vesta/web/api/v1/bulk/db/index.php

<?php
// Init
error_reporting(NULL);
ob_start();
session_start();

header('Content-Type: application/json');
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check token
if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
    exit();
}

$database = $_POST['database'];
$action = $_POST['action'];

if ($_SESSION['user'] == 'admin') {
    switch ($action) {
        case 'delete': $cmd='v-delete-database';
            break;
        case 'suspend': $cmd='v-suspend-database';
            break;
        case 'unsuspend': $cmd='v-unsuspend-database';
            break;
        default: exit;
    }
} else {
    switch ($action) {
        case 'delete': $cmd='v-delete-database';
            break;
        default: exit;
    }
}

foreach ($database as $value) {
    $value = escapeshellarg($value);
    exec (VESTA_CMD.$cmd." ".$user." ".$value, $output, $return_var);
}

$result = array(
    'error' => $_SESSION['error_msg'],
    'ok_msg' => $_SESSION['ok_msg']
  );
  
echo json_encode($result);
unset($_SESSION['error_msg']);
unset($_SESSION['ok_msg']);