mirror of
https://github.com/billz/raspap-webgui.git
synced 2023-10-10 13:37:24 +02:00
Merge pull request #494 from JohnTheNerd/master
Properly locked down the back-end in monitoring mode
This commit is contained in:
commit
c0af41a53b
@ -1,5 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
require_once 'config.php';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Show dashboard page.
|
* Show dashboard page.
|
||||||
*/
|
*/
|
||||||
@ -146,6 +148,7 @@ function DisplayDashboard(&$extraFooterScripts)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if (!RASPI_MONITOR_ENABLED) {
|
||||||
if (isset($_POST['ifdown_wlan0'])) {
|
if (isset($_POST['ifdown_wlan0'])) {
|
||||||
// Pressed stop button
|
// Pressed stop button
|
||||||
if ($interfaceState === 'UP') {
|
if ($interfaceState === 'UP') {
|
||||||
@ -174,6 +177,7 @@ function DisplayDashboard(&$extraFooterScripts)
|
|||||||
} else {
|
} else {
|
||||||
$status->addMessage(sprintf(_('Interface is %s.'), strtolower($interfaceState)), $classMsgDevicestatus);
|
$status->addMessage(sprintf(_('Interface is %s.'), strtolower($interfaceState)), $classMsgDevicestatus);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
echo renderTemplate("dashboard", compact(
|
echo renderTemplate("dashboard", compact(
|
||||||
"status",
|
"status",
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
include_once('includes/status_messages.php');
|
include_once('includes/status_messages.php');
|
||||||
|
require_once 'config.php';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
@ -11,6 +12,7 @@ function DisplayDHCPConfig()
|
|||||||
{
|
{
|
||||||
|
|
||||||
$status = new StatusMessages();
|
$status = new StatusMessages();
|
||||||
|
if (!RASPI_MONITOR_ENABLED) {
|
||||||
if (isset($_POST['savedhcpdsettings'])) {
|
if (isset($_POST['savedhcpdsettings'])) {
|
||||||
$errors = '';
|
$errors = '';
|
||||||
define('IFNAMSIZ', 16);
|
define('IFNAMSIZ', 16);
|
||||||
@ -76,10 +78,12 @@ function DisplayDHCPConfig()
|
|||||||
$status->addMessage('Dnsmasq configuration failed to be updated.', 'danger');
|
$status->addMessage('Dnsmasq configuration failed to be updated.', 'danger');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
exec('pidof dnsmasq | wc -l', $dnsmasq);
|
exec('pidof dnsmasq | wc -l', $dnsmasq);
|
||||||
$dnsmasq_state = ($dnsmasq[0] > 0);
|
$dnsmasq_state = ($dnsmasq[0] > 0);
|
||||||
|
|
||||||
|
if (!RASPI_MONITOR_ENABLED) {
|
||||||
if (isset($_POST['startdhcpd'])) {
|
if (isset($_POST['startdhcpd'])) {
|
||||||
if ($dnsmasq_state) {
|
if ($dnsmasq_state) {
|
||||||
$status->addMessage('dnsmasq already running', 'info');
|
$status->addMessage('dnsmasq already running', 'info');
|
||||||
@ -105,6 +109,7 @@ function DisplayDHCPConfig()
|
|||||||
$status->addMessage('dnsmasq already stopped', 'info');
|
$status->addMessage('dnsmasq already stopped', 'info');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
$serviceStatus = $dnsmasq_state ? "up" : "down";
|
$serviceStatus = $dnsmasq_state ? "up" : "down";
|
||||||
|
|
||||||
|
@ -2,6 +2,7 @@
|
|||||||
|
|
||||||
include_once('includes/status_messages.php');
|
include_once('includes/status_messages.php');
|
||||||
include_once('app/lib/system.php');
|
include_once('app/lib/system.php');
|
||||||
|
require_once 'config.php';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
@ -25,6 +26,7 @@ function DisplayHostAPDConfig()
|
|||||||
$managedModeEnabled = false;
|
$managedModeEnabled = false;
|
||||||
exec("ip -o link show | awk -F': ' '{print $2}'", $interfaces);
|
exec("ip -o link show | awk -F': ' '{print $2}'", $interfaces);
|
||||||
|
|
||||||
|
if (!RASPI_MONITOR_ENABLED) {
|
||||||
if (isset($_POST['SaveHostAPDSettings'])) {
|
if (isset($_POST['SaveHostAPDSettings'])) {
|
||||||
SaveHostAPDConfig($arrSecurity, $arrEncType, $arr80211Standard, $interfaces, $status);
|
SaveHostAPDConfig($arrSecurity, $arrEncType, $arr80211Standard, $interfaces, $status);
|
||||||
} elseif (isset($_POST['StartHotspot'])) {
|
} elseif (isset($_POST['StartHotspot'])) {
|
||||||
@ -44,6 +46,7 @@ function DisplayHostAPDConfig()
|
|||||||
$status->addMessage($line, 'info');
|
$status->addMessage($line, 'info');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
exec('cat '. RASPI_HOSTAPD_CONFIG, $hostapdconfig);
|
exec('cat '. RASPI_HOSTAPD_CONFIG, $hostapdconfig);
|
||||||
exec('iwgetid '. RASPI_WIFI_CLIENT_INTERFACE. ' -r', $wifiNetworkID);
|
exec('iwgetid '. RASPI_WIFI_CLIENT_INTERFACE. ' -r', $wifiNetworkID);
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
include_once('includes/status_messages.php');
|
include_once('includes/status_messages.php');
|
||||||
|
require_once 'config.php';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
@ -10,6 +11,7 @@ include_once('includes/status_messages.php');
|
|||||||
function DisplayOpenVPNConfig()
|
function DisplayOpenVPNConfig()
|
||||||
{
|
{
|
||||||
$status = new StatusMessages();
|
$status = new StatusMessages();
|
||||||
|
if (!RASPI_MONITOR_ENABLED) {
|
||||||
if (isset($_POST['SaveOpenVPNSettings'])) {
|
if (isset($_POST['SaveOpenVPNSettings'])) {
|
||||||
if (isset($_POST['authUser'])) {
|
if (isset($_POST['authUser'])) {
|
||||||
$authUser = strip_tags(trim($_POST['authUser']));
|
$authUser = strip_tags(trim($_POST['authUser']));
|
||||||
@ -31,6 +33,7 @@ function DisplayOpenVPNConfig()
|
|||||||
$status->addMessage($line, 'info');
|
$status->addMessage($line, 'info');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
exec('pidof openvpn | wc -l', $openvpnstatus);
|
exec('pidof openvpn | wc -l', $openvpnstatus);
|
||||||
exec('wget https://ipinfo.io/ip -qO -', $return);
|
exec('wget https://ipinfo.io/ip -qO -', $return);
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
include_once('includes/status_messages.php');
|
include_once('includes/status_messages.php');
|
||||||
|
require_once 'config.php';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
@ -72,6 +73,7 @@ function DisplaySystem()
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!RASPI_MONITOR_ENABLED) {
|
||||||
if (isset($_POST['SaveServerPort'])) {
|
if (isset($_POST['SaveServerPort'])) {
|
||||||
if (isset($_POST['serverPort'])) {
|
if (isset($_POST['serverPort'])) {
|
||||||
if (strlen($_POST['serverPort']) > 4 || !is_numeric($_POST['serverPort'])) {
|
if (strlen($_POST['serverPort']) > 4 || !is_numeric($_POST['serverPort'])) {
|
||||||
@ -85,12 +87,20 @@ function DisplaySystem()
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if (isset($_POST['system_reboot'])) {
|
||||||
|
$status->addMessage("System Rebooting Now!", "warning", false);
|
||||||
|
$result = shell_exec("sudo /sbin/reboot");
|
||||||
|
}
|
||||||
|
if (isset($_POST['system_shutdown'])) {
|
||||||
|
$status->addMessage("System Shutting Down Now!", "warning", false);
|
||||||
|
$result = shell_exec("sudo /sbin/shutdown -h now");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (isset($_POST['RestartLighttpd'])) {
|
if (isset($_POST['RestartLighttpd'])) {
|
||||||
$status->addMessage('Restarting lighttpd in 3 seconds...','info');
|
$status->addMessage('Restarting lighttpd in 3 seconds...','info');
|
||||||
exec('sudo /etc/raspap/lighttpd/configport.sh --restart');
|
exec('sudo /etc/raspap/lighttpd/configport.sh --restart');
|
||||||
}
|
}
|
||||||
|
|
||||||
exec('cat '. RASPI_LIGHTTPD_CONFIG, $return);
|
exec('cat '. RASPI_LIGHTTPD_CONFIG, $return);
|
||||||
$conf = ParseConfig($return);
|
$conf = ParseConfig($return);
|
||||||
$ServerPort = $conf['server.port'];
|
$ServerPort = $conf['server.port'];
|
||||||
@ -118,14 +128,5 @@ function DisplaySystem()
|
|||||||
'el_GR.UTF-8' => 'Ελληνικά'
|
'el_GR.UTF-8' => 'Ελληνικά'
|
||||||
);
|
);
|
||||||
|
|
||||||
if (isset($_POST['system_reboot'])) {
|
|
||||||
$status->addMessage("System Rebooting Now!", "warning", false);
|
|
||||||
$result = shell_exec("sudo /sbin/reboot");
|
|
||||||
}
|
|
||||||
if (isset($_POST['system_shutdown'])) {
|
|
||||||
$status->addMessage("System Shutting Down Now!", "warning", false);
|
|
||||||
$result = shell_exec("sudo /sbin/shutdown -h now");
|
|
||||||
}
|
|
||||||
|
|
||||||
echo renderTemplate("system", compact("arrLocales", "status", "system", "ServerPort"));
|
echo renderTemplate("system", compact("arrLocales", "status", "system", "ServerPort"));
|
||||||
}
|
}
|
||||||
|
@ -2,6 +2,10 @@
|
|||||||
require_once 'config.php';
|
require_once 'config.php';
|
||||||
require_once RASPI_CONFIG.'/raspap.php';
|
require_once RASPI_CONFIG.'/raspap.php';
|
||||||
|
|
||||||
|
if (RASPI_MONITOR_ENABLED) {
|
||||||
|
die();
|
||||||
|
};
|
||||||
|
|
||||||
session_start();
|
session_start();
|
||||||
header('X-Frame-Options: SAMEORIGIN');
|
header('X-Frame-Options: SAMEORIGIN');
|
||||||
header("Content-Security-Policy: default-src 'none'; frame-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'");
|
header("Content-Security-Policy: default-src 'none'; frame-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'");
|
||||||
|
Loading…
Reference in New Issue
Block a user