raspap-webgui/includes/configure_client.php

<?php

require_once 'includes/status_messages.php';
require_once 'includes/wifi_functions.php';

/**
 *
 *
 */
function DisplayWPAConfig()
{
    $status = new StatusMessages();
    $networks = [];

    getWifiInterface();
    knownWifiStations($networks);

    if (isset($_POST['connect'])) {
        $result = 0;
        $iface = escapeshellarg($_SESSION['wifi_client_interface']);
        $netid = escapeshellarg(strval($_POST['connect']));
        if (is_numeric($netid)) {
            exec('sudo wpa_cli -i ' . $iface . ' select_network ' . $netid);
            $status->addMessage('New network selected', 'success');
        }
    } elseif (isset($_POST['wpa_reinit'])) {
        $status->addMessage('Reinitializing wpa_supplicant', 'info', false);
        $force_remove = true;
        $result = reinitializeWPA($force_remove);
        $status->addMessage($result, 'info');
    } elseif (isset($_POST['client_settings'])) {
        $tmp_networks = $networks;
        if ($wpa_file = fopen('/tmp/wifidata', 'w')) {
            fwrite($wpa_file, 'ctrl_interface=DIR=' . RASPI_WPA_CTRL_INTERFACE . ' GROUP=netdev' . PHP_EOL);
            fwrite($wpa_file, 'update_config=1' . PHP_EOL);

            foreach (array_keys($_POST) as $post) {
                if (preg_match('/delete(\d+)/', $post, $post_match)) {
                    unset($tmp_networks[$_POST['ssid' . $post_match[1]]]);
                } elseif (preg_match('/update(\d+)/', $post, $post_match)) {
                    // NB, multiple protocols are separated with a forward slash ('/')
                    $tmp_networks[$_POST['ssid' . $post_match[1]]] = array(
                    'protocol' => ( $_POST['protocol' . $post_match[1]] === 'Open' ? 'Open' : 'WPA' ),
                    'passphrase' => $_POST['passphrase' . $post_match[1]],
                    'configured' => true
                    );
                    if (array_key_exists('priority' . $post_match[1], $_POST)) {
                        $tmp_networks[$_POST['ssid' . $post_match[1]]]['priority'] = $_POST['priority' . $post_match[1]];
                    }
                }
            }

            $ok = true;
            foreach ($tmp_networks as $ssid => $network) {
                if ($network['protocol'] === 'Open') {
                    fwrite($wpa_file, "network={".PHP_EOL);
                    fwrite($wpa_file, "\tssid=\"".$ssid."\"".PHP_EOL);
                    fwrite($wpa_file, "\tkey_mgmt=NONE".PHP_EOL);
                    fwrite($wpa_file, "\tscan_ssid=1".PHP_EOL);
                    if (array_key_exists('priority', $network)) {
                        fwrite($wpa_file, "\tpriority=".$network['priority'].PHP_EOL);
                    }
                    fwrite($wpa_file, "}".PHP_EOL);
                } else {
                    if (strlen($network['passphrase']) >=8 && strlen($network['passphrase']) <= 63) {
                        unset($wpa_passphrase);
                        unset($line);
                        exec('wpa_passphrase '. ssid2utf8( escapeshellarg($ssid) ) . ' ' . escapeshellarg($network['passphrase']), $wpa_passphrase);
                        foreach ($wpa_passphrase as $line) {
                            if (preg_match('/^\s*}\s*$/', $line)) {
                                if (array_key_exists('priority', $network)) {
                                    fwrite($wpa_file, "\tpriority=".$network['priority'].PHP_EOL);
                                }
                                fwrite($wpa_file, $line.PHP_EOL);
                            } else {
                                if ( preg_match('/\\\\x[0-9A-Fa-f]{2}/',$ssid) && strpos($line, "ssid=\"") !== false ) {
                                     fwrite($wpa_file, "\tssid=P\"".$ssid."\"".PHP_EOL);
                                } else {
                                     fwrite($wpa_file, $line.PHP_EOL);
                                }
                            }
                        }
                    } else {
                        $status->addMessage('WPA passphrase must be between 8 and 63 characters', 'danger');
                        $ok = false;
                    }
                }
            }

            if ($ok) {
                system('sudo cp /tmp/wifidata ' . RASPI_WPA_SUPPLICANT_CONFIG, $returnval);
                if ($returnval == 0) {
                    exec('sudo wpa_cli -i ' . $_SESSION['wifi_client_interface'] . ' reconfigure', $reconfigure_out, $reconfigure_return);
                    if ($reconfigure_return == 0) {
                        $status->addMessage('Wifi settings updated successfully', 'success');
                        $networks = $tmp_networks;
                    } else {
                        $status->addMessage('Wifi settings updated but cannot restart (cannot execute "wpa_cli reconfigure")', 'danger');
                    }
                } else {
                    $status->addMessage('Wifi settings failed to be updated', 'danger');
                }
            }
        } else {
            $status->addMessage('Failed to update wifi settings', 'danger');
        }
    }

    $clientInterface = $_SESSION['wifi_client_interface'];

    exec('ip a show '.$clientInterface, $stdoutIp);
    $stdoutIpAllLinesGlued = implode(" ", $stdoutIp);
    $stdoutIpWRepeatedSpaces = preg_replace('/\s\s+/', ' ', $stdoutIpAllLinesGlued);
    preg_match('/state (UP|DOWN)/i', $stdoutIpWRepeatedSpaces, $matchesState) || $matchesState[1] = 'unknown';
    $ifaceStatus = strtolower($matchesState[1]) ? "up" : "down";

    echo renderTemplate("configure_client", compact("status", "clientInterface", "ifaceStatus"));
}
Move client wifi configuration into separate file 2016-08-12 19:00:43 +02:00			`<?php`

Processed with phpcbf 2020-02-15 18:57:46 +01:00			`require_once 'includes/status_messages.php';`
			`require_once 'includes/wifi_functions.php';`
restore configuration of multiple networks fucked up in 993dc633a95084e02cf55e0e1725016ba9d56078 2019-08-19 17:27:17 +02:00
Move client wifi configuration into separate file 2016-08-12 19:00:43 +02:00			`/**`
Processed with phpcbf 2020-02-15 18:57:46 +01:00			`*`
			`*`
			`*/`
Processed with phpcs for PSR-2 coding standard 2019-04-10 10:37:35 +02:00			`function DisplayWPAConfig()`
			`{`
			`$status = new StatusMessages();`
restore configuration of multiple networks fucked up in 993dc633a95084e02cf55e0e1725016ba9d56078 2019-08-19 17:27:17 +02:00			`$networks = [];`

Add include wifi_functions getWifiInterface() 2020-06-07 18:17:16 +02:00			`getWifiInterface();`
restore configuration of multiple networks fucked up in 993dc633a95084e02cf55e0e1725016ba9d56078 2019-08-19 17:27:17 +02:00			`knownWifiStations($networks);`
Redo 'Configure client' page 2016-08-14 18:40:59 +02:00
Processed with phpcs for PSR-2 coding standard 2019-04-10 10:37:35 +02:00			`if (isset($_POST['connect'])) {`
			`$result = 0;`
Input sanitization for wpa client, Fix for #1325 2023-03-30 12:18:38 +02:00			`$iface = escapeshellarg($_SESSION['wifi_client_interface']);`
			`$netid = escapeshellarg(strval($_POST['connect']));`
Additional type check on sensitive network ID parameter 2023-03-31 22:18:55 +02:00			`if (is_numeric($netid)) {`
			`exec('sudo wpa_cli -i ' . $iface . ' select_network ' . $netid);`
			`$status->addMessage('New network selected', 'success');`
			`}`
Add handler for wpa_reinit 2021-04-29 23:56:40 +02:00			`} elseif (isset($_POST['wpa_reinit'])) {`
Minor: fix labels + update en_US locale 2021-04-30 18:24:45 +02:00			`$status->addMessage('Reinitializing wpa_supplicant', 'info', false);`
			`$force_remove = true;`
Add handler for wpa_reinit 2021-04-29 23:56:40 +02:00			`$result = reinitializeWPA($force_remove);`
			`$status->addMessage($result, 'info');`
remove splattered, duplicated csrf validation code since we do that always and early, now. 2019-07-30 17:05:41 +02:00			`} elseif (isset($_POST['client_settings'])) {`
Processed with phpcs for PSR-2 coding standard 2019-04-10 10:37:35 +02:00			`$tmp_networks = $networks;`
			`if ($wpa_file = fopen('/tmp/wifidata', 'w')) {`
			`fwrite($wpa_file, 'ctrl_interface=DIR=' . RASPI_WPA_CTRL_INTERFACE . ' GROUP=netdev' . PHP_EOL);`
			`fwrite($wpa_file, 'update_config=1' . PHP_EOL);`
Redo 'Configure client' page 2016-08-14 18:40:59 +02:00
Processed with phpcs for PSR-2 coding standard 2019-04-10 10:37:35 +02:00			`foreach (array_keys($_POST) as $post) {`
			`if (preg_match('/delete(\d+)/', $post, $post_match)) {`
			`unset($tmp_networks[$_POST['ssid' . $post_match[1]]]);`
			`} elseif (preg_match('/update(\d+)/', $post, $post_match)) {`
Minor: update comment 2019-10-15 22:06:07 +02:00			`// NB, multiple protocols are separated with a forward slash ('/')`
Processed with phpcs for PSR-2 coding standard 2019-04-10 10:37:35 +02:00			`$tmp_networks[$_POST['ssid' . $post_match[1]]] = array(`
			`'protocol' => ( $_POST['protocol' . $post_match[1]] === 'Open' ? 'Open' : 'WPA' ),`
			`'passphrase' => $_POST['passphrase' . $post_match[1]],`
			`'configured' => true`
			`);`
			`if (array_key_exists('priority' . $post_match[1], $_POST)) {`
			`$tmp_networks[$_POST['ssid' . $post_match[1]]]['priority'] = $_POST['priority' . $post_match[1]];`
			`}`
			`}`
			`}`
Redo 'Configure client' page 2016-08-14 18:40:59 +02:00
Processed with phpcs for PSR-2 coding standard 2019-04-10 10:37:35 +02:00			`$ok = true;`
			`foreach ($tmp_networks as $ssid => $network) {`
			`if ($network['protocol'] === 'Open') {`
			`fwrite($wpa_file, "network={".PHP_EOL);`
			`fwrite($wpa_file, "\tssid=\"".$ssid."\"".PHP_EOL);`
			`fwrite($wpa_file, "\tkey_mgmt=NONE".PHP_EOL);`
Processed with phpcbf for PSR-2 coding standard 2019-09-07 17:42:31 +02:00			`fwrite($wpa_file, "\tscan_ssid=1".PHP_EOL);`
Processed with phpcs for PSR-2 coding standard 2019-04-10 10:37:35 +02:00			`if (array_key_exists('priority', $network)) {`
			`fwrite($wpa_file, "\tpriority=".$network['priority'].PHP_EOL);`
			`}`
			`fwrite($wpa_file, "}".PHP_EOL);`
			`} else {`
			`if (strlen($network['passphrase']) >=8 && strlen($network['passphrase']) <= 63) {`
			`unset($wpa_passphrase);`
			`unset($line);`
Handle non-ASCII SSID Non-ASCII SSID has to be stored in wpa_supplicant.conf identical to the string given by wpa_cli scan. This includes the escaped special chars (e.g. ö = \xc3\xb9 ), with a prescript "P". To obtain a valid psk from wpa_passphrase, the UTF8 string is passed (ssid2utf8 replaces the \x bytes by their binary value) to the exec(). For this to work the shell locale has to be UTF8 (via putenv()). Otherwise the string is converted to the shell encoding. 2021-08-18 20:24:36 +02:00			`exec('wpa_passphrase '. ssid2utf8( escapeshellarg($ssid) ) . ' ' . escapeshellarg($network['passphrase']), $wpa_passphrase);`
Processed with phpcs for PSR-2 coding standard 2019-04-10 10:37:35 +02:00			`foreach ($wpa_passphrase as $line) {`
			`if (preg_match('/^\s}\s$/', $line)) {`
			`if (array_key_exists('priority', $network)) {`
			`fwrite($wpa_file, "\tpriority=".$network['priority'].PHP_EOL);`
			`}`
			`fwrite($wpa_file, $line.PHP_EOL);`
			`} else {`
Improve detection of escaped hex bytes in ssid name 2021-09-08 14:28:43 +02:00			`if ( preg_match('/\\\\x[0-9A-Fa-f]{2}/',$ssid) && strpos($line, "ssid=\"") !== false ) {`
Handle non-ASCII SSID Non-ASCII SSID has to be stored in wpa_supplicant.conf identical to the string given by wpa_cli scan. This includes the escaped special chars (e.g. ö = \xc3\xb9 ), with a prescript "P". To obtain a valid psk from wpa_passphrase, the UTF8 string is passed (ssid2utf8 replaces the \x bytes by their binary value) to the exec(). For this to work the shell locale has to be UTF8 (via putenv()). Otherwise the string is converted to the shell encoding. 2021-08-18 20:24:36 +02:00			`fwrite($wpa_file, "\tssid=P\"".$ssid."\"".PHP_EOL);`
			`} else {`
			`fwrite($wpa_file, $line.PHP_EOL);`
			`}`
Processed with phpcs for PSR-2 coding standard 2019-04-10 10:37:35 +02:00			`}`
			`}`
			`} else {`
			`$status->addMessage('WPA passphrase must be between 8 and 63 characters', 'danger');`
			`$ok = false;`
			`}`
preserve priority in wpa_supplicant.conf 2018-02-23 02:07:52 +01:00			`}`
Redo 'Configure client' page 2016-08-14 18:40:59 +02:00			`}`

Processed with phpcs for PSR-2 coding standard 2019-04-10 10:37:35 +02:00			`if ($ok) {`
			`system('sudo cp /tmp/wifidata ' . RASPI_WPA_SUPPLICANT_CONFIG, $returnval);`
			`if ($returnval == 0) {`
Add Session variable "wifi_client_interface" 2020-06-09 20:25:19 +02:00			`exec('sudo wpa_cli -i ' . $_SESSION['wifi_client_interface'] . ' reconfigure', $reconfigure_out, $reconfigure_return);`
Processed with phpcs for PSR-2 coding standard 2019-04-10 10:37:35 +02:00			`if ($reconfigure_return == 0) {`
			`$status->addMessage('Wifi settings updated successfully', 'success');`
			`$networks = $tmp_networks;`
			`} else {`
			`$status->addMessage('Wifi settings updated but cannot restart (cannot execute "wpa_cli reconfigure")', 'danger');`
			`}`
			`} else {`
			`$status->addMessage('Wifi settings failed to be updated', 'danger');`
			`}`
			`}`
Redo 'Configure client' page 2016-08-14 18:40:59 +02:00			`} else {`
Processed with phpcs for PSR-2 coding standard 2019-04-10 10:37:35 +02:00			`$status->addMessage('Failed to update wifi settings', 'danger');`
Redo 'Configure client' page 2016-08-14 18:40:59 +02:00			`}`
			`}`

Transfer template logic to includes, see #749 thx @mp035 2021-02-02 13:26:14 +01:00			`$clientInterface = $_SESSION['wifi_client_interface'];`

			`exec('ip a show '.$clientInterface, $stdoutIp);`
			`$stdoutIpAllLinesGlued = implode(" ", $stdoutIp);`
			`$stdoutIpWRepeatedSpaces = preg_replace('/\s\s+/', ' ', $stdoutIpAllLinesGlued);`
			`preg_match('/state (UP\|DOWN)/i', $stdoutIpWRepeatedSpaces, $matchesState) \|\| $matchesState[1] = 'unknown';`
			`$ifaceStatus = strtolower($matchesState[1]) ? "up" : "down";`

			`echo renderTemplate("configure_client", compact("status", "clientInterface", "ifaceStatus"));`
Move client wifi configuration into separate file 2016-08-12 19:00:43 +02:00			`}`