 				$form['vnc_password']
 			)
 		);
-
+
 		$err='Virtual Machine is not created!';
 		$taskId=-1;
 		if($res['retval']==0){

php/config.php

@@ -195,7 +195,7 @@ class Config
 			$this->os_types_obtain=$this->create_bhyve_profiles($res1);
 		}
 
-		$res2=CBSD::run('cbsd get_interfaces', array());
+		$res2=CBSD::run('get_interfaces', array());
 		if($res2['retval']==0){
 			$this->os_interfaces=$this->create_interfaces($res2);
 		}

php/utils.php

@@ -2,6 +2,14 @@
 
 class Utils
 {
+
+	public static function clonos_syslog($msg)
+	{
+		file_put_contents('/tmp/clonos.log', date("j.n.Y").":".$msg . "\n", FILE_APPEND);
+		return 0;
+	}
+
+
 	public static function gen_uri_chunks($uri)
 	{
 		$uri_chunks = [];

public/index.php

@@ -34,7 +34,9 @@ if(!empty($chunks)) $uri=$chunks[0];
 $file_path=$_ds.$root.$_ds.'pages'.$_ds.$uri.$_ds;
 $file_name=$file_path.$lang.'.index.php';
 $json_name=$file_path.'a.json.php';
-
+
+Utils::clonos_syslog("my json_name:". $json_name);
+
 if(empty($uri)){
 	header('Location: /'.$menu->first_key.'/',true);
 	exit;

public/pages/instance_jail/a.json.php

@@ -1,7 +1,21 @@
 <?php
 if(!empty($this->_vars['hash']))
 {
+	Utils::clonos_syslog("instance_jail a.json.php: hash not empty:". $this->_vars['hash']);
 	include('helpers.php');
+
+//	$html=str_replace(array("\n","\r","\t"),'',$html);
+
+//$html=str_replace(array("\n","\r","\t"),'',$html);
+
+//	Utils::clonos_syslog("instance_jail a.json.php: HTML:". $html);
+	//echo $html;
+
+
+//	$html=str_replace(array("\n","\r","\t"),'',$html);
+//	Utils::clonos_syslog("instance_jail a.json.php: HTML:". $html);
+//	echo $html;
+
 	return;
 }
 
@@ -84,8 +98,14 @@ if($res['retval']==0)
 		}
 	}
 }
+
+
 
 $html=str_replace(array("\n","\r","\t"),'',$html);
+
+
+//Utils::clonos_syslog("instance_jail a.json.php: HTML:". $html);
+
 
 /*
 echo json_encode(array(
@@ -101,4 +121,4 @@ $included_result_array=array(
 	'error'=>false,
 	'func'=>'fillTable',
 	'id'=>'instanceslist',
-);
+);

public/pages/instance_jail/helpers.php

@@ -27,7 +27,7 @@ $jname_desc=$this->translate('will be created new jail with helper inside');
 $jail_sett=$this->translate('Jail Settings');
 $jail_name=$this->translate('Jail name');
 $ip_address=$this->translate('IP address');
-$html=<<<EOT
+$html=<<<EOT
 	<form class="win" method="post" id="newJailSettings" onsubmit="return false;">
 		<div class="form-fields">
 			<h1>{$jail_sett} <small>({$jname_desc})</small></h1>
@@ -41,10 +41,14 @@ $html=<<<EOT
 			</p>
 		</div>
 	</form>
-EOT;
-
+EOT;
+
 $res_html=(new Forms('',$hash,$db_path))->generate();
 $html.='<h1>Helper: '.$hash.'</h1>'.$res_html;
-
-return array('html'=>$this->html);
-//echo json_encode(array('html'=>$html,'func'=>'fillTab'));
+
+
+//$html=json_encode(array('html'=>$html,'func'=>'fillTab'));
+// olevole: why return here?
+// Undefined property: ClonOS::$html in /usr/local/www/clonos/public/pages/instance_jail/helpers.php on line 49
+//return array('html'=>$this->html);
+//echo json_encode(array('html'=>$html,'func'=>'fillTab'));

public/pages/jailscontainers/a.json.php

@@ -29,6 +29,9 @@ if(!empty($nodes))foreach($nodes as $node)
 	if($db1!==false)
 	{
 		$jails=$db1->select("SELECT jname,ip4_addr,status,protected FROM jails WHERE emulator!='bhyve' and hidden!=1 order by jname asc;", []);
+
+		Utils::clonos_syslog("jailscontainers a.json.php:" . "SELECT jname,ip4_addr,status,protected FROM jails WHERE emulator!='bhyve' and hidden!=1 order by jname asc;");
+
 		$allnodes[$node]=$jails;
 		
 		$num=$nth & 1;
@@ -106,7 +109,9 @@ EOT;
 		}
 		
 		$nth++;
-	}
+	} else {
+		Utils::clonos_syslog("jailscontainers a.json.php: DB1 FALSE");
+	}
 }
 
 $html=str_replace(array("\n","\r","\t"),'',$html);

public/pages/tasklog/a.json.php

@@ -3,7 +3,11 @@
 $username=$this->_user_info['username'];
 
 $db=new Db('base','cbsdtaskd');
-$res=$db->select("SELECT id,st_time,end_time,cmd,status,errcode,logfile FROM taskd WHERE owner='?' ORDER BY id DESC", array([$username]));
+Utils::clonos_syslog("tasklog: ". "SELECT id,st_time,end_time,cmd,status,errcode,logfile FROM taskd WHERE owner='". $username."' ORDER BY id DESC;");
+//olevole why array?!
+//$res=$db->select("SELECT id,st_time,end_time,cmd,status,errcode,logfile FROM taskd WHERE owner='?' ORDER BY id DESC", array([$username]));
+
+$res=$db->select("SELECT id,st_time,end_time,cmd,status,errcode,logfile FROM taskd WHERE owner='".$username."' ORDER BY id DESC", $username);
 
 $html='';
 if($res!==false)
@@ -13,6 +17,8 @@ if($res!==false)
 
 	if(!empty($res)) foreach($res as $item)
 	{
+Utils::clonos_syslog("tasklog: HTML");
+
 		$hres=$this->getTableChunk('tasklog','tbody');
 		if($hres!==false)
 		{
@@ -57,9 +63,11 @@ if($res!==false)
 				$html_tmp=str_replace('#'.$var.'#',$val,$html_tmp);
 			
 			$html.=$html_tmp;
+			//Utils::clonos_syslog("tasklog: HTML: ". $html);
 		}
-	}
-
+	} else {
+		Utils::clonos_syslog("tasklog: \$res query empty result:". "SELECT id,st_time,end_time,cmd,status,errcode,logfile FROM taskd WHERE owner='". $username."' ORDER BY id DESC;");
+	}
 	/*
 	echo json_encode(array(
 		'tbody'=>$html,
@@ -74,4 +82,6 @@ if($res!==false)
 		'func'=>'fillTable',
 		'id'=>'taskloglist',
 	);
-}
+} else {
+	Utils::clonos_syslog("tasklog: \$res query failed:". "SELECT id,st_time,end_time,cmd,status,errcode,logfile FROM taskd WHERE owner='". $username."' ORDER BY id DESC;");
+}

public/upload.php

@@ -24,14 +24,14 @@ if($_SERVER['REQUEST_METHOD'] === 'POST'){
 	// https://www.php.net/manual/en/features.file-upload.php
 	// Undefined | Multiple Files | $_FILES Corruption Attack
 	// If this request falls under any of them, treat it invalid.
-	if (
-		!isset($_FILES['file']['error']) ||
-		is_array($_FILES['file']['error'])
-	) {
-		echo json_encode(array('status' => 'Upload Fail: An error occurred!';));
-		exit;
-	}
-
+	if (
+		!isset($_FILES['file']['error']) ||
+		is_array($_FILES['file']['error'])
+	) {
+		echo json_encode(array('status' => 'Upload Fail: An error occurred!';));
+		exit;
+	}
+
 	if(is_uploaded_file($_FILES['file']['tmp_name'])){
 		$basename = strtolower(pathinfo($_FILES['file']['name'], PATHINFO_BASENAME));