From b0ebd7bf00eb9f25be8d6c85f69e2fd959100dc1 Mon Sep 17 00:00:00 2001 From: billz Date: Wed, 5 Aug 2020 18:57:42 +0100 Subject: [PATCH] Add validate serverBind, save settings --- includes/system.php | 29 ++++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/includes/system.php b/includes/system.php index 4919b5ff..a66ec9e0 100755 --- a/includes/system.php +++ b/includes/system.php @@ -78,32 +78,35 @@ function DisplaySystem() if (!RASPI_MONITOR_ENABLED) { if (isset($_POST['SaveServerSettings'])) { - // Save server port + $good_input = true; + // Validate server port if (isset($_POST['serverPort'])) { if (strlen($_POST['serverPort']) > 4 || !is_numeric($_POST['serverPort'])) { $status->addMessage('Invalid value for port number', 'danger'); + $good_input = false; } else { $serverPort = escapeshellarg($_POST['serverPort']); - exec("sudo /etc/raspap/lighttpd/configport.sh $serverPort " .RASPI_LIGHTTPD_CONFIG. " ".$_SERVER['SERVER_NAME'], $return); - foreach ($return as $line) { - $status->addMessage($line, 'info'); - } - } + } } - // Save server bind address - if (isset($_POST['serverBind'])) { + // Validate server bind address + $serverBind = escapeshellarg(''); + if ($_POST['serverBind'] && $_POST['serverBind'] !== null ) { if (!filter_var($_POST['serverBind'], FILTER_VALIDATE_IP)) { $status->addMessage('Invalid value for bind address', 'danger'); + $good_input = false; } else { $serverBind = escapeshellarg($_POST['serverBind']); - //exec("sudo /etc/raspap/lighttpd/configport.sh $serverPort " .RASPI_LIGHTTPD_CONFIG. " ".$_SERVER['SERVER_NAME'], $return); - //foreach ($return as $line) { - // $status->addMessage($line, 'info'); - //} } } - + // Save settings + if ($good_input) { + exec("sudo /etc/raspap/lighttpd/configport.sh $serverPort $serverBind " .RASPI_LIGHTTPD_CONFIG. " ".$_SERVER['SERVER_NAME'], $return); + foreach ($return as $line) { + $status->addMessage($line, 'info'); + } + } } + if (isset($_POST['system_reboot'])) { $status->addMessage("System Rebooting Now!", "warning", false); $result = shell_exec("sudo /sbin/reboot");