moved to 5.2-1

README

@@ -21,3 +21,10 @@ chmod 1775 /etc/vbox
 # for each VM, when not running, in vbox shell (su vbox, not sudo): VBoxManage modifyvm VM_NAME --autostart-enabled on
 
 ```
+
+Install extension pack (as root):
+get version in https://download.virtualbox.org/virtualbox/
+```
+wget ...
+vboxmanage extpack install Oracle...vbox-extpack
+```

phpvirtualbox/Dockerfile

@@ -14,21 +14,16 @@ RUN apt-get update && apt-get -y install\
 RUN /usr/sbin/a2enmod rewrite &&\
     rm -rf /var/www/html &&\
     mkdir -p /var/lock/apache2 /var/run/apache2 /var/log/apache2 /var/www/html &&\
-    chown -R www-data:www-data /var/lock/apache2 /var/run/apache2 /var/log/apache2 /var/www/html
-
-RUN rm -rf /var/log/* &&\
+    chown -R www-data:www-data /var/lock/apache2 /var/run/apache2 /var/log/apache2 /var/www/html &&\
+    rm -rf /var/log/* &&\
     mkdir -p /var/log/apache2 &&\
     ln -s /dev/stderr /var/log/apache2/error.log &&\
     ln -s /dev/stdout /var/log/apache2/access.log &&\
     ln -s /dev/stdout /var/log/apache2/other_vhosts_access.log
 
-RUN apt-get update && \
-    apt-get install -y curl && \
-    apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
-
 COPY apache2.conf /etc/apache2/apache2.conf
 
-COPY ./phpvirtualbox-5.0-5/ /var/www/html/
+COPY ./phpvirtualbox-5.2-1/ /var/www/html/
 
 COPY ./vars-vars /etc/vars-vars
 

phpvirtualbox/config.php

@@ -23,6 +23,8 @@ var $language = 'en';
 
 /* Set the standard VRDE Port Number / Range, e.g. 1010-1020 or 1027 */
 var $vrdeports = '9000-9100';
+/* Set the default VRDE address, e.g. 192.168.1.1 */
+#var $vrdeaddress = '192.168.1.1';
 
 /*
  *
@@ -172,7 +174,7 @@ var $nicMax = 4;
 /* Enable advanced configuration items (normally hidden in the VirtualBox GUI)
  * Note that some of these items may not be translated to languages other than English. 
  */
-#var $enableAdvancedConfig = true;
+var $enableAdvancedConfig = true;
 
 /* Enable startup / shutdown configuration.
  * This only works in linux and you must add the vboxinit file to

phpvirtualbox/phpvirtualbox-5.0-5/LICENSE.txt → phpvirtualbox/phpvirtualbox-5.2-1/LICENSE.txt

@@ -1,16 +1,16 @@
-phpVirtualBox - A web-based front-end to VirtualBox.
-Copyright (C) 2011  Ian Moore
-
-This program is free software; you can redistribute it and/or
-modify it under the terms of the GNU General Public License
-version 3 as published by the Free Software Foundation.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-(GPLv3.txt in this folder) along with this program; if not, write
-to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
-Floor, Boston, MA  02110-1301, USA.
+phpVirtualBox - A web-based front-end to VirtualBox.
+Copyright (C) 2011  Ian Moore
+
+This program is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License
+version 3 as published by the Free Software Foundation.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+(GPLv3.txt in this folder) along with this program; if not, write
+to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
+Floor, Boston, MA  02110-1301, USA.

phpvirtualbox/phpvirtualbox-5.0-5/README.md → phpvirtualbox/phpvirtualbox-5.2-1/README.md

@@ -1,6 +1,10 @@
 # About
 
-phpVirtualBox is Copyright (C) 2015 Ian Moore (imoore76 at yahoo dot com)
+phpVirtualBox is from 2017 maintained by Smart Guide Pty Ltd (tudor at smartguide dot com dot au)
+
+with support from various contributors (see https://github.com/phpvirtualbox/phpvirtualbox/graphs/contributors)
+
+Originally Copyright (C) 2015 Ian Moore (imoore76 at yahoo dot com)
 
 FREE, WITHOUT WARRANTY:
 
@@ -14,17 +18,20 @@ possession.
 
 # Installation from Zip file
 
-1) Download zip file from sourceforge project site: https://sourceforge.net/projects/phpvirtualbox/
+1) Download zip file from GitHub project site: https://github.com/phpvirtualbox/phpvirtualbox/archive/master.zip
+
+2) Unzip the zipfile into a folder accessible by your web server
+
+3) Rename config.php-example to config.php and edit as needed.
 
-2) Rename config.php-example to config.php and edit as needed.
+Read the wiki for more information : https://github.com/phpvirtualbox/phpvirtualbox/wiki
 
 # Post installation
 
 Default login is username: admin password: admin
 
-Please see the wiki located at
-http://sourceforge.net/p/phpvirtualbox/wiki/Home/
-for detailed installation and configuration instructions.
+Please report bugs / feature requests to GitHub
+https://github.com/phpvirtualbox/phpvirtualbox/issues
 
 # Password Recovery
 

phpvirtualbox/phpvirtualbox-5.0-5/config.php-example → phpvirtualbox/phpvirtualbox-5.2-1/config.php-example

@@ -23,6 +23,8 @@ var $language = 'en';
 
 /* Set the standard VRDE Port Number / Range, e.g. 1010-1020 or 1027 */
 var $vrdeports = '9000-9100';
+/* Set the default VRDE address, e.g. 192.168.1.1 */
+#var $vrdeaddress = '192.168.1.1';
 
 /*
  *

phpvirtualbox/phpvirtualbox-5.0-5/css/tipped.css → phpvirtualbox/phpvirtualbox-5.2-1/css/tipped.css

@@ -1,43 +1,43 @@
-#tipped {
-	/* position & display are necessary */
-	position:absolute;
-	display:none;
-	
-	/* The rest are just to make it look good & can be changed as you want */
-	border: 1px solid #404040;
-	color: #404040;
-	
-	border-radius:5px;
-	padding:3px;
-	z-index: 99999;
-	font-size: 0.9em;
-	max-width: 50%;
-	
-	background: #f0f0f0;
-	background: -moz-linear-gradient(top, #ffffff 0%, #e0e0e0 100%); /* FF3.6+ */
-	background: -webkit-gradient(linear, left top, left bottom, color-stop(0%,#ffffff), color-stop(100%,#e0e0e0)); /* Chrome,Safari4+ */
-	background: -webkit-linear-gradient(top, #ffffff 0%,#e0e0e0 100%); /* Chrome10+,Safari5.1+ */
-	background: -o-linear-gradient(top, #ffffff 0%,#e0e0e0 100%); /* Opera 11.10+ */
-	background: -ms-linear-gradient(top, #ffffff 0%,#e0e0e0 100%); /* IE10+ */
-	background: linear-gradient(to bottom, #ffffff 0%,#e0e0e0 100%); /* W3C */
-	filter: progid:DXImageTransform.Microsoft.gradient( startColorstr='#ffffff', endColorstr='#e0e0e0',GradientType=0 ); /* IE6-9 */
-	
-	overflow: hidden;
-}
-
-/* The tip content gets inserted into this element */
-#tipped-content p, #tipped p { padding: 2px; margin: 0px; padding-bottom:0px; } 
-
-/* This is the <div> that holds the close button/link.  No styling is required, but you'll likely want some. */
-#tipped-closer-wrapper {
-	display:none;
-	text-align:center;
-	margin: 0px;
-}
-
-/* The <span> that is the close button/link.  No styling is required, but you'll likely want some. */
-#tipped-closer {
-	display:none;
-	border:2px outset #999;
-	background-color:#CCC;
-}
+#tipped {
+	/* position & display are necessary */
+	position:absolute;
+	display:none;
+	
+	/* The rest are just to make it look good & can be changed as you want */
+	border: 1px solid #404040;
+	color: #404040;
+	
+	border-radius:5px;
+	padding:3px;
+	z-index: 99999;
+	font-size: 0.9em;
+	max-width: 50%;
+	
+	background: #f0f0f0;
+	background: -moz-linear-gradient(top, #ffffff 0%, #e0e0e0 100%); /* FF3.6+ */
+	background: -webkit-gradient(linear, left top, left bottom, color-stop(0%,#ffffff), color-stop(100%,#e0e0e0)); /* Chrome,Safari4+ */
+	background: -webkit-linear-gradient(top, #ffffff 0%,#e0e0e0 100%); /* Chrome10+,Safari5.1+ */
+	background: -o-linear-gradient(top, #ffffff 0%,#e0e0e0 100%); /* Opera 11.10+ */
+	background: -ms-linear-gradient(top, #ffffff 0%,#e0e0e0 100%); /* IE10+ */
+	background: linear-gradient(to bottom, #ffffff 0%,#e0e0e0 100%); /* W3C */
+	filter: progid:DXImageTransform.Microsoft.gradient( startColorstr='#ffffff', endColorstr='#e0e0e0',GradientType=0 ); /* IE6-9 */
+	
+	overflow: hidden;
+}
+
+/* The tip content gets inserted into this element */
+#tipped-content p, #tipped p { padding: 2px; margin: 0px; padding-bottom:0px; } 
+
+/* This is the <div> that holds the close button/link.  No styling is required, but you'll likely want some. */
+#tipped-closer-wrapper {
+	display:none;
+	text-align:center;
+	margin: 0px;
+}
+
+/* The <span> that is the close button/link.  No styling is required, but you'll likely want some. */
+#tipped-closer {
+	display:none;
+	border:2px outset #999;
+	background-color:#CCC;
+}

phpvirtualbox/phpvirtualbox-5.0-5/endpoints/api.php → phpvirtualbox/phpvirtualbox-5.2-1/endpoints/api.php

@@ -1,387 +1,387 @@
-<?php
-/**
- * Main API interface between JavaScript ajax calls and PHP functions.
- * Accepts JSON, POST data or simple GET requests, and returns JSON data.
- *
- * @author Ian Moore (imoore76 at yahoo dot com)
- * @copyright Copyright (C) 2010-2015 Ian Moore (imoore76 at yahoo dot com)
- * @version $Id: api.php 596 2015-04-19 11:50:53Z imoore76 $
- * @package phpVirtualBox
- * @see vboxconnector
- * @see vboxAjaxRequest
- *
- * @global array $GLOBALS['response'] resopnse data sent back via json
- * @name $response
-*/
-
-# Turn off PHP errors
-error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_WARNING);
-
-
-//Set no caching
-header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
-header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
-header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
-header("Pragma: no-cache");
-
-require_once(dirname(__FILE__).'/lib/config.php');
-require_once(dirname(__FILE__).'/lib/utils.php');
-require_once(dirname(__FILE__).'/lib/vboxconnector.php');
-
-// Init session
-global $_SESSION;
-
-/*
- * Clean request
- */
-$request = clean_request();
-
-
-global $response;
-$response = array('data'=>array('responseData'=>array()),'errors'=>array(),'persist'=>array(),'messages'=>array());
-
-/*
- * Built-in requests
- */
-$vbox = null; // May be set during request handling
-
-/**
- * Main try / catch. Logic dictated by incoming 'fn' request
- * parameter.
- */
-try {
-
-	/* Check for password recovery file */
-	if(file_exists(dirname(dirname(__FILE__)).'/recovery.php')) {
-		throw new Exception('recovery.php exists in phpVirtualBox\'s folder. This is a security hazard. phpVirtualBox will not run until recovery.php has been renamed to a file name that does not end in .php such as <b>recovery.php-disabled</b>.',vboxconnector::PHPVB_ERRNO_FATAL);
-	}
-
-	/* Check for PHP version */
-	if (!version_compare(PHP_VERSION, '5.2.0', '>=')) {
-		throw new Exception('phpVirtualBox requires PHP >= 5.2.0, but this server is running version '. PHP_VERSION .'. Please upgrade PHP.');
-	}
-
-	# Only valid function chars
-	$request['fn'] = preg_replace('[^a-zA-Z0-9_-]', '', $request['fn']);
-
-	/* Check for function called */
-	switch($request['fn']) {
-
-		/*
-		 * No method called
-		 */
-	    case '':
-	    	throw new Exception('No method called.');
-	    	break;
-
-		/*
-		 * Return phpVirtualBox's configuration data
-		 */
-		case 'getConfig':
-
-			$settings = new phpVBoxConfigClass();
-			$response['data']['responseData'] = get_object_vars($settings);
-			$response['data']['responseData']['host'] = parse_url($response['data']['responseData']['location']);
-			$response['data']['responseData']['host'] = $response['data']['responseData']['host']['host'];
-			$response['data']['responseData']['phpvboxver'] = @constant('PHPVBOX_VER');
-
-			// Session
-			session_init();
-
-			// Hide credentials
-			unset($response['data']['responseData']['username']);
-			unset($response['data']['responseData']['password']);
-			foreach($response['data']['responseData']['servers'] as $k => $v)
-				$response['data']['responseData']['servers'][$k] = array('name'=>$v['name']);
-
-			// Vbox version
-			$vbox = new vboxconnector();
-			$response['data']['responseData']['version'] = $vbox->getVersion();
-			$response['data']['responseData']['hostOS'] = $vbox->vbox->host->operatingSystem;
-			$response['data']['responseData']['DSEP'] = $vbox->getDsep();
-			$response['data']['responseData']['groupDefinitionKey'] = ($settings->phpVboxGroups ? vboxconnector::phpVboxGroupKey : 'GUI/GroupDefinitions');
-
-			$response['data']['success'] = true;
-
-			break;
-
-		/*
-		 *
-		 * USER FUNCTIONS FOLLOW
-		 *
-		 */
-
-		/*
-		 * Pass login to authentication module.
-		 */
-		case 'login':
-
-
-			// NOTE: Do not break. Fall through to 'getSession
-			if(!$request['params']['u'] || !$request['params']['p']) {
-				break;
-			}
-
-			// Session
-			session_init(true);
-
-			$settings = new phpVBoxConfigClass();
-
-			// Try / catch here to hide login credentials
-			try {
-				$settings->auth->login($request['params']['u'], $request['params']['p']);
-			} catch(Exception $e) {
-				throw new Exception($e->getMessage(), $e->getCode());
-			}
-
-			// We're done writing to session
-			if(function_exists('session_write_close'))
-				@session_write_close();
-
-
-
-		/*
-		 * Return $_SESSION data
-		 */
-		case 'getSession':
-
-			$settings = new phpVBoxConfigClass();
-			if(method_exists($settings->auth,'autoLoginHook'))
-			{
-				// Session
-				session_init(true);
-
-				$settings->auth->autoLoginHook();
-
-				// We're done writing to session
-				if(function_exists('session_write_close'))
-					@session_write_close();
-
-			} else {
-
-				session_init();
-
-			}
-
-
-			$response['data']['responseData'] = $_SESSION;
-			$response['data']['success'] = true;
-			break;
-
-		/*
-		 * Change phpVirtualBox password. Passed to auth module's
-		 * changePassword method.
-		 */
-		case 'changePassword':
-
-			// Session
-			session_init(true);
-
-			$settings = new phpVBoxConfigClass();
-			$response['data']['success'] = $settings->auth->changePassword($request['params']['old'],
-					                                                       $request['params']['new']);
-
-			// We're done writing to session
-			if(function_exists('session_write_close'))
-				@session_write_close();
-
-			break;
-
-		/*
-		 * Get a list of phpVirtualBox users. Passed to auth module's
-		 * getUsers method.
-		 */
-		case 'getUsers':
-
-			// Session
-			session_init();
-
-			// Must be an admin
-			if(!$_SESSION['admin']) break;
-
-			$settings = new phpVBoxConfigClass();
-			$response['data']['responseData'] = $settings->auth->listUsers();
-			$response['date']['success'] = true;
-
-			break;
-
-		/*
-		 * Remove a phpVirtualBox user. Passed to auth module's
-		 * deleteUser method.
-		 */
-		case 'delUser':
-
-			// Session
-			session_init();
-
-			// Must be an admin
-			if(!$_SESSION['admin']) break;
-
-			$settings = new phpVBoxConfigClass();
-			$settings->auth->deleteUser($request['params']['u']);
-
-			$response['data']['success'] = true;
-			break;
-
-		/*
-		 * Edit a phpVirtualBox user. Passed to auth module's
-		 * updateUser method.
-		 */
-		case 'editUser':
-
-			$skipExistCheck = true;
-			// Fall to addUser
-
-		/*
-		 * Add a user to phpVirtualBox. Passed to auth module's
-		 * updateUser method.
-		 */
-		case 'addUser':
-
-			// Session
-			session_init();
-
-			// Must be an admin
-			if(!$_SESSION['admin']) break;
-
-			$settings = new phpVBoxConfigClass();
-			$settings->auth->updateUser($request['params'], @$skipExistCheck);
-
-			$response['data']['success'] = true;
-			break;
-
-		/*
-		 * Log out of phpVirtualBox. Passed to auth module's
-		 * logout method.
-		 */
-		case 'logout':
-
-			// Session
-			session_init(true);
-
-			$vbox = new vboxconnector();
-			$vbox->skipSessionCheck = true;
-
-			$settings = new phpVBoxConfigClass();
-			$settings->auth->logout($response);
-
-			session_destroy();
-
-			$response['data']['success'] = true;
-
-			break;
-
-
-		/*
-		 * If the above cases did not match, assume it is a request
-		 * that should be passed to vboxconnector.
-		 */
-		default:
-
-			$vbox = new vboxconnector();
-
-
-			/*
-			 * Every 1 minute we'll check that the account has not
-			 * been deleted since login, and update admin credentials.
-			 */
-			if($_SESSION['user'] && ((intval($_SESSION['authCheckHeartbeat'])+60) < time())) {
-
-				// init session and keep it open
-				session_init(true);
-				$vbox->settings->auth->heartbeat($vbox);
-
-				// We're done writing to session
-				if(function_exists('session_write_close'))
-					@session_write_close();
-
-			} else {
-
-				// init session but close it
-				session_init();
-
-			}
-
-			/*
-			 *  Persistent request data
-			 */
-			if(is_array($request['persist'])) {
-				$vbox->persistentRequest = $request['persist'];
-			}
-
-
-			/*
-			 * Call to vboxconnector
-			 */
-			$vbox->{$request['fn']}($request['params'],array(&$response));
-
-
-			/*
-			 * Send back persistent request in response
-			*/
-			if(is_array($vbox->persistentRequest) && count($vbox->persistentRequest)) {
-				$response['data']['persist'] = $vbox->persistentRequest;
-			}
-			break;
-
-	} // </switch()>
-
-/*
- * Catch all exceptions and populate errors in the
- * JSON response data.
- */
-} catch (Exception $e) {
-
-	// Just append to $vbox->errors and let it get
-	// taken care of below
-	if(!$vbox || !$vbox->errors) {
-		$vbox->errors = array();
-	}
-	$vbox->errors[] = $e;
-}
-
-
-// Add any messages
-if($vbox && count($vbox->messages)) {
-	foreach($vbox->messages as $m)
-		$response['messages'][] = 'vboxconnector('.$request['fn'] .'): ' . $m;
-}
-// Add other error info
-if($vbox && $vbox->errors) {
-
-	foreach($vbox->errors as $e) { /* @var $e Exception */
-
-		ob_start();
-		print_r($e);
-		$d = ob_get_contents();
-		ob_end_clean();
-
-		# Add connection details to connection errors
-		if($e->getCode() == vboxconnector::PHPVB_ERRNO_CONNECT && isset($vbox->settings))
-			$d .= "\n\nLocation:" . $vbox->settings->location;
-
-		$response['messages'][] = htmlentities($e->getMessage()).' ' . htmlentities($details);
-
-		$response['errors'][] = array(
-			'error'=> ($e->getCode() & vboxconnector::PHPVB_ERRNO_HTML ? $e->getMessage() : htmlentities($e->getMessage())),
-			'details'=>htmlentities($d),
-			'errno'=>$e->getCode(),
-			// Fatal errors halt all processing
-			'fatal'=>($e->getCode() & vboxconnector::PHPVB_ERRNO_FATAL),
-			// Connection errors display alternate servers options
-			'connection'=>($e->getCode() & vboxconnector::PHPVB_ERRNO_CONNECT)
-		);
-	}
-}
-
-/*
- * Return response as JSON encoded data or use PHP's
- * print_r to dump data to browser.
- */
-if(isset($request['printr'])) {
-	print_r($response);
-} else {
-    header('Content-type: application/json');
-	echo(json_encode($response));
-}
-
+<?php
+/**
+ * Main API interface between JavaScript ajax calls and PHP functions.
+ * Accepts JSON, POST data or simple GET requests, and returns JSON data.
+ *
+ * @author Ian Moore (imoore76 at yahoo dot com)
+ * @copyright Copyright (C) 2010-2015 Ian Moore (imoore76 at yahoo dot com)
+ * @version $Id: api.php 596 2015-04-19 11:50:53Z imoore76 $
+ * @package phpVirtualBox
+ * @see vboxconnector
+ * @see vboxAjaxRequest
+ *
+ * @global array $GLOBALS['response'] resopnse data sent back via json
+ * @name $response
+*/
+
+# Turn off PHP errors
+error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_WARNING);
+
+
+//Set no caching
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
+header("Pragma: no-cache");
+
+require_once(dirname(__FILE__).'/lib/config.php');
+require_once(dirname(__FILE__).'/lib/utils.php');
+require_once(dirname(__FILE__).'/lib/vboxconnector.php');
+
+// Init session
+global $_SESSION;
+
+/*
+ * Clean request
+ */
+$request = clean_request();
+
+
+global $response;
+$response = array('data'=>array('responseData'=>array()),'errors'=>array(),'persist'=>array(),'messages'=>array());
+
+/*
+ * Built-in requests
+ */
+$vbox = null; // May be set during request handling
+
+/**
+ * Main try / catch. Logic dictated by incoming 'fn' request
+ * parameter.
+ */
+try {
+
+	/* Check for password recovery file */
+	if(file_exists(dirname(dirname(__FILE__)).'/recovery.php')) {
+		throw new Exception('recovery.php exists in phpVirtualBox\'s folder. This is a security hazard. phpVirtualBox will not run until recovery.php has been renamed to a file name that does not end in .php such as <b>recovery.php-disabled</b>.',vboxconnector::PHPVB_ERRNO_FATAL);
+	}
+
+	/* Check for PHP version */
+	if (!version_compare(PHP_VERSION, '5.2.0', '>=')) {
+		throw new Exception('phpVirtualBox requires PHP >= 5.2.0, but this server is running version '. PHP_VERSION .'. Please upgrade PHP.');
+	}
+
+	# Only valid function chars
+	$request['fn'] = preg_replace('[^a-zA-Z0-9_-]', '', $request['fn']);
+
+	/* Check for function called */
+	switch($request['fn']) {
+
+		/*
+		 * No method called
+		 */
+	    case '':
+	    	throw new Exception('No method called.');
+	    	break;
+
+		/*
+		 * Return phpVirtualBox's configuration data
+		 */
+		case 'getConfig':
+
+			$settings = new phpVBoxConfigClass();
+			$response['data']['responseData'] = get_object_vars($settings);
+			$response['data']['responseData']['host'] = parse_url($response['data']['responseData']['location']);
+			$response['data']['responseData']['host'] = $response['data']['responseData']['host']['host'];
+			$response['data']['responseData']['phpvboxver'] = @constant('PHPVBOX_VER');
+
+			// Session
+			session_init();
+
+			// Hide credentials
+			unset($response['data']['responseData']['username']);
+			unset($response['data']['responseData']['password']);
+			foreach($response['data']['responseData']['servers'] as $k => $v)
+				$response['data']['responseData']['servers'][$k] = array('name'=>$v['name']);
+
+			// Vbox version
+			$vbox = new vboxconnector();
+			$response['data']['responseData']['version'] = $vbox->getVersion();
+			$response['data']['responseData']['hostOS'] = $vbox->vbox->host->operatingSystem;
+			$response['data']['responseData']['DSEP'] = $vbox->getDsep();
+			$response['data']['responseData']['groupDefinitionKey'] = ($settings->phpVboxGroups ? vboxconnector::phpVboxGroupKey : 'GUI/GroupDefinitions');
+
+			$response['data']['success'] = true;
+
+			break;
+
+		/*
+		 *
+		 * USER FUNCTIONS FOLLOW
+		 *
+		 */
+
+		/*
+		 * Pass login to authentication module.
+		 */
+		case 'login':
+
+
+			// NOTE: Do not break. Fall through to 'getSession
+			if(!$request['params']['u'] || !$request['params']['p']) {
+				break;
+			}
+
+			// Session
+			session_init(true);
+
+			$settings = new phpVBoxConfigClass();
+
+			// Try / catch here to hide login credentials
+			try {
+				$settings->auth->login($request['params']['u'], $request['params']['p']);
+			} catch(Exception $e) {
+				throw new Exception($e->getMessage(), $e->getCode());
+			}
+
+			// We're done writing to session
+			if(function_exists('session_write_close'))
+				@session_write_close();
+
+
+
+		/*
+		 * Return $_SESSION data
+		 */
+		case 'getSession':
+
+			$settings = new phpVBoxConfigClass();
+			if(method_exists($settings->auth,'autoLoginHook'))
+			{
+				// Session
+				session_init(true);
+
+				$settings->auth->autoLoginHook();
+
+				// We're done writing to session
+				if(function_exists('session_write_close'))
+					@session_write_close();
+
+			} else {
+
+				session_init();
+
+			}
+
+
+			$response['data']['responseData'] = $_SESSION;
+			$response['data']['success'] = true;
+			break;
+
+		/*
+		 * Change phpVirtualBox password. Passed to auth module's
+		 * changePassword method.
+		 */
+		case 'changePassword':
+
+			// Session
+			session_init(true);
+
+			$settings = new phpVBoxConfigClass();
+			$response['data']['success'] = $settings->auth->changePassword($request['params']['old'],
+					                                                       $request['params']['new']);
+
+			// We're done writing to session
+			if(function_exists('session_write_close'))
+				@session_write_close();
+
+			break;
+
+		/*
+		 * Get a list of phpVirtualBox users. Passed to auth module's
+		 * getUsers method.
+		 */
+		case 'getUsers':
+
+			// Session
+			session_init();
+
+			// Must be an admin
+			if(!$_SESSION['admin']) break;
+
+			$settings = new phpVBoxConfigClass();
+			$response['data']['responseData'] = $settings->auth->listUsers();
+			$response['date']['success'] = true;
+
+			break;
+
+		/*
+		 * Remove a phpVirtualBox user. Passed to auth module's
+		 * deleteUser method.
+		 */
+		case 'delUser':
+
+			// Session
+			session_init();
+
+			// Must be an admin
+			if(!$_SESSION['admin']) break;
+
+			$settings = new phpVBoxConfigClass();
+			$settings->auth->deleteUser($request['params']['u']);
+
+			$response['data']['success'] = true;
+			break;
+
+		/*
+		 * Edit a phpVirtualBox user. Passed to auth module's
+		 * updateUser method.
+		 */
+		case 'editUser':
+
+			$skipExistCheck = true;
+			// Fall to addUser
+
+		/*
+		 * Add a user to phpVirtualBox. Passed to auth module's
+		 * updateUser method.
+		 */
+		case 'addUser':
+
+			// Session
+			session_init();
+
+			// Must be an admin
+			if(!$_SESSION['admin']) break;
+
+			$settings = new phpVBoxConfigClass();
+			$settings->auth->updateUser($request['params'], @$skipExistCheck);
+
+			$response['data']['success'] = true;
+			break;
+
+		/*
+		 * Log out of phpVirtualBox. Passed to auth module's
+		 * logout method.
+		 */
+		case 'logout':
+
+			// Session
+			session_init(true);
+
+			$vbox = new vboxconnector();
+			$vbox->skipSessionCheck = true;
+
+			$settings = new phpVBoxConfigClass();
+			$settings->auth->logout($response);
+
+			session_destroy();
+
+			$response['data']['success'] = true;
+
+			break;
+
+
+		/*
+		 * If the above cases did not match, assume it is a request
+		 * that should be passed to vboxconnector.
+		 */
+		default:
+
+			$vbox = new vboxconnector();
+
+
+			/*
+			 * Every 1 minute we'll check that the account has not
+			 * been deleted since login, and update admin credentials.
+			 */
+			if($_SESSION['user'] && ((intval($_SESSION['authCheckHeartbeat'])+60) < time())) {
+
+				// init session and keep it open
+				session_init(true);
+				$vbox->settings->auth->heartbeat($vbox);
+
+				// We're done writing to session
+				if(function_exists('session_write_close'))
+					@session_write_close();
+
+			} else {
+
+				// init session but close it
+				session_init();
+
+			}
+
+			/*
+			 *  Persistent request data
+			 */
+			if(is_array($request['persist'])) {
+				$vbox->persistentRequest = $request['persist'];
+			}
+
+
+			/*
+			 * Call to vboxconnector
+			 */
+			$vbox->{$request['fn']}($request['params'],array(&$response));
+
+
+			/*
+			 * Send back persistent request in response
+			*/
+			if(is_array($vbox->persistentRequest) && count($vbox->persistentRequest)) {
+				$response['data']['persist'] = $vbox->persistentRequest;
+			}
+			break;
+
+	} // </switch()>
+
+/*
+ * Catch all exceptions and populate errors in the
+ * JSON response data.
+ */
+} catch (Exception $e) {
+
+	// Just append to $vbox->errors and let it get
+	// taken care of below
+	if(!$vbox || !$vbox->errors) {
+		$vbox->errors = array();
+	}
+	$vbox->errors[] = $e;
+}
+
+
+// Add any messages
+if($vbox && count($vbox->messages)) {
+	foreach($vbox->messages as $m)
+		$response['messages'][] = 'vboxconnector('.$request['fn'] .'): ' . $m;
+}
+// Add other error info
+if($vbox && $vbox->errors) {
+
+	foreach($vbox->errors as $e) { /* @var $e Exception */
+
+		ob_start();
+		print_r($e);
+		$d = ob_get_contents();
+		ob_end_clean();
+
+		# Add connection details to connection errors
+		if($e->getCode() == vboxconnector::PHPVB_ERRNO_CONNECT && isset($vbox->settings))
+			$d .= "\n\nLocation:" . $vbox->settings->location;
+
+		$response['messages'][] = htmlentities($e->getMessage()).' ' . htmlentities($details);
+
+		$response['errors'][] = array(
+			'error'=> ($e->getCode() & vboxconnector::PHPVB_ERRNO_HTML ? $e->getMessage() : htmlentities($e->getMessage())),
+			'details'=>htmlentities($d),
+			'errno'=>$e->getCode(),
+			// Fatal errors halt all processing
+			'fatal'=>($e->getCode() & vboxconnector::PHPVB_ERRNO_FATAL),
+			// Connection errors display alternate servers options
+			'connection'=>($e->getCode() & vboxconnector::PHPVB_ERRNO_CONNECT)
+		);
+	}
+}
+
+/*
+ * Return response as JSON encoded data or use PHP's
+ * print_r to dump data to browser.
+ */
+if(isset($request['printr'])) {
+	print_r($response);
+} else {
+    header('Content-type: application/json');
+	echo(json_encode($response));
+}
+

phpvirtualbox/phpvirtualbox-5.0-5/endpoints/jqueryFileTree.php → phpvirtualbox/phpvirtualbox-5.2-1/endpoints/jqueryFileTree.php

@@ -1,385 +1,385 @@
-<?php
-//
-// jQuery File Tree PHP Connector
-//
-// Version 1.01
-//
-// Cory S.N. LaViska
-// A Beautiful Site (http://abeautifulsite.net/)
-// 24 March 2008
-//
-// History:
-//
-// 1.01 - updated to work with foreign characters in directory/file names (12 April 2008)
-// 1.00 - released (24 March 2008)
-//
-// Output a list of files for jQuery File Tree
-//
-//	]--- Modified by Ian Moore for phpVirtualBox.
-//
-// $Id: jqueryFileTree.php 592 2015-04-12 19:53:44Z imoore76 $
-//
-//
-
-# Turn off PHP notices
-error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_WARNING);
-
-global $vbox, $localbrowser, $allowed;
-
-require_once(dirname(__FILE__).'/lib/config.php');
-require_once(dirname(__FILE__).'/lib/utils.php');
-require_once(dirname(__FILE__).'/lib/vboxconnector.php');
-
-error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_WARNING);
-
-session_init();
-if(!$_SESSION['valid']) return;
-
-/*
- * Get Settings
- */
-$settings = new phpVBoxConfigClass();
-
-
-$vbox = new vboxconnector();
-$vbox->connect();
-
-/*
- * Clean request
- */
-global $request;
-$request = clean_request();
-
-/*
- * Determine directory separator
- */
-$localbrowser = @$settings->browserLocal;
-if($localbrowser) {
-    define('DSEP', DIRECTORY_SEPARATOR);
-} else {
-    define('DSEP',$vbox->getDsep());
-}
-
-/*
- * Compose allowed file types list
- */
-$allowed_exts = $settings->browserRestrictFiles;
-if(is_array($allowed_exts) && count($allowed_exts) > 0) $allowed_exts = array_combine($allowed_exts,$allowed_exts);
-else $allowed_exts = array();
-
-/* Allowed folders list */
-$allowed_folders = @$settings->browserRestrictFolders;
-if(!is_array($allowed_folders))
-	$allowed_folders = array();
-
-/*
- * Get a list of windows drives
- */
-function get_windows_drives() {
-    $checklist = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
-    $drives = array();
-    for($i = 0; $i < strlen($d); $i++) {
-        if(is_dir($checklist[$i].':\\')) {
-            $drives[] = $checklist[$i].':\\';
-        }
-    }
-    return $drives;
-}
-
-/*
- * Allowed folders in windows if none are set
- */
-if(stripos($vbox->vbox->host->operatingSystem,'win') === 0 && !count($allowed_folders)) {
-
-	/*
-	 * Assumes web server and vbox host are the same physical machine
-	 */
-    if($request['fullpath'] && !$settings->forceWindowsAllDriveList && !$settings->noWindowsDriveList && stripos(PHP_OS,'win') === 0) {
-
-
-        $allowed_folders = get_windows_drives();
-
-    /*
-     * Just show all C-Z drive letters if vboxhost is windows and our web server is not...
-     */
-    } else if($request['fullpath'] && ($settings->forceWindowsAllDriveList || (!$settings->noWindowsDriveList && stripos(PHP_OS,'win') === false))) {
-    	$allowed_folders = array();
-        for($i = 67; $i < 91; $i++) {
-        	$allowed_folders[] = chr($i) .':\\';
-        }
-    }
-    $allowed_folders = array_combine($allowed_folders,$allowed_folders);
-
-}
-
-
-/* Deterine target DIR requested.
- * In some cases, "dir" passed is just a file name
- */
-if(strpos($request['dir'],DSEP)===false) {
-	$request['dir'] = DSEP;
-}
-
-// Eliminate duplicate DSEPs
-$request['dir'] = str_replace(DSEP.DSEP,DSEP,$request['dir']);
-
-
-/*
- * Check that folder restriction validates if it exists
- */
-if($request['dir'] != DSEP && count($allowed_folders)) {
-	$valid = false;
-	foreach($allowed_folders as $f) {
-		if(strpos(strtoupper($request['dir']),strtoupper($f)) === 0) {
-			$valid = true;
-			break;
-		}
-	}
-	if(!$valid) {
-		$request['dir'] = DSEP;
-	}
-}
-
-/*
- * Populate $returnData with directory listing
- */
-$returnData = array();
-
-/* Folder Restriction with root '/' requested */
-if($request['dir'] == DSEP && count($allowed_folders)) {
-
-	/* Just return restricted folders */
-	foreach($allowed_folders as $f) {
-		array_push($returnData, folder_entry($f, true));
-
-	}
-
-} else {
-
-
-    /* Full, expanded path to $dir */
-    if($request['fullpath']) {
-
-
-    	/* Go through allowed folders if it is set */
-    	if(count($allowed_folders)) {
-
-
-    		foreach($allowed_folders as $f) {
-
-    			/* If this was not exactly the requested folder, but a parent,
-    			 * list everything below it.
-    			 */
-    			if((strtoupper($request['dir']) != strtoupper($f)) && strpos(strtoupper($request['dir']),strtoupper($f)) === 0) {
-
-    				// List entries in this folder
-    				$path = explode(DSEP, substr($request['dir'],strlen($f)));
-
-    				if($path[0] == '') {
-    				    array_shift($path);
-    				}
-
-    			    $folder_entry = folder_entry($f, true);
-
-    			    $folder_entry['children'] = getdir($f, $request['dirsOnly'], $path);
-    			    $folder_entry['expanded'] = true;
-
-    			    array_push($returnData, $folder_entry);
-
-    			} else {
-    				array_push($returnData, folder_entry($f,true));
-    			}
-
-    		}
-
-    	/* Just get full path */
-    	} else {
-
-			// List entries in this folder
-			$path = explode(DSEP,$request['dir']);
-			$root = array_shift($path).DSEP;
-
-			// Folder entry
-			$returnData = getdir($root, $request['dirsOnly'], $path);
-
-    	}
-
-
-    } else {
-
-        /* Default action. Return dir requested */
-        $returnData = getdir($request['dir'], $request['dirsOnly']);
-
-    }
-
-}
-
-header('Content-type: application/json');
-echo(json_encode($returnData));
-
-
-/*
- * Get directory entries
- */
-function getdir($dir, $dirsOnly=false, $recurse=array()) {
-
-	if(!$dir) $dir = DSEP;
-
-	$entries = getDirEntries($dir, $dirsOnly);
-
-    if(!count($entries))
-    	return array();
-
-    $dirents = array();
-    foreach($entries as $path => $type) {
-
-        if($type == 'folder' && count($recurse) && (strcasecmp($recurse[0],vbox_basename($path)) == 0)) {
-
-        	$entry = folder_entry($path, false, true);
-
-            $entry['children'] = getdir($dir.DSEP.array_shift($recurse), $dirsOnly, $recurse);
-
-            array_push($dirents, $entry);
-
-        } else {
-
-        	// Push folder on to stack
-        	if($type == 'folder') {
-
-        	   array_push($dirents, folder_entry($path));
-
-        	// Push file on to stack
-        	} else {
-
-        		$ext = strtolower(preg_replace('/^.*\./', '', $file));
-
-                if(count($allowed) && !$allowed['.'.$ext]) continue;
-
-                array_push($dirents, file_entry($path));
-        	}
-        }
-
-    }
-
-    return $dirents;
-
-}
-
-function vbox_basename($b) { return substr($b,strrpos($b,DSEP)+1); }
-function file_entry($f) {
-	$f = str_replace(DSEP.DSEP,DSEP,$f);
-    $ext = strtolower(preg_replace('/^.*\./', '', $f));
-    return array(
-        'ext' => $ext,
-        'name' => htmlentities(vbox_basename($f), ENT_QUOTES),
-        'path' => htmlentities($f, ENT_QUOTES),
-        'type' => 'file'
-    );
-}
-function folder_entry($f,$full=false,$expanded=false) {
-	$f = str_replace(DSEP.DSEP,DSEP,$f);
-    $selected = (strnatcasecmp(rtrim($f,DSEP),rtrim($GLOBALS['request']['dir'],DSEP)) == 0) && $expanded;
-    return array(
-        'expanded' => (bool)$expanded,
-        'selected' => (bool)$selected,
-        'path' => htmlentities($f,ENT_QUOTES),
-        'name' => htmlentities(($full ? $f : vbox_basename($f)),ENT_QUOTES),
-        'type' => 'folder',
-		'children' => array()
-    );
-}
-
-
-
-/**
- * Rreturn a list of directory entries
- *
- * @param String $dir
- * @return Array of entries
- */
-
-function getDirEntries($dir, $foldersOnly=false) {
-
-	global $localbrowser, $allowed_exts, $vbox;
-
-	// Append trailing slash if it isn't here
-	if(substr($dir,-1) != DSEP)
-	    $dir .= DSEP;
-
-
-    /*
-     * Use local file / folder browser (PHP)
-     */
-	if($localbrowser) {
-
-		// If the dir doesn't exist or we can't scan it, just return
-		if(!(file_exists($dir) && ($ents = @scandir($dir))))
-			return array();
-
-		$newtypes = array();
-		$newents = array();
-		for($i = 0; $i < count($ents); $i++) {
-
-			// Skip . and ..
-			if($ents[$i] == '.' || $ents[$i] == '..')
-				continue;
-
-			$fullpath = $dir.$ents[$i];
-			$isdir = @is_dir($fullpath);
-
-			if(!$isdir && $foldersOnly)
-				continue;
-
-			array_push($newtypes, $isdir ? 'folder' : 'file');
-			array_push($newents, $fullpath);
-		}
-		return array_combine($newents, $newtypes);
-
-	/*
-	 * Use remote file / folder browser (vbox)
-	 */
-	} else {
-
-		try {
-
-
-		    $appl = $vbox->vbox->createAppliance();
-		    $vfs = $appl->createVFSExplorer('file://'.str_replace(DSEP.DSEP,DSEP,$dir));
-		    $progress = $vfs->update();
-		    $progress->waitForCompletion(-1);
-		    $progress->releaseRemote();
-		    list($ents,$types) = $vfs->entryList();
-		    $vfs->releaseRemote();
-		    $appl->releaseRemote();
-
-		} catch (Exception $e) {
-
-		    echo($e->getMessage());
-
-		    return array();
-
-		}
-
-		// Convert types to file / folder
-		$newtypes = array();
-		$newents = array();
-		for($i = 0; $i < count($types); $i++) {
-
-			// Skip . and ..
-			if($ents[$i] == '.' || $ents[$i] == '..')
-			    continue;
-
-			$isdir = $types[$i] == 4;
-
-			if(!$isdir && $foldersOnly)
-				continue;
-
-			array_push($newtypes, $isdir ? 'folder' : 'file');
-			array_push($newents, $dir.$ents[$i]);
-		}
-		return array_combine($newents,$newtypes);
-
-	}
-
-
-}
+<?php
+//
+// jQuery File Tree PHP Connector
+//
+// Version 1.01
+//
+// Cory S.N. LaViska
+// A Beautiful Site (http://abeautifulsite.net/)
+// 24 March 2008
+//
+// History:
+//
+// 1.01 - updated to work with foreign characters in directory/file names (12 April 2008)
+// 1.00 - released (24 March 2008)
+//
+// Output a list of files for jQuery File Tree
+//
+//	]--- Modified by Ian Moore for phpVirtualBox.
+//
+// $Id: jqueryFileTree.php 592 2015-04-12 19:53:44Z imoore76 $
+//
+//
+
+# Turn off PHP notices
+error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_WARNING);
+
+global $vbox, $localbrowser, $allowed;
+
+require_once(dirname(__FILE__).'/lib/config.php');
+require_once(dirname(__FILE__).'/lib/utils.php');
+require_once(dirname(__FILE__).'/lib/vboxconnector.php');
+
+error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_WARNING);
+
+session_init();
+if(!$_SESSION['valid']) return;
+
+/*
+ * Get Settings
+ */
+$settings = new phpVBoxConfigClass();
+
+
+$vbox = new vboxconnector();
+$vbox->connect();
+
+/*
+ * Clean request
+ */
+global $request;
+$request = clean_request();
+
+/*
+ * Determine directory separator
+ */
+$localbrowser = @$settings->browserLocal;
+if($localbrowser) {
+    define('DSEP', DIRECTORY_SEPARATOR);
+} else {
+    define('DSEP',$vbox->getDsep());
+}
+
+/*
+ * Compose allowed file types list
+ */
+$allowed_exts = $settings->browserRestrictFiles;
+if(is_array($allowed_exts) && count($allowed_exts) > 0) $allowed_exts = array_combine($allowed_exts,$allowed_exts);
+else $allowed_exts = array();
+
+/* Allowed folders list */
+$allowed_folders = @$settings->browserRestrictFolders;
+if(!is_array($allowed_folders))
+	$allowed_folders = array();
+
+/*
+ * Get a list of windows drives
+ */
+function get_windows_drives() {
+    $checklist = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
+    $drives = array();
+    for($i = 0; $i < strlen($d); $i++) {
+        if(is_dir($checklist[$i].':\\')) {
+            $drives[] = $checklist[$i].':\\';
+        }
+    }
+    return $drives;
+}
+
+/*
+ * Allowed folders in windows if none are set
+ */
+if(stripos($vbox->vbox->host->operatingSystem,'win') === 0 && !count($allowed_folders)) {
+
+	/*
+	 * Assumes web server and vbox host are the same physical machine
+	 */
+    if($request['fullpath'] && !$settings->forceWindowsAllDriveList && !$settings->noWindowsDriveList && stripos(PHP_OS,'win') === 0) {
+
+
+        $allowed_folders = get_windows_drives();
+
+    /*
+     * Just show all C-Z drive letters if vboxhost is windows and our web server is not...
+     */
+    } else if($request['fullpath'] && ($settings->forceWindowsAllDriveList || (!$settings->noWindowsDriveList && stripos(PHP_OS,'win') === false))) {
+    	$allowed_folders = array();
+        for($i = 67; $i < 91; $i++) {
+        	$allowed_folders[] = chr($i) .':\\';
+        }
+    }
+    $allowed_folders = array_combine($allowed_folders,$allowed_folders);
+
+}
+
+
+/* Deterine target DIR requested.
+ * In some cases, "dir" passed is just a file name
+ */
+if(strpos($request['dir'],DSEP)===false) {
+	$request['dir'] = DSEP;
+}
+
+// Eliminate duplicate DSEPs
+$request['dir'] = str_replace(DSEP.DSEP,DSEP,$request['dir']);
+
+
+/*
+ * Check that folder restriction validates if it exists
+ */
+if($request['dir'] != DSEP && count($allowed_folders)) {
+	$valid = false;
+	foreach($allowed_folders as $f) {
+		if(strpos(strtoupper($request['dir']),strtoupper($f)) === 0) {
+			$valid = true;
+			break;
+		}
+	}
+	if(!$valid) {
+		$request['dir'] = DSEP;
+	}
+}
+
+/*
+ * Populate $returnData with directory listing
+ */
+$returnData = array();
+
+/* Folder Restriction with root '/' requested */
+if($request['dir'] == DSEP && count($allowed_folders)) {
+
+	/* Just return restricted folders */
+	foreach($allowed_folders as $f) {
+		array_push($returnData, folder_entry($f, true));
+
+	}
+
+} else {
+
+
+    /* Full, expanded path to $dir */
+    if($request['fullpath']) {
+
+
+    	/* Go through allowed folders if it is set */
+    	if(count($allowed_folders)) {
+
+
+    		foreach($allowed_folders as $f) {
+
+    			/* If this was not exactly the requested folder, but a parent,
+    			 * list everything below it.
+    			 */
+    			if((strtoupper($request['dir']) != strtoupper($f)) && strpos(strtoupper($request['dir']),strtoupper($f)) === 0) {
+
+    				// List entries in this folder
+    				$path = explode(DSEP, substr($request['dir'],strlen($f)));
+
+    				if($path[0] == '') {
+    				    array_shift($path);
+    				}
+
+    			    $folder_entry = folder_entry($f, true);
+
+    			    $folder_entry['children'] = getdir($f, $request['dirsOnly'], $path);
+    			    $folder_entry['expanded'] = true;
+
+    			    array_push($returnData, $folder_entry);
+
+    			} else {
+    				array_push($returnData, folder_entry($f,true));
+    			}
+
+    		}
+
+    	/* Just get full path */
+    	} else {
+
+			// List entries in this folder
+			$path = explode(DSEP,$request['dir']);
+			$root = array_shift($path).DSEP;
+
+			// Folder entry
+			$returnData = getdir($root, $request['dirsOnly'], $path);
+
+    	}
+
+
+    } else {
+
+        /* Default action. Return dir requested */
+        $returnData = getdir($request['dir'], $request['dirsOnly']);
+
+    }
+
+}
+
+header('Content-type: application/json');
+echo(json_encode($returnData));
+
+
+/*
+ * Get directory entries
+ */
+function getdir($dir, $dirsOnly=false, $recurse=array()) {
+
+	if(!$dir) $dir = DSEP;
+
+	$entries = getDirEntries($dir, $dirsOnly);
+
+    if(!count($entries))
+    	return array();
+
+    $dirents = array();
+    foreach($entries as $path => $type) {
+
+        if($type == 'folder' && count($recurse) && (strcasecmp($recurse[0],vbox_basename($path)) == 0)) {
+
+        	$entry = folder_entry($path, false, true);
+
+            $entry['children'] = getdir($dir.DSEP.array_shift($recurse), $dirsOnly, $recurse);
+
+            array_push($dirents, $entry);
+
+        } else {
+
+        	// Push folder on to stack
+        	if($type == 'folder') {
+
+        	   array_push($dirents, folder_entry($path));
+
+        	// Push file on to stack
+        	} else {
+
+        		$ext = strtolower(preg_replace('/^.*\./', '', $file));
+
+                if(count($allowed) && !$allowed['.'.$ext]) continue;
+
+                array_push($dirents, file_entry($path));
+        	}
+        }
+
+    }
+
+    return $dirents;
+
+}
+
+function vbox_basename($b) { return substr($b,strrpos($b,DSEP)+1); }
+function file_entry($f) {
+	$f = str_replace(DSEP.DSEP,DSEP,$f);
+    $ext = strtolower(preg_replace('/^.*\./', '', $f));
+    return array(
+        'ext' => $ext,
+        'name' => htmlentities(vbox_basename($f), ENT_QUOTES),
+        'path' => htmlentities($f, ENT_QUOTES),
+        'type' => 'file'
+    );
+}
+function folder_entry($f,$full=false,$expanded=false) {
+	$f = str_replace(DSEP.DSEP,DSEP,$f);
+    $selected = (strnatcasecmp(rtrim($f,DSEP),rtrim($GLOBALS['request']['dir'],DSEP)) == 0) && $expanded;
+    return array(
+        'expanded' => (bool)$expanded,
+        'selected' => (bool)$selected,
+        'path' => htmlentities($f,ENT_QUOTES),
+        'name' => htmlentities(($full ? $f : vbox_basename($f)),ENT_QUOTES),
+        'type' => 'folder',
+		'children' => array()
+    );
+}
+
+
+
+/**
+ * Rreturn a list of directory entries
+ *
+ * @param String $dir
+ * @return Array of entries
+ */
+
+function getDirEntries($dir, $foldersOnly=false) {
+
+	global $localbrowser, $allowed_exts, $vbox;
+
+	// Append trailing slash if it isn't here
+	if(substr($dir,-1) != DSEP)
+	    $dir .= DSEP;
+
+
+    /*
+     * Use local file / folder browser (PHP)
+     */
+	if($localbrowser) {
+
+		// If the dir doesn't exist or we can't scan it, just return
+		if(!(file_exists($dir) && ($ents = @scandir($dir))))
+			return array();
+
+		$newtypes = array();
+		$newents = array();
+		for($i = 0; $i < count($ents); $i++) {
+
+			// Skip . and ..
+			if($ents[$i] == '.' || $ents[$i] == '..')
+				continue;
+
+			$fullpath = $dir.$ents[$i];
+			$isdir = @is_dir($fullpath);
+
+			if(!$isdir && $foldersOnly)
+				continue;
+
+			array_push($newtypes, $isdir ? 'folder' : 'file');
+			array_push($newents, $fullpath);
+		}
+		return array_combine($newents, $newtypes);
+
+	/*
+	 * Use remote file / folder browser (vbox)
+	 */
+	} else {
+
+		try {
+
+
+		    $appl = $vbox->vbox->createAppliance();
+		    $vfs = $appl->createVFSExplorer('file://'.str_replace(DSEP.DSEP,DSEP,$dir));
+		    $progress = $vfs->update();
+		    $progress->waitForCompletion(-1);
+		    $progress->releaseRemote();
+		    list($ents,$types) = $vfs->entryList();
+		    $vfs->releaseRemote();
+		    $appl->releaseRemote();
+
+		} catch (Exception $e) {
+
+		    echo($e->getMessage());
+
+		    return array();
+
+		}
+
+		// Convert types to file / folder
+		$newtypes = array();
+		$newents = array();
+		for($i = 0; $i < count($types); $i++) {
+
+			// Skip . and ..
+			if($ents[$i] == '.' || $ents[$i] == '..')
+			    continue;
+
+			$isdir = $types[$i] == 4;
+
+			if(!$isdir && $foldersOnly)
+				continue;
+
+			array_push($newtypes, $isdir ? 'folder' : 'file');
+			array_push($newents, $dir.$ents[$i]);
+		}
+		return array_combine($newents,$newtypes);
+
+	}
+
+
+}

phpvirtualbox/phpvirtualbox-5.0-5/endpoints/language.php → phpvirtualbox/phpvirtualbox-5.2-1/endpoints/language.php

@@ -1,117 +1,117 @@
-<?php
-/*
- * Injects language translations into phpVirtualBox as a JavaScript object and
- * provides interface translation logic
- * Copyright (C) 2010-2015 Ian Moore (imoore76 at yahoo dot com)
- *
- * $Id: language.php 595 2015-04-17 09:50:36Z imoore76 $
- */
-
-
-error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT);
-
-require_once(dirname(__FILE__).'/lib/language.php');
-
-if(!is_object($_vbox_language)) $_vbox_language = new __vbox_language();
-
-
-header("Content-type: application/javascript; charset=utf-8", true);
-
-//Set no caching
-header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
-header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
-header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
-header("Pragma: no-cache");
-
-if(isset($_GET['debug']) && $_GET['debug']) {
-	print_r(__vbox_language::$langdata);
-	return;
-}
-
-/*
- * Dump in JavaScript
- */
-echo('var __vboxLangData = ' . json_encode(__vbox_language::$langdata) .";\n\nvar __vboxLangName = '".constant('VBOXLANG')."';\n\n");
-
-
-?>
-
-
-// Failsafe wrapper
-function trans(s,c,n,h) {
-
-    if(s && c && c.constructor === Array) {
-        o = c.shift();
-        n = c.shift();
-        h = c.shift();
-        c = o;
-    }
-	if(!c) c = 'VBoxGlobal';
-
-	var r = transreal(s,c,n,h);
-
-	if(typeof r != 'string') {
-	   // console.log('Could not translate ' + s + ' with ' + c);
-	   return s;
-	}
-
-	return r;
-}
-
-function transreal(w,context,number,comment) {
-
-	try {
-
-		if(__vboxLangData['contexts'][context]['messages'][w]['translation']) {
-
-			if(__vboxLangData['contexts'][context]['messages'][w]['translation']['numerusform']) {
-
-				var t = __vboxLangData['contexts'][context]['messages'][w]['translation']['numerusform'];
-
-				if(!number) number = 1;
-
-				if(number <= 1 && t[0]) return t[0];
-				if(number > 1 && t[1]) return t[1];
-				if(t[0]) return t[0];
-				return t[1];
-			}
-			/*
-			if (__vboxLangData['contexts'][context]['messages'][w] && __vboxLangData['contexts'][context]['messages'][w]['translation_attr'] && __vboxLangData['contexts'][context]['messages'][w]['translation_attr']['type'] == 'obsolete') {
-			   console.log(w + ' in ' + context + ' is obsolete');
-			}
-			*/
-			return __vboxLangData['contexts'][context]['messages'][w]['translation'];
-
-		} else if(__vboxLangData['contexts'][context]['messages'][w][0]) {
-
-			if(comment) {
-				for(var i in __vboxLangData['contexts'][context]['messages'][w]) {
-					if(__vboxLangData['contexts'][context]['messages'][w][i]['comment'] == comment) {
-					    /*
-						if (__vboxLangData['contexts'][context]['messages'][w][i]['translation_attr'] && __vboxLangData['contexts'][context]['messages'][w][i]['translation_attr']['type'] == 'obsolete') {
-						    console.log(w + ' ' + ' and ' + comment + ' is obsolete');
-			             }
-			             */
-
-					    return __vboxLangData['contexts'][context]['messages'][w][i]['translation'];
-					}
-				}
-			}
-			/*
-			if (__vboxLangData['contexts'][context]['messages'][w][0] && __vboxLangData['contexts'][context]['messages'][w][0]['translation_attr'] && __vboxLangData['contexts'][context]['messages'][w][0]['translation_attr']['type'] == 'obsolete') {
-			   console.log(w + ' in ' + context + ' is obsolete');
-			}
-			*/
-
-			return __vboxLangData['contexts'][context]['messages'][w][0]['translation'];
-
-		} else {
-			return w;
-		}
-
-	} catch(err) {
-		// console.log(w + ' - ' + context + ': ' + err);
-		return w;
-	}
-}
-
+<?php
+/*
+ * Injects language translations into phpVirtualBox as a JavaScript object and
+ * provides interface translation logic
+ * Copyright (C) 2010-2015 Ian Moore (imoore76 at yahoo dot com)
+ *
+ * $Id: language.php 595 2015-04-17 09:50:36Z imoore76 $
+ */
+
+
+error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT);
+
+require_once(dirname(__FILE__).'/lib/language.php');
+
+if(!is_object($_vbox_language)) $_vbox_language = new __vbox_language();
+
+
+header("Content-type: application/javascript; charset=utf-8", true);
+
+//Set no caching
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
+header("Pragma: no-cache");
+
+if(isset($_GET['debug']) && $_GET['debug']) {
+	print_r(__vbox_language::$langdata);
+	return;
+}
+
+/*
+ * Dump in JavaScript
+ */
+echo('var __vboxLangData = ' . json_encode(__vbox_language::$langdata) .";\n\nvar __vboxLangName = '".constant('VBOXLANG')."';\n\n");
+
+
+?>
+
+
+// Failsafe wrapper
+function trans(s,c,n,h) {
+
+    if(s && c && c.constructor === Array) {
+        o = c.shift();
+        n = c.shift();
+        h = c.shift();
+        c = o;
+    }
+	if(!c) c = 'VBoxGlobal';
+
+	var r = transreal(s,c,n,h);
+
+	if(typeof r != 'string') {
+	   // console.log('Could not translate ' + s + ' with ' + c);
+	   return s;
+	}
+
+	return r;
+}
+
+function transreal(w,context,number,comment) {
+
+	try {
+
+		if(__vboxLangData['contexts'][context]['messages'][w]['translation']) {
+
+			if(__vboxLangData['contexts'][context]['messages'][w]['translation']['numerusform']) {
+
+				var t = __vboxLangData['contexts'][context]['messages'][w]['translation']['numerusform'];
+
+				if(!number) number = 1;
+
+				if(number <= 1 && t[0]) return t[0];
+				if(number > 1 && t[1]) return t[1];
+				if(t[0]) return t[0];
+				return t[1];
+			}
+			/*
+			if (__vboxLangData['contexts'][context]['messages'][w] && __vboxLangData['contexts'][context]['messages'][w]['translation_attr'] && __vboxLangData['contexts'][context]['messages'][w]['translation_attr']['type'] == 'obsolete') {
+			   console.log(w + ' in ' + context + ' is obsolete');
+			}
+			*/
+			return __vboxLangData['contexts'][context]['messages'][w]['translation'];
+
+		} else if(__vboxLangData['contexts'][context]['messages'][w][0]) {
+
+			if(comment) {
+				for(var i in __vboxLangData['contexts'][context]['messages'][w]) {
+					if(__vboxLangData['contexts'][context]['messages'][w][i]['comment'] == comment) {
+					    /*
+						if (__vboxLangData['contexts'][context]['messages'][w][i]['translation_attr'] && __vboxLangData['contexts'][context]['messages'][w][i]['translation_attr']['type'] == 'obsolete') {
+						    console.log(w + ' ' + ' and ' + comment + ' is obsolete');
+			             }
+			             */
+
+					    return __vboxLangData['contexts'][context]['messages'][w][i]['translation'];
+					}
+				}
+			}
+			/*
+			if (__vboxLangData['contexts'][context]['messages'][w][0] && __vboxLangData['contexts'][context]['messages'][w][0]['translation_attr'] && __vboxLangData['contexts'][context]['messages'][w][0]['translation_attr']['type'] == 'obsolete') {
+			   console.log(w + ' in ' + context + ' is obsolete');
+			}
+			*/
+
+			return __vboxLangData['contexts'][context]['messages'][w][0]['translation'];
+
+		} else {
+			return w;
+		}
+
+	} catch(err) {
+		// console.log(w + ' - ' + context + ': ' + err);
+		return w;
+	}
+}
+

phpvirtualbox/phpvirtualbox-5.0-5/endpoints/lib/auth/ActiveDirectory.php → phpvirtualbox/phpvirtualbox-5.2-1/endpoints/lib/auth/ActiveDirectory.php

@@ -1,203 +1,203 @@
-<?php
-/*
- * $Id: ActiveDirectory.php 501 2013-07-11 17:44:37Z imooreyahoo@gmail.com $
-* Experimental!
-*/
-class phpvbAuthActiveDirectory implements phpvbAuth {
-
-	var $capabilities = array(
-		'canChangePassword' => false,
-		'canLogout' => true
-	);
-
-	var $config = array(
-		'host' => '127.0.0.1',
-		'admin_group' => null,
-		'adminUser' => null,
-		'user_group' => null,
-		'container' => 'CN=Users',
-		'domain' =>   'internal.local',
-		'filter' => '(&(objectclass=User)(objectCategory=Person))'
-	);
-
-	/**
-	 * Constructor
-	 * @param array $userConfig - user configuration for this module
-	 */
-	function phpvbAuthActiveDirectory($userConfig = null) {
-		// Merge user config
-		if($userConfig) {
-			$this->config = array_merge($this->config,$userConfig);
-		}		
-	}
-
-	/**
-	 * Test log in and set $_SESSION vars
-	 * @param string $username
-	 * @param string $password
-	 * @see phpvbAuth::login()
-	 */
-	function login($username, $password)
-	{
-		global $_SESSION;
-
-
-		/*
-		 * Check for LDAP functionality and provide some direction
-		 */
-		if(!function_exists('ldap_connect')) {
-
-			$ex = 'LDAP support is not enabled in your PHP configuration.';
-
-			if(strtolower(substr(PHP_OS, 0, 3)) == 'win') {
-
-				ob_start();
-				phpinfo(INFO_GENERAL);
-				$phpinfo = ob_get_contents();
-				ob_end_clean();
-				preg_match('/Loaded Configuration File <\/td><td.*?>(.*?)\s*</', $phpinfo, $phpinfo);
-
-				$ex .= ' You probably just need to uncomment the line ;extension=php_ldap.dll in php.ini'.
-						(count($phpinfo) > 1 ? ' (' .trim($phpinfo[1]).')' : '') . ' by removing the ";" and restart your web server.';
-
-			} else if(strtolower(substr(PHP_OS, 0, 5)) == 'Linux') {
-
-				$ex .= ' You probably need to install the php5-ldap (or similar depending on your distribution) package and restart your web server.';
-					
-			}
-			throw new Exception($ex);
-		}
-
-		$_SESSION['valid'] = false;
-
-		// Connect to server
-		if(!($auth = ldap_connect($this->config['host']))) {
-			throw new Exception('Active Directory error ('.ldap_errno($auth).') ' . ldap_error($auth));
-		}
-
-		// Set relevant LDAP options
-		ldap_set_option($auth,LDAP_OPT_PROTOCOL_VERSION, 3);
-		
-
-		// Main login /bind
-		if(!($bind = @ldap_bind($auth, $username . "@" .$this->config['domain'], $password))) {
-			if(ldap_errno($auth) == 49) return false;
-			throw new Exception('Active Directory error ('.ldap_errno($auth).') ' . ldap_error($auth));
-		}
-		
-		
-		// Get user information from AD
-		////////////////////////////////////
-		
-		
-		// Set filter and sanitize username before sending it to AD
-		$filter = "(sAMAccountName=" .
-			str_replace(array(',','=','+','<','>',';','\\','"','#','(',')','*',chr(0)), '', $username) . ")";
-		if($this->config['filter'] && false) {
-			$filter = '(&'. $this->config['filter'] .' ('. $filter .'))';
-		}
-		
-		$result = @ldap_search($auth,
-				$this->config['container'] . ',DC=' . join(',DC=', explode('.', $this->config['domain'])),
-				$filter, array("memberof","useraccountcontrol"));
-
-		if(!result) throw new Exception ("Unable to search Active Directory server: " . ldap_error($auth));
-		@list($entries) = @ldap_get_entries($auth, $result);
-		@ldap_unbind($auth);
-		if(!$entries) {
-			throw new Exception("Permission denied");
-		}
-		
-		
-		// Check for disabled user
-		if((intval($entries['useraccountcontrol'][0]) & 2)) {
-			throw new Exception('This account is disabled in Active Directory.');
-		}
-
-		// check for valid admin group
-		if($this->config['admin_group']) {
-			foreach($entries['memberof'] as $group) {
-				list($group) = explode(',', $group);
-				if(strtolower($group) == strtolower('cn='.$this->config['admin_group'])) {
-					$_SESSION['admin'] = $_SESSION['valid'] = true;
-					break;
-				}
-			}
-		}
-		
-		// Admin user explicitly set?
-		if(!$_SESSION['admin'] && $this->config['adminUser']) {
-			$_SESSION['admin'] = (strtolower($this->config['adminUser']) == strtolower($username));
-			// Admin is ok
-			$_SESSION['valid'] = ($_SESSION['admin'] || $_SESSION['valid']);
-		}
-
-		// check for valid user group
-		if($this->config['user_group'] && !$_SESSION['valid']) {
-			foreach($entries['memberof'] as $group) {
-				list($group) = explode(',', $group);
-				if(strtolower($group) == strtolower('cn='.$this->config['user_group'])) {
-					$_SESSION['valid'] = true;
-					break;
-				}
-			}
-		} else {
-			$_SESSION['valid'] = true;
-		}
-		
-		if(!$_SESSION['valid'])
-			throw new Exception("Permission denied");
-
-		// Admin user explicitly set?
-		if(!$_SESSION['admin'] && $this->config['adminUser']) {
-			$_SESSION['admin'] = (strtolower($this->config['adminUser']) == strtolower($username));
-		}
-
-		// No admin information specified makes everyone an admin
-		if(!$this->config['adminUser'] && !$this->config['admin_group'])
-			$_SESSION['admin'] = true;
-		
-		// user has permission. establish session variables
-		$_SESSION['user'] = $username;
-		$_SESSION['authCheckHeartbeat'] = time();
-
-		
-		return true;
-		
-	}
-
-	function heartbeat($vbox)
-	{
-		global $_SESSION;
-
-		$_SESSION['valid'] = true;
-		$_SESSION['authCheckHeartbeat'] = time();
-	}
-
-	function changePassword($old, $new)
-	{
-	}
-
-	function logout(&$response)
-	{
-		global $_SESSION;
-		if(function_exists('session_destroy')) session_destroy();
-		else unset($_SESSION['valid']);
-		$response['data']['result'] = 1;
-	}
-
-	function listUsers()
-	{
-
-	}
-
-	function updateUser($vboxRequest, $skipExistCheck)
-	{
-
-	}
-
-	function deleteUser($user)
-	{
-
-	}
-}
+<?php
+/*
+ * $Id: ActiveDirectory.php 501 2013-07-11 17:44:37Z imooreyahoo@gmail.com $
+* Experimental!
+*/
+class phpvbAuthActiveDirectory implements phpvbAuth {
+
+	var $capabilities = array(
+		'canChangePassword' => false,
+		'canLogout' => true
+	);
+
+	var $config = array(
+		'host' => '127.0.0.1',
+		'admin_group' => null,
+		'adminUser' => null,
+		'user_group' => null,
+		'container' => 'CN=Users',
+		'domain' =>   'internal.local',
+		'filter' => '(&(objectclass=User)(objectCategory=Person))'
+	);
+
+	/**
+	 * Constructor
+	 * @param array $userConfig - user configuration for this module
+	 */
+	function phpvbAuthActiveDirectory($userConfig = null) {
+		// Merge user config
+		if($userConfig) {
+			$this->config = array_merge($this->config,$userConfig);
+		}		
+	}
+
+	/**
+	 * Test log in and set $_SESSION vars
+	 * @param string $username
+	 * @param string $password
+	 * @see phpvbAuth::login()
+	 */
+	function login($username, $password)
+	{
+		global $_SESSION;
+
+
+		/*
+		 * Check for LDAP functionality and provide some direction
+		 */
+		if(!function_exists('ldap_connect')) {
+
+			$ex = 'LDAP support is not enabled in your PHP configuration.';
+
+			if(strtolower(substr(PHP_OS, 0, 3)) == 'win') {
+
+				ob_start();
+				phpinfo(INFO_GENERAL);
+				$phpinfo = ob_get_contents();
+				ob_end_clean();
+				preg_match('/Loaded Configuration File <\/td><td.*?>(.*?)\s*</', $phpinfo, $phpinfo);
+
+				$ex .= ' You probably just need to uncomment the line ;extension=php_ldap.dll in php.ini'.
+						(count($phpinfo) > 1 ? ' (' .trim($phpinfo[1]).')' : '') . ' by removing the ";" and restart your web server.';
+
+			} else if(strtolower(substr(PHP_OS, 0, 5)) == 'Linux') {
+
+				$ex .= ' You probably need to install the php5-ldap (or similar depending on your distribution) package and restart your web server.';
+					
+			}
+			throw new Exception($ex);
+		}
+
+		$_SESSION['valid'] = false;
+
+		// Connect to server
+		if(!($auth = ldap_connect($this->config['host']))) {
+			throw new Exception('Active Directory error ('.ldap_errno($auth).') ' . ldap_error($auth));
+		}
+
+		// Set relevant LDAP options
+		ldap_set_option($auth,LDAP_OPT_PROTOCOL_VERSION, 3);
+		
+
+		// Main login /bind
+		if(!($bind = @ldap_bind($auth, $username . "@" .$this->config['domain'], $password))) {
+			if(ldap_errno($auth) == 49) return false;
+			throw new Exception('Active Directory error ('.ldap_errno($auth).') ' . ldap_error($auth));
+		}
+		
+		
+		// Get user information from AD
+		////////////////////////////////////
+		
+		
+		// Set filter and sanitize username before sending it to AD
+		$filter = "(sAMAccountName=" .
+			str_replace(array(',','=','+','<','>',';','\\','"','#','(',')','*',chr(0)), '', $username) . ")";
+		if($this->config['filter'] && false) {
+			$filter = '(&'. $this->config['filter'] .' ('. $filter .'))';
+		}
+		
+		$result = @ldap_search($auth,
+				$this->config['container'] . ',DC=' . join(',DC=', explode('.', $this->config['domain'])),
+				$filter, array("memberof","useraccountcontrol"));
+
+		if(!result) throw new Exception ("Unable to search Active Directory server: " . ldap_error($auth));
+		@list($entries) = @ldap_get_entries($auth, $result);
+		@ldap_unbind($auth);
+		if(!$entries) {
+			throw new Exception("Permission denied");
+		}
+		
+		
+		// Check for disabled user
+		if((intval($entries['useraccountcontrol'][0]) & 2)) {
+			throw new Exception('This account is disabled in Active Directory.');
+		}
+
+		// check for valid admin group
+		if($this->config['admin_group']) {
+			foreach($entries['memberof'] as $group) {
+				list($group) = explode(',', $group);
+				if(strtolower($group) == strtolower('cn='.$this->config['admin_group'])) {
+					$_SESSION['admin'] = $_SESSION['valid'] = true;
+					break;
+				}
+			}
+		}
+		
+		// Admin user explicitly set?
+		if(!$_SESSION['admin'] && $this->config['adminUser']) {
+			$_SESSION['admin'] = (strtolower($this->config['adminUser']) == strtolower($username));
+			// Admin is ok
+			$_SESSION['valid'] = ($_SESSION['admin'] || $_SESSION['valid']);
+		}
+
+		// check for valid user group
+		if($this->config['user_group'] && !$_SESSION['valid']) {
+			foreach($entries['memberof'] as $group) {
+				list($group) = explode(',', $group);
+				if(strtolower($group) == strtolower('cn='.$this->config['user_group'])) {
+					$_SESSION['valid'] = true;
+					break;
+				}
+			}
+		} else {
+			$_SESSION['valid'] = true;
+		}
+		
+		if(!$_SESSION['valid'])
+			throw new Exception("Permission denied");
+
+		// Admin user explicitly set?
+		if(!$_SESSION['admin'] && $this->config['adminUser']) {
+			$_SESSION['admin'] = (strtolower($this->config['adminUser']) == strtolower($username));
+		}
+
+		// No admin information specified makes everyone an admin
+		if(!$this->config['adminUser'] && !$this->config['admin_group'])
+			$_SESSION['admin'] = true;
+		
+		// user has permission. establish session variables
+		$_SESSION['user'] = $username;
+		$_SESSION['authCheckHeartbeat'] = time();
+
+		
+		return true;
+		
+	}
+
+	function heartbeat($vbox)
+	{
+		global $_SESSION;
+
+		$_SESSION['valid'] = true;
+		$_SESSION['authCheckHeartbeat'] = time();
+	}
+
+	function changePassword($old, $new)
+	{
+	}
+
+	function logout(&$response)
+	{
+		global $_SESSION;
+		if(function_exists('session_destroy')) session_destroy();
+		else unset($_SESSION['valid']);
+		$response['data']['result'] = 1;
+	}
+
+	function listUsers()
+	{
+
+	}
+
+	function updateUser($vboxRequest, $skipExistCheck)
+	{
+
+	}
+
+	function deleteUser($user)
+	{
+
+	}
+}