Главная Обзор Помощь
Вход
yosoyhendrix
/
hestiacp
1
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: 67f2e12729
Ветки Метки
hestiacp
/
web
/
add
/
key
/
index.php

index.php 2.2 KB
История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384 
  1. <?php
    2. 

  2. use function Hestiacp\quoteshellarg\quoteshellarg;
    3. 

  3. 

  4. ob_start();
    5. 

  5. session_start();
    6. 

  6. $TAB = "USER";
    7. 

  7. 

  8. // Main include
    9. 

  9. include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
    10. 

  10. 

  11. // Check POST request
    12. 

  12. if (!empty($_POST["ok"])) {
    13. 

  13. 	// Check token
    14. 

  14. 	verify_csrf($_POST);
    15. 

  15. 

  16. 	// Check empty fields
    17. 

  17. 	if (empty($_POST["v_key"])) {
    18. 

  18. 		$errors[] = _("SSH Key");
    19. 

  19. 	}
    20. 

  20. 	if (!empty($errors[0])) {
    21. 

  21. 		foreach ($errors as $i => $error) {
    22. 

  22. 			if ($i == 0) {
    23. 

  23. 				$error_msg = $error;
    24. 

  24. 			} else {
    25. 

  25. 				$error_msg = $error_msg . ", " . $error;
    26. 

  26. 			}
    27. 

  27. 		}
    28. 

  28. 		$_SESSION["error_msg"] = sprintf(_('Field "%s" can not be blank.'), $error_msg);
    29. 

  29. 	}
    30. 

  30. 

  31. 	if ($_SESSION["userContext"] === "admin" && !empty($_GET["user"])) {
    32. 

  32. 		$user = quoteshellarg($_GET["user"]);
    33. 

  33. 	}
    34. 

  34. 

  35. 	if (!$_SESSION["error_msg"]) {
    36. 

  36. 		if ($_POST) {
    37. 

  37. 			//key if key already exists
    38. 

  38. 			exec(HESTIA_CMD . "v-list-user-ssh-key " . $user . " json", $output, $return_var);
    39. 

  39. 			$data = json_decode(implode("", $output), true);
    40. 

  40. 			unset($output);
    41. 

  41. 			$keylist = [];
    42. 

  42. 			$idlist = [];
    43. 

  43. 			foreach ($data as $key => $value) {
    44. 

  44. 				$idlist[] = trim($data[$key]["ID"]);
    45. 

  45. 				$keylist[] = trim($data[$key]["KEY"]);
    46. 

  46. 			}
    47. 

  47. 

  48. 			$v_key_parts = explode(" ", $_POST["v_key"]);
    49. 

  49. 			$key_id = trim($v_key_parts[2]);
    50. 

  50. 			if ($v_key_parts[2] == "") {
    51. 

  51. 				$v_key_parts[2] = md5(time());
    52. 

  52. 				$_POST["v_key"] .= " " . $v_key_parts[2];
    53. 

  53. 			}
    54. 

  54. 

  55. 			//for deleting / revoking key the last part user@domain is used therefore needs to be unique
    56. 

  56. 			//maybe consider adding random generated message or even an human read able string set by user?
    57. 

  57. 			if (in_array($v_key_parts[2], $idlist)) {
    58. 

  58. 				$_SESSION["error_msg"] = _("SSH Key already exists.");
    59. 

  59. 			}
    60. 

  60. 			if (in_array($v_key_parts[1], $keylist)) {
    61. 

  61. 				$_SESSION["error_msg"] = _("SSH Key already exists.");
    62. 

  62. 			}
    63. 

  63. 			$v_key = quoteshellarg(trim($_POST["v_key"]));
    64. 

  64. 		}
    65. 

  65. 	}
    66. 

  66. 

  67. 	if (empty($_SESSION["error_msg"])) {
    68. 

  68. 		exec(HESTIA_CMD . "v-add-user-ssh-key " . $user . " " . $v_key, $output, $return_var);
    69. 

  69. 		check_return_code($return_var, $output);
    70. 

  70. 	}
    71. 

  71. 	unset($output);
    72. 

  72. 	// Flush field values on success
    73. 

  73. 	if (empty($_SESSION["error_msg"])) {
    74. 

  74. 		$_SESSION["ok_msg"] = _("SSH Key has been created successfully.");
    75. 

  75. 	}
    76. 

  76. }
    77. 

  77. if (empty($v_key)) {
    78. 

  78. 	$v_key = "";
    79. 

  79. }
    80. 

  80. render_page($user, $TAB, "add_key");
    81. 

  81. 

  82. // Flush session messages
    83. 

  83. unset($_SESSION["error_msg"]);
    84. 

  84. unset($_SESSION["ok_msg"]);
    85.