From f413212db9b2bc3a76ec1da3682578b09bc2e46a Mon Sep 17 00:00:00 2001
From: adrien <adrien@malingrey.fr>
Date: Thu, 10 Oct 2024 18:07:44 +0200
Subject: [PATCH] fix scan args

---
 filter_inputs.php |  46 ++---
 index.php         | 108 ++++++------
 scan-options.php  | 433 +++++++++++++++++++++++-----------------------
 scan.php          |  13 +-
 4 files changed, 301 insertions(+), 299 deletions(-)

diff --git a/filter_inputs.php b/filter_inputs.php
index f8bf6ce..4c81b01 100644
--- a/filter_inputs.php
+++ b/filter_inputs.php
@@ -15,24 +15,24 @@ $protocolePortsListRegex = "/^(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-
 $portsListRegex = "/^([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*$/";
 $tempoRegex = "/^\d+[smh]?$/";
 
-$options = filter_input_array(INPUT_GET, [
+$inputs = filter_input_array(INPUT_GET, [
   'iR'       => ['filter' => FILTER_VALIDATE_INT],
-  '-exclude' => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => $hostsListRegex]],
+  '-exclude' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
 
-  'sL'           => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => $hostsListRegex]],
+  'sL'           => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
   'sP'           => ['filter' => FILTER_VALIDATE_BOOLEAN],
   'P0'           => ['filter' => FILTER_VALIDATE_BOOLEAN],
   'Pn'           => ['filter' => FILTER_VALIDATE_BOOLEAN],
-  'PS'           => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => $portsListRegex]],
-  'PA'           => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => $portsListRegex]],
-  'PU'           => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => $portsListRegex]],
+  'PS'           => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
+  'PA'           => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
+  'PU'           => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
   'PE'           => ['filter' => FILTER_VALIDATE_BOOLEAN],
   'PP'           => ['filter' => FILTER_VALIDATE_BOOLEAN],
   'PM'           => ['filter' => FILTER_VALIDATE_BOOLEAN],
-  'PO'           => ['filter' => FILTER_VALIDATE_INT,  'options' => ['min_range' => 0, 'max_range' => 255]],
+  'PO'           => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
   'n'            => ['filter' => FILTER_VALIDATE_BOOLEAN],
   'R'            => ['filter' => FILTER_VALIDATE_BOOLEAN],
-  '-dns-servers' => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => $hostsListRegex]],
+  '-dns-servers' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
 
   'sS'          => ['filter' => FILTER_VALIDATE_BOOLEAN],
   'sT'          => ['filter' => FILTER_VALIDATE_BOOLEAN],
@@ -46,22 +46,22 @@ $options = filter_input_array(INPUT_GET, [
   'PM'          => ['filter' => FILTER_VALIDATE_BOOLEAN],
   'PM'          => ['filter' => FILTER_VALIDATE_BOOLEAN],
   'PM'          => ['filter' => FILTER_VALIDATE_BOOLEAN],
-  '-scanflags'  => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => "/^([URG|ACK|PSH|RST|SYN|FIN]+)$|^([0-2]?\d?\d)$/"]],
-  'sI'          => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => "/^[a-zA-Z\d:.-]+(:\d+)?$/"]],
+  '-scanflags'  => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^([URG|ACK|PSH|RST|SYN|FIN]+)$|^([0-2]?\d?\d)$/"]],
+  'sI'          => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^[a-zA-Z\d:.-]+(:\d+)?$/"]],
   'sO'          => ['filter' => FILTER_VALIDATE_BOOLEAN],
   'b'           => FILTER_VALIDATE_DOMAIN,
   '-traceroute' => ['filter' => FILTER_VALIDATE_BOOLEAN],
   '-reason'     => ['filter' => FILTER_VALIDATE_BOOLEAN],
 
-  'p'           => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => $portsListRegex]],
+  'p'           => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $portsListRegex]],
   'F'           => ['filter' => FILTER_VALIDATE_BOOLEAN],
   'r'           => ['filter' => FILTER_VALIDATE_BOOLEAN],
   '-top-ports'  => FILTER_VALIDATE_INT,
-  '-port-ratio' => ['filter' => FILTER_VALIDATE_FLOAT,  'options' => ['min_range' => 0, 'max_range' => 1]],
+  '-port-ratio' => ['filter' => FILTER_VALIDATE_FLOAT, 'options' => ['min_range' => 0, 'max_range' => 1]],
 
   'sV'                 => ['filter' => FILTER_VALIDATE_BOOLEAN],
   '-version-light'     => ['filter' => FILTER_VALIDATE_BOOLEAN],
-  '-version-intensity' => ['filter' => FILTER_VALIDATE_INT,  'options' => ['min_range' => 0, 'max_range' => 9]],
+  '-version-intensity' => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 9]],
   '-version-all'       => ['filter' => FILTER_VALIDATE_BOOLEAN],
   '-version-trace'     => ['filter' => FILTER_VALIDATE_BOOLEAN],
 
@@ -79,24 +79,24 @@ $options = filter_input_array(INPUT_GET, [
   '-max-hostgroup'       => ['filter' => FILTER_VALIDATE_INT],
   '-min-parallelism'     => ['filter' => FILTER_VALIDATE_INT],
   '-max-parallelism'     => ['filter' => FILTER_VALIDATE_INT],
-  '-min-rtt-timeout'     => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => $tempoRegex]],
-  '-max-rtt-timeout'     => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => $tempoRegex]],
-  '-initial-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => $tempoRegex]],
+  '-min-rtt-timeout'     => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
+  '-max-rtt-timeout'     => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
+  '-initial-rtt-timeout' => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
   '-max-retries'         => ['filter' => FILTER_VALIDATE_INT],
-  '-host-timeout'        => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => $tempoRegex]],
-  '-scan-delay'          => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => $tempoRegex]],
-  '-max-scan-delay'      => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => $tempoRegex]],
+  '-host-timeout'        => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
+  '-scan-delay'          => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
+  '-max-scan-delay'      => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $tempoRegex]],
 
   'f'            => ['filter' => FILTER_VALIDATE_INT],
   'mtu'          => ['filter' => FILTER_VALIDATE_INT],
-  'D'            => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => $hostsListRegex]],
+  'D'            => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => $hostsListRegex]],
   'S'            => ['filter' => FILTER_VALIDATE_IP],
-  'e'            => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => "/^[a-z\d]+$/"]],
+  'e'            => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^[a-z\d]+$/"]],
   'g'            => ['filter' => FILTER_VALIDATE_INT],
   '-source-port' => ['filter' => FILTER_VALIDATE_INT],
   '-data-length' => ['filter' => FILTER_VALIDATE_INT],
-  '-ip-options'  => ['filter' => FILTER_VALIDATE_REGEXP,  'options' => ['regexp' => "/^\"(R|T|U|L [\da-zA-Z-.: ]+|S [\da-zA-Z-.: ]+|\\\\x[\da-fA-F]{1,2}(\*[\d]+)?|\\\\[0-2]?[\d]{1,2}(\*[\d]+)?)\"$/"]],
-  'ttl'          => ['filter' => FILTER_VALIDATE_INT,  'options' => ['min_range' => 0, 'max_range' => 255]],
+  '-ip-options'  => ['filter' => FILTER_VALIDATE_REGEXP, 'options' => ['regexp' => "/^\"(R|T|U|L [\da-zA-Z-.: ]+|S [\da-zA-Z-.: ]+|\\\\x[\da-fA-F]{1,2}(\*[\d]+)?|\\\\[0-2]?[\d]{1,2}(\*[\d]+)?)\"$/"]],
+  'ttl'          => ['filter' => FILTER_VALIDATE_INT, 'options' => ['min_range' => 0, 'max_range' => 255]],
   '-spoof-mac'   => ['filter' => FILTER_VALIDATE_MAC],
   '-badsum'      => ['filter' => FILTER_VALIDATE_BOOLEAN],
 
diff --git a/index.php b/index.php
index c3b7c2d..9a55bc2 100755
--- a/index.php
+++ b/index.php
@@ -5,64 +5,64 @@ include_once 'filter_inputs.php';
 <!DOCTYPE html>
 <html lang="fr">
 
-  <head>
-    <meta charset="utf-8" />
-    <title>lanScan</title>
-    <link rel="icon" href="favicon.ico"/>
-    <script src="https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js"></script>
-    <script src="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.js"></script>
-    <link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" />
-    <script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
-    <script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script>
-    <link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css" />
-    <link href="style.css" rel="stylesheet" type="text/css" />
-  </head>
+<head>
+  <meta charset="utf-8" />
+  <title>lanScan</title>
+  <link rel="icon" href="favicon.ico" />
+  <script src="https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js"></script>
+  <script src="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.js"></script>
+  <link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" />
+  <script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
+  <script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script>
+  <link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css" />
+  <link href="style.css" rel="stylesheet" type="text/css" />
+</head>
 
-  <body>
-    <nav class="ui inverted teal fixed menu">
-      <a class="header item" href=".">
-        lan<?php include 'logo.svg'; ?>can
-      </a>
-      <div class="right menu">
-        <form class="ui category search item" onsubmit="targetsInputDiv.classList.add('loading')">
-          <div id="targetsInputDiv" class="ui icon input">
-            <input class="prompt" type="text" id="targetsInput" name="targets" required="" oninput="hiddenInput.value=this.value"
-            pattern="[a-zA-Z0-9._\/ \-]+" value="<?=$targets; ?>" placeholder="Scanner un réseau..."
+<body>
+  <nav class="ui inverted teal fixed menu">
+    <a class="header item" href=".">
+      lan<?php include 'logo.svg'; ?>can
+    </a>
+    <div class="right menu">
+      <form class="ui category search item" onsubmit="targetsInputDiv.classList.add('loading')">
+        <div id="targetsInputDiv" class="ui icon input">
+          <input class="prompt" type="text" id="targetsInput" name="targets" required="" oninput="hiddenInput.value=this.value"
+            pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $targets; ?>" placeholder="Scanner un réseau..."
             title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
-Exemples: <?=$_SERVER['REMOTE_ADDR']; ?>/24 <?=$_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254"/>
-            <i class="satellite dish icon"></i>
-            <button style="display:none" type="submit" formaction="scan.php" formmethod="get"></button>
-          </div>
-        </form>
-        <form class="item" method="get" action="scan-options.php">
-          <input id="hiddenInput" type="hidden" name="targets" value="<?=$targets; ?>"/>
-          <input id="hiddenInput" type="hidden" name="name" value="<?=$name; ?>"/>
-          <?='<input type="hidden" name="'.str_replace('=', '" value="', http_build_query($options, '', '/><input type="hidden" name="')).'"/>'; ?>
-          <button class="ui teal submit button" type="submit">Options</button>
-        </form>
-      </div>
-    </nav>
+Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" />
+          <i class="satellite dish icon"></i>
+          <button style="display:none" type="submit" formaction="scan.php" formmethod="get"></button>
+        </div>
+      </form>
+      <form class="item" method="get" action="scan-options.php">
+        <input id="hiddenInput" type="hidden" name="targets" value="<?= $targets; ?>" />
+        <input id="hiddenInput" type="hidden" name="name" value="<?= $name; ?>" />
+        <?= '<input type="hidden" name="' . str_replace('=', '" value="', http_build_query($inputs, '', '/><input type="hidden" name="')) . '"/>'; ?>
+        <button class="ui teal submit button" type="submit">Options</button>
+      </form>
+    </div>
+  </nav>
 
-    <main class="ui main container">
-        <div class="ui large relaxed card">
-          <div class="content">
-            <div class="header">Précédents scans</div>
-            <div class="ui divided link list">
-<?php
-if (!file_exists($SCANS_DIR)) {
-    mkdir($SCANS_DIR);
-}
-foreach (scandir($SCANS_DIR) as $scan) {
-    if (substr($scan, -4) == '.xml') {
-        $targets = str_replace('!', '/', substr_replace($scan, '', -4));
-        echo "<a class='item' href='scan.php?targets=".urlencode($targets)."'>$targets</a>\n";
-    }
-}
-?>
-          </div>
+  <main class="ui main container">
+    <div class="ui large relaxed card">
+      <div class="content">
+        <div class="header">Précédents scans</div>
+        <div class="ui divided link list">
+          <?php
+          if (!file_exists($SCANS_DIR)) {
+            mkdir($SCANS_DIR);
+          }
+          foreach (scandir($SCANS_DIR) as $scan) {
+            if (substr($scan, -4) == '.xml') {
+              $targets = str_replace('!', '/', substr_replace($scan, '', -4));
+              echo "<a class='item' href='scan.php?targets=" . urlencode($targets) . "'>$targets</a>\n";
+            }
+          }
+          ?>
         </div>
       </div>
-    </main>
-  </body>
+    </div>
+  </main>
+</body>
 
 </html>
\ No newline at end of file
diff --git a/scan-options.php b/scan-options.php
index 464b2ed..f99fd62 100755
--- a/scan-options.php
+++ b/scan-options.php
@@ -5,254 +5,255 @@ include_once 'filter_inputs.php';
 <!DOCTYPE html>
 <html lang="fr">
 
-  <head>
-    <meta charset="utf-8" />
-    <title>lanScan</title>
-    <link rel="icon" href="favicon.ico" />
-    <script src="https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js"></script>
-    <script src="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.js"></script>
-    <link rel="stylesheet" type="text/css"
-      href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" />
-    <script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
-    <script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script>
-    <link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css" />
-    <link href="style.css" rel="stylesheet" type="text/css" />
-  </head>
+<head>
+  <meta charset="utf-8" />
+  <title>lanScan</title>
+  <link rel="icon" href="favicon.ico" />
+  <script src="https://cdn.jsdelivr.net/npm/jquery@3.7.1/dist/jquery.min.js"></script>
+  <script src="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.js"></script>
+  <link rel="stylesheet" type="text/css"
+    href="https://cdn.jsdelivr.net/npm/fomantic-ui@2.9.3/dist/semantic.min.css" />
+  <script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
+  <script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.polyfills.min.js"></script>
+  <link href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css" rel="stylesheet" type="text/css" />
+  <link href="style.css" rel="stylesheet" type="text/css" />
+</head>
 
-  <body>
-    <nav class="ui inverted teal fixed menu">
-      <a class="header item" href=".">
-        lan<?php include 'logo.svg'; ?>can
-      </a>
-    </nav>
+<body>
+  <nav class="ui inverted teal fixed menu">
+    <a class="header item" href=".">
+      lan<?php include 'logo.svg'; ?>can
+    </a>
+  </nav>
 
-    <main class="ui main container">
-      <h1 class="header">Scanner un réseau avec Nmap</h1>
+  <main class="ui main container">
+    <h1 class="header">Scanner un réseau avec Nmap</h1>
 
-      <form id="newScanForm" class="ui form" method="get" action="scan.php">
+    <form id="newScanForm" class="ui form" method="get" action="scan.php">
 
-        <!--<div class="field">
+      <!--<div class="field">
               <label for="nameInput">Nom</label>
               <input id="nameInput" type="text" name="name" placeholder="Réseau local" pattern='[^&lt;&gt;:&quot;\\\/\|@?]+'
                 title='Nom de fichier valide (ne contenant pas les caractères &lt;&gt;:&quot;\/|@?)'
                 value="<?= htmlspecialchars($name); ?>">
             </div>-->
-        <div class="required field">
-          <label for="targetsInput">Cibles</label>
-          <input id="targetsInput" type="text" name="targets" placeholder="Cibles" required
-            pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $targets; ?>" list="targetsList"
-            title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
-Exemples: <?=$_SERVER['REMOTE_ADDR']; ?>/24 <?=$_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" />
+      <div class="required field">
+        <label for="targetsInput">Cibles</label>
+        <input id="targetsInput" type="text" name="targets" placeholder="Cibles" required
+          pattern="[a-zA-Z0-9._\/ \-]+" value="<?= $targets; ?>" list="targetsList"
+          title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
+Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24 <?= $_SERVER['SERVER_NAME']; ?> 10.0-255.0-255.1-254" />
+      </div>
+
+      <div class="ui styled fluid accordion field">
+        <div class="title"><i class="icon dropdown"></i>Spécification des cibles</div>
+        <div class="content">
+          <div class="field">
+            <label for="excludeInput">Exclure les hôtes ou réseaux</label>
+            <input type="text" id="excludeInput" name="-exclude" placeholder="Hôte/réseau" list="targetsList"
+              pattern="[a-zA-Z0-9._\/,\-]*" value="<?= $inputs['-exclude'] ?? "" ?>"
+              title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
+Exemples: <?= $_SERVER['REMOTE_ADDR']; ?>/24,<?= $_SERVER['SERVER_NAME']; ?>,10.0-255.0-255.1-254">
+          </div>
         </div>
 
-        <div class="ui styled fluid accordion field">
-          <div class="title"><i class="icon dropdown"></i>Spécification des cibles</div>
-          <div class="content">
-            <div class="field">
-              <label for="excludeInput">Exclure les hôtes ou réseaux</label>
-              <input type="text" id="excludeInput" name="-exclude" placeholder="Hôte/réseau" list="targetsList"
-                pattern="[a-zA-Z0-9._\/,\-]*" value="<?=$options['-exclude']?? "" ?>"
-                title="Les cibles peuvent être spécifiées par des noms d'hôtes, des adresses IP, des adresses de réseaux, etc.
-Exemples: <?=$_SERVER['REMOTE_ADDR']; ?>/24,<?=$_SERVER['SERVER_NAME']; ?>,10.0-255.0-255.1-254">
+        <div class="title"><i class="icon dropdown"></i>Découverte des hôtes actifs</div>
+        <div class="content">
+          <div class="inline field">
+            <div class="ui toggle checkbox">
+              <input type="checkbox" id="sPCheckbox" name="sP" <?= $inputs['sP'] ?? false ? 'checked' : ''; ?> />
+              <label for="sPCheckbox">N'effectuer que l'étape de découverte des hôtes actifs</label>
             </div>
           </div>
 
-          <div class="title"><i class="icon dropdown"></i>Découverte des hôtes actifs</div>
-          <div class="content">
-            <div class="inline field">
-              <div class="ui toggle checkbox">
-                <input type="checkbox" id="sPCheckbox" name="sP" <?=$options['sP']?? false? 'checked' : ''; ?>/>
-                <label for="sPCheckbox">N'effectuer que l'étape de découverte des hôtes actifs</label>
-              </div>
-            </div>
-
-            <div class="inline field">
-              <div class="ui toggle checkbox">
-                <input type="checkbox" id="PnCheckbox" name="Pn" <?=$options['Pn']?? false? 'checked' : ''; ?>/>
-                <label for="PnCheckbox">Considérer tous les hôtes comme actifs (saute la découverte des hôtes)</label>
-              </div>
-            </div>
-
-            <div class="fields">
-              <div class="field">
-                <label for="PSInput">Ping TCP SYN</label>
-                <input type="text" id="PSInput" name="PS" placeholder="Ports" list="servicesList"
-                  pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?=$options['PS']?? "" ?>"
-                  title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
-              </div>
-              <div class="field">
-                <label for="PAInput">Ping TCP ACK</label>
-                <input type="text" id="PAInput" name="PA" placeholder="Ports" list="servicesList"
-                  pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?=$options['PA']?? "" ?>"
-                  title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
-              </div>
-              <div class="field">
-                <label for="PUInput">Ping UDP</label>
-                <input type="text" id="PUInput" name="PU" placeholder="Ports" list="servicesList"
-                  pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?=$options['PU']?? "" ?>"
-                  title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
-              </div>
+          <div class="inline field">
+            <div class="ui toggle checkbox">
+              <input type="checkbox" id="PnCheckbox" name="Pn" <?= $inputs['Pn'] ?? false ? 'checked' : ''; ?> />
+              <label for="PnCheckbox">Considérer tous les hôtes comme actifs (saute la découverte des hôtes)</label>
             </div>
+          </div>
 
+          <div class="fields">
             <div class="field">
-              <label>Ping ICMP</label>
-              <div class="inline fields">
-                <div class="field">
-                  <div class="ui toggle checkbox">
-                    <input type="checkbox" id="PECheckbox" name="PE" <?=$options['PE']?? false? 'checked' : ''; ?>/>
-                    <label for="PECheckbox">Echo request</label>
-                  </div>
-                </div>
-                <div class="field">
-                  <div class="ui toggle checkbox">
-                    <input type="checkbox" id="PPCheckbox" name="PP" <?=$options['PP']?? false? 'checked' : ''; ?>/>
-                    <label for="PPCheckbox">Timestamp request</label>
-                  </div>
-                </div>
-                <div class="field">
-                  <div class="ui toggle checkbox">
-                    <input type="checkbox" id="PMCheckbox" name="PM" <?=$options['PM']?? false? 'checked' : ''; ?>/>
-                    <label for="PMCheckbox">Mask request</label>
-                  </div>
-                </div>
-              </div>
+              <label for="PSInput">Ping TCP SYN</label>
+              <input type="text" id="PSInput" name="PS" placeholder="Ports" list="servicesList"
+                pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?= $inputs['PS'] ?? "" ?>"
+                title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
             </div>
-
             <div class="field">
-              <div class="ui toggle checkbox">
-                <input type="checkbox" id="PRCheckbox" name="PR" <?=$options['PR']?? false? 'checked' : ''; ?>/>
-                <label for="PRCheckbox">Ping ARP</label>
-              </div>
+              <label for="PAInput">Ping TCP ACK</label>
+              <input type="text" id="PAInput" name="PA" placeholder="Ports" list="servicesList"
+                pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?= $inputs['PA'] ?? "" ?>"
+                title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
             </div>
-
             <div class="field">
-              <label for="P0Input">Ping IP Protocol</label>
-              <input type="text" id="P0Input" name="P0" placeholder="Ports"
-                pattern="[0-9\-]+" value="<?=$options['P0']?? "" ?>"
+              <label for="PUInput">Ping UDP</label>
+              <input type="text" id="PUInput" name="PU" placeholder="Ports" list="servicesList"
+                pattern="([0-9\-]+|[a-z\-]+)(,[0-9\-]+|,[a-z\-]+)*" value="<?= $inputs['PU'] ?? "" ?>"
                 title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
             </div>
           </div>
 
-          <div class="title"><i class="icon dropdown"></i>Techniques de scan</div>
-          <div class="content">
-            <div class="field">
-              <div class="ui toggle checkbox">
-                <input type="checkbox" id="FCheckbox" name="F" <?=$options['F']?? false? 'checked' : ''; ?>/>
-                <label for="FCheckbox">Scanner que les ports connus</label>
+          <div class="field">
+            <label>Ping ICMP</label>
+            <div class="inline fields">
+              <div class="field">
+                <div class="ui toggle checkbox">
+                  <input type="checkbox" id="PECheckbox" name="PE" <?= $inputs['PE'] ?? false ? 'checked' : ''; ?> />
+                  <label for="PECheckbox">Echo request</label>
+                </div>
               </div>
-            </div>
-            
-            <div class="field">
-              <label for="pInput">Scanner que les ports</label>
-              <input type="text" id="pInput" name="p" placeholder="Ports" list="servicesList"
-                pattern="(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*" value="<?=$options['p']?? "" ?>"
-                title="Liste de ports ex: ssh,ftp,U:53,111,137,T:21-25,80,139,8080">
-            </div>
-            
-            <div class="field">
-              <div class="ui toggle checkbox">
-                <input type="checkbox" id="rCheckbox" name="r" <?=$options['r']?? false? 'checked' : ''; ?>/>
-                <label for="rCheckbox">Ne pas mélanger les ports</label>
+              <div class="field">
+                <div class="ui toggle checkbox">
+                  <input type="checkbox" id="PPCheckbox" name="PP" <?= $inputs['PP'] ?? false ? 'checked' : ''; ?> />
+                  <label for="PPCheckbox">Timestamp request</label>
+                </div>
+              </div>
+              <div class="field">
+                <div class="ui toggle checkbox">
+                  <input type="checkbox" id="PMCheckbox" name="PM" <?= $inputs['PM'] ?? false ? 'checked' : ''; ?> />
+                  <label for="PMCheckbox">Mask request</label>
+                </div>
               </div>
             </div>
           </div>
 
+          <div class="field">
+            <div class="ui toggle checkbox">
+              <input type="checkbox" id="PRCheckbox" name="PR" <?= $inputs['PR'] ?? false ? 'checked' : ''; ?> />
+              <label for="PRCheckbox">Ping ARP</label>
+            </div>
+          </div>
+
+          <div class="field">
+            <label for="P0Input">Ping IP Protocol</label>
+            <input type="text" id="P0Input" name="P0" placeholder="Ports"
+              pattern="[0-9\-]+" value="<?= $inputs['P0'] ?? "" ?>"
+              title="Liste de ports ex: 22,23,25,80,200-1024,60000-">
+          </div>
         </div>
 
-        <button type="submit" class="ui teal submit button">Démarrer</button>
-      </form>
-      
-      <datalist id='targetsList'>
-        <option value="<?=$_SERVER['REMOTE_ADDR']; ?>"></option>
-        <option value="192.168.1.0/24"></option>
-        <option value="<?=$_SERVER['SERVER_NAME']; ?>"></option>
-<?php
-if (!file_exists($SCANS_DIR)) {
-    mkdir($SCANS_DIR);
-}
-foreach (scandir($SCANS_DIR) as $scan) {
-    if ('.xml' == substr($scan, -4)) {
-        $targets = str_replace('!', '/', substr_replace($scan, '', -4));
-        echo "        <option value='$targets'></option>\n";
+        <div class="title"><i class="icon dropdown"></i>Techniques de scan</div>
+        <div class="content">
+          <div class="field">
+            <div class="ui toggle checkbox">
+              <input type="checkbox" id="FCheckbox" name="F" <?= $inputs['F'] ?? false ? 'checked' : ''; ?> />
+              <label for="FCheckbox">Scanner que les ports connus</label>
+            </div>
+          </div>
+
+          <div class="field">
+            <label for="pInput">Scanner que les ports</label>
+            <input type="text" id="pInput" name="p" placeholder="Ports" list="servicesList"
+              pattern="(([TU]:)?[0-9\-]+|[a-z\-]+)(,([TU]:)?[0-9\-]+|,[a-z\-]+)*" value="<?= $inputs['p'] ?? "" ?>"
+              title="Liste de ports ex: ssh,ftp,U:53,111,137,T:21-25,80,139,8080">
+          </div>
+
+          <div class="field">
+            <div class="ui toggle checkbox">
+              <input type="checkbox" id="rCheckbox" name="r" <?= $inputs['r'] ?? false ? 'checked' : ''; ?> />
+              <label for="rCheckbox">Ne pas mélanger les ports</label>
+            </div>
+          </div>
+        </div>
+
+      </div>
+
+      <button type="submit" class="ui teal submit button">Démarrer</button>
+    </form>
+
+    <datalist id='targetsList'>
+      <option value="<?= $_SERVER['REMOTE_ADDR']; ?>"></option>
+      <option value="192.168.1.0/24"></option>
+      <option value="<?= $_SERVER['SERVER_NAME']; ?>"></option>
+      <?php
+      if (!file_exists($SCANS_DIR)) {
+        mkdir($SCANS_DIR);
+      }
+      foreach (scandir($SCANS_DIR) as $scan) {
+        if ('.xml' == substr($scan, -4)) {
+          $targets = str_replace('!', '/', substr_replace($scan, '', -4));
+          echo "        <option value='$targets'></option>\n";
+        }
+      }
+      ?>
+    </datalist>
+    <datalist id='servicesList'>
+      <?php
+      $nmap_services = file("$NMAP_DATADIR/nmap-services");
+      $services = [];
+      foreach ($nmap_services as $service) {
+        if (0 !== strpos($service, '#')) {
+          [$name, $port] = explode("\t", $service);
+          $services[$name] = explode("/", $port);
+        }
+      }
+      foreach ($services as $name => [$portid, $protocol]) {
+        echo "       <option value='$name'></option>\n";
+      }
+      ?>
+    </datalist>
+  </main>
+  <script>
+    class TagsInput extends Tagify {
+      constructor(input, options) {
+        super(input, options)
+        if (!this.whitelist.length && input.list) this.whitelist = Array.from(input.list.options).map(option => option.value)
+        console.log(this.whitelist, input.list)
+      }
     }
-}
-?>
-      </datalist>
-      <datalist id='servicesList'>
-<?php
-$nmap_services = file("$NMAP_DATADIR/nmap-services");
-$services = [];
-foreach ($nmap_services as $service) {
-    if (0 !== strpos($service, '#')) {
-        [$name, $port] = explode("\t", $service);
-        $services[$name] = explode("/", $port);
+
+
+    const joinWithSpaces = tags => tags.map(tag => tag.value).join(' ')
+    const joinWithCommas = tags => tags.map(tag => tag.value).join(',')
+
+    $('.ui.accordion').accordion()
+
+    new TagsInput(targetsInput, {
+      delimiters: " |,",
+      originalInputValueFormat: joinWithSpaces,
+    })
+
+    new TagsInput(excludeInput, {
+      delimiters: " |,",
+      originalInputValueFormat: joinWithCommas,
+    })
+
+    new TagsInput(PSInput, {
+      delimiters: " |,",
+      originalInputValueFormat: joinWithCommas,
+    })
+
+    new TagsInput(PAInput, {
+      delimiters: " |,",
+      originalInputValueFormat: joinWithCommas,
+    })
+
+    new TagsInput(PUInput, {
+      delimiters: " |,",
+      originalInputValueFormat: joinWithCommas,
+    })
+
+    new TagsInput(P0Input, {
+      delimiters: " |,",
+      originalInputValueFormat: joinWithCommas
+    })
+
+    new TagsInput(pInput, {
+      delimiters: " |,",
+      originalInputValueFormat: joinWithCommas,
+    })
+
+    newScanForm.onsubmit = function(event) {
+      if (this.checkValidity()) {
+        newScanForm.classList.add("loading")
+        return true
+      } else {
+        event.preventDefault()
+        this.reportValidity()
+      }
     }
-}
-foreach ($services as $name => [$portid, $protocol]) {
-    echo "       <option value='$name'></option>\n";
-}
-?>
-      </datalist>
-    </main>
-    <script>
-const targetsWhitelist = Array.from(targetsList.options).map(option => option.value)
-const servicesWhitelist = Array.from(servicesList.options).map(option => option.value)
-const joinWithSpaces = tags => tags.map(tag => tag.value).join(' ')
-const joinWithCommas = tags => tags.map(tag => tag.value).join(',')
+  </script>
+</body>
 
-$('.ui.accordion').accordion()
-
-new Tagify(targetsInput, {
-  delimiters: " |,",
-  originalInputValueFormat: joinWithSpaces,
-  whitelist: targetsWhitelist,
-})
-
-new Tagify(excludeInput, {
-  delimiters: " |,",
-  originalInputValueFormat: joinWithCommas,
-  whitelist: targetsWhitelist,
-})
-
-new Tagify(PSInput, {
-  delimiters: " |,",
-  originalInputValueFormat: joinWithCommas,
-  whitelist: servicesWhitelist,
-})
-
-new Tagify(PAInput, {
-  delimiters: " |,",
-  originalInputValueFormat: joinWithCommas,
-  whitelist: servicesWhitelist,
-})
-
-new Tagify(PUInput, {
-  delimiters: " |,",
-  originalInputValueFormat: joinWithCommas,
-  whitelist: servicesWhitelist,
-})
-
-new Tagify(P0Input, {
-  delimiters: " |,",
-  originalInputValueFormat: joinWithCommas
-})
-
-new Tagify(pInput, {
-  delimiters: " |,",
-  originalInputValueFormat: joinWithCommas,
-  whitelist: servicesWhitelist,
-})
-
-newScanForm.onsubmit = function (event) {
-  if (this.checkValidity()) {
-    newScanForm.classList.add("loading")
-    return true
-  } else {
-    event.preventDefault()
-    this.reportValidity()
-  }
-}
-    </script>
-  </body>
-
-</html>
+</html>
\ No newline at end of file
diff --git a/scan.php b/scan.php
index b5fe9cc..c75e372 100755
--- a/scan.php
+++ b/scan.php
@@ -12,18 +12,19 @@ if (!file_exists($SCANS_DIR)) {
     mkdir($SCANS_DIR);
 }
 
-$basedir = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}:{$_SERVER['SERVER_PORT']}".dirname($_SERVER['REQUEST_URI']);
+$basedir = "{$_SERVER['REQUEST_SCHEME']}://{$_SERVER['SERVER_NAME']}:{$_SERVER['SERVER_PORT']}" . dirname($_SERVER['REQUEST_URI']);
 
 $args = '';
-foreach ($options as $arg => $value) {
+foreach ($inputs as $name => $value) {
+    echo "$name : $value $args<br>";
     if (is_null($value)) {
         http_response_code(400);
-        exit("Valeur incorecte pour le paramètre $option : ".filter_input(INPUT_GET, $option, FILTER_SANITIZE_FULL_SPECIAL_CHARS));
+        exit("Valeur incorecte pour le paramètre $option : " . filter_input(INPUT_GET, $option, FILTER_SANITIZE_FULL_SPECIAL_CHARS));
     } else if ($value) {
         if ($value === true) {
-            $args .= " -$arg";
+            $args .= " -$name";
         } else {
-            $arg .= " -$arg ".escapeshellarg($value);
+            $args .= " -$name " . ($value);
         }
     }
 }
@@ -42,7 +43,7 @@ if (!file_exists($SCANS_DIR)) {
     mkdir($SCANS_DIR);
 }
 
-$path = "$SCANS_DIR/".str_replace('/', '!', $targets).'.xml';
+$path = "$SCANS_DIR/" . str_replace('/', '!', $targets) . '.xml';
 if (!file_exists($path)) {
     $xml->insertBefore($xml->createProcessingInstruction('xslt-param', "name='compareWith' value=''"), $xml->documentElement);
     $xml->save($path);