mirror of
				https://github.com/xcat2/xcat-core.git
				synced 2025-10-20 14:05:27 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			160 lines
		
	
	
		
			4.9 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
			
		
		
	
	
			160 lines
		
	
	
		
			4.9 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
| <?php
 | |
| /* Required libraries */
 | |
| $TOPDIR = '..';
 | |
| require_once "$TOPDIR/lib/functions.php";
 | |
| require_once "$TOPDIR/lib/jsonwrapper.php";
 | |
| 
 | |
| /**
 | |
|  * Issue an xCAT command (only for z)
 | |
|  *
 | |
|  * @param $cmd     The xCAT command
 | |
|  * @param $tgt     The target node or group
 | |
|  * @param $args    The xCAT command arguments, separated by semicolons
 | |
|  * @return The xCAT response.  Replies are in the form of JSON
 | |
|  */
 | |
| if (isset($_GET["cmd"])) {
 | |
|     // HTTP GET requests
 | |
|     $cmd = $_GET["cmd"];
 | |
|     $tgt = $_GET["tgt"];
 | |
|     $args = $_GET["args"];
 | |
| 
 | |
|     // Attachments are put here
 | |
|     $att = $_GET["att"];
 | |
| 
 | |
|     // Special messages put here
 | |
|     $msg = $_GET["msg"];
 | |
| 
 | |
|     // If no $tgt is given, set $tgt to NULL
 | |
|     if (!$tgt) {
 | |
|         $tgt = NULL;
 | |
|     }
 | |
| 
 | |
|     // If no $args is given, set $args to NULL
 | |
|     if (!$args) {
 | |
|         $args = NULL;
 | |
|     }
 | |
| 
 | |
|     // If no $msg is given, set $msg to NULL
 | |
|     if (!$msg) {
 | |
|         $msg = NULL;
 | |
|     }
 | |
| 
 | |
|     // If no $att is given, set $att to NULL
 | |
|     if (!$att) {
 | |
|         $att = NULL;
 | |
|     }
 | |
| 
 | |
|     // If $args contains multiple arguments, split it into an array
 | |
|     // Separators used are: || or ;
 | |
| 	if (strpos($args, "||")) {
 | |
|         // Split the arguments into an array
 | |
|         $arr = array();
 | |
|         $arr = explode("||", $args);
 | |
|     } else if (strpos($args, ";")) {
 | |
|         // Split the arguments into an array
 | |
|         $arr = array();
 | |
|         $arr = explode(";", $args);
 | |
|     } else {
 | |
|         $arr = array($args);
 | |
|     }
 | |
| 
 | |
|     $rsp = array();
 | |
| 
 | |
|     // Replace user entry
 | |
|     if (strncasecmp($cmd, "chvm", 4) == 0 && strncasecmp($arr[0], "--replacevs", 11) == 0) {
 | |
|         // Directory /var/tmp permissions = 777
 | |
|         // You can write anything to that directory
 | |
|         $userEntry = "/var/tmp/$tgt.txt";
 | |
|         $handle = fopen($userEntry, 'w') or die("Cannot open $userEntry");
 | |
|         fwrite($handle, $att);
 | |
|         fclose($handle);
 | |
| 
 | |
|         // CLI command: chvm gpok249 --replacevs /tmp/dirEntry.txt
 | |
|         // Replace user entry
 | |
|         array_push($arr, $userEntry);
 | |
|         $xml = docmd($cmd, $tgt, $arr, NULL);
 | |
|         foreach ($xml->children() as $child) {
 | |
|             foreach ($child->children() as $data) {
 | |
|                 $data = str_replace(":|:", "\n", $data);
 | |
|                 array_push($rsp, "$data");
 | |
|             }
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     // Create virtual server
 | |
|     else if (strncasecmp($cmd, "mkvm", 4) == 0) {
 | |
|         // Directory /var/tmp permissions = 777
 | |
|         // You can write anything to that directory
 | |
|         $userEntry = "/var/tmp/$tgt.txt";
 | |
|         $handle = fopen($userEntry, 'w') or die("Cannot open $userEntry");
 | |
|         fwrite($handle, $att);
 | |
|         fclose($handle);
 | |
| 
 | |
|         // CLI command: mkvm gpok3 /tmp/gpok3.txt
 | |
|         // Create user entry
 | |
|         array_unshift($arr, $userEntry);
 | |
|         $xml = docmd($cmd, $tgt, $arr, NULL);
 | |
|         foreach ($xml->children() as $child) {
 | |
|             foreach ($child->children() as $data) {
 | |
|                 $data = str_replace(":|:", "\n", $data);
 | |
|                 array_push($rsp, "$data");
 | |
|             }
 | |
|         }
 | |
|     }
 | |
| 
 | |
|     // Run shell script
 | |
|     // This is a typical command used by all platforms.  It is put here because
 | |
|     // most of the code needed are already here
 | |
|     else if (strncasecmp($cmd, "xdsh", 4) == 0) {
 | |
|         // Directory /var/tmp permissions = 777
 | |
|         // You can write anything to that directory
 | |
|         $msgArgs = explode(";", $msg);
 | |
|         $inst = str_replace("out=scriptStatusBar", "", $msgArgs[0]);
 | |
|         $script = "/var/tmp/script$inst.sh";
 | |
| 
 | |
|         // Write to file
 | |
|         $handle = fopen($script, 'w') or die("Cannot open $script");
 | |
|         fwrite($handle, $att);
 | |
|         fclose($handle);
 | |
| 
 | |
|         // Change it to executable
 | |
|         chmod($script, 0777);
 | |
| 
 | |
|         // CLI command: xdsh gpok3 -e /var/tmp/gpok3.sh
 | |
|         // Create user entry
 | |
|         array_push($arr, $script);
 | |
|         $xml = docmd($cmd, $tgt, $arr, NULL);
 | |
|         foreach ($xml->children() as $child) {
 | |
|             foreach ($child->children() as $data) {
 | |
|                 $data = str_replace(":|:", "\n", $data);
 | |
|                 array_push($rsp, "$data");
 | |
|             }
 | |
|         }
 | |
| 
 | |
|         // Remove this file
 | |
|         unlink($script);
 | |
|     }
 | |
| 
 | |
|     // Remove any HTML that could be used for XSS attacks
 | |
|     foreach ($rsp as $key => &$value) {
 | |
|         $whatami = gettype($value);
 | |
|         if ("string" != $whatami) {
 | |
|             //echo "found a non string in rsp array \n";
 | |
|             foreach ($value as $key2 => $value2){
 | |
|                 //echo "Key2:$key2  Value2 type:",gettype($value2)," value2 data: $value2 \n";
 | |
|                 $value[$key2] = htmlentities($value2, ENT_QUOTES | ENT_HTML5, 'UTF-8');
 | |
|             }
 | |
|         } else {
 | |
|             //echo "Key:$key  Value type:",gettype($value)," value data: $value \n";
 | |
|             $rsp[$key] = htmlentities($value, ENT_QUOTES | ENT_HTML5, 'UTF-8');
 | |
|             //echo "New value: $rsp[$key] \n";
 | |
|         }
 | |
|     }
 | |
|     $msg = htmlentities($msg, ENT_QUOTES | ENT_HTML5, 'UTF-8');
 | |
| 
 | |
|     // Reply in the form of JSON
 | |
|     $rtn = array("rsp" => $rsp, "msg" => $msg);
 | |
|     echo json_encode($rtn);
 | |
| }
 | |
| ?>
 |