-
Notifications
You must be signed in to change notification settings - Fork 0
/
create_vm.php
37 lines (33 loc) · 1.55 KB
/
create_vm.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<?php
header('Content-type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST');
header('Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With');
// Take POST request with JSON data (template_name, user_name, vm_name, is_elastic)
$data = json_decode(file_get_contents('php://input'), true);
$vm_name = $data["vm_name"];
$vm_template = $data["template_name"];
$vm_username = $data["user_name"];
$template_override = $data["template_override"];
// Make sure command is safe (no shell injection)
$vm_name = escapeshellcmd($vm_name);
$vm_template = escapeshellcmd($vm_template);
$vm_username = escapeshellcmd($vm_username);
$template_override = escapeshellcmd($template_override);
// On template_override, make sure double quotes are escaped
if ($template_override) {
$template_override = str_replace('"', '\"', $template_override);
}
chdir('/var/www/ironsight-api-handler/scripts/ironsight_harvester_api/');
$command = 'python3 create_vm.py ' . $vm_name . ' ' . $vm_template . ' ' . $vm_username . ' ' . $template_override;
$output = shell_exec($command);
// Get rid of newlines in output
$output = str_replace("\n", ", ", $output);
// If the output contains "Usage", then the command failed
if (strpos($output, 'Usage') !== false) {
echo '{"status": "fail"}';
}
else {
echo '{"status": "success", "raw_query": "' . $command . '" ,"output": "' . $output . '", "name": "' . $vm_name . '", "template": "' . $vm_template . '", "username": "' . $vm_username . '"}';
}
?>