aboutsummaryrefslogtreecommitdiff
blob: cadbf98967aa0f119790b05190a4d3798375942f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
<?php

    // Gentoaster web interface config processor
    // Licensed under GPL v3, see COPYING file

    require_once "config.php";

    $ipaddress = filter_input(INPUT_SERVER, "REMOTE_ADDR",
                              FILTER_VALIDATE_IP);

    if (RECAPTCHA_ENABLED) {
        require_once "recaptcha.php";

        $challenge = filter_input(INPUT_POST,
                                  "recaptcha_challenge_field",
                                  FILTER_UNSAFE_RAW);
        $response = filter_input(INPUT_POST, 
                                 "recaptcha_response_field",
                                 FILTER_UNSAFE_RAW);
        
        $resp = recaptcha_check_answer(RECAPTCHA_PRIVATE_KEY,
                                       $ipaddress,
                                       $challenge,
                                       $response);
                                    
        if (!$resp->is_valid) {
            die("CAPTCHA was incorrect");
        }
    }

    function sanitize_shellarg($arg) {
        return escapeshellarg($arg);
    }
    $shellfilter = array("options" => "sanitize_shellarg");

    $buildID = uniqid();
    $bootMegabytes = filter_input(INPUT_POST, "boot_size", FILTER_VALIDATE_INT);
    $swapMegabytes = filter_input(INPUT_POST, "swap_size", FILTER_VALIDATE_INT);
    $rootMegabytes = filter_input(INPUT_POST, "root_size", FILTER_VALIDATE_INT);
    $timezone = filter_input(INPUT_POST, "timezone", FILTER_CALLBACK, $shellfilter);
    $hostname = filter_input(INPUT_POST, "hostname", FILTER_CALLBACK, $shellfilter);
    $username =  filter_input(INPUT_POST, "username", FILTER_CALLBACK, $shellfilter);
    $password = filter_input(INPUT_POST, "password", FILTER_CALLBACK, $shellfilter);
    $rootPass = filter_input(INPUT_POST, "rootpassword", FILTER_CALLBACK, $shellfilter);
    $packagesList = filter_input(INPUT_POST, "packages", FILTER_CALLBACK, $shellfilter);
    $outputFormat = filter_input(INPUT_POST, "format", FILTER_CALLBACK, $shellfilter);

    $packagesList = str_replace("\r\n", " ", $packagesList);
    $packagesList = str_replace("\n", " ", $packagesList);

$iniString = "[vmconfig]

BUILD_ID='$buildID'
BOOT_MEGABYTES='$bootMegabytes'
SWAP_MEGABYTES='$swapMegabytes'
ROOT_MEGABYTES='$rootMegabytes'
TIMEZONE=$timezone
HOSTNAME=$hostname
ROOT_PASSWORD=$rootPass
DEFAULT_USERNAME=$username
DEFAULT_PASSWORD=$password
USE_FLAGS=''
PACKAGE_USE=''
FEATURES='parallel-fetch userfetch userpriv getbinpkg'
PACKAGE_ACCEPT_KEYWORDS=''
PACKAGES_LIST=$packagesList
OUTPUT_FORMAT=$outputFormat";

    $client = new GearmanClient();
    $client->addServer();
    $handle = $client->doBackground("invoke_image_build", $iniString);

    $db = new mysqli(MYSQL_HOSTNAME, MYSQL_USERNAME,
                     MYSQL_PASSWORD, MYSQL_DATABASE);
    if (mysqli_connect_errno()) {
       die("Could not connect to database ".mysqli_connect_error());
    }

    $stmt = $db->prepare("INSERT INTO builds (id, handle, ipaddress) VALUES(?, ?, ?)");
    $stmt->bind_param("sss", $buildID, $handle, $ipaddress);
    $stmt->execute();
    $stmt->close();
    $db->close();

    header("Location: finished.php?uuid=".$buildID);