frodovdr
/
raspap-webgui
mirror of https://github.com/billz/raspap-webgui.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Processed with phpcbf

This commit is contained in:
billz 2020-02-15 17:57:46 +00:00
parent c0af41a53b
commit 457da91008
28 changed files with 1062 additions and 969 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
ajax/bandwidth/get_bandwidth.php
View File

@ -1,6 +1,6 @@
<?php <?php
require('../../includes/csrf.php'); require '../../includes/csrf.php';
require_once '../../includes/config.php'; require_once '../../includes/config.php';
require_once RASPI_CONFIG.'/raspap.php'; require_once RASPI_CONFIG.'/raspap.php';
@ -30,8 +30,10 @@ if (strlen($interface) > IFNAMSIZ) {
require_once './get_bandwidth_hourly.php'; require_once './get_bandwidth_hourly.php';
exec(sprintf('vnstat -i %s --json ', escapeshellarg($interface)), $jsonstdoutvnstat, exec(
$exitcodedaily); sprintf('vnstat -i %s --json ', escapeshellarg($interface)), $jsonstdoutvnstat,
$exitcodedaily
);
if ($exitcodedaily !== 0) { if ($exitcodedaily !== 0) {
exit('vnstat error'); exit('vnstat error');
} }
@ -53,12 +55,16 @@ echo '[ ';
$firstelm = true; $firstelm = true;
for ($i = count($jsonData) - 1; $i >= 0; --$i) { for ($i = count($jsonData) - 1; $i >= 0; --$i) {
if ($timeunits === 'm') { if ($timeunits === 'm') {
$dt = DateTime::createFromFormat('Y n', $jsonData[$i]['date']['year'].' '. $dt = DateTime::createFromFormat(
$jsonData[$i]['date']['month']); 'Y n', $jsonData[$i]['date']['year'].' '.
$jsonData[$i]['date']['month']
);
} else { } else {
$dt = DateTime::createFromFormat('Y n j', $jsonData[$i]['date']['year'].' '. $dt = DateTime::createFromFormat(
'Y n j', $jsonData[$i]['date']['year'].' '.
$jsonData[$i]['date']['month'].' '. $jsonData[$i]['date']['month'].' '.
$jsonData[$i]['date']['day']); $jsonData[$i]['date']['day']
);
} }
if ($firstelm) { if ($firstelm) {

2
ajax/bandwidth/get_bandwidth_hourly.php
View File

@ -1,6 +1,6 @@
<?php <?php
require('../../includes/csrf.php'); require '../../includes/csrf.php';
if (filter_input(INPUT_GET, 'tu') == 'h') { if (filter_input(INPUT_GET, 'tu') == 'h') {

6
ajax/networking/gen_int_config.php
View File

@ -1,9 +1,9 @@
<?php <?php
require('../../includes/csrf.php'); require '../../includes/csrf.php';
include_once('../../includes/config.php'); require_once '../../includes/config.php';
include_once('../../includes/functions.php'); require_once '../../includes/functions.php';
if (isset($_POST['generate'])) { if (isset($_POST['generate'])) {
$cnfNetworking = array_diff(scandir(RASPI_CONFIG_NETWORKING, 1), array('..','.','dhcpcd.conf')); $cnfNetworking = array_diff(scandir(RASPI_CONFIG_NETWORKING, 1), array('..','.','dhcpcd.conf'));

2
ajax/networking/get_all_interfaces.php
View File

@ -1,6 +1,6 @@
<?php <?php
require('../../includes/csrf.php'); require '../../includes/csrf.php';
exec("ls /sys/class/net | grep -v lo", $interfaces); exec("ls /sys/class/net | grep -v lo", $interfaces);
echo json_encode($interfaces); echo json_encode($interfaces);

4
ajax/networking/get_channel.php
View File

@ -1,7 +1,7 @@
<?php <?php
require('../../includes/csrf.php'); require '../../includes/csrf.php';
include_once('../../includes/config.php'); require_once '../../includes/config.php';
exec('cat '. RASPI_HOSTAPD_CONFIG, $hostapdconfig); exec('cat '. RASPI_HOSTAPD_CONFIG, $hostapdconfig);
$arrConfig = array(); $arrConfig = array();

6
ajax/networking/get_int_config.php
View File

@ -1,9 +1,9 @@
<?php <?php
require('../../includes/csrf.php'); require '../../includes/csrf.php';
include_once('../../includes/config.php'); require_once '../../includes/config.php';
include_once('../../includes/functions.php'); require_once '../../includes/functions.php';
if (isset($_POST['interface'])) { if (isset($_POST['interface'])) {

4
ajax/networking/get_ip_summary.php
View File

@ -1,8 +1,8 @@
<?php <?php
require('../../includes/csrf.php'); require '../../includes/csrf.php';
include_once('../../includes/functions.php'); require_once '../../includes/functions.php';
if (isset($_POST['interface'])) { if (isset($_POST['interface'])) {
$int = preg_replace('/[^a-z0-9]/', '', $_POST['interface']); $int = preg_replace('/[^a-z0-9]/', '', $_POST['interface']);

6
ajax/networking/save_int_config.php
View File

@ -1,9 +1,9 @@
<?php <?php
require('../../includes/csrf.php'); require '../../includes/csrf.php';
include_once('../../includes/config.php'); require_once '../../includes/config.php';
include_once('../../includes/functions.php'); require_once '../../includes/functions.php';
if (isset($_POST['interface'])) { if (isset($_POST['interface'])) {
$int = $_POST['interface']; $int = $_POST['interface'];

10
ajax/networking/wifi_stations.php
View File

@ -1,10 +1,10 @@
<?php <?php
require('../../includes/csrf.php'); require '../../includes/csrf.php';
include_once('../../includes/config.php'); require_once '../../includes/config.php';
include_once('../../includes/defaults.php'); require_once '../../includes/defaults.php';
include_once('../../includes/functions.php'); require_once '../../includes/functions.php';
include_once('../../includes/wifi_functions.php'); require_once '../../includes/wifi_functions.php';
$networks = []; $networks = [];
$network = null; $network = null;

2
includes/about.php
View File

@ -1,9 +1,7 @@
<?php <?php
/** /**
*
* Displays info about the RaspAP project * Displays info about the RaspAP project
*
*/ */
function DisplayAbout() function DisplayAbout()
{ {

2
includes/admin.php
View File

@ -1,6 +1,6 @@
<?php <?php
include_once('includes/status_messages.php'); require_once 'includes/status_messages.php';
function DisplayAuthConfig($username, $password) function DisplayAuthConfig($username, $password)
{ {

4
includes/configure_client.php
View File

@ -1,7 +1,7 @@
<?php <?php
include_once('includes/status_messages.php'); require_once 'includes/status_messages.php';
include_once('includes/wifi_functions.php'); require_once 'includes/wifi_functions.php';
/** /**
* *

4
includes/csrf.php
View File

@ -1,7 +1,7 @@
<?php <?php
include_once('functions.php'); require_once 'functions.php';
include_once('session.php'); require_once 'session.php';
if (csrfValidateRequest() && !CSRFValidate()) { if (csrfValidateRequest() && !CSRFValidate()) {
handleInvalidCSRFToken(); handleInvalidCSRFToken();

6
includes/dashboard.php
View File

@ -179,7 +179,8 @@ function DisplayDashboard(&$extraFooterScripts)
} }
} }
echo renderTemplate("dashboard", compact( echo renderTemplate(
"dashboard", compact(
"status", "status",
"ipv4Addrs", "ipv4Addrs",
"ipv4Netmasks", "ipv4Netmasks",
@ -197,7 +198,8 @@ function DisplayDashboard(&$extraFooterScripts)
"frequency", "frequency",
"strLinkQuality", "strLinkQuality",
"wlan0up" "wlan0up"
)); )
);
$extraFooterScripts[] = array('src'=>'app/js/dashboardchart.js', 'defer'=>false); $extraFooterScripts[] = array('src'=>'app/js/dashboardchart.js', 'defer'=>false);
} }

25
includes/dhcp.php
View File

@ -1,12 +1,10 @@
<?php <?php
include_once('includes/status_messages.php'); require_once 'includes/status_messages.php';
require_once 'config.php'; require_once 'config.php';
/** /**
*
* Manage DHCP configuration * Manage DHCP configuration
*
*/ */
function DisplayDHCPConfig() function DisplayDHCPConfig()
{ {
@ -16,18 +14,21 @@ function DisplayDHCPConfig()
if (isset($_POST['savedhcpdsettings'])) { if (isset($_POST['savedhcpdsettings'])) {
$errors = ''; $errors = '';
define('IFNAMSIZ', 16); define('IFNAMSIZ', 16);
if (!preg_match('/^[a-zA-Z0-9]+$/', $_POST['interface']) || if (!preg_match('/^[a-zA-Z0-9]+$/', $_POST['interface'])
strlen($_POST['interface']) >= IFNAMSIZ) { || strlen($_POST['interface']) >= IFNAMSIZ
) {
$errors .= _('Invalid interface name.').'<br />'.PHP_EOL; $errors .= _('Invalid interface name.').'<br />'.PHP_EOL;
} }
if (!preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/', $_POST['RangeStart']) && if (!preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/', $_POST['RangeStart'])
!empty($_POST['RangeStart'])) { // allow ''/null ? && !empty($_POST['RangeStart'])
) { // allow ''/null ?
$errors .= _('Invalid DHCP range start.').'<br />'.PHP_EOL; $errors .= _('Invalid DHCP range start.').'<br />'.PHP_EOL;
} }
if (!preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/', $_POST['RangeEnd']) && if (!preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/', $_POST['RangeEnd'])
!empty($_POST['RangeEnd'])) { // allow ''/null ? && !empty($_POST['RangeEnd'])
) { // allow ''/null ?
$errors .= _('Invalid DHCP range end.').'<br />'.PHP_EOL; $errors .= _('Invalid DHCP range end.').'<br />'.PHP_EOL;
} }
@ -162,7 +163,8 @@ function DisplayDHCPConfig()
exec("ip -o link show | awk -F': ' '{print $2}'", $interfaces); exec("ip -o link show | awk -F': ' '{print $2}'", $interfaces);
exec('cat ' . RASPI_DNSMASQ_LEASES, $leases); exec('cat ' . RASPI_DNSMASQ_LEASES, $leases);
echo renderTemplate("dhcp", compact( echo renderTemplate(
"dhcp", compact(
"status", "status",
"serviceStatus", "serviceStatus",
"RangeStart", "RangeStart",
@ -179,5 +181,6 @@ function DisplayDHCPConfig()
"dhcpHost", "dhcpHost",
"interfaces", "interfaces",
"leases" "leases"
)); )
);
} }

7
includes/functions.php
View File

@ -65,9 +65,7 @@ function ensureCSRFSessionToken()
} }
/** /**
*
* Add CSRF Token to form * Add CSRF Token to form
*
*/ */
function CSRFTokenFieldTag() function CSRFTokenFieldTag()
{ {
@ -85,9 +83,7 @@ function CSRFMetaTag()
} }
/** /**
*
* Validate CSRF Token * Validate CSRF Token
*
*/ */
function CSRFValidate() function CSRFValidate()
{ {
@ -140,8 +136,8 @@ function isAssoc($arr)
} }
/** /**
*
* Display a selector field for a form. Arguments are: * Display a selector field for a form. Arguments are:
*
* @param string $name: Field name * @param string $name: Field name
* @param array $options: Array of options * @param array $options: Array of options
* @param string $selected: Selected option (optional) * @param string $selected: Selected option (optional)
@ -242,6 +238,7 @@ function ConvertToChannel($freq)
/** /**
* Converts WPA security string to readable format * Converts WPA security string to readable format
*
* @param string $security * @param string $security
* @return string * @return string
*/ */

22
includes/hostapd.php
View File

@ -1,7 +1,7 @@
<?php <?php
include_once('includes/status_messages.php'); require_once 'includes/status_messages.php';
include_once('app/lib/system.php'); require_once 'app/lib/system.php';
require_once 'config.php'; require_once 'config.php';
/** /**
@ -67,7 +67,8 @@ function DisplayHostAPDConfig()
} }
}; };
echo renderTemplate("hostapd", compact( echo renderTemplate(
"hostapd", compact(
"status", "status",
"serviceStatus", "serviceStatus",
"hostapdstatus", "hostapdstatus",
@ -79,16 +80,18 @@ function DisplayHostAPDConfig()
"arrSecurity", "arrSecurity",
"arrEncType", "arrEncType",
"arrHostapdConf" "arrHostapdConf"
)); )
);
} }
function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $status) function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $status)
{ {
// It should not be possible to send bad data for these fields so clearly // It should not be possible to send bad data for these fields so clearly
// someone is up to something if they fail. Fail silently. // someone is up to something if they fail. Fail silently.
if (!(array_key_exists($_POST['wpa'], $wpa_array) && if (!(array_key_exists($_POST['wpa'], $wpa_array)
array_key_exists($_POST['wpa_pairwise'], $enc_types) && && array_key_exists($_POST['wpa_pairwise'], $enc_types)
array_key_exists($_POST['hw_mode'], $modes))) { && array_key_exists($_POST['hw_mode'], $modes))
) {
error_log("Attempting to set hostapd config with wpa='".$_POST['wpa']."', wpa_pairwise='".$_POST['wpa_pairwise']."' and hw_mode='".$_POST['hw_mode']."'"); // FIXME: log injection error_log("Attempting to set hostapd config with wpa='".$_POST['wpa']."', wpa_pairwise='".$_POST['wpa_pairwise']."' and hw_mode='".$_POST['hw_mode']."'"); // FIXME: log injection
return false; return false;
} }
@ -147,8 +150,9 @@ function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $status)
$good_input = false; $good_input = false;
} }
if ($_POST['wpa'] !== 'none' && if ($_POST['wpa'] !== 'none'
(strlen($_POST['wpa_passphrase']) < 8 || strlen($_POST['wpa_passphrase']) > 63)) { && (strlen($_POST['wpa_passphrase']) < 8 || strlen($_POST['wpa_passphrase']) > 63)
) {
$status->addMessage('WPA passphrase must be between 8 and 63 characters', 'danger'); $status->addMessage('WPA passphrase must be between 8 and 63 characters', 'danger');
$good_input = false; $good_input = false;
} }

1
includes/locale.php
View File

@ -1,7 +1,6 @@
<?php <?php
/** /**
* Sets locale information for i18n support * Sets locale information for i18n support
*
*/ */
/** /**

2
includes/networking.php
View File

@ -1,6 +1,6 @@
<?php <?php
include_once('includes/status_messages.php'); require_once 'includes/status_messages.php';
/** /**
* *

17
includes/openvpn.php
View File

@ -1,12 +1,10 @@
<?php <?php
include_once('includes/status_messages.php'); require_once 'includes/status_messages.php';
require_once 'config.php'; require_once 'config.php';
/** /**
*
* Manage OpenVPN configuration * Manage OpenVPN configuration
*
*/ */
function DisplayOpenVPNConfig() function DisplayOpenVPNConfig()
{ {
@ -48,18 +46,19 @@ function DisplayOpenVPNConfig()
$authPassword = $auth[1]; $authPassword = $auth[1];
} }
echo renderTemplate("openvpn", compact( echo renderTemplate(
"openvpn", compact(
"status", "status",
"serviceStatus", "serviceStatus",
"openvpnstatus", "openvpnstatus",
"public_ip", "public_ip",
"authUser", "authUser",
"authPassword" "authPassword"
)); )
);
} }
/** /**
*
* Validates uploaded .ovpn file, adds auth-user-pass and * Validates uploaded .ovpn file, adds auth-user-pass and
* stores auth credentials in login.conf. Copies files from * stores auth credentials in login.conf. Copies files from
* tmp to OpenVPN * tmp to OpenVPN
@ -109,7 +108,8 @@ function SaveOpenVPNConfig($status, $file, $authUser, $authPassword)
'ovpn' => 'text/plain' 'ovpn' => 'text/plain'
), ),
true true
)) { )
) {
throw new RuntimeException('Invalid file format'); throw new RuntimeException('Invalid file format');
} }
@ -127,7 +127,8 @@ function SaveOpenVPNConfig($status, $file, $authUser, $authPassword)
'ovpnclient', 'ovpnclient',
$ext $ext
) )
)) { )
) {
throw new RuntimeException('Unable to move uploaded file'); throw new RuntimeException('Unable to move uploaded file');
} }
// Good file upload, update auth credentials if present // Good file upload, update auth credentials if present

2
includes/sysstats.php
View File

@ -1,6 +1,6 @@
<?php <?php
include_once('app/lib/system.php'); require_once 'app/lib/system.php';
$system = new System(); $system = new System();

4
includes/system.php
View File

@ -1,13 +1,11 @@
<?php <?php
include_once('includes/status_messages.php'); require_once 'includes/status_messages.php';
require_once 'config.php'; require_once 'config.php';
/** /**
*
* Find the version of the Raspberry Pi * Find the version of the Raspberry Pi
* Currently only used for the system information page but may useful elsewhere * Currently only used for the system information page but may useful elsewhere
*
*/ */
function RPiVersion() function RPiVersion()

10
includes/torproxy.php
View File

@ -1,11 +1,9 @@
<?php <?php
include_once('includes/status_messages.php'); require_once 'includes/status_messages.php';
/** /**
*
* Manage Tor Proxy configuration * Manage Tor Proxy configuration
*
*/ */
function DisplayTorProxyConfig() function DisplayTorProxyConfig()
{ {
@ -21,10 +19,12 @@ function DisplayTorProxyConfig()
} }
} }
echo renderTemplate("torproxy", compact( echo renderTemplate(
"torproxy", compact(
"status", "status",
"torproxystatus" "torproxystatus"
)); )
);
} }
/** /**

207
includes/webconsole.php
View File

@ -59,13 +59,15 @@ $HOME_DIRECTORY = '';
* JSON RPC Server for Eaze * JSON RPC Server for Eaze
* *
* Reads $_GET['rawRequest'] or php://input for Request Data * Reads $_GET['rawRequest'] or php://input for Request Data
*
* @link http://www.jsonrpc.org/specification * @link http://www.jsonrpc.org/specification
* @link http://dojotoolkit.org/reference-guide/1.8/dojox/rpc/smd.html * @link http://dojotoolkit.org/reference-guide/1.8/dojox/rpc/smd.html
* @package Eaze * @package Eaze
* @subpackage Model * @subpackage Model
* @author Sergeyfast * @author Sergeyfast
*/ */
class BaseJsonRpcServer { class BaseJsonRpcServer
{
const ParseError = -32700, const ParseError = -32700,
InvalidRequest = -32600, InvalidRequest = -32600,
@ -75,42 +77,49 @@ $HOME_DIRECTORY = '';
/** /**
* Exposed Instances * Exposed Instances
*
* @var object[] namespace => method * @var object[] namespace => method
*/ */
protected $instances = array(); protected $instances = array();
/** /**
* Decoded Json Request * Decoded Json Request
*
* @var object|array * @var object|array
*/ */
protected $request; protected $request;
/** /**
* Array of Received Calls * Array of Received Calls
*
* @var array * @var array
*/ */
protected $calls = array(); protected $calls = array();
/** /**
* Array of Responses for Calls * Array of Responses for Calls
*
* @var array * @var array
*/ */
protected $response = array(); protected $response = array();
/** /**
* Has Calls Flag (not notifications) * Has Calls Flag (not notifications)
*
* @var bool * @var bool
*/ */
protected $hasCalls = false; protected $hasCalls = false;
/** /**
* Is Batch Call in using * Is Batch Call in using
*
* @var bool * @var bool
*/ */
private $isBatchCall = false; private $isBatchCall = false;
/** /**
* Hidden Methods * Hidden Methods
*
* @var array * @var array
*/ */
protected $hiddenMethods = array( protected $hiddenMethods = array(
@ -119,24 +128,28 @@ $HOME_DIRECTORY = '';
/** /**
* Content Type * Content Type
*
* @var string * @var string
*/ */
public $ContentType = 'application/json'; public $ContentType = 'application/json';
/** /**
* Allow Cross-Domain Requests * Allow Cross-Domain Requests
*
* @var bool * @var bool
*/ */
public $IsXDR = true; public $IsXDR = true;
/** /**
* Max Batch Calls * Max Batch Calls
*
* @var int * @var int
*/ */
public $MaxBatchCalls = 10; public $MaxBatchCalls = 10;
/** /**
* Error Messages * Error Messages
*
* @var array * @var array
*/ */
protected $errorMessages = array( protected $errorMessages = array(
@ -150,6 +163,7 @@ $HOME_DIRECTORY = '';
/** /**
* Cached Reflection Methods * Cached Reflection Methods
*
* @var ReflectionMethod[] * @var ReflectionMethod[]
*/ */
private $reflectionMethods = array(); private $reflectionMethods = array();
@ -157,9 +171,11 @@ $HOME_DIRECTORY = '';
/** /**
* Validate Request * Validate Request
*
* @return int error * @return int error
*/ */
private function getRequest() { private function getRequest()
{
$error = null; $error = null;
do { do {
@ -200,12 +216,14 @@ $HOME_DIRECTORY = '';
/** /**
* Get Error Response * Get Error Response
*
* @param int $code * @param int $code
* @param mixed $id * @param mixed $id
* @param null $data * @param null $data
* @return array * @return array
*/ */
private function getError( $code, $id = null, $data = null ) { private function getError( $code, $id = null, $data = null )
{
return array( return array(
'jsonrpc' => '2.0', 'jsonrpc' => '2.0',
'id' => $id, 'id' => $id,
@ -220,10 +238,12 @@ $HOME_DIRECTORY = '';
/** /**
* Check for jsonrpc version and correct method * Check for jsonrpc version and correct method
*
* @param object $call * @param object $call
* @return array|null * @return array|null
*/ */
private function validateCall( $call ) { private function validateCall( $call )
{
$result = null; $result = null;
$error = null; $error = null;
$data = null; $data = null;
@ -259,7 +279,9 @@ $HOME_DIRECTORY = '';
$this->reflectionMethods[$fullMethod] = new ReflectionMethod($this->instances[$namespace], $method); $this->reflectionMethods[$fullMethod] = new ReflectionMethod($this->instances[$namespace], $method);
} }
/** @var $params array */ /**
* @var $params array
*/
$params = property_exists($call, 'params') ? $call->params : null; $params = property_exists($call, 'params') ? $call->params : null;
$paramsType = gettype($params); $paramsType = gettype($params);
if ($params !== null && $paramsType != 'array' && $paramsType != 'object' ) { if ($params !== null && $paramsType != 'array' && $paramsType != 'object' ) {
@ -314,10 +336,12 @@ $HOME_DIRECTORY = '';
/** /**
* Process Call * Process Call
*
* @param $call * @param $call
* @return array|null * @return array|null
*/ */
private function processCall( $call ) { private function processCall( $call )
{
$id = property_exists($call, 'id') ? $call->id : null; $id = property_exists($call, 'id') ? $call->id : null;
$params = property_exists($call, 'params') ? $call->params : array(); $params = property_exists($call, 'params') ? $call->params : array();
$result = null; $result = null;
@ -356,9 +380,11 @@ $HOME_DIRECTORY = '';
/** /**
* Create new Instance * Create new Instance
*
* @param object $instance * @param object $instance
*/ */
public function __construct( $instance = null ) { public function __construct( $instance = null )
{
if (get_parent_class($this) ) { if (get_parent_class($this) ) {
$this->RegisterInstance($this, ''); $this->RegisterInstance($this, '');
} else if ($instance ) { } else if ($instance ) {
@ -369,11 +395,13 @@ $HOME_DIRECTORY = '';
/** /**
* Register Instance * Register Instance
*
* @param object $instance * @param object $instance
* @param string $namespace default is empty string * @param string $namespace default is empty string
* @return $this * @return $this
*/ */
public function RegisterInstance( $instance, $namespace = '' ) { public function RegisterInstance( $instance, $namespace = '' )
{
$this->instances[$namespace] = $instance; $this->instances[$namespace] = $instance;
$this->instances[$namespace]->errorMessages = $this->errorMessages; $this->instances[$namespace]->errorMessages = $this->errorMessages;
@ -384,7 +412,8 @@ $HOME_DIRECTORY = '';
/** /**
* Handle Requests * Handle Requests
*/ */
public function Execute() { public function Execute()
{
do { do {
// check for SMD Discovery request // check for SMD Discovery request
if (array_key_exists('smd', $_GET) ) { if (array_key_exists('smd', $_GET) ) {
@ -442,10 +471,12 @@ $HOME_DIRECTORY = '';
/** /**
* Get Doc Comment * Get Doc Comment
*
* @param $comment * @param $comment
* @return string|null * @return string|null
*/ */
private function getDocDescription( $comment ) { private function getDocDescription( $comment )
{
$result = null; $result = null;
if (preg_match('/\*\s+([^@]*)\s+/s', $comment, $matches) ) { if (preg_match('/\*\s+([^@]*)\s+/s', $comment, $matches) ) {
$result = str_replace('*', "\n", trim(trim($matches[1], '*'))); $result = str_replace('*', "\n", trim(trim($matches[1], '*')));
@ -458,9 +489,11 @@ $HOME_DIRECTORY = '';
/** /**
* Get Service Map * Get Service Map
* Maybe not so good realization of auto-discover via doc blocks * Maybe not so good realization of auto-discover via doc blocks
*
* @return array * @return array
*/ */
private function getServiceMap() { private function getServiceMap()
{
$result = array( $result = array(
'transport' => 'POST', 'transport' => 'POST',
'envelope' => 'JSON-RPC-2.0', 'envelope' => 'JSON-RPC-2.0',
@ -480,7 +513,9 @@ $HOME_DIRECTORY = '';
} }
foreach ( $rc->getMethods() as $method ) { foreach ( $rc->getMethods() as $method ) {
/** @var ReflectionMethod $method */ /**
* @var ReflectionMethod $method
*/
if (!$method->isPublic() || in_array(strtolower($method->getName()), $this->hiddenMethods) ) { if (!$method->isPublic() || in_array(strtolower($method->getName()), $this->hiddenMethods) ) {
continue; continue;
} }
@ -538,7 +573,8 @@ $HOME_DIRECTORY = '';
/** /**
* Reset Local Class Vars after Execute * Reset Local Class Vars after Execute
*/ */
private function resetVars() { private function resetVars()
{
$this->response = $this->calls = array(); $this->response = $this->calls = array();
$this->hasCalls = $this->isBatchCall = false; $this->hasCalls = $this->isBatchCall = false;
} }
@ -547,28 +583,37 @@ $HOME_DIRECTORY = '';
?> ?>
<?php <?php
// Initializing // Initializing
if (!isset($NO_LOGIN)) $NO_LOGIN = false; if (!isset($NO_LOGIN)) { $NO_LOGIN = false;
if (!isset($ACCOUNTS)) $ACCOUNTS = array(); }
if (isset($USER) && isset($PASSWORD) && $USER && $PASSWORD) $ACCOUNTS[$USER] = $PASSWORD; if (!isset($ACCOUNTS)) { $ACCOUNTS = array();
if (!isset($PASSWORD_HASH_ALGORITHM)) $PASSWORD_HASH_ALGORITHM = ''; }
if (!isset($HOME_DIRECTORY)) $HOME_DIRECTORY = ''; if (isset($USER) && isset($PASSWORD) && $USER && $PASSWORD) { $ACCOUNTS[$USER] = $PASSWORD;
}
if (!isset($PASSWORD_HASH_ALGORITHM)) { $PASSWORD_HASH_ALGORITHM = '';
}
if (!isset($HOME_DIRECTORY)) { $HOME_DIRECTORY = '';
}
$IS_CONFIGURED = ($NO_LOGIN || count($ACCOUNTS) >= 1) ? true : false; $IS_CONFIGURED = ($NO_LOGIN || count($ACCOUNTS) >= 1) ? true : false;
// Utilities // Utilities
function is_empty_string($string) { function is_empty_string($string)
{
return strlen($string) <= 0; return strlen($string) <= 0;
} }
function is_equal_strings($string1, $string2) { function is_equal_strings($string1, $string2)
{
return strcmp($string1, $string2) == 0; return strcmp($string1, $string2) == 0;
} }
function get_hash($algorithm, $string) { function get_hash($algorithm, $string)
{
return hash($algorithm, trim((string) $string)); return hash($algorithm, trim((string) $string));
} }
// Command execution // Command execution
function execute_command($command) { function execute_command($command)
{
$descriptors = array( $descriptors = array(
0 => array('pipe', 'r'), // STDIN 0 => array('pipe', 'r'), // STDIN
1 => array('pipe', 'w'), // STDOUT 1 => array('pipe', 'w'), // STDOUT
@ -576,7 +621,8 @@ function execute_command($command) {
); );
$process = proc_open($command . ' 2>&1', $descriptors, $pipes); $process = proc_open($command . ' 2>&1', $descriptors, $pipes);
if (!is_resource($process)) die("Can't execute command."); if (!is_resource($process)) { die("Can't execute command.");
}
// Nothing to push to STDIN // Nothing to push to STDIN
fclose($pipes[0]); fclose($pipes[0]);
@ -594,7 +640,8 @@ function execute_command($command) {
} }
// Command parsing // Command parsing
function parse_command($command) { function parse_command($command)
{
$value = ltrim((string) $command); $value = ltrim((string) $command);
if (!is_empty_string($value)) { if (!is_empty_string($value)) {
@ -607,8 +654,9 @@ function parse_command($command) {
for ($index = $values_total - 2; $index >= 0; $index--) { for ($index = $values_total - 2; $index >= 0; $index--) {
$value_item = $values[$index]; $value_item = $values[$index];
if (substr($value_item, -1) == '\\') $value = $value_item . ' ' . $value; if (substr($value_item, -1) == '\\') { $value = $value_item . ' ' . $value;
else break; } else { break;
}
} }
} }
} }
@ -617,15 +665,18 @@ function parse_command($command) {
} }
// RPC Server // RPC Server
class WebConsoleRPCServer extends BaseJsonRpcServer { class WebConsoleRPCServer extends BaseJsonRpcServer
{
protected $home_directory = ''; protected $home_directory = '';
private function error($message) { private function error($message)
{
throw new Exception($message); throw new Exception($message);
} }
// Authentication // Authentication
private function authenticate_user($user, $password) { private function authenticate_user($user, $password)
{
$user = trim((string) $user); $user = trim((string) $user);
$password = trim((string) $password); $password = trim((string) $password);
@ -633,19 +684,23 @@ class WebConsoleRPCServer extends BaseJsonRpcServer {
global $ACCOUNTS, $PASSWORD_HASH_ALGORITHM; global $ACCOUNTS, $PASSWORD_HASH_ALGORITHM;
if (isset($ACCOUNTS[$user]) && !is_empty_string($ACCOUNTS[$user])) { if (isset($ACCOUNTS[$user]) && !is_empty_string($ACCOUNTS[$user])) {
if ($PASSWORD_HASH_ALGORITHM) $password = get_hash($PASSWORD_HASH_ALGORITHM, $password); if ($PASSWORD_HASH_ALGORITHM) { $password = get_hash($PASSWORD_HASH_ALGORITHM, $password);
}
if (is_equal_strings($password, $ACCOUNTS[$user])) if (is_equal_strings($password, $ACCOUNTS[$user])) {
return $user . ':' . get_hash('sha256', $password); return $user . ':' . get_hash('sha256', $password);
} }
} }
}
throw new Exception("Incorrect user or password"); throw new Exception("Incorrect user or password");
} }
private function authenticate_token($token) { private function authenticate_token($token)
{
global $NO_LOGIN; global $NO_LOGIN;
if ($NO_LOGIN) return true; if ($NO_LOGIN) { return true;
}
$token = trim((string) $token); $token = trim((string) $token);
$token_parts = explode(':', $token, 2); $token_parts = explode(':', $token, 2);
@ -659,7 +714,8 @@ class WebConsoleRPCServer extends BaseJsonRpcServer {
if (isset($ACCOUNTS[$user]) && !is_empty_string($ACCOUNTS[$user])) { if (isset($ACCOUNTS[$user]) && !is_empty_string($ACCOUNTS[$user])) {
$real_password_hash = get_hash('sha256', $ACCOUNTS[$user]); $real_password_hash = get_hash('sha256', $ACCOUNTS[$user]);
if (is_equal_strings($password_hash, $real_password_hash)) return $user; if (is_equal_strings($password_hash, $real_password_hash)) { return $user;
}
} }
} }
} }
@ -667,81 +723,99 @@ class WebConsoleRPCServer extends BaseJsonRpcServer {
throw new Exception("Incorrect user or password"); throw new Exception("Incorrect user or password");
} }
private function get_home_directory($user) { private function get_home_directory($user)
{
global $HOME_DIRECTORY; global $HOME_DIRECTORY;
if (is_string($HOME_DIRECTORY)) { if (is_string($HOME_DIRECTORY)) {
if (!is_empty_string($HOME_DIRECTORY)) return $HOME_DIRECTORY; if (!is_empty_string($HOME_DIRECTORY)) { return $HOME_DIRECTORY;
} }
else if (is_string($user) && !is_empty_string($user) && isset($HOME_DIRECTORY[$user]) && !is_empty_string($HOME_DIRECTORY[$user])) }
else if (is_string($user) && !is_empty_string($user) && isset($HOME_DIRECTORY[$user]) && !is_empty_string($HOME_DIRECTORY[$user])) {
return $HOME_DIRECTORY[$user]; return $HOME_DIRECTORY[$user];
}
return getcwd(); return getcwd();
} }
// Environment // Environment
private function get_environment() { private function get_environment()
{
$hostname = function_exists('gethostname') ? gethostname() : null; $hostname = function_exists('gethostname') ? gethostname() : null;
return array('path' => getcwd(), 'hostname' => $hostname); return array('path' => getcwd(), 'hostname' => $hostname);
} }
private function set_environment($environment) { private function set_environment($environment)
{
$environment = !empty($environment) ? (array) $environment : array(); $environment = !empty($environment) ? (array) $environment : array();
$path = (isset($environment['path']) && !is_empty_string($environment['path'])) ? $environment['path'] : $this->home_directory; $path = (isset($environment['path']) && !is_empty_string($environment['path'])) ? $environment['path'] : $this->home_directory;
if (!is_empty_string($path)) { if (!is_empty_string($path)) {
if (is_dir($path)) { if (is_dir($path)) {
if (!@chdir($path)) return array('output' => "Unable to change directory to current working directory, updating current directory", if (!@chdir($path)) { return array('output' => "Unable to change directory to current working directory, updating current directory",
'environment' => $this->get_environment()); 'environment' => $this->get_environment());
} }
else return array('output' => "Current working directory not found, updating current directory", }
else { return array('output' => "Current working directory not found, updating current directory",
'environment' => $this->get_environment()); 'environment' => $this->get_environment());
} }
} }
}
// Initialization // Initialization
private function initialize($token, $environment) { private function initialize($token, $environment)
{
$user = $this->authenticate_token($token); $user = $this->authenticate_token($token);
$this->home_directory = $this->get_home_directory($user); $this->home_directory = $this->get_home_directory($user);
$result = $this->set_environment($environment); $result = $this->set_environment($environment);
if ($result) return $result; if ($result) { return $result;
}
} }
// Methods // Methods
public function login($user, $password) { public function login($user, $password)
{
$result = array('token' => $this->authenticate_user($user, $password), $result = array('token' => $this->authenticate_user($user, $password),
'environment' => $this->get_environment()); 'environment' => $this->get_environment());
$home_directory = $this->get_home_directory($user); $home_directory = $this->get_home_directory($user);
if (!is_empty_string($home_directory)) { if (!is_empty_string($home_directory)) {
if (is_dir($home_directory)) $result['environment']['path'] = $home_directory; if (is_dir($home_directory)) { $result['environment']['path'] = $home_directory;
else $result['output'] = "Home directory not found: ". $home_directory; } else { $result['output'] = "Home directory not found: ". $home_directory;
}
} }
return $result; return $result;
} }
public function cd($token, $environment, $path) { public function cd($token, $environment, $path)
{
$result = $this->initialize($token, $environment); $result = $this->initialize($token, $environment);
if ($result) return $result; if ($result) { return $result;
}
$path = trim((string) $path); $path = trim((string) $path);
if (is_empty_string($path)) $path = $this->home_directory; if (is_empty_string($path)) { $path = $this->home_directory;
}
if (!is_empty_string($path)) { if (!is_empty_string($path)) {
if (is_dir($path)) { if (is_dir($path)) {
if (!@chdir($path)) return array('output' => "cd: ". $path . ": Unable to change directory"); if (!@chdir($path)) { return array('output' => "cd: ". $path . ": Unable to change directory");
}
}
else { return array('output' => "cd: ". $path . ": No such directory");
} }
else return array('output' => "cd: ". $path . ": No such directory");
} }
return array('environment' => $this->get_environment()); return array('environment' => $this->get_environment());
} }
public function completion($token, $environment, $pattern, $command) { public function completion($token, $environment, $pattern, $command)
{
$result = $this->initialize($token, $environment); $result = $this->initialize($token, $environment);
if ($result) return $result; if ($result) { return $result;
}
$scan_path = ''; $scan_path = '';
$completion_prefix = ''; $completion_prefix = '';
@ -750,18 +824,22 @@ class WebConsoleRPCServer extends BaseJsonRpcServer {
if (!empty($pattern)) { if (!empty($pattern)) {
if (!is_dir($pattern)) { if (!is_dir($pattern)) {
$pattern = dirname($pattern); $pattern = dirname($pattern);
if ($pattern == '.') $pattern = ''; if ($pattern == '.') { $pattern = '';
}
} }
if (!empty($pattern)) { if (!empty($pattern)) {
if (is_dir($pattern)) { if (is_dir($pattern)) {
$scan_path = $completion_prefix = $pattern; $scan_path = $completion_prefix = $pattern;
if (substr($completion_prefix, -1) != '/') $completion_prefix .= '/'; if (substr($completion_prefix, -1) != '/') { $completion_prefix .= '/';
} }
} }
else $scan_path = getcwd();
} }
else $scan_path = getcwd(); else { $scan_path = getcwd();
}
}
else { $scan_path = getcwd();
}
if (!empty($scan_path)) { if (!empty($scan_path)) {
// Loading directory listing // Loading directory listing
@ -770,13 +848,15 @@ class WebConsoleRPCServer extends BaseJsonRpcServer {
// Prefix // Prefix
if (!empty($completion_prefix) && !empty($completion)) { if (!empty($completion_prefix) && !empty($completion)) {
foreach ($completion as &$value) $value = $completion_prefix . $value; foreach ($completion as &$value) { $value = $completion_prefix . $value;
}
} }
// Pattern // Pattern
if (!empty($pattern) && !empty($completion)) { if (!empty($pattern) && !empty($completion)) {
// For PHP version that does not support anonymous functions (available since PHP 5.3.0) // For PHP version that does not support anonymous functions (available since PHP 5.3.0)
function filter_pattern($value) { function filter_pattern($value)
{
global $pattern; global $pattern;
return !strncmp($pattern, $value, strlen($pattern)); return !strncmp($pattern, $value, strlen($pattern));
} }
@ -788,12 +868,15 @@ class WebConsoleRPCServer extends BaseJsonRpcServer {
return array('completion' => $completion); return array('completion' => $completion);
} }
public function run($token, $environment, $command) { public function run($token, $environment, $command)
{
$result = $this->initialize($token, $environment); $result = $this->initialize($token, $environment);
if ($result) return $result; if ($result) { return $result;
}
$output = ($command && !is_empty_string($command)) ? execute_command($command) : ''; $output = ($command && !is_empty_string($command)) ? execute_command($command) : '';
if ($output && substr($output, -1) == "\n") $output = substr($output, 0, -1); if ($output && substr($output, -1) == "\n") { $output = substr($output, 0, -1);
}
return array('output' => $output); return array('output' => $output);
} }

8
includes/wifi_functions.php
View File

@ -1,6 +1,6 @@
<?php <?php
include_once('functions.php'); require_once 'functions.php';
function knownWifiStations(&$networks) function knownWifiStations(&$networks)
{ {
@ -51,7 +51,8 @@ function nearbyWifiStations(&$networks, $cached = true)
deleteCache($cacheKey); deleteCache($cacheKey);
} }
$scan_results = cache($cacheKey, function () { $scan_results = cache(
$cacheKey, function () {
exec('sudo wpa_cli -i ' . RASPI_WIFI_CLIENT_INTERFACE . ' scan'); exec('sudo wpa_cli -i ' . RASPI_WIFI_CLIENT_INTERFACE . ' scan');
sleep(3); sleep(3);
@ -59,7 +60,8 @@ function nearbyWifiStations(&$networks, $cached = true)
array_shift($stdout); array_shift($stdout);
return implode("\n", $stdout); return implode("\n", $stdout);
}); }
);
foreach (explode("\n", $scan_results) as $network) { foreach (explode("\n", $scan_results) as $network) {
$arrNetwork = preg_split("/[\t]+/", $network); // split result into array $arrNetwork = preg_split("/[\t]+/", $network); // split result into array

40
index.php
View File

@ -18,28 +18,28 @@
* @see http://sirlagz.net/2013/02/08/raspap-webgui/ * @see http://sirlagz.net/2013/02/08/raspap-webgui/
*/ */
require('includes/csrf.php'); require 'includes/csrf.php';
ensureCSRFSessionToken(); ensureCSRFSessionToken();
include_once('includes/config.php'); require_once 'includes/config.php';
include_once('includes/defaults.php'); require_once 'includes/defaults.php';
include_once(RASPI_CONFIG.'/raspap.php'); require_once RASPI_CONFIG.'/raspap.php';
include_once('includes/locale.php'); require_once 'includes/locale.php';
include_once('includes/functions.php'); require_once 'includes/functions.php';
include_once('includes/dashboard.php'); require_once 'includes/dashboard.php';
include_once('includes/authenticate.php'); require_once 'includes/authenticate.php';
include_once('includes/admin.php'); require_once 'includes/admin.php';
include_once('includes/dhcp.php'); require_once 'includes/dhcp.php';
include_once('includes/hostapd.php'); require_once 'includes/hostapd.php';
include_once('includes/system.php'); require_once 'includes/system.php';
include_once('includes/sysstats.php'); require_once 'includes/sysstats.php';
include_once('includes/configure_client.php'); require_once 'includes/configure_client.php';
include_once('includes/networking.php'); require_once 'includes/networking.php';
include_once('includes/themes.php'); require_once 'includes/themes.php';
include_once('includes/data_usage.php'); require_once 'includes/data_usage.php';
include_once('includes/about.php'); require_once 'includes/about.php';
include_once('includes/openvpn.php'); require_once 'includes/openvpn.php';
include_once('includes/torproxy.php'); require_once 'includes/torproxy.php';
$output = $return = 0; $output = $return = 0;
$page = $_GET['page']; $page = $_GET['page'];