Finish root password configuration page and moved escaping to SetRootPassword function

feature/node-rewrite
Sven Slootweg 13 years ago
parent 0766875cc6
commit 4e841d6ae7

@ -629,8 +629,10 @@ class Container extends CPHPDatabaseRecordClass
public function SetRootPassword($password)
{
$sPassword = escapeshellarg($password);
$this->SetOptions(array(
'userpasswd' => "root:{$password}"
'userpasswd' => "root:{$sPassword}"
));
}

@ -26,9 +26,11 @@ event-years-ago; %1$d years ago
title-overview; Overview
title-login; Login to your VPS panel
title-reinstall; Reinstall your VPS
title-password; Set new root password
button-login; Login
button-reinstall; Reinstall
button-password; Set new root password
notfound; The specified VPS was not found.
footer; CPHP is a free and open source VPS control panel. <a href="http://cvm.cryto.net/trac/wiki/Contribute">Want to contribute?</a>
@ -46,7 +48,7 @@ menu-console; Console
menu-ip; IP Allocation
menu-alerts; Alerts
menu-api; API
menu-password; Password
menu-password; Root Password
login-username; Username
login-password; Password
@ -86,3 +88,6 @@ list-status-suspended; Suspended
reinstall-warning; I understand that by reinstalling my VPS, <strong>all data on the VPS is permanently lost</strong> and cannot be recovered. There will be no further confirmations, <strong>after clicking the Reinstall button the reinstallation process cannot be aborted.</strong>
reinstall-patience; (be patient; this may take a while)
password-field-password; New root password
password-field-confirm; Confirm password

@ -0,0 +1,69 @@
<?php
/*
* CVM is more free software. It is licensed under the WTFPL, which
* allows you to do pretty much anything with it, without having to
* ask permission. Commercial use is allowed, and no attribution is
* required. We do politely request that you share your modifications
* to benefit other developers, but you are under no enforced
* obligation to do so :)
*
* Please read the accompanying LICENSE document for the full WTFPL
* licensing text.
*/
if(!isset($_CVM)) { die("Unauthorized."); }
$display_form = true;
if(isset($_POST['submit']))
{
try
{
if(!empty($_POST['password']) && !empty($_POST['confirm']))
{
if($_POST['password'] == $_POST['confirm'])
{
$sContainer->SetRootPassword($_POST['password']);
$err = new CPHPErrorHandler(CPHP_ERRORHANDLER_TYPE_SUCCESS, "Password configuration succeeded!", "Your new root password was successfully configured. Please ensure to change your root password again from your container after logging in.");
$sPageContents .= $err->Render();
}
else
{
$err = new CPHPErrorHandler(CPHP_ERRORHANDLER_TYPE_ERROR, "Passwords do not match", "Both entries should be identical. Please try again.");
$sPageContents .= $err->Render();
}
}
else
{
$err = new CPHPErrorHandler(CPHP_ERRORHANDLER_TYPE_ERROR, "Fields missing", "Both fields are required. Please try again.");
$sPageContents .= $err->Render();
}
}
catch (ContainerSuspendedException $e)
{
$err = new CPHPErrorHandler(CPHP_ERRORHANDLER_TYPE_ERROR, "Failed to configure root password", "You can not configure the root password for this VPS, because it is suspended. If you believe this is in error, please contact support.");
$sPageContents .= $err->Render();
}
catch (ContainerTerminatedException $e)
{
$err = new CPHPErrorHandler(CPHP_ERRORHANDLER_TYPE_ERROR, "Failed to configure root password", "You can not configure the root password for this VPS, because it is suspended. If you believe this is in error, please contact support.");
$sPageContents .= $err->Render();
}
catch (SshExitException $e)
{
$err = new CPHPErrorHandler(CPHP_ERRORHANDLER_TYPE_ERROR, "Failed to configure root password", "Your password may be in an invalid format. Try again with a different password.");
$sPageContents .= $err->Render();
}
}
if($display_form === true)
{
$err = new CPHPErrorHandler(CPHP_ERRORHANDLER_TYPE_WARNING, "Security warning", "Configuring your root password through this panel may expose it to the VPS provider. Only use this feature in an emergency situation, and always change your password again afterwards, from within your container.");
$sPageContents .= $err->Render();
$sPageContents .= Templater::InlineRender("vps.password", $locale->strings, array(
'id' => $sContainer->sId
));
}
?>

@ -37,7 +37,8 @@ try
'^/([0-9]+)/(start)/?$' => "module.vps.overview.php",
'^/([0-9]+)/(stop)/?$' => "module.vps.overview.php",
'^/([0-9]+)/(restart)/?$' => "module.vps.overview.php",
'^/([0-9]+)/reinstall/?$' => "module.vps.reinstall.php"
'^/([0-9]+)/reinstall/?$' => "module.vps.reinstall.php",
'^/([0-9]+)/password/?$' => "module.vps.password.php"
)
);

@ -0,0 +1,14 @@
<h1><%!title-password></h1>
<form method="post" action="/<%?id>/password/">
<label class="col_4" for="field_password"><%!password-field-password></label>
<input class="col_4" type="password" id="field_password" name="password">
<div class="clear"></div>
<label class="col_4" for="field_confirm"><%!password-field-confirm></label>
<input class="col_4" type="password" id="field_confirm" name="confirm">
<div class="clear"></div>
<div class="col_4"></div>
<button class="col_4" type="submit" name="submit"><%!button-password></button>
</form>
Loading…
Cancel
Save