vh/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2025-12-07 01:26:11 -08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

php clean-up, logon fix

Browse Source
This commit is contained in:
Jokob-sk
2022-12-31 14:02:30 +11:00
parent c35b22dc53
commit e7fe5f795a
12 changed files with 103 additions and 133 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
front/deviceDetails.php
View File

@@ -8,14 +8,6 @@
#--------------------------------------------------------------------------- -->
<?php
session_start();
if ($_SESSION["login"] != 1)
{
header('Location: index.php');
exit;
}
require 'php/templates/header.php';
require 'php/server/db.php';
?>

11
front/devices.php
View File

@@ -8,21 +8,12 @@
#--------------------------------------------------------------------------- -->
<?php
session_start();
if(array_search('login', $_SESSION) != FALSE)
{
if ($_SESSION["login"] != 1)
{
header('Location: index.php');
exit;
}
}
require 'php/templates/header.php';
require 'php/templates/graph.php';
require 'php/server/util.php';
// check permissions
$dbPath = "../db/pialert.db";
$confPath = "../config/pialert.conf";

8
front/events.php
View File

@@ -8,14 +8,6 @@
#--------------------------------------------------------------------------- -->
<?php
session_start();
if ($_SESSION["login"] != 1)
{
header('Location: index.php');
exit;
}
require 'php/templates/header.php';
?>

8
front/help_faq.php
View File

@@ -1,12 +1,4 @@
<?php
session_start();
if ($_SESSION["login"] != 1)
{
header('Location: index.php');
exit;
}
require 'php/templates/header.php';
?>
<!-- Page ------------------------------------------------------------------ -->

81
front/index.php
View File

@@ -1,33 +1,9 @@
<?php
session_start();
if(array_search('action', $_REQUEST) != FALSE)
{
if ($_REQUEST['action'] == 'logout') {
session_destroy();
setcookie("PiAler_SaveLogin", "", time() - 3600);
header('Location: index.php');
}
}
require 'php/templates/language/lang.php';
require 'php/templates/skinUI.php';
// ##################################################
// ## Login Processing start
// ##################################################
$config_file = "../config/pialert.conf";
$config_file_lines = file($config_file);
// ###################################
// ## PIALERT_WEB_PROTECTION FALSE
// ###################################
$config_file_lines_bypass = array_values(preg_grep('/^PIALERT_WEB_PROTECTION\s.*/', $config_file_lines));
$protection_line = explode("=", $config_file_lines_bypass[0]);
$Pia_WebProtection = strtolower(trim($protection_line[1]));
require 'php/templates/security.php';
if ($Pia_WebProtection != 'true')
{
@@ -36,46 +12,44 @@ if ($Pia_WebProtection != 'true')
exit;
}
// ###################################
// ## PIALERT_WEB_PROTECTION TRUE
// ###################################
$config_file_lines = array_values(preg_grep('/^PIALERT_WEB_PASSWORD\s.*/', $config_file_lines));
$password_line = explode("'", $config_file_lines[0]);
$Pia_Password = $password_line[1];
// Password without Cookie check -> pass and set initial cookie
if ($Pia_Password == hash('sha256',$_POST["loginpassword"]))
if (isset ($_POST["loginpassword"]) && $Pia_Password == hash('sha256',$_POST["loginpassword"]))
{
header('Location: devices.php');
$_SESSION["login"] = 1;
if (isset($_POST['PWRemember'])) {setcookie("PiAler_SaveLogin", hash('sha256',$_POST["loginpassword"]), time()+604800);}
if (isset($_POST['PWRemember'])) {setcookie("PiAlert_SaveLogin", hash('sha256',$_POST["loginpassword"]), time()+604800);}
}
// active Session or valid cookie (cookie not extends)
if (($_SESSION["login"] == 1) || ($Pia_Password == $_COOKIE["PiAler_SaveLogin"]))
if (( isset ($_SESSION["login"]) && ($_SESSION["login"] == 1)) || (isset ($_COOKIE["PiAlert_SaveLogin"]) && $Pia_Password == $_COOKIE["PiAlert_SaveLogin"]))
{
header('Location: devices.php');
$_SESSION["login"] = 1;
if (isset($_POST['PWRemember'])) {setcookie("PiAler_SaveLogin", hash('sha256',$_POST["loginpassword"]), time()+604800);}
if (isset($_POST['PWRemember'])) {setcookie("PiAlert_SaveLogin", hash('sha256',$_POST["loginpassword"]), time()+604800);}
}
$login_headline = lang('Login_Toggle_Info_headline');
$login_info = "";
// no active session, cookie not checked
if ($_SESSION["login"] != 1)
if (isset ($_SESSION["login"]) == FALSE || $_SESSION["login"] != 1)
{
if (file_exists('../db/setting_darkmode')) {$ENABLED_DARKMODE = True;}
if ($Pia_Password == '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92') {
$login_info = 'Defaultpassword "123456" is still active';
$login_mode = 'danger';
$login_display_mode = 'display: block;';
$login_headline = lang('Login_Toggle_Alert_headline');
$login_icon = 'fa-ban';
} else {
$login_mode = 'info';
$login_display_mode = 'display: none;';
$login_headline = lang('Login_Toggle_Info_headline');
$login_icon = 'fa-info';
}
if ($Pia_Password == '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92')
{
$login_info = lang('Login_Default_PWD');
$login_mode = 'danger';
$login_display_mode = 'display: block;';
$login_headline = lang('Login_Toggle_Alert_headline');
$login_icon = 'fa-ban';
}
else
{
$login_mode = 'info';
$login_display_mode = 'display: none;';
$login_headline = lang('Login_Toggle_Info_headline');
$login_icon = 'fa-info';
}
}
// ##################################################
// ## Login Processing end
@@ -196,8 +170,3 @@ function Passwordhinfo() {
</script>
</body>
</html>
<?php
}
?>

24
front/maintenance.php
View File

@@ -1,14 +1,4 @@
<?php
session_start();
// Turn off php errors
error_reporting(0);
if ($_SESSION["login"] != 1)
{
header('Location: index.php');
exit;
}
//------------------------------------------------------------------------------
// Pi.Alert
@@ -113,12 +103,20 @@ $Pia_Archive_diskusage = number_format(($Pia_Archive_diskusage / 1000000),2,",",
$latestfiles = glob($Pia_Archive_Path."pialertdb_*.zip");
natsort($latestfiles);
$latestfiles = array_reverse($latestfiles,False);
$latestbackup = $latestfiles[0];
$latestbackup_date = date ("Y-m-d H:i:s", filemtime($latestbackup));
$latestbackup = 'none';
$latestbackup_date = 'no backup';
if (count($latestfiles) > 0)
{
$latestbackup = $latestfiles[0];
$latestbackup_date = date ("Y-m-d H:i:s", filemtime($latestbackup));
}
// Skin selector -----------------------------------------------------------------
if (submit && isset($_POST['skinselector_set'])) {
if (isset($_POST['submit']) && submit && isset($_POST['skinselector_set'])) {
$pia_skin_set_dir = '../db/';
$pia_skin_selector = htmlspecialchars($_POST['skinselector']);
if (in_array($pia_skin_selector, $pia_installed_skins)) {

10
front/network.php
View File

@@ -1,14 +1,4 @@
<?php
session_start();
// Turn off php errors
error_reporting(0);
if ($_SESSION["login"] != 1)
{
header('Location: index.php');
exit;
}
require 'php/templates/header.php';
require 'php/server/db.php';

1
front/php/templates/header.php
View File

@@ -12,6 +12,7 @@
require '/home/pi/pialert/front/php/templates/timezone.php';
require '/home/pi/pialert/front/php/templates/skinUI.php';
require '/home/pi/pialert/front/php/templates/language/lang.php';
require '/home/pi/pialert/front/php/templates/security.php';
?>

1
front/php/templates/language/en_us.php
View File

@@ -37,6 +37,7 @@ $lang['en_us'] = array(
'Login_Toggle_Info' => 'Password Information',
'Login_Toggle_Info_headline' => 'Password Information',
'Login_Toggle_Alert_headline' => 'Password Alert!',
'Login_Default_PWD' => 'Default password "123456" is still active.',
//////////////////////////////////////////////////////////////////
// Device Page

64
front/php/templates/security.php Normal file
View File

@@ -0,0 +1,64 @@
<?php
$url = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$isLogonPage = FALSE;
if (strpos($url,'index.php') !== false) {
$isLogonPage = TRUE;
}
session_start();
if(array_search('action', $_REQUEST) != FALSE)
{
if ($_REQUEST['action'] == 'logout') {
session_destroy();
setcookie("PiAlert_SaveLogin", "", time() - 3600);
header('Location: index.php');
}
}
// ##################################################
// ## Login Processing start
// ##################################################
$config_file = "../config/pialert.conf";
$config_file_lines = file($config_file);
// ###################################
// ## PIALERT_WEB_PROTECTION FALSE
// ###################################
$config_file_lines_bypass = array_values(preg_grep('/^PIALERT_WEB_PROTECTION.*=/', $config_file_lines));
$protection_line = explode("=", $config_file_lines_bypass[0]);
$Pia_WebProtection = strtolower(trim($protection_line[1]));
// ###################################
// ## PIALERT_WEB_PROTECTION TRUE
// ###################################
$config_file_lines = array_values(preg_grep('/^PIALERT_WEB_PASSWORD.*=/', $config_file_lines));
$password_line = explode("'", $config_file_lines[0]);
$Pia_Password = $password_line[1];
// active Session or valid cookie (cookie not extends)
if($Pia_WebProtection == 'true')
{
if(isset ($_SESSION["login"]) == FALSE )
{
$_SESSION["login"] = 0;
}
if ( ($_SESSION["login"] == 1) || $isLogonPage || (( isset($_COOKIE["PiAlert_SaveLogin"]) && $Pia_Password == $_COOKIE["PiAlert_SaveLogin"])))
{
//Logged in or stay on this page if we are on the index.php already
} else
{
// we need to redirect
header('Location: index.php');
}
}
?>

8
front/presence.php
View File

@@ -8,14 +8,6 @@
#--------------------------------------------------------------------------- -->
<?php
session_start();
if ($_SESSION["login"] != 1)
{
header('Location: index.php');
exit;
}
require 'php/templates/header.php';
require 'php/templates/graph.php';
?>

12
front/settings.php
View File

@@ -1,19 +1,7 @@
<?php
session_start();
if ($_SESSION["login"] != 1)
{
header('Location: index.php');
exit;
}
require 'php/templates/header.php';
foreach (glob("../db/setting_language*") as $filename) {
$pia_lang_selected = str_replace('setting_language_','',basename($filename));
}
if (strlen($pia_lang_selected) == 0) {$pia_lang_selected = 'en_us';}
//------------------------------------------------------------------------------
// External files