diff options
Diffstat (limited to 'h-source/Application')
-rw-r--r-- | h-source/Application/Controllers/SearchController.php | 113 | ||||
-rw-r--r-- | h-source/Application/Views/right.php | 2 |
2 files changed, 114 insertions, 1 deletions
diff --git a/h-source/Application/Controllers/SearchController.php b/h-source/Application/Controllers/SearchController.php index 6f96595..b35ee45 100644 --- a/h-source/Application/Controllers/SearchController.php +++ b/h-source/Application/Controllers/SearchController.php @@ -107,6 +107,119 @@ class SearchController extends BaseController { if (isset($_POST['lspci'])) { + $data['notice'] = null; + + $lspci = $this->request->post('lspci','','sanitizeHtml'); + if (strlen($lspci)<10000) + { + $flag = false; + + $lspci = nl2br($lspci); + $lspciArray = explode('<br />',$lspci); + $lspciResult = array(); + reset($lspciArray); + while(current($lspciArray) !== false) + { + $item = current($lspciArray); + if (stristr($item,'Slot')) + { + $temp = array(); + +// class + if (next($lspciArray) !== false) + { + $item = trim(current($lspciArray)); + if( !preg_match( '/^[a-zA-Z0-9\-\_\.\:\+\s\(\)\/\[\]]+$/i', $item ) ) + { + $flag = false; + break; + } + if( preg_match( '/Class\:(.*)\[(.*)\]/i', $item, $matches ) ) + { + $temp['className'] = $matches[1]; + $temp['classId'] = $matches[2]; + } + else + { + $temp['className'] = "unknown"; + $temp['classId'] = "unknown"; + } + } + else + { + $flag = false; + break; + } + +// vendor + if (next($lspciArray) !== false) + { + $item = trim(current($lspciArray)); + if( !preg_match( '/^[a-zA-Z0-9\-\_\.\:\+\s\(\)\/\[\]]+$/i', $item ) ) + { + $flag = false; + break; + } + if( preg_match( '/Vendor\:(.*)\[(.*)\]/i', $item, $matches ) ) + { + $temp['vendorName'] = $matches[1]; + $temp['vendorId'] = $matches[2]; + } + else + { + $temp['vendorName'] = "unknown"; + $temp['vendorId'] = "unknown"; + } + } + else + { + $flag = false; + break; + } + +// device + if (next($lspciArray) !== false) + { + $item = trim(current($lspciArray)); + if( !preg_match( '/^[a-zA-Z0-9\-\_\.\:\+\s\(\)\/\[\]]+$/i', $item ) ) + { + $flag = false; + break; + } + if( preg_match( '/Device\:(.*)\[(.*)\]/i', $item, $matches ) ) + { + $temp['deviceName'] = $matches[1]; + $temp['deviceId'] = $matches[2]; + } + else + { + $temp['deviceName'] = "unknown"; + $temp['deviceId'] = "unknown"; + } + } + else + { + $flag = false; + break; + } + + $lspciResult[] = $temp; + $flag = true; + } + next($lspciArray); + } + } + else + { + $data['notice'] = "<div class='alert'>the lspci output is too long</div>\n"; + } + + if ($flag) + { + echo "<pre>"; + print_r($lspciResult); + echo "</pre>"; + } // $clean['pciid'] = $this->request->post('lspci','','sanitizePciid'); // $data['table'] = $this->m['HardwareModel']->clear()->select()->where(array('pci_id'=>$clean['pciid']))->send(); // $data['recordNumber'] = 0; diff --git a/h-source/Application/Views/right.php b/h-source/Application/Views/right.php index f81ca1d..a37e0a2 100644 --- a/h-source/Application/Views/right.php +++ b/h-source/Application/Views/right.php @@ -22,7 +22,7 @@ <div id="right"> - <?php if (strcmp($this->action,'update') !== 0) { ?> + <?php if (strcmp($this->action,'update') !== 0 and strcmp($this->action,'pciid') !== 0 and strcmp($this->action,'lspci') !== 0) { ?> <div class="language_links_box"> <?php echo $language_links;?> </div> |