1 files changed, 113 insertions, 0 deletions

diff --git a/h-source/Application/Controllers/SearchController.php b/h-source/Application/Controllers/SearchController.php
index 6f96595..b35ee45 100644
--- a/h-source/Application/Controllers/SearchController.php
+++ b/h-source/Application/Controllers/SearchController.php
@@ -107,6 +107,119 @@ class SearchController extends BaseController
 	{
 		if (isset($_POST['lspci']))
 		{
+			$data['notice'] = null;
+			
+			$lspci = $this->request->post('lspci','','sanitizeHtml');
+			if (strlen($lspci)<10000)
+			{
+				$flag = false;
+				
+				$lspci = nl2br($lspci);
+				$lspciArray = explode('<br />',$lspci);
+				$lspciResult = array();
+				reset($lspciArray);
+				while(current($lspciArray) !== false)
+				{
+					$item = current($lspciArray);
+					if (stristr($item,'Slot'))
+					{
+						$temp = array();
+						
+// 						class
+						if (next($lspciArray) !== false)
+						{
+							$item = trim(current($lspciArray));
+							if( !preg_match( '/^[a-zA-Z0-9\-\_\.\:\+\s\(\)\/\[\]]+$/i', $item ) )
+							{
+								$flag = false;
+								break;
+							}
+							if( preg_match( '/Class\:(.*)\[(.*)\]/i', $item, $matches ) )
+							{
+								$temp['className'] =  $matches[1];
+								$temp['classId'] =  $matches[2];
+							}
+							else
+							{
+								$temp['className'] = "unknown";
+								$temp['classId'] =  "unknown";
+							}
+						}
+						else
+						{
+							$flag = false;
+							break;
+						}
+						
+// 						vendor
+						if (next($lspciArray) !== false)
+						{
+							$item = trim(current($lspciArray));
+							if( !preg_match( '/^[a-zA-Z0-9\-\_\.\:\+\s\(\)\/\[\]]+$/i', $item ) )
+							{
+								$flag = false;
+								break;
+							}
+							if( preg_match( '/Vendor\:(.*)\[(.*)\]/i', $item, $matches ) )
+							{
+								$temp['vendorName'] =  $matches[1];
+								$temp['vendorId'] =  $matches[2];
+							}
+							else
+							{
+								$temp['vendorName'] = "unknown";
+								$temp['vendorId'] =  "unknown";
+							}
+						}
+						else
+						{
+							$flag = false;
+							break;
+						}
+						
+// 						device
+						if (next($lspciArray) !== false)
+						{
+							$item = trim(current($lspciArray));
+							if( !preg_match( '/^[a-zA-Z0-9\-\_\.\:\+\s\(\)\/\[\]]+$/i', $item ) )
+							{
+								$flag = false;
+								break;
+							}
+							if( preg_match( '/Device\:(.*)\[(.*)\]/i', $item, $matches ) )
+							{
+								$temp['deviceName'] =  $matches[1];
+								$temp['deviceId'] =  $matches[2];
+							}
+							else
+							{
+								$temp['deviceName'] = "unknown";
+								$temp['deviceId'] =  "unknown";
+							}
+						}
+						else
+						{
+							$flag = false;
+							break;
+						}
+						
+						$lspciResult[] = $temp;
+						$flag = true;
+					}
+					next($lspciArray);
+				}
+			}
+			else
+			{
+				$data['notice'] = "<div class='alert'>the lspci output is too long</div>\n";
+			}
+			
+			if ($flag)
+			{
+				echo "<pre>";
+				print_r($lspciResult);
+				echo "</pre>";
+			}
 // 			$clean['pciid'] = $this->request->post('lspci','','sanitizePciid');
 // 			$data['table'] = $this->m['HardwareModel']->clear()->select()->where(array('pci_id'=>$clean['pciid']))->send();
 // 			$data['recordNumber'] = 0;