scottk/control-pane
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/control-pane.git synced 2025-10-29 09:02:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #53 from bozhinov/Public

Browse Source 
* Simplify vnc.php
This commit is contained in:
Oleg Ginzburg
2022-08-02 16:21:16 +03:00
committed by GitHub
parent 3dcb57cf1d 32982ab2a8
commit f942f2959e
2 changed files with 164 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

147
php/validate.php Normal file
View File

@@ -0,0 +1,147 @@
<?php
class Validate {
private $f;
function __construct(array $pool)
{
$this->f = $pool;
}
public static function short_string($string, $exact_len = 0)
{
if (filter_var($string, FILTER_SANITIZE_STRING) != $string){
throw new Exception($string." string did not pass the validation");
}
$len = strlen($string);
if ($exact_len > 0){
if ($len != $exact_len) {
throw new Exception($string." string did not pass the lenght validation");
}
} else {
if ($len < 1 || $len > 34){
throw new Exception($string." string did not pass the lenght validation");
}
}
}
public static function url($url)
{
if (filter_var($url, FILTER_SANITIZE_URL) != $url){
throw new Exception($string." string did not pass the validation");
}
}
public static function long_string($string)
{
if (filter_var($string, FILTER_SANITIZE_STRING) != $string){
throw new Exception($string." string did not pass the validation");
}
$len = strlen($string);
if ($len < 1 || $len > 150){
throw new Exception($string." string did not pass the lenght validation");
}
}
public function exists($key)
{
return isset($this->f[$key]);
}
public function add_default($key, $val)
{
// NOTE this appends to f and it will stay there
if (!isset($this->f[$key])){
$this->f[$key] = $val;
}
}
public function all()
{
foreach($this->f as $f){
if (filter_var($f, FILTER_SANITIZE_STRING) != $f){
throw new Exception($f." string did not pass the validation");
}
}
return $this->f;
}
public function these(array $list)
{
if (empty($this->f)) {
throw new Exception("Validation data pool is empty");
}
foreach($list as $e => $type){
if (!isset($this->f[$e])){
throw new Exception($e.' is not set in form');
}
}
$r = [];
foreach($list as $e => $type){
switch($type){
case 1: # INT
$r[$e] = (int)$this->f[$e];
break;
case 2: # INT 0 not accepted
$r[$e] = (int)$this->f[$e];
if($r[$e] == 0){
throw new Exception($e." can't be 0");
}
break;
case 3: # SHORT STRING
if (filter_var($e, FILTER_SANITIZE_STRING) != $e){
throw new Exception($e." string did not pass the validation");
}
$len = strlen($this->f[$e]);
if ($len < 1 || $len > 34){
throw new Exception($e." string did not pass the lenght validation");
}
$r[$e] = $this->f[$e];
break;
case 4: # LONG STRING
if (filter_var($e, FILTER_SANITIZE_STRING) != $e){
throw new Exception($e." string did not pass the validation");
}
$len = strlen($this->f[$e]);
if ($len < 1 || $len > 150){
throw new Exception($e." string did not pass the lenght validation");
}
$r[$e] = $this->f[$e];
break;
case 5: # STRING WITH SPECIAL CHARS
if (filter_var($e, FILTER_SANITIZE_SPECIAL_CHARS) != $e){
throw new Exception($e." string did not pass the validation");
}
$len = strlen($this->f[$e]);
if ($len < 1 || $len > 20){
throw new Exception($e." string did not pass the lenght validation");
}
$r[$e] = $this->f[$e];
break;
case 6: # IP v4
if (filter_var($e, FILTER_FLAG_IPV4) != $e){
throw new Exception($e." string did not pass the validation");
}
$r[$e] = $this->f[$e];
break;
}
switch($e){
case 'password':
if ($len < 6){
throw new Exception("Minimal password lenght is 6");
}
break;
}
}
return $r;
}
}

50
public/vnc.php
View File

@@ -7,55 +7,39 @@ if(!isset($_GET['jname'])){
function runVNC($jname)
{
$res=(new Db('base','local'))->selectOne("SELECT vnc_password FROM bhyve WHERE jname=?", array([$jname]));
$res = (new Db('base','local'))->selectOne("SELECT vnc_password FROM bhyve WHERE jname=?", array([$jname]));
$pass='cbsd';
if($res!==false) $pass=$res['vnc_password'];
$pass = ($res !== false) ? $res['vnc_password'] : 'cbsd';
$remote_ip=$_SERVER['REMOTE_ADDR'];
CBSD::run("vm_vncwss jname=%s permit=%s", array($jname,$remote_ip));
CBSD::run("vm_vncwss jname=%s permit=%s", array($jname, $_SERVER['REMOTE_ADDR']));
// HTTP_HOST is preferred for href
if (isset($_SERVER['HTTP_HOST']) && !empty(trim($_SERVER['HTTP_HOST']))){
$nodeip=$_SERVER['HTTP_HOST'];
}
if (filter_var($nodeip, FILTER_VALIDATE_IP)) {
$is_ip4=true;
} else {
$is_ip4=false;
}
if ($is_ip4 == false) {
if (filter_var($nodeip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
$is_ip6=true;
} else {
$is_ip6=false;
}
$nodeip = $_SERVER['HTTP_HOST'];
} else {
# use localhost as fallback in case the HTTP_HOST header is not set
$nodeip = '127.0.0.1';
}
// HTTP_HOST is IP, try to check SERVER_NAME
if (($is_ip4==true)||($is_ip6==true)) {
if(isset($_SERVER['SERVER_NAME']) && !empty(trim($_SERVER['SERVER_NAME']))){
$nodeip=$_SERVER['SERVER_NAME'];
} else {
$nodeip=$_SERVER['SERVER_ADDR'];
if (filter_var($nodeip, FILTER_VALIDATE_IP)) {
$nodeip = $_SERVER['SERVER_ADDR'];
// https://www.php.net/manual/en/reserved.variables.server.php
// Note: Under Apache 2, you must set UseCanonicalName = On and ServerName.
// handle when 'server_name _;' - use IP instead
if(isset($_SERVER['SERVER_NAME']) && !empty(trim($_SERVER['SERVER_NAME'])) && (strcmp($_SERVER['SERVER_NAME'], "_") != 0)){
$nodeip = $_SERVER['SERVER_NAME'];
}
}
// handle when 'server_name _;' - use IP instead
if (strcmp($nodeip, "_") == 0) {
$nodeip=$_SERVER['SERVER_ADDR'];
}
# TODO: This will send the pass in clear text
header('Location: http://'.$nodeip.':6081/vnc_lite.html?scale=true&host='.$nodeip.'&port=6081?password='.$pass);
exit;
}
$rp=realpath('../');
$rp = realpath('../');
require_once($rp.'/php/db.php');
require_once($rp.'/php/cbsd.php');
require_once($rp.'/php/validate.php');
runVNC($_GET['jname']);
runVNC(Validate::short_string($_GET['jname'], 32));