diff --git a/app/img/wg-qr-code.php b/app/img/wg-qr-code.php
index 7a66e6fc..c487fbc1 100755
--- a/app/img/wg-qr-code.php
+++ b/app/img/wg-qr-code.php
@@ -13,6 +13,7 @@ if (!isset($_SERVER['HTTP_REFERER'])) {
exec("sudo cat " .RASPI_WIREGUARD_PATH.'client.conf', $return);
$peer_conf = implode(PHP_EOL,$return);
$peer_conf.= PHP_EOL;
+$peer_conf_sanitized = str_replace(["\r", "\n"], '', $peer_conf);
$command = "qrencode -t svg -m 0 -o - " . mb_escapeshellarg($peer_conf);
$svg = shell_exec($command);
$etag = hash('sha256', $peer_conf);
@@ -23,6 +24,6 @@ header("Content-Type: image/svg+xml");
header("Content-Length: $content_length");
header("Last-Modified: $last_modified");
header("ETag: \"$etag\"");
-header("X-QR-Code-Content: $peer_conf");
+header("X-QR-Code-Content: $peer_conf_sanitized");
echo shell_exec($command);
diff --git a/app/img/wifi-qr-code.php b/app/img/wifi-qr-code.php
index acecfe85..19171094 100755
--- a/app/img/wifi-qr-code.php
+++ b/app/img/wifi-qr-code.php
@@ -12,12 +12,12 @@ if (!isset($_SERVER['HTTP_REFERER'])) {
$hostapd = parse_ini_file(RASPI_HOSTAPD_CONFIG, false, INI_SCANNER_RAW);
-// assume wpa encryption and get the passphrase
+// assume WPA encryption and get the passphrase
$type = "WPA";
$password = isset($hostapd['wpa_psk']) ? $hostapd['wpa_psk'] : $hostapd['wpa_passphrase'];
-// use wep if configured
-$wep_default_key = intval($hostapd['wep_default_key']);
+// use WEP if configured
+$wep_default_key = intval($hostapd['wep_default_key'] ?? 0);
$wep_key = 'wep_key' . $wep_default_key;
if (array_key_exists($wep_key, $hostapd)) {
$type = "WEP";
@@ -30,7 +30,7 @@ if (empty($password)) {
}
$ssid = $hostapd['ssid'];
-$hidden = intval($hostapd['ignore_broadcast_ssid']) != 0 ? "H:true" : "";
+$hidden = intval($hostapd['ignore_broadcast_ssid'] ?? 0) !== 0 ? "H:true" : "";
$ssid = qr_encode($ssid);
$password = qr_encode($password);
diff --git a/includes/dashboard.php b/includes/dashboard.php
index f77c6e55..3e1b3e14 100755
--- a/includes/dashboard.php
+++ b/includes/dashboard.php
@@ -35,8 +35,7 @@ function DisplayDashboard(): void
$ethernetClients = $dashboard->getEthernetClients();
$totalClients = $wirelessClients + $ethernetClients;
$plugins = $pluginManager->getInstalledPlugins();
- $arrHostapdConf = parse_ini_file(RASPI_CONFIG.'/hostapd.ini');
- $bridgedEnable = $arrHostapdConf['BridgedEnable'];
+ $bridgedEnable = getBridgedState();
// handle page actions
if (!empty($_POST)) {
diff --git a/includes/functions.php b/includes/functions.php
index f41e1ecb..54b4939c 100755
--- a/includes/functions.php
+++ b/includes/functions.php
@@ -713,7 +713,6 @@ function formatDateAgo($datetime, $full = false)
function initializeApp()
{
$_SESSION["theme_url"] = getThemeOpt();
- $_SESSION["toggleState"] = getSidebarState();
$_SESSION["bridgedEnabled"] = getBridgedState();
$_SESSION["providerID"] = getProviderID();
}
@@ -739,22 +738,17 @@ function getColorOpt()
return $color;
}
-function getSidebarState()
-{
- if(isset($_COOKIE['sidebarToggled'])) {
- if ($_COOKIE['sidebarToggled'] == 'true' ) {
- return "toggled";
- }
- }
-}
-
-// Returns bridged AP mode status
function getBridgedState()
{
- $arrHostapdConf = parse_ini_file(RASPI_CONFIG.'/hostapd.ini');
- // defaults to false
+
+ $hostapdIni = RASPI_CONFIG . '/hostapd.ini';
+ if (!file_exists($hostapdIni)) {
+ return 0;
+ } else {
+ $arrHostapdConf = parse_ini_file($hostapdIni);
+ }
return $arrHostapdConf['BridgedEnable'];
-}
+ }
// Returns VPN provider ID, if defined
function getProviderID()
diff --git a/includes/hostapd.php b/includes/hostapd.php
index 3b450996..9aad4f30 100755
--- a/includes/hostapd.php
+++ b/includes/hostapd.php
@@ -46,7 +46,12 @@ function DisplayHostAPDConfig()
SaveHostAPDConfig($arrSecurity, $arrEncType, $arr80211Standard, $interfaces, $reg_domain, $status);
}
}
- $arrHostapdConf = parse_ini_file(RASPI_CONFIG.'/hostapd.ini');
+
+ $arrHostapdConf = [];
+ $hostapdIni = RASPI_CONFIG . '/hostapd.ini';
+ if (file_exists($hostapdIni)) {
+ $arrHostapdConf = parse_ini_file($hostapdIni);
+ }
if (!RASPI_MONITOR_ENABLED) {
if (isset($_POST['StartHotspot']) || isset($_POST['RestartHotspot'])) {
@@ -136,6 +141,9 @@ function DisplayHostAPDConfig()
}
}
+ $arrConfig['ignore_broadcast_ssid'] ??= 0;
+ $arrConfig['max_num_sta'] ??= 0;
+ $arrConfig['wep_default_key'] ??= 0;
exec('sudo /bin/chmod o+r '.RASPI_HOSTAPD_LOG);
$logdata = getLogLimited(RASPI_HOSTAPD_LOG);
@@ -281,6 +289,15 @@ function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $reg_dom
$good_input = false;
}
+ $ignore_broadcast_ssid = $_POST['hiddenSSID'] ?? '0';
+ if (!ctype_digit($ignore_broadcast_ssid)) {
+ $status->addMessage('Parameter hiddenSSID not a number.', 'danger');
+ $good_input = false;
+ } elseif ((int)$ignore_broadcast_ssid < 0 || (int)$ignore_broadcast_ssid >= 3) {
+ $status->addMessage('Parameter hiddenSSID contains an invalid configuration value.', 'danger');
+ $good_input = false;
+ }
+ /*
if (isset($_POST['hiddenSSID'])) {
if (!is_int((int)$_POST['hiddenSSID'])) {
$status->addMessage('Parameter hiddenSSID not a number.', 'danger');
@@ -294,6 +311,7 @@ function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $reg_dom
} else {
$ignore_broadcast_ssid = '0';
}
+ */
if (! in_array($_POST['interface'], $interfaces)) {
$status->addMessage('Unknown interface '.htmlspecialchars($_POST['interface'], ENT_QUOTES), 'danger');
@@ -364,14 +382,17 @@ function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $reg_dom
// Set dhcp values from system config, fallback to default if undefined
$jsonData = json_decode(getNetConfig($ap_iface), true);
- $ip_address = ($jsonData['StaticIP'] == '') ? getDefaultNetValue('dhcp',$ap_iface,'static ip_address') : $jsonData['StaticIP'];
- $domain_name_server = ($jsonData['StaticDNS'] =='') ? getDefaultNetValue('dhcp',$ap_iface,'static domain_name_server') : $jsonData['StaticDNS'];
- $routers = ($jsonData['StaticRouters'] == '') ? getDefaultNetValue('dhcp',$ap_iface,'static routers') : $jsonData['StaticRouters'];
- $netmask = ($jsonData['SubnetMask'] == '' || $jsonData['SubnetMask'] == '0.0.0.0') ? getDefaultNetValue('dhcp',$ap_iface,'subnetmask') : $jsonData['SubnetMask'];
+ $ip_address = empty($jsonData['StaticIP'])
+ ? getDefaultNetValue('dhcp', $ap_iface, 'static ip_address') : $jsonData['StaticIP'];
+ $domain_name_server = empty($jsonData['StaticDNS'])
+ ? getDefaultNetValue('dhcp', $ap_iface, 'static domain_name_server') : $jsonData['StaticDNS'];
+ $routers = empty($jsonData['StaticRouters'])
+ ? getDefaultNetValue('dhcp', $ap_iface, 'static routers') : $jsonData['StaticRouters'];
+ $netmask = (empty($jsonData['SubnetMask']) || $jsonData['SubnetMask'] === '0.0.0.0')
+ ? getDefaultNetValue('dhcp', $ap_iface, 'subnetmask') : $jsonData['SubnetMask'];
if (isset($ip_address) && !preg_match('/.*\/\d+/', $ip_address)) {
$ip_address.='/'.mask2cidr($netmask);
}
-
if ($bridgedEnable == 1) {
$config = array_keys(getDefaultNetOpts('dhcp','options'));
$config[] = PHP_EOL.'# RaspAP br0 configuration';
@@ -392,7 +413,9 @@ function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $reg_dom
$config[] = 'static ip_address='.$ip_address;
$config[] = 'static routers='.$routers;
$config[] = 'static domain_name_server='.$domain_name_server;
- if (! is_null($jsonData['Metric'])) { $config[] = 'metric '.$jsonData['Metric']; }
+ if (!empty($jsonData['Metric'])) {
+ $config[] = 'metric ' . $jsonData['Metric'];
+ }
}
$dhcp_cfg = file_get_contents(RASPI_DHCPCD_CONFIG);
diff --git a/includes/locale.php b/includes/locale.php
index a9f07f65..9f83b5a6 100755
--- a/includes/locale.php
+++ b/includes/locale.php
@@ -11,7 +11,7 @@
*
* Refer to: https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.4
*/
-if (empty($_SESSION['locale']) && strlen($_SERVER['HTTP_ACCEPT_LANGUAGE']) >= 2) {
+if (empty($_SESSION['locale']) && !empty($_SERVER['HTTP_ACCEPT_LANGUAGE']) && strlen($_SERVER['HTTP_ACCEPT_LANGUAGE']) >= 2) {
$lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
switch ($lang) {
case "de":
@@ -90,9 +90,10 @@ if (empty($_SESSION['locale']) && strlen($_SERVER['HTTP_ACCEPT_LANGUAGE']) >= 2)
// Use: 'sudo raspi-configure' and select 'Localisation Options'
// activate the locale setting
-putenv("LANG=" . $_SESSION['locale']);
-setlocale(LC_ALL, $_SESSION['locale']);
-
+if (!empty($_SESSION['locale'])) {
+ putenv("LANG=" . $_SESSION['locale']);
+ setlocale(LC_ALL, $_SESSION['locale']);
+}
bindtextdomain(LOCALE_DOMAIN, LOCALE_ROOT);
bind_textdomain_codeset(LOCALE_DOMAIN, 'UTF-8');
diff --git a/includes/navbar.php b/includes/navbar.php
index 50050239..c794f64a 100755
--- a/includes/navbar.php
+++ b/includes/navbar.php
@@ -13,7 +13,7 @@
-
+
diff --git a/includes/wifi_functions.php b/includes/wifi_functions.php
index 66217425..f55e525a 100755
--- a/includes/wifi_functions.php
+++ b/includes/wifi_functions.php
@@ -160,19 +160,20 @@ function sortNetworksByRSSI(&$networks)
*/
function getWifiInterface()
{
- $arrHostapdConf = parse_ini_file(RASPI_CONFIG.'/hostapd.ini');
- $iface = $_SESSION['ap_interface'] = isset($arrHostapdConf['WifiInterface']) ? $arrHostapdConf['WifiInterface'] : RASPI_WIFI_AP_INTERFACE;
- // check for 2nd wifi interface -> wifi client on different interface
- exec("iw dev | awk '$1==\"Interface\" && $2!=\"$iface\" {print $2}'",$iface2);
- $client_iface = $_SESSION['wifi_client_interface'] = (empty($iface2) ? $iface : trim($iface2[0]));
+ $hostapdIni = RASPI_CONFIG . '/hostapd.ini';
+ $arrHostapdConf = file_exists($hostapdIni) ? parse_ini_file($hostapdIni) : [];
- // specifically for rpi0W in AP-STA mode, the above check ends up with the interfaces
- // crossed over (wifi_client_interface vs 'ap_interface'), because the second interface (uap0) is
- // created by raspap and used as the access point.
- if ($client_iface == "uap0" && ($arrHostapdConf['WifiAPEnable'] ?? 0)){
- $_SESSION['wifi_client_interface'] = $iface;
- $_SESSION['ap_interface'] = $client_iface;
- }
+ $iface = $_SESSION['ap_interface'] = $arrHostapdConf['WifiInterface'] ?? RASPI_WIFI_AP_INTERFACE;
+
+ // check for 2nd wifi interface -> wifi client on different interface
+ exec("iw dev | awk '$1==\"Interface\" && $2!=\"$iface\" {print $2}'", $iface2);
+ $client_iface = $_SESSION['wifi_client_interface'] = empty($iface2) ? $iface : trim($iface2[0]);
+
+ // handle special case for RPi Zero W in AP-STA mode
+ if ($client_iface === "uap0" && ($arrHostapdConf['WifiAPEnable'] ?? 0)) {
+ $_SESSION['wifi_client_interface'] = $iface;
+ $_SESSION['ap_interface'] = $client_iface;
+ }
}
/*
diff --git a/includes/wireguard.php b/includes/wireguard.php
index 2cca31db..f6beb3dd 100755
--- a/includes/wireguard.php
+++ b/includes/wireguard.php
@@ -10,10 +10,10 @@ function DisplayWireGuardConfig()
$status = new \RaspAP\Messages\StatusMessage;
$parseFlag = true;
if (!RASPI_MONITOR_ENABLED) {
- $optRules = $_POST['wgRules'];
- $optConf = $_POST['wgCnfOpt'];
- $optSrvEnable = $_POST['wgSrvEnable'];
- $optLogEnable = $_POST['wgLogEnable'];
+ $optRules = isset($_POST['wgRules']) ? $_POST['wgRules'] : null;
+ $optConf = isset($_POST['wgCnfOpt']) ? $_POST['wgCnfOpt'] : null;
+ $optSrvEnable = isset($_POST['wgSrvEnable']) ? $_POST['wgSrvEnable'] : null;
+ $optLogEnable = isset($_POST['wgLogEnable']) ? $_POST['wgLogEnable'] : null;
if (isset($_POST['savewgsettings']) && $optConf == 'manual' && $optSrvEnable == 1 ) {
SaveWireGuardConfig($status);
} elseif (isset($_POST['savewgsettings']) && $optConf == 'upload' && is_uploaded_file($_FILES["wgFile"]["tmp_name"])) {
@@ -69,6 +69,14 @@ function DisplayWireGuardConfig()
$wg_state = ($wgstatus[0] == 'active' ? true : false );
$public_ip = get_public_ip();
+ // retrieve wg log
+ $wg_log = "";
+ if (file_exists('/tmp/wireguard.log')) {
+ exec('sudo chmod o+r /tmp/wireguard.log');
+ $wg_log = file_get_contents('/tmp/wireguard.log');
+ }
+ $peer_id = $peer_id ?? "1";
+
echo renderTemplate(
"wireguard", compact(
"status",
@@ -89,7 +97,8 @@ function DisplayWireGuardConfig()
"wg_peerpubkey",
"wg_pendpoint",
"wg_pallowedips",
- "wg_pkeepalive"
+ "wg_pkeepalive",
+ "wg_log"
)
);
}
diff --git a/src/RaspAP/DotEnv/DotEnv.php b/src/RaspAP/DotEnv/DotEnv.php
index 1e8397a1..0b250f92 100644
--- a/src/RaspAP/DotEnv/DotEnv.php
+++ b/src/RaspAP/DotEnv/DotEnv.php
@@ -37,7 +37,7 @@ class DotEnv
}
}
} else {
- throw new Exception(".env file '{$this->envFile}' not found.");
+ throw new \Exception(".env file '{$this->envFile}' not found.");
}
}
@@ -75,7 +75,7 @@ class DotEnv
file_put_contents("/tmp/.env", $content);
system('sudo mv /tmp/.env '.$this->envFile, $result);
if ($result !== 0) {
- throw new Exception("Unable to move .env file: ". $this->envFile);
+ throw new \Exception("Unable to move .env file: ". $this->envFile);
}
}
@@ -83,7 +83,7 @@ class DotEnv
{
exec('sudo touch '. escapeshellarg($this->envFile), $output, $result);
if ($result !== 0) {
- throw new Exception("Unable to create .env file: ". $this->envFile);
+ throw new \Exception("Unable to create .env file: ". $this->envFile);
}
}
}
diff --git a/templates/wg/logging.php b/templates/wg/logging.php
index 5ea440f8..26ab9e5d 100644
--- a/templates/wg/logging.php
+++ b/templates/wg/logging.php
@@ -8,10 +8,7 @@
aria-describedby="wgLogEnable">
- '.htmlspecialchars($log, ENT_QUOTES).'';
+ '.htmlspecialchars($wg_log, ENT_QUOTES).'';
?>