diff --git a/.gitignore b/.gitignore index 1dd450a5..a2a77b49 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ yarn-error.log *.swp includes/config.php rootCA.pem +vendor diff --git a/ajax/bandwidth/get_bandwidth.php b/ajax/bandwidth/get_bandwidth.php index 4fcf8057..70e9b882 100644 --- a/ajax/bandwidth/get_bandwidth.php +++ b/ajax/bandwidth/get_bandwidth.php @@ -3,12 +3,6 @@ require '../../includes/csrf.php'; require_once '../../includes/config.php'; -require_once RASPI_CONFIG.'/raspap.php'; - -header('X-Frame-Options: DENY'); -header("Content-Security-Policy: default-src 'none'; connect-src 'self'"); -require_once '../../includes/authenticate.php'; - $interface = filter_input(INPUT_GET, 'inet', FILTER_SANITIZE_SPECIAL_CHARS); if (empty($interface)) { diff --git a/app/css/all.css b/app/css/all.css index 12a47159..d9de52e3 100644 --- a/app/css/all.css +++ b/app/css/all.css @@ -228,3 +228,8 @@ button > i.fas { pointer-events: none; } +.close { + font-weight: 400; + font-size: 1.3rem; +} + diff --git a/app/js/custom.js b/app/js/custom.js index d3fb9b3b..c18ea8ce 100644 --- a/app/js/custom.js +++ b/app/js/custom.js @@ -18,7 +18,8 @@ function createNetmaskAddr(bitCount) { } function loadSummary(strInterface) { - $.post('ajax/networking/get_ip_summary.php',{interface:strInterface},function(data){ + var csrfToken = $('meta[name=csrf_token]').attr('content'); + $.post('ajax/networking/get_ip_summary.php',{'interface': strInterface, 'csrf_token': csrfToken},function(data){ jsonData = JSON.parse(data); if(jsonData['return'] == 0) { $('#'+strInterface+'-summary').html(jsonData['output'].join('
')); @@ -122,21 +123,24 @@ $(document).on("click", "#gen_wpa_passphrase", function(e) { }); $(document).on("click", "#js-clearhostapd-log", function(e) { - $.post('ajax/logging/clearlog.php?',{'logfile':'/tmp/hostapd.log'},function(data){ + var csrfToken = $('meta[name=csrf_token]').attr('content'); + $.post('ajax/logging/clearlog.php?',{'logfile':'/tmp/hostapd.log', 'csrf_token': csrfToken},function(data){ jsonData = JSON.parse(data); $("#hostapd-log").val(""); }); }); $(document).on("click", "#js-cleardnsmasq-log", function(e) { - $.post('ajax/logging/clearlog.php?',{'logfile':'/var/log/dnsmasq.log'},function(data){ + var csrfToken = $('meta[name=csrf_token]').attr('content'); + $.post('ajax/logging/clearlog.php?',{'logfile':'/var/log/dnsmasq.log', 'csrf_token': csrfToken},function(data){ jsonData = JSON.parse(data); $("#dnsmasq-log").val(""); }); }); $(document).on("click", "#js-clearopenvpn-log", function(e) { - $.post('ajax/logging/clearlog.php?',{'logfile':'/tmp/openvpn.log'},function(data){ + var csrfToken = $('meta[name=csrf_token]').attr('content'); + $.post('ajax/logging/clearlog.php?',{'logfile':'/tmp/openvpn.log', 'csrf_token': csrfToken},function(data){ jsonData = JSON.parse(data); $("#openvpn-log").val(""); }); @@ -286,7 +290,8 @@ $('#configureClientModal').on('shown.bs.modal', function (e) { $('#ovpn-confirm-delete').on('click', '.btn-delete', function (e) { var cfg_id = $(this).data('recordId'); - $.post('ajax/openvpn/del_ovpncfg.php',{'cfg_id':cfg_id},function(data){ + var csrfToken = $('meta[name=csrf_token]').attr('content'); + $.post('ajax/openvpn/del_ovpncfg.php',{'cfg_id':cfg_id, 'csrf_token': csrfToken},function(data){ jsonData = JSON.parse(data); $("#ovpn-confirm-delete").modal('hide'); var row = $(document.getElementById("openvpn-client-row-" + cfg_id)); @@ -303,7 +308,8 @@ $('#ovpn-confirm-delete').on('show.bs.modal', function (e) { $('#ovpn-confirm-activate').on('click', '.btn-activate', function (e) { var cfg_id = $(this).data('record-id'); - $.post('ajax/openvpn/activate_ovpncfg.php',{'cfg_id':cfg_id},function(data){ + var csrfToken = $('meta[name=csrf_token]').attr('content'); + $.post('ajax/openvpn/activate_ovpncfg.php',{'cfg_id':cfg_id, 'csrf_token': csrfToken},function(data){ jsonData = JSON.parse(data); $("#ovpn-confirm-activate").modal('hide'); setTimeout(function(){ @@ -419,11 +425,12 @@ function loadChannelSelect(selected) { function setHardwareModeTooltip() { var iface = $('#cbxinterface').val(); var hwmodeText = ''; + var csrfToken = $('meta[name=csrf_token]').attr('content'); // Explanatory text if 802.11ac is disabled if ($('#cbxhwmode').find('option[value="ac"]').prop('disabled') == true ) { var hwmodeText = $('#hwmode').attr('data-tooltip'); } - $.post('ajax/networking/get_frequencies.php?',{'interface': iface},function(data){ + $.post('ajax/networking/get_frequencies.php?',{'interface': iface, 'csrf_token': csrfToken},function(data){ var responseText = JSON.parse(data); $('#tiphwmode').attr('data-original-title', responseText + '\n' + hwmodeText ); }); @@ -435,10 +442,11 @@ function setHardwareModeTooltip() { */ function updateBlocklist() { var blocklist_id = $('#cbxblocklist').val(); + var csrfToken = $('meta[name=csrf_token]').attr('content'); if (blocklist_id == '') { return; } $('#cbxblocklist-status').find('i').removeClass('fas fa-check').addClass('fas fa-cog fa-spin'); $('#cbxblocklist-status').removeClass('check-hidden').addClass('check-progress'); - $.post('ajax/adblock/update_blocklist.php',{ 'blocklist_id':blocklist_id },function(data){ + $.post('ajax/adblock/update_blocklist.php',{ 'blocklist_id':blocklist_id, 'csrf_token': csrfToken},function(data){ var jsonData = JSON.parse(data); if (jsonData['return'] == '0') { $('#cbxblocklist-status').find('i').removeClass('fas fa-cog fa-spin').addClass('fas fa-check'); @@ -457,7 +465,8 @@ $('.wg-keygen').click(function(){ var entity_pub = $(this).parent('div').prev('input[type="text"]'); var entity_priv = $(this).parent('div').next('input[type="hidden"]'); var updated = entity_pub.attr('name')+"-pubkey-status"; - $.post('ajax/networking/get_wgkey.php',{'entity':entity_pub.attr('name') },function(data){ + var csrfToken = $('meta[name=csrf_token]').attr('content'); + $.post('ajax/networking/get_wgkey.php',{'entity':entity_pub.attr('name'), 'csrf_token': csrfToken},function(data){ var jsonData = JSON.parse(data); entity_pub.val(jsonData.pubkey); $('#' + updated).removeClass('check-hidden').addClass('check-updated').delay(500).animate({ opacity: 1 }, 700); diff --git a/includes/adblock.php b/includes/adblock.php index bf16bcb7..021f4d2c 100755 --- a/includes/adblock.php +++ b/includes/adblock.php @@ -1,6 +1,5 @@ getAuthConfig(); + $password = $config['admin_pass']; + if (isset($_POST['UpdateAdminPassword'])) { if (password_verify($_POST['oldpass'], $password)) { $new_username=trim($_POST['username']); @@ -33,5 +35,10 @@ function DisplayAuthConfig($username, $password) } } - echo renderTemplate("admin", compact("status", "username")); + echo renderTemplate( + "admin", compact( + "status", + "username" + ) + ); } diff --git a/includes/authenticate.php b/includes/authenticate.php index 3059ff42..bceac97d 100755 --- a/includes/authenticate.php +++ b/includes/authenticate.php @@ -1,22 +1,16 @@ isLogged()) { + if ($auth->login($user, $pass)) { + $config = $auth->getAuthConfig(); } else { - header('HTTP/1.0 401 Unauthorized'); + $auth->authenticate(); } - exit('Not authorized'.PHP_EOL); } -} else { - $validated = true; } diff --git a/includes/autoload.php b/includes/autoload.php new file mode 100755 index 00000000..d39bd0c9 --- /dev/null +++ b/includes/autoload.php @@ -0,0 +1,41 @@ +addMessage(_('Interface name invalid.'), 'danger'); diff --git a/includes/dhcp.php b/includes/dhcp.php index 72601374..65c04ceb 100755 --- a/includes/dhcp.php +++ b/includes/dhcp.php @@ -1,6 +1,5 @@ $sect ) { - if (isRuleEnabled($sect, $conf) ) { - $str_rules= createRuleStr($sect, $conf); - if (!empty($str_rules) ) { - if (isIPv4($sect) ) { file_put_contents(RASPAP_IPTABLES_SCRIPT, $str_rules, FILE_APPEND); - } - if (isIPv6($sect) ) { file_put_contents(RASPAP_IP6TABLES_SCRIPT, $str_rules, FILE_APPEND); - } - ++$count; - } - } - } - } - } - if ($count > 0 ) { - exec("chmod +x ".RASPAP_IPTABLES_SCRIPT); - exec("sudo ".RASPAP_IPTABLES_SCRIPT); - exec("sudo iptables-save | sudo tee /etc/iptables/rules.v4"); - unlink(RASPAP_IPTABLES_SCRIPT); - exec("chmod +x ".RASPAP_IP6TABLES_SCRIPT); - exec("sudo ".RASPAP_IP6TABLES_SCRIPT); - exec("sudo ip6tables-save | sudo tee /etc/iptables/rules.v6"); - unlink(RASPAP_IP6TABLES_SCRIPT); - } - return ($count > 0); -} - -/** - * - * @param array $conf - * @return string $ret - */ -function WriteFirewallConf($conf) -{ - $ret = false; - if (is_array($conf) ) { write_php_ini($conf, RASPI_FIREWALL_CONF); - } - return $ret; -} - -/** - * - * @return array $conf - */ -function ReadFirewallConf() -{ - $conf = array(); - if (file_exists(RASPI_FIREWALL_CONF) ) { - $conf = parse_ini_file(RASPI_FIREWALL_CONF); - } - if ( !isset($conf["firewall-enable"]) ) { - $conf["firewall-enable"] = false; - $conf["ssh-enable"] = false; - $conf["http-enable"] = false; - $conf["excl-devices"] = ""; - $conf["excluded-ips"] = ""; - $conf["ap-device"] = ""; - $conf["client-device"] = ""; - $conf["restricted-ips"] = ""; - } - exec('ifconfig | grep -E -i "^tun[0-9]"', $ret); - $conf["openvpn-enable"] = !empty($ret); - unset($ret); - exec('ifconfig | grep -E -i "^wg[0-9]"', $ret); - $conf["wireguard-enable"] = !empty($ret); - return $conf; -} - -/** - * - * @return string $ips - */ -function getVPN_IPs() -{ - $ips = ""; - // get openvpn and wireguard server IPs - if (RASPI_OPENVPN_ENABLED && ($fconf = glob(RASPI_OPENVPN_CLIENT_PATH ."/*.conf")) !== false && !empty($fconf) ) { - foreach ( $fconf as $f ) { - unset($result); - exec('cat '.$f.' | sed -rn "s/^remote\s*([a-z0-9\.\-\_:]*)\s*([0-9]*)\s*$/\1 \2/ip" ', $result); - if (!empty($result) ) { - $result = explode(" ", $result[0]); - $ip = (isset($result[0])) ? $result[0] : ""; - $port = (isset($result[1])) ? $result[1] : ""; - if (!empty($ip) ) { - $ip = gethostbyname($ip); - if (filter_var($ip, FILTER_VALIDATE_IP) && strpos($ips, $ip) === false ) { $ips .= " $ip"; - } - } - } - } - } - // get wireguard server IPs - if (RASPI_WIREGUARD_ENABLED && ($fconf = glob(RASPI_WIREGUARD_PATH ."/*.conf")) !== false && !empty($fconf) ) { - foreach ( $fconf as $f ) { - unset($result); - exec('sudo /bin/cat '.$f.' | sed -rn "s/^endpoint\s*=\s*\[?([a-z0-9\.\-\_:]*)\]?:([0-9]*)\s*$/\1 \2/ip" ', $result); - if (!empty($result) ) { - $result = explode(" ", $result[0]); - $ip = (isset($result[0])) ? $result[0] : ""; - $port = (isset($result[1])) ? $result[1] : ""; - if (!empty($ip) ) { - $ip = gethostbyname($ip); - if (filter_var($ip, FILTER_VALIDATE_IP) && strpos($ips, $ip) === false ) { $ips .= " $ip"; - } - } - } - } - } - return trim($ips); -} - -/** - * - * @return array $fw_conf - */ -function getFirewallConfiguration() -{ - $fw_conf = ReadFirewallConf(); - - $json = file_get_contents(RASPI_IPTABLES_CONF); - getWifiInterface(); - $ap_device = $_SESSION['ap_interface']; - $clients = getClients(); - $str_clients = ""; - foreach( $clients["device"] as $dev ) { - if (!$dev["isAP"] ) { - if (!empty($str_clients) ) { $str_clients .= ", "; - } - $str_clients .= $dev["name"]; - } - } - $fw_conf["ap-device"] = $ap_device; - $fw_conf["client-list"] = $str_clients; - $id=findCurrentClientIndex($clients); - if ($id >= 0 ) { $fw_conf["client-device"] = $clients["device"][$id]["name"]; - } - return $fw_conf; -} - -/** - * - */ -function updateFirewall() -{ - $fw_conf = getFirewallConfiguration(); - if ( isset($fw_conf["firewall-enable"]) ) { - WriteFirewallConf($fw_conf); - configureFirewall(); - } - return; -} - -/** - * - */ -function DisplayFirewallConfig() -{ - $status = new StatusMessages(); - - $fw_conf = getFirewallConfiguration(); - $ap_device = $fw_conf["ap-device"]; - $str_clients = $fw_conf["client-list"]; - - if (!empty($_POST)) { - $fw_conf["ssh-enable"] = isset($_POST['ssh-enable']); - $fw_conf["http-enable"] = isset($_POST['http-enable']); - $fw_conf["firewall-enable"] = isset($_POST['firewall-enable']) || isset($_POST['apply-firewall']); - if (isset($_POST['firewall-enable']) ) { $status->addMessage(_('Firewall is now enabled'), 'success'); - } - if (isset($_POST['apply-firewall']) ) { $status->addMessage(_('Firewall settings changed'), 'success'); - } - if (isset($_POST['firewall-disable']) ) { $status->addMessage(_('Firewall is now disabled'), 'warning'); - } - if (isset($_POST['save-firewall']) ) { $status->addMessage(_('Firewall settings saved. Firewall is still disabled.'), 'success'); - } - if (isset($_POST['excl-devices']) ) { - $excl = filter_var($_POST['excl-devices'], FILTER_SANITIZE_STRING); - $excl = str_replace(',', ' ', $excl); - $excl = trim(preg_replace('/\s+/', ' ', $excl)); - if ($fw_conf["excl-devices"] != $excl ) { - $status->addMessage(_('Exclude devices '. $excl), 'success'); - $fw_conf["excl-devices"] = $excl; - } - } - if (isset($_POST['excluded-ips']) ) { - $excl = filter_var($_POST['excluded-ips'], FILTER_SANITIZE_STRING); - $excl = str_replace(',', ' ', $excl); - $excl = trim(preg_replace('/\s+/', ' ', $excl)); - if (!empty($excl) ) { - $excl = explode(' ', $excl); - $str_excl = ""; - foreach ( $excl as $ip ) { - if (filter_var($ip, FILTER_VALIDATE_IP) ) { $str_excl .= "$ip "; - } else { $status->addMessage(_('Exclude IP address '. $ip . ' failed - not a valid IP address'), 'warning'); - } - } - } - $str_excl = trim($str_excl); - if ($fw_conf["excluded-ips"] != $str_excl ) { - $status->addMessage(_('Exclude IP address(es) '. $str_excl), 'success'); - $fw_conf["excluded-ips"] = $str_excl; - } - } - WriteFirewallConf($fw_conf); - configureFirewall(); - } - $vpn_ips = getVPN_IPs(); - echo renderTemplate( - "firewall", compact( - "status", - "ap_device", - "str_clients", - "fw_conf", - "vpn_ips" - ) - ); -} - diff --git a/includes/functions.php b/includes/functions.php index ca264ff7..24a42f15 100755 --- a/includes/functions.php +++ b/includes/functions.php @@ -664,10 +664,18 @@ function formatDateAgo($datetime, $full = false) return $string ? implode(', ', $string) . ' ago' : 'just now'; } +function initializeApp() +{ + $_SESSION["theme_url"] = getThemeOpt(); + $_SESSION["toggleState"] = getSidebarState(); + $_SESSION["bridgedEnabled"] = getBridgedState(); +} + function getThemeOpt() { if (!isset($_COOKIE['theme'])) { $theme = "custom.php"; + setcookie('theme', $theme); } else { $theme = $_COOKIE['theme']; } @@ -680,6 +688,7 @@ function getColorOpt() $color = "#2b8080"; } else { $color = $_COOKIE['color']; + setcookie('color', $color); } return $color; } @@ -737,7 +746,7 @@ function validate_host($host) // @return boolean function getNightmode() { - if ($_COOKIE['theme'] == 'lightsout.css') { + if (isset($_COOKIE['theme']) && $_COOKIE['theme'] == 'lightsout.css') { return true; } else { return false; @@ -810,3 +819,15 @@ function getTooltip($msg, $id, $visible = true, $data_html = false) echo ''; } +// Load non default JS/ECMAScript in footer +function loadFooterScripts($extraFooterScripts) +{ + foreach ($extraFooterScripts as $script) { + echo '' , PHP_EOL; + } +} + diff --git a/includes/hostapd.php b/includes/hostapd.php index 3dbbf6cf..af488278 100755 --- a/includes/hostapd.php +++ b/includes/hostapd.php @@ -1,22 +1,17 @@ operatingSystem(); - /** * Initialize hostapd values, display interface * */ function DisplayHostAPDConfig() { - $status = new StatusMessages(); + $status = new \RaspAP\Messages\StatusMessage; $system = new \RaspAP\System\Sysinfo; $operatingSystem = $system->operatingSystem(); $arrConfig = array(); diff --git a/includes/navbar.php b/includes/navbar.php new file mode 100755 index 00000000..511bf515 --- /dev/null +++ b/includes/navbar.php @@ -0,0 +1,23 @@ + diff --git a/includes/networking.php b/includes/networking.php index 345ca14e..9669fca4 100755 --- a/includes/networking.php +++ b/includes/networking.php @@ -1,6 +1,5 @@ set_max_file_size(64*KB); $upload->set_allowed_mime_types(array('ovpn' => 'text/plain')); $upload->file($file); diff --git a/includes/page_actions.php b/includes/page_actions.php new file mode 100755 index 00000000..b460dd43 --- /dev/null +++ b/includes/page_actions.php @@ -0,0 +1,52 @@ + + diff --git a/includes/sidebar.php b/includes/sidebar.php new file mode 100755 index 00000000..ada2a0b0 --- /dev/null +++ b/includes/sidebar.php @@ -0,0 +1,93 @@ + diff --git a/includes/sysstats.php b/includes/sysstats.php index 5122c91c..2f567a8b 100755 --- a/includes/sysstats.php +++ b/includes/sysstats.php @@ -1,7 +1,5 @@ hostname(); diff --git a/includes/system.php b/includes/system.php index 3babf0c5..c65d374d 100755 --- a/includes/system.php +++ b/includes/system.php @@ -1,74 +1,14 @@ 'Model B Revision 1.0', - '0003' => 'Model B Revision 1.0 + ECN0001', - '0004' => 'Model B Revision 2.0 (256 MB)', - '0005' => 'Model B Revision 2.0 (256 MB)', - '0006' => 'Model B Revision 2.0 (256 MB)', - '0007' => 'Model A', - '0008' => 'Model A', - '0009' => 'Model A', - '000d' => 'Model B Revision 2.0 (512 MB)', - '000e' => 'Model B Revision 2.0 (512 MB)', - '000f' => 'Model B Revision 2.0 (512 MB)', - '0010' => 'Model B+', - '0013' => 'Model B+', - '0011' => 'Compute Module', - '0012' => 'Model A+', - 'a01041' => 'a01041', - 'a21041' => 'a21041', - '900092' => 'PiZero 1.2', - '900093' => 'PiZero 1.3', - '9000c1' => 'PiZero W', - 'a02082' => 'Pi 3 Model B', - 'a22082' => 'Pi 3 Model B', - 'a32082' => 'Pi 3 Model B', - 'a52082' => 'Pi 3 Model B', - 'a020d3' => 'Pi 3 Model B+', - 'a220a0' => 'Compute Module 3', - 'a020a0' => 'Compute Module 3', - 'a02100' => 'Compute Module 3+', - 'a03111' => 'Model 4B Revision 1.1 (1 GB)', - 'b03111' => 'Model 4B Revision 1.1 (2 GB)', - 'c03111' => 'Model 4B Revision 1.1 (4 GB)' - ); - - $cpuinfo_array = ''; - exec('cat /proc/cpuinfo', $cpuinfo_array); - $rev = trim(array_pop(explode(':', array_pop(preg_grep("/^Revision/", $cpuinfo_array))))); - if (array_key_exists($rev, $revisions)) { - return $revisions[$rev]; - } else { - exec('cat /proc/device-tree/model', $model); - if (isset($model[0])) { - return $model[0]; - } else { - return 'Unknown Device'; - } - } -} /** * */ function DisplaySystem(&$extraFooterScripts) { - - $status = new StatusMessages(); + $status = new \RaspAP\Messages\StatusMessage; if (isset($_POST['SaveLanguage'])) { if (isset($_POST['locale'])) { @@ -134,7 +74,7 @@ function DisplaySystem(&$extraFooterScripts) // define locales $arrLocales = getLocales(); - #fetch system status variables. + // fetch system status variables $system = new \RaspAP\System\Sysinfo; $hostname = $system->hostname(); @@ -143,7 +83,8 @@ function DisplaySystem(&$extraFooterScripts) $os = $system->operatingSystem(); $kernel = $system->kernelVersion(); $systime = $system->systime(); - + $revision = $system->rpiRevision(); + // mem used $memused = $system->usedMemory(); $memused_status = "primary"; @@ -215,6 +156,7 @@ function DisplaySystem(&$extraFooterScripts) "hostname", "uptime", "systime", + "revision", "cores", "os", "kernel", diff --git a/includes/torproxy.php b/includes/torproxy.php index f82ca3f8..d6166765 100755 --- a/includes/torproxy.php +++ b/includes/torproxy.php @@ -1,7 +1,5 @@ set_max_file_size(64*KB); $upload->set_allowed_mime_types(array('text/plain')); $upload->file($file); diff --git a/index.php b/index.php index 96a45900..83e2916d 100755 --- a/index.php +++ b/index.php @@ -4,12 +4,12 @@ * Raspbian WiFi Configuration Portal (RaspAP) * * Simple AP setup & WiFi management for Debian-based devices. - * Enables use of simple web interface rather than SSH to control WiFi and related services on the Raspberry Pi. + * Enables use of simple web interface rather than SSH to control WiFi and related services on the Raspberry Pi. * Recommended distribution is Raspberry Pi OS (64-bit) Lite. Specific instructions to install the supported software are * in the README and original post by @SirLagz. For a quick run through, the packages required for the WebGUI are: * lighttpd (version 1.4.59 installed via apt) - * php-cgi (version 7.4.28 installed via apt) - * along with their supporting packages, php7.3 will also need to be enabled. + * php-cgi (version 7.4.33 installed via apt) + * along with their supporting packages, php7.4 will also need to be enabled. * * @author Lawrence Yau * @author Bill Zimmerman @@ -27,8 +27,8 @@ require 'includes/csrf.php'; ensureCSRFSessionToken(); require_once 'includes/config.php'; +require_once 'includes/autoload.php'; require_once 'includes/defaults.php'; -require_once RASPI_CONFIG.'/raspap.php'; require_once 'includes/locale.php'; require_once 'includes/functions.php'; require_once 'includes/dashboard.php'; @@ -47,15 +47,9 @@ require_once 'includes/openvpn.php'; require_once 'includes/wireguard.php'; require_once 'includes/torproxy.php'; -$config = getConfig(); -$output = $return = 0; -$page = $_SERVER['PATH_INFO']; - -$theme_url = getThemeOpt(); -$toggleState = getSidebarState(); -$bridgedEnabled = getBridgedState(); - -?> +initializeApp(); +?> + @@ -86,8 +80,7 @@ $bridgedEnabled = getBridgedState(); - - + " title="main" rel="stylesheet"> @@ -109,203 +102,30 @@ $bridgedEnabled = getBridgedState();
- - - - -
- - -
- - - - -
- -
-
- -
-
-
- -
-
-
- -
+ + +
@@ -330,15 +150,6 @@ $bridgedEnabled = getBridgedState(); - ' , PHP_EOL; - } - ?> + diff --git a/raspap.php b/raspap.php deleted file mode 100755 index e45e3eb4..00000000 --- a/raspap.php +++ /dev/null @@ -1,19 +0,0 @@ - 'admin', - 'admin_pass' => '$2y$10$YKIyWAmnQLtiJAy6QgHQ.eCpY4m.HCEbiHaTgN6.acNC6bDElzt.i' - ); - - if (file_exists(RASPI_CONFIG . '/raspap.auth')) { - if ($auth_details = fopen(RASPI_CONFIG . '/raspap.auth', 'r')) { - $config['admin_user'] = trim(fgets($auth_details)); - $config['admin_pass'] = trim(fgets($auth_details)); - fclose($auth_details); - } - } - return $config; -} - diff --git a/src/RaspAP/Auth/HTTPAuth.php b/src/RaspAP/Auth/HTTPAuth.php new file mode 100755 index 00000000..9751075f --- /dev/null +++ b/src/RaspAP/Auth/HTTPAuth.php @@ -0,0 +1,136 @@ + + * @license https://github.com/raspap/raspap-webgui/blob/master/LICENSE + * @see https://www.php.net/manual/en/features.http-auth.php + */ + +declare(strict_types=1); + +namespace RaspAP\Auth; + +class HTTPAuth +{ + + /** + * @var string $realm + */ + public $realm = 'Authentication Required'; + + /** + * Stored login credentials + * @var array $auth_config + */ + protected $auth_config; + + /** + * Default login credentials + * @var array $auth_default + */ + private $auth_default = array( + 'admin_user' => 'admin', + 'admin_pass' => '$2y$10$YKIyWAmnQLtiJAy6QgHQ.eCpY4m.HCEbiHaTgN6.acNC6bDElzt.i' + ); + + // Constructor + public function __construct() + { + $this->auth_config = $this->getAuthConfig(); + } + + /* + * Determines if user is logged in + * return boolean + */ + public function isLogged() + { + return isset($_SESSION['user_id']); + } + + /* + * Authenticate a user using HTTP basic auth + */ + public function authenticate() + { + if (!$this->isLogged()) { + header('HTTP/1.0 401 Unauthorized'); + header('WWW-Authenticate: Basic realm="'.$this->realm.'"'); + if (function_exists('http_response_code')) { + // http_response_code will respond with proper HTTP version + http_response_code(401); + } else { + header('HTTP/1.0 401 Unauthorized'); + } + exit('Not authorized'.PHP_EOL); + } + } + + /* + * Attempt to login a user with supplied credentials + * @var string $user + * @var string $pass + * return boolean + */ + public function login(string $user, string $pass) + { + if ($this->isValidCredentials($user, $pass)) { + $_SESSION['user_id'] = $user; + return true; + } + return false; + } + + /* + * Gets the current authentication config + * return array $config + */ + public function getAuthConfig() + { + $config = $this->auth_default; + + if (file_exists(RASPI_CONFIG . '/raspap.auth')) { + if ($auth_details = fopen(RASPI_CONFIG . '/raspap.auth', 'r')) { + $config['admin_user'] = trim(fgets($auth_details)); + $config['admin_pass'] = trim(fgets($auth_details)); + fclose($auth_details); + } + } + return $config; + } + + /* + * Validates a set of credentials + * @var string $user + * @var string $pass + * return boolean + */ + protected function isValidCredentials(string $user, string $pass) + { + return $this->validateUser($user) && $this->validatePassword($pass); + } + + /** + * Validates a user + * + * @param string $user + */ + protected function validateUser(string $user) + { + return $user == $this->auth_config['admin_user']; + } + + /** + * Validates a password + * + * @param string $pass + */ + protected function validatePassword(string $pass) + { + return password_verify($pass, $this->auth_config['admin_pass']); + } + +} diff --git a/includes/status_messages.php b/src/RaspAP/Messages/StatusMessage.php similarity index 73% rename from includes/status_messages.php rename to src/RaspAP/Messages/StatusMessage.php index 8f639699..680014ce 100755 --- a/includes/status_messages.php +++ b/src/RaspAP/Messages/StatusMessage.php @@ -1,5 +1,16 @@ + * @license https://github.com/raspap/raspap-webgui/blob/master/LICENSE + */ + +namespace RaspAP\Messages; + +class StatusMessage { public $messages = array(); diff --git a/app/lib/system.php b/src/RaspAP/System/Sysinfo.php old mode 100644 new mode 100755 similarity index 52% rename from app/lib/system.php rename to src/RaspAP/System/Sysinfo.php index 676c2201..7a45728e --- a/app/lib/system.php +++ b/src/RaspAP/System/Sysinfo.php @@ -1,7 +1,7 @@ @@ -92,5 +92,62 @@ class Sysinfo $kernel = shell_exec("uname -r"); return $kernel; } + + /* + * Returns RPi Model and PCB Revision from Pi Revision Code (cpuinfo) + * @see http://www.raspberrypi-spy.co.uk/2012/09/checking-your-raspberry-pi-board-version/ + */ + public function rpiRevision() + { + $revisions = array( + '0002' => 'Model B Revision 1.0', + '0003' => 'Model B Revision 1.0 + ECN0001', + '0004' => 'Model B Revision 2.0 (256 MB)', + '0005' => 'Model B Revision 2.0 (256 MB)', + '0006' => 'Model B Revision 2.0 (256 MB)', + '0007' => 'Model A', + '0008' => 'Model A', + '0009' => 'Model A', + '000d' => 'Model B Revision 2.0 (512 MB)', + '000e' => 'Model B Revision 2.0 (512 MB)', + '000f' => 'Model B Revision 2.0 (512 MB)', + '0010' => 'Model B+', + '0013' => 'Model B+', + '0011' => 'Compute Module', + '0012' => 'Model A+', + 'a01041' => 'a01041', + 'a21041' => 'a21041', + '900092' => 'PiZero 1.2', + '900093' => 'PiZero 1.3', + '9000c1' => 'PiZero W', + 'a02082' => 'Pi 3 Model B', + 'a22082' => 'Pi 3 Model B', + 'a32082' => 'Pi 3 Model B', + 'a52082' => 'Pi 3 Model B', + 'a020d3' => 'Pi 3 Model B+', + 'a220a0' => 'Compute Module 3', + 'a020a0' => 'Compute Module 3', + 'a02100' => 'Compute Module 3+', + 'a03111' => 'Model 4B Revision 1.1 (1 GB)', + 'b03111' => 'Model 4B Revision 1.1 (2 GB)', + 'c03111' => 'Model 4B Revision 1.1 (4 GB)' + ); + + $cpuinfo_array = ''; + exec('cat /proc/cpuinfo', $cpuinfo_array); + $info = preg_grep("/^Revision/", $cpuinfo_array); + $tmp = explode(':', array_pop($info)); + $rev = trim(array_pop($tmp)); + if (array_key_exists($rev, $revisions)) { + return $revisions[$rev]; + } else { + exec('cat /proc/device-tree/model', $model); + if (isset($model[0])) { + return $model[0]; + } else { + return 'Unknown Device'; + } + } + } } diff --git a/app/lib/uploader.php b/src/RaspAP/Uploader/FileUpload.php old mode 100644 new mode 100755 similarity index 99% rename from app/lib/uploader.php rename to src/RaspAP/Uploader/FileUpload.php index e15e451c..03cd0012 --- a/app/lib/uploader.php +++ b/src/RaspAP/Uploader/FileUpload.php @@ -3,8 +3,6 @@ /** * Simple PHP upload class * - * Adapted from aivis/PHP-file-upload-class - * * @description File upload class for RaspAP * @author Bill Zimmerman * @author Aivis Silins @@ -14,7 +12,7 @@ namespace RaspAP\Uploader; -class Upload +class FileUpload { /** @@ -110,7 +108,7 @@ class Upload */ public static function factory($destination, $root = false) { - return new Upload($destination, $root); + return new FileUpload($destination, $root); } /** diff --git a/templates/admin.php b/templates/admin.php index f6ea44c2..ee6543b4 100755 --- a/templates/admin.php +++ b/templates/admin.php @@ -21,20 +21,35 @@
- - +
+
+ +
+ +
+
- - +
+
+ +
+ +
+
- - +
+
+ +
+ +
+
" /> diff --git a/templates/firewall.php b/templates/firewall.php deleted file mode 100755 index 70210346..00000000 --- a/templates/firewall.php +++ /dev/null @@ -1,110 +0,0 @@ -
-
-
-
-
-
- -
-
-
-
- showMessages(); ?> -

- - - - - -
-
-

- -
-
- %s."), $ap_device); ?> - -

-
-
-
- -
-
-
-
- > - -
-
- > - -
-

- -

-
-
-
-
-
- - " aria-describedby="exclusion-description" > -

- -
- %s"), $str_clients); ?>
- %s is per default excluded."), $ap_device); ?> - -

-
-
-
-
-
- - " aria-describedby="excl-ips-description" > -

- -
-
- %s"), $vpn_ips); ?> - -

-
-
- - " name="apply-firewall" /> - " name="firewall-disable" data-toggle="modal" data-target="#firewallModal"/> - - " name="save-firewall" /> - " name="firewall-enable" data-toggle="modal" data-target="#firewallModal"/> - -
-
-
-
-
-
- - - - diff --git a/templates/system/basic.php b/templates/system/basic.php index e231c216..81adb6d2 100644 --- a/templates/system/basic.php +++ b/templates/system/basic.php @@ -14,7 +14,7 @@ include('includes/sysstats.php');
-
+