.github/ISSUE_TEMPLATE/issue_form.yml

@@ -34,15 +34,15 @@ body:
           required: true
         - label: I observed this bug on a clean install of a [supported OS](https://docs.raspap.com/#compatible-operating-systems).
           required: true
-        - label: I have followed the [project prerequisites](https://docs.raspap.com/quick_start/#quick-install).
+        - label: I have followed the [project prerequisites](https://docs.raspap.com/#quick-start).
           required: true
         - label: I have searched this repository for existing issues.
           required: true
         - label: I checked the [FAQ](https://docs.raspap.com/faq/) and [official documentation](https://docs.raspap.com/).
           required: true
         - label: I am using an [external wireless adapter](https://docs.raspap.com/issues/#external-hardware).
-          required: false
-        - label: I have generated a [RaspAP debug log](https://docs.raspap.com/troubleshooting/#debug-log) and performed a [self-diagnosis](https://docs.raspap.com/troubleshooting/#diagnosing-problems).
+          required: true
+        - label: I have generated a [RaspAP debug log](https://docs.raspap.com/ap-basics/#debug-log) and performed a [self-diagnosis](https://docs.raspap.com/ap-basics/#diagnosing-problems).
           required: true
 
   - type: dropdown
@@ -56,15 +56,15 @@ body:
         - Raspberry Pi OS	(64-bit) Lite Bullseye	
         - Raspberry Pi OS	(32-bit) Lite Bullseye
         - Armbian	23.05 (Suni)	
-        - Debian Bookworm
+        - Debian	Bookworm
+        - Ubuntu	Server 23.04 (Lunar)
     validations:
       required: true
   - type: dropdown
     id: install
     attributes:
-      label: Installation method
+      label: Quick install or Manual setup?
       options:
-        - Pre-built image
         - Quick install	
         - Manual setup
     validations:
@@ -90,7 +90,6 @@ body:
         - Raspberry Pi 3 Model B
         - Raspberry Pi Zero 2 W 
         - Raspberry Pi Zero W 
-        - Raspberry Pi Compute Module
         - Orange Pi family
         - Other
     validations:
@@ -100,8 +99,8 @@ body:
     attributes:
       label: RaspAP version
       options:
-        - Latest
-        - Other (specify below)
+        - 3.2.5 (Latest)
+        - Other
     validations:
       required: true
   - type: dropdown
@@ -114,6 +113,7 @@ body:
         - Not sure
     validations:
       required: true
+      
   - type: input
     id: contact
     attributes:

.github/workflows/release.yml

@@ -33,19 +33,6 @@ jobs:
 
           # Set Wi-Fi country to prevent RF kill
           raspi-config nonint do_wifi_country "US"
-
-          # Fetch RaspAP version and set MOTD
-          RASPAP_VERSION=\$(curl -sL https://install.raspap.com | bash -s -- --version)
-          echo "\$RASPAP_VERSION" | tee /etc/motd
-          EOF
-          } &&
-          chmod +x stage-raspap/package-raspap/00-run-chroot.sh &&
-          {
-          cat > stage-raspap/prerun.sh <<-EOF
-          #!/bin/bash -e
-          if [ ! -d "\${ROOTFS_DIR}" ]; then
-            copy_previous
-          fi
           EOF
           } &&
           chmod +x stage-raspap/package-raspap/00-run-chroot.sh &&

.gitmodules

@@ -1,4 +1,3 @@
 [submodule "plugins"]
-    path = plugins
-    url = https://github.com/RaspAP/plugins
-    branch = master
+	path = plugins
+	url = https://github.com/RaspAP/plugins

BACKERS.md

@@ -1,4 +1,4 @@
-<img width="465" alt="Insiders logo" src="https://i.imgur.com/62TMUy5.png">
+<img width="465" alt="Insiders logo" src="https://user-images.githubusercontent.com/229399/115766971-e19e1900-a3a8-11eb-8c6f-379deb4313d2.png"> 
 
 Development of RaspAP is made possible thanks to a sponsorware release model. This means that new features are first exclusively released to sponsors as part of **Insiders**. Read on to learn how sponsorship works, and how easy it is to get access to Insiders.
 
@@ -20,6 +20,7 @@ The following features are currently available exclusively to sponsors. A tangib
  ✅ [WPA3-Personal AP security](https://docs.raspap.com/ap-basics/#wpa3-personal)  
  ✅ [802.11w Protected Management Frames](https://docs.raspap.com/ap-basics/#80211w)  
  ✅ [Printable Wi-Fi signs](https://docs.raspap.com/ap-basics/#printable-signs)  
+ ✅ [Drag & drop dashboard widgets](https://docs.raspap.com/ap-basics/#drag-drop-widgets)  
  ✅ [MAC address cloning](https://docs.raspap.com/net-devices/#changing-the-mac-address)  
  ✅ [Network diagnostics](https://docs.raspap.com/net-devices/#diagnostics)  
  ✅ [WireGuard VPN kill switch](https://docs.raspap.com/wireguard/#kill-switch)  

README.md

@@ -1,13 +1,14 @@
-![RaspAP Custom OS images](https://github.com/user-attachments/assets/e871adf1-123c-450b-94eb-80a185c242cc)
-[![Release 3.3.2](https://img.shields.io/badge/release-v3.3.2-green)](https://github.com/raspap/raspap-webgui/releases) [![Awesome](https://awesome.re/badge.svg)](https://github.com/thibmaek/awesome-raspberry-pi) [![Join Insiders](https://img.shields.io/static/v1?label=Insiders&message=%E2%9D%A4&logo=GitHub&color=ff69b4)](https://github.com/sponsors/RaspAP) [![Build Status](https://app.travis-ci.com/RaspAP/raspap-webgui.svg?branch=master)](https://app.travis-ci.com/RaspAP/raspap-webgui) [![Crowdin](https://badges.crowdin.net/raspap/localized.svg)](https://crowdin.com/project/raspap) [![Twitter URL](https://img.shields.io/twitter/url?label=%40RaspAP&logoColor=%23d8224c&url=https%3A%2F%2Ftwitter.com%2Frasp_ap)](https://twitter.com/rasp_ap) [![Reddit](https://img.shields.io/badge/%2Fr%2FRaspAP-e05d44?style=flat&logo=Reddit&logoColor=white&labelColor=e05d44&color=b14835)](https://reddit.com/r/RaspAP) [![Discord](https://img.shields.io/discord/642436993451819018?color=7289DA&label=Discord&logo=discord&style=flat)](https://discord.gg/KVAsaAR)
+![](https://i.imgur.com/xeKD93p.png)
+[![Release 3.2.7](https://img.shields.io/badge/release-v3.2.7-green)](https://github.com/raspap/raspap-webgui/releases) [![Awesome](https://awesome.re/badge.svg)](https://github.com/thibmaek/awesome-raspberry-pi) [![Join Insiders](https://img.shields.io/static/v1?label=Insiders&message=%E2%9D%A4&logo=GitHub&color=ff69b4)](https://github.com/sponsors/RaspAP) [![Build Status](https://app.travis-ci.com/RaspAP/raspap-webgui.svg?branch=master)](https://app.travis-ci.com/RaspAP/raspap-webgui) [![Crowdin](https://badges.crowdin.net/raspap/localized.svg)](https://crowdin.com/project/raspap) [![Twitter URL](https://img.shields.io/twitter/url?label=%40RaspAP&logoColor=%23d8224c&url=https%3A%2F%2Ftwitter.com%2Frasp_ap)](https://twitter.com/rasp_ap) [![Reddit](https://img.shields.io/badge/%2Fr%2FRaspAP-e05d44?style=flat&logo=Reddit&logoColor=white&labelColor=e05d44&color=b14835)](https://reddit.com/r/RaspAP) [![Discord](https://img.shields.io/discord/642436993451819018?color=7289DA&label=Discord&logo=discord&style=flat)](https://discord.gg/KVAsaAR)
 
-RaspAP is feature-rich wireless router software that _just works_ on many popular [Debian-based devices](#supported-operating-systems), including the Raspberry Pi. Our [custom OS images](#pre-built-image), [Quick installer](#quick-installer) and [Docker container](#docker-support) create a known-good default configuration for all current Raspberry Pis with onboard wireless. A fully responsive, mobile-ready interface gives you control over the relevant services and networking options. Advanced DHCP settings, WireGuard and OpenVPN support, [SSL certificates](https://docs.raspap.com/ssl/), [ad blocking](#ad-blocking), security audits, [captive portal integration](https://docs.raspap.com/captive/), themes and [multilingual options](https://docs.raspap.com/translations/) are included.
 
-RaspAP has been featured by [PC World](https://www.pcwelt.de/article/1789512/raspberry-pi-als-wlan-router.html), [Adafruit](https://blog.adafruit.com/2016/06/24/raspap-wifi-configuration-portal-piday-raspberrypi-raspberry_pi/), [Raspberry Pi Weekly](https://www.raspberrypi.org/weekly/commander/), and [Awesome Raspberry Pi](https://project-awesome.org/thibmaek/awesome-raspberry-pi) and implemented in [countless projects](https://github.com/RaspAP/raspap-awesome#projects).
+RaspAP is feature-rich wireless router software that _just works_ on many popular [Debian-based devices](#supported-operating-systems), including the Raspberry Pi. Our popular [Quick installer](#quick-installer) and [Docker container](#docker-support) create a known-good default configuration for all current Raspberry Pis with onboard wireless. A fully responsive, mobile-ready interface gives you control over the relevant services and networking options. Advanced DHCP settings, WireGuard and OpenVPN support, [SSL certificates](https://docs.raspap.com/ssl/), security audits, [captive portal integration](https://docs.raspap.com/captive/), themes and [multilingual options](https://docs.raspap.com/translations/) are included.
+
+RaspAP has been featured on sites such as [Instructables](http://www.instructables.com/id/Raspberry-Pi-As-Completely-Wireless-Router/), [Adafruit](https://blog.adafruit.com/2016/06/24/raspap-wifi-configuration-portal-piday-raspberrypi-raspberry_pi/), [Raspberry Pi Weekly](https://www.raspberrypi.org/weekly/commander/) and [Awesome Raspberry Pi](https://project-awesome.org/thibmaek/awesome-raspberry-pi) and implemented in countless projects.
 
 We hope you enjoy using RaspAP as much as we do creating it. Tell us how you use this with [your own projects](https://github.com/raspap/raspap-awesome).
 
-![dashboard](https://github.com/user-attachments/assets/f7cf5c32-4d95-4ac8-8a30-6d892d7ac6ed)
+![](https://github.com/user-attachments/assets/c9bb0386-0b10-48cc-8b42-0a587a84fc37)
 <img width="32.5%" alt="Wifi Client" src="https://github.com/user-attachments/assets/95696ddc-da84-4339-97cc-f2a173054664">
 <img width="32.5%" alt="Hotspot" src="https://github.com/user-attachments/assets/c1c4de15-3ff2-4d3c-a7af-339c24896749">
 <img width="32.5%" alt="Adblock" src="https://github.com/user-attachments/assets/ab925687-8407-4bec-a952-9dc6a2675f49">
@@ -17,13 +18,15 @@ We hope you enjoy using RaspAP as much as we do creating it. Tell us how you use
 
 ## Contents
 
- - [Quick start](#quick-start)
+ - [Prerequisites](#prerequisites)
+ - [Quick installer](#quick-installer)
  - [Join Insiders](#join-insiders)
  - [WireGuard support](#wireguard-support)
  - [OpenVPN support](#openvpn-support)
  - [VPN Provider support](#vpn-provider-support)
  - [Ad Blocking](#ad-blocking)
  - [Bridged AP](#bridged-ap)
+ - [Simultaneous AP and Wifi client](#simultaneous-ap-and-wifi-client)
  - [Manual installation](#manual-installation)
  - [802.11ac 5GHz support](#80211ac-5ghz-support)
  - [Supported operating systems](#supported-operating-systems)
@@ -35,43 +38,30 @@ We hope you enjoy using RaspAP as much as we do creating it. Tell us how you use
  - [Reporting issues](#reporting-issues)
  - [License](#license)
 
-## Quick start
-RaspAP gives you two different ways to get up and running quickly. The simplest and recommended approach is to use a custom Raspberry Pi OS image with RaspAP preinstalled. This option eliminates guesswork and gives you a base upon which to build. Alternatively, you may execute the Quick installer on an existing [compatible OS](https://docs.raspap.com/#compatible-operating-systems).
-
-### Pre-built image
-Custom Raspberry Pi OS Lite images with the latest RaspAP are available for [direct download](https://github.com/RaspAP/raspap-webgui/releases/latest). This includes both 32- and 64-bit builds for ARM architectures.
-
-| Operating system     | Debian version | Kernel version  | RaspAP version | Size  |
-| ---------------------| ---------------|-----------------|----------------|-------|
-| Raspberry Pi OS (64-bit) Lite | 12 (bookworm)  | 6.6             | Latest         | 777 MB|
-| Raspberry Pi OS (32-bit) Lite | 12 (bookworm)  | 6.6             | Latest         | 805 MB|
-
-These images are automatically generated with each release of RaspAP. You may choose between an `arm64` or `armhf` (32-bit) based build. Refer to [this resource](https://www.raspberrypi.com/software/operating-systems/) to ensure compatibility with your hardware.
-
-After downloading your desired image from the [latest release page](https://github.com/RaspAP/raspap-webgui/releases/latest), use a utility such as the Raspberry Pi Imager or [balenaEtcher](https://www.balena.io/etcher) to flash the OS image onto a microSD card. Insert the card into your device and boot it up. The latest RaspAP release version with the most popular optional components will be active and ready for you to configure.
-
-### Quick installer
-Alternatively, start with a clean install of a [latest release of Raspberry Pi OS](https://www.raspberrypi.org/software/operating-systems/). Both the 32- and 64-bit release versions are supported, as well as the latest 64-bit Desktop distribution.
-
-Update RPi OS to its latest version, including the kernel and firmware, followed by a reboot:
+## Prerequisites
+Start with a clean install of the [latest release of Raspberry Pi OS Lite](https://www.raspberrypi.com/software/operating-systems/). Both the 32- and 64-bit Lite versions are supported. The Raspberry Pi OS desktop distro is [unsupported](https://docs.raspap.com/faq/#distros).
 
+1. Update Raspbian, including the kernel and firmware, followed by a reboot:
 ```
 sudo apt-get update
 sudo apt-get full-upgrade
 sudo reboot
 ```
-Set the WiFi country in raspi-config's **Localisation Options**: `sudo raspi-config`.
+2. Set the "WLAN country" option in `raspi-config`'s **Localisation Options**: `sudo raspi-config`
 
+3. If you have a device without an onboard wireless chipset, the [**Edimax Wireless 802.11b/g/n nano USB adapter**](https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/global/wireless_adapters_n150/ew-7811un) is an excellent option – it's small, cheap and has good driver support.
+
+With the prerequisites done, you can proceed with either the Quick installer or Manual installation steps below.
+
+## Quick installer
 Install RaspAP from your device's shell prompt:
 ```sh
 curl -sL https://install.raspap.com | bash
 ```
+The [installer](https://docs.raspap.com/quick/) will complete the steps in the manual installation (below) for you.
 
-The Quick installer will respond to several [command line arguments](https://docs.raspap.com/quick/), or switches, to customize your installation in a variety of ways, or install one of RaspAP's optional helper tools.
-
-### Initial settings
-After completing either of these setup options, the wireless AP network will be configured as follows:
-
+After the reboot at the end of the installation the wireless network will be
+configured as an access point as follows:
 * IP address: 10.3.141.1
   * Username: admin
   * Password: secret
@@ -79,7 +69,7 @@ After completing either of these setup options, the wireless AP network will be
 * SSID: `raspi-webgui`
 * Password: ChangeMe
 
-It's _strongly recommended_ that your first post-install action is to change the default admin [authentication](https://docs.raspap.com/authentication/) settings. Thereafter, your AP's [basic settings](https://docs.raspap.com/ap-basics/) and many [advanced options](https://docs.raspap.com/ap-basics#advanced-options) are now ready to be modified by RaspAP.
+**Note:** As the name suggests, the Quick Installer is a great way to quickly setup a new AP. However, it does not automagically detect the unique configuration of your system. Best results are obtained by connecting to ethernet (`eth0`) or as a WiFi client, also known as managed mode, with `wlan0`. For the latter, refer to [this FAQ](https://docs.raspap.com/faq/#headless). Special instructions for the Pi Zero W are [available here](https://docs.raspap.com/ap-sta/).
 
 Please [read this](https://docs.raspap.com/issues/) before reporting an issue.
 
@@ -128,6 +118,11 @@ By default RaspAP configures a routed AP for your clients to connect to. A bridg
 
 More information on Bridged AP mode is provided [in our documentation](https://docs.raspap.com/bridged/).
 
+## Simultaneous AP and Wifi client
+RaspAP lets you create an AP with a Wifi client configuration, often called [AP-STA mode](https://docs.raspap.com/ap-sta/). With your system configured in managed mode, enable the AP from the **Advanced** tab of **Configure hotspot** by sliding the **Wifi client AP mode** toggle. Save settings and start the hotspot. The managed mode AP is functional without restart.
+
+**Note:** This option is disabled until you configure your system as a wireless client. For a device operating in [managed mode](https://docs.raspap.com/faq/#headless) without an `eth0` connection, this configuration must be enabled [_before_ a reboot](https://docs.raspap.com/ap-sta/). 
+
 ## Manual installation
 Detailed manual setup instructions are provided [on our documentation site](https://docs.raspap.com/manual/).
 
@@ -144,10 +139,11 @@ RaspAP was originally made for Raspbian, but now also installs on the following
 | Raspberry Pi OS | (64-bit) Desktop Bookworm | ARM | Official |
 | Raspberry Pi OS | (64-bit) Lite Bullseye | ARM | Official |
 | Raspberry Pi OS | (32-bit) Lite Bullseye | ARM | Official |
-| Armbian | 23.11 (Jammy) | [ARM](https://docs.armbian.com/#supported-socs) | Beta |
+| Armbian | 23.11 (Jammy) | [ARM](https://docs.armbian.com/#supported-socs) | Official |
 | Debian  |  Bookworm | ARM / x86_64  | Beta |
+| Ubuntu  |  Server 23.04 (Lunar) | ARM / x86_64  | Beta |
 
-<img src="https://i.imgur.com/XiAJNKb.png" style="width:480px;" />
+<img src="https://github.com/RaspAP/raspap-webgui/assets/229399/6fe62f2d-631a-46c9-8ceb-83ebf0ade6a9" style="width:640px;" />
 
 You are also encouraged to use RaspAP's community-led [Docker container](#docker-support). Please note that "supported" is not a guarantee. If you are able to improve support for your preferred distro, we encourage you to [actively contribute](#how-to-contribute) to the project.
 

ajax/adblock/update_blocklist.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 
 if (isset($_POST['blocklist_id'])) {

ajax/bandwidth/get_bandwidth.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 
 $interface = filter_input(INPUT_GET, 'inet', FILTER_SANITIZE_SPECIAL_CHARS);

ajax/bandwidth/get_bandwidth_hourly.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 
 if (filter_input(INPUT_GET, 'tu') == 'h') {

ajax/logging/clearlog.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 require_once '../../includes/functions.php';
 

ajax/networking/do_sys_reset.php

@@ -1,29 +1,37 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
 require_once '../../includes/config.php';
 require_once '../../includes/session.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
+require_once '../../includes/session.php';
 require_once '../../includes/functions.php';
 
-$return = 0;
-$path = "../../config";
-$configs = array(
-    array("src" => $path .'/hostapd.conf', "tmp" => "/tmp/hostapddata", "dest" => RASPI_HOSTAPD_CONFIG),
-    array("src" => $path .'/dhcpcd.conf', "tmp" => "/tmp/dhcpddata", "dest" => RASPI_DHCPCD_CONFIG),
-    array("src" => $path .'/090_wlan0.conf', "tmp" => "/tmp/dnsmasqdata", "dest" => RASPI_DNSMASQ_PREFIX.'wlan0.conf'),
-    array("src" => $path .'/090_raspap.conf', "tmp" => "/tmp/dnsmasqdata", "dest" => RASPI_DNSMASQ_PREFIX.'raspap.conf'),
-);
-
-foreach ($configs as $config) {
-    try {
-        $tmp = file_get_contents($config["src"]);
-        file_put_contents($config["tmp"], $tmp);
-        system("sudo cp ".$config["tmp"]. " ".$config["dest"]);
-    } catch (Exception $e) {
-        $return = $e->getCode();
+if (isset($_POST['csrf_token'])) {
+    if (csrfValidateRequest() && !CSRFValidate()) {
+        handleInvalidCSRFToken();
     }
-}
-$jsonData = ['return'=>$return];
-echo json_encode($jsonData);
+    $return = 0;
+    $path = "../../config";
+    $configs = array(
+        array("src" => $path .'/hostapd.conf', "tmp" => "/tmp/hostapddata", "dest" => RASPI_HOSTAPD_CONFIG),
+        array("src" => $path .'/dhcpcd.conf', "tmp" => "/tmp/dhcpddata", "dest" => RASPI_DHCPCD_CONFIG),
+        array("src" => $path .'/090_wlan0.conf', "tmp" => "/tmp/dnsmasqdata", "dest" => RASPI_DNSMASQ_PREFIX.'wlan0.conf'),
+        array("src" => $path .'/090_raspap.conf', "tmp" => "/tmp/dnsmasqdata", "dest" => RASPI_DNSMASQ_PREFIX.'raspap.conf'),
+    );
 
+    foreach ($configs as $config) {
+        try {
+            $tmp = file_get_contents($config["src"]);
+            file_put_contents($config["tmp"], $tmp);
+            system("sudo cp ".$config["tmp"]. " ".$config["dest"]);
+        } catch (Exception $e) {
+            $return = $e->getCode();
+        }
+    }
+    $jsonData = ['return'=>$return];
+    echo json_encode($jsonData);
+
+} else {
+    handleInvalidCSRFToken();
+}

ajax/networking/get_all_interfaces.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 
 exec("ls /sys/class/net | grep -v lo", $interfaces);

ajax/networking/get_channel.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 
 exec('cat '. RASPI_HOSTAPD_CONFIG, $hostapdconfig);
@@ -17,4 +18,3 @@ foreach ($hostapdconfig as $hostapdconfigline) {
 };
 $channel = intval($arrConfig['channel']);
 echo json_encode($channel);
-

ajax/networking/get_frequencies.php

@@ -1,8 +1,10 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
+require_once '../../src/RaspAP/Parsers/IwParser.php';
 require_once '../../includes/authenticate.php';
 
 if (isset($_POST['interface'])) {

ajax/networking/get_ip_summary.php

@@ -1,9 +1,10 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/functions.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 
 if (isset($_POST['interface'])) {

ajax/networking/get_netcfg.php

@@ -1,10 +1,10 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
-require_once '../../includes/functions.php';
 
 $interface = $_POST['iface'];
 

ajax/networking/get_nl80211_band.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 require_once '../../includes/locale.php';
 

ajax/networking/get_wgcfg.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 
 // fetch wg client.conf

ajax/networking/get_wgkey.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 
 $entity = escapeshellcmd($_POST['entity']);

ajax/networking/wifi_stations.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 require_once '../../includes/defaults.php';
 require_once '../../includes/functions.php';

ajax/openvpn/activate_ovpncfg.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 require_once '../../includes/functions.php';
 

ajax/openvpn/del_ovpncfg.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 require_once '../../includes/functions.php';
 

ajax/plugins/do_plugin_install.php

@@ -1,26 +1,29 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
+require_once '../../src/RaspAP/Plugins/PluginInstaller.php';
 
 $pluginInstaller = \RaspAP\Plugins\PluginInstaller::getInstance();
 $plugin_uri = $_POST['plugin_uri'] ?? null;
 $plugin_version = $_POST['plugin_version'] ?? null;
-$install_path = $_POST['install_path'] ?? null;
 
-if (isset($plugin_uri, $plugin_version, $install_path)) {
+if (isset($plugin_uri) && isset($plugin_version)) {
+    $archiveUrl = rtrim($plugin_uri, '/') . '/archive/refs/tags/' . $plugin_version .'.zip';
+
     try {
-        $return = $pluginInstaller->installPlugin($plugin_uri, $plugin_version, $install_path);
+        $return = $pluginInstaller->installPlugin($archiveUrl);
         echo json_encode($return);
     } catch (Exception $e) {
-        http_response_code(422); // unprocessable content
+        http_response_code(422); // Unprocessable Content
         echo json_encode(['error' => $e->getMessage()]);
     }
 } else {
     http_response_code(400); // Bad Request
-    echo json_encode(['error' => 'Plugin URI, version, and install path are required']);
+    echo json_encode(['error' => 'Plugin URI and version are required']);
     exit;
 }
 

ajax/session/do_check_session.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 
 $lastActivity = $_SESSION['lastActivity'] ?? time();

ajax/system/sys_actions.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 
 $action = escapeshellcmd($_POST['a']);

ajax/system/sys_chk_update.php

@@ -1,22 +1,27 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
-require_once '../../includes/authenticate.php';
 require_once '../../includes/defaults.php';
-require_once '../../includes/functions.php';
 
-$uri = RASPI_API_ENDPOINT;
-preg_match('/(\d+(\.\d+)+)/', RASPI_VERSION, $matches);
-$thisRelease = $matches[0];
+if (isset($_POST['csrf_token'])) {
+    if (csrfValidateRequest() && !CSRFValidate()) {
+        handleInvalidCSRFToken();
+    }
+    $uri = RASPI_API_ENDPOINT;
+    preg_match('/(\d+(\.\d+)+)/', RASPI_VERSION, $matches);
+    $thisRelease = $matches[0];
 
-$json = shell_exec("wget --timeout=5 --tries=1 $uri -qO -");
-$data = json_decode($json, true);
-$tagName = $data['tag_name'];
-$updateAvailable = checkReleaseVersion($thisRelease, $tagName);
+    $json = shell_exec("wget --timeout=5 --tries=1 $uri -qO -");
+    $data = json_decode($json, true);
+    $tagName = $data['tag_name'];
+    $updateAvailable = checkReleaseVersion($thisRelease, $tagName);
 
-$response['tag'] = $tagName;
-$response['update'] = $updateAvailable;
-echo json_encode($response);
+    $response['tag'] = $tagName;
+    $response['update'] = $updateAvailable;
+    echo json_encode($response);
 
+} else {
+    handleInvalidCSRFToken();
+}

ajax/system/sys_debug.php

@@ -1,18 +1,25 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 
-$root = getenv("DOCUMENT_ROOT");
-exec('sudo '.RASPI_CONFIG.'/system/debuglog.sh -i '.$root, $return);
-
-$logOutput = implode(PHP_EOL, $return);
-$tempDir = sys_get_temp_dir();
-$filePath = $tempDir . DIRECTORY_SEPARATOR . RASPI_DEBUG_LOG;
-$handle = fopen($filePath, "w");
-fwrite($handle, $logOutput);
-fclose($handle);
-echo json_encode($filePath);
+if (isset($_POST['csrf_token'])) {
+    if (csrfValidateRequest() && !CSRFValidate()) {
+        handleInvalidCSRFToken();
+    }
+    $root = getenv("DOCUMENT_ROOT");
+    exec('sudo '.RASPI_CONFIG.'/system/debuglog.sh -i '.$root, $return);
 
+    $logOutput = implode(PHP_EOL, $return);
+    $tempDir = sys_get_temp_dir();
+    $filePath = $tempDir . DIRECTORY_SEPARATOR . RASPI_DEBUG_LOG;
+    $handle = fopen($filePath, "w");
+    fwrite($handle, $logOutput);
+    fclose($handle);
+    echo json_encode($filePath);
+} else {
+    handleInvalidCSRFToken();
+}

ajax/system/sys_get_logfile.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 
 $tempDir = sys_get_temp_dir();

ajax/system/sys_perform_update.php

@@ -1,8 +1,9 @@
 <?php
-require_once '../../includes/autoload.php';
-require_once '../../includes/CSRF.php';
+
+require '../../includes/csrf.php';
 require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 
 if (isset($_POST['csrf_token'])) {
@@ -11,7 +12,7 @@ if (isset($_POST['csrf_token'])) {
     }
     // set installer path + options
     $path = getenv("DOCUMENT_ROOT");
-    $opts = " --update --yes --check 0 --path $path";
+    $opts = " --update --yes --path $path";
     $installer = "sudo /etc/raspap/system/raspbian.sh";
     $execUpdate = $installer.$opts;
 

ajax/system/sys_read_logfile.php

@@ -1,8 +1,8 @@
 <?php
 
-require_once '../../includes/autoload.php';
-require_once '../../includes/session.php';
 require_once '../../includes/config.php';
+require_once '../../includes/session.php';
+require_once '../../src/RaspAP/Auth/HTTPAuth.php';
 require_once '../../includes/authenticate.php';
 
 $logFile = '/tmp/raspap_install.log';

app/css/all.css

@@ -9,7 +9,6 @@ License: GNU General Public License v3.0
 :root {
   --raspap-content-main: #495057;
   --raspap-text-muted: #858796;
-  --raspap-text-light: #999999;
   --raspap-brand-color: #2b8080;
   --raspap-offwhite: #faf9f6;
 }
@@ -169,7 +168,12 @@ th {
 }
 
 canvas#divDBChartBandwidthhourly {
-  height: 509px!important;
+  height: 350px!important;
+}
+
+.chart-container {
+  height: 150px;
+  width: 200px;
 }
 
 .dbChart {
@@ -186,7 +190,7 @@ canvas#divDBChartBandwidthhourly {
 }
 
 .check-progress {
-  color: var(--raspap-text-light);
+  color: #999;
 }
 
 .fa-check {
@@ -384,280 +388,3 @@ textarea.plugin-log {
   font-family: monospace;
   font-size: 0.9rem;
 }
-
-.card-wrapper {
-  margin: 1rem;
-}
-
-.dashboard-container {
-  display: flex;
-  position: relative;
-  width: 100%;
-  min-height: 400px;
-  padding: 2rem;
-}
-
-.connections-left,
-.connections-right {
-  position: relative;
-  display: flex;
-  flex-direction: column;
-  justify-content: space-between;
-}
-
-.connection-item {
-  cursor: pointer;
-  display: flex;
-  align-items: center;
-  gap: 0.5rem;
-  z-index: 5;
-  color: var(--raspap-text-light);
-}
-
-.connection-right {
-  align-items: center;
-  margin-left: 10rem;
-}
-
-.connections-left i {
-  height: 40px;
-  display: flex;
-  align-items: center;
-  justify-content: left;
-}
-
-.connections-left i:first-child {
-  margin-top: 0;
-}
-
-.connections-left i:last-child {
-  margin-bottom: 0;
-  margin-left: 0.5rem;
-}
-
-.center-device {
-  display: flex;
-  flex-direction: column;
-  align-items: center;
-  text-align: center;
-  position: relative;
-  z-index: 1;
-}
-
-.center-device-top {
-  margin-bottom: 30px;
-}
-
-.client-group {
-  display: flex;
-  align-items: center;
-  flex-direction: row-reverse;
-  gap: 0.5rem;
-}
-
-.client-count {
-  text-align: right;
-}
-
-.clients-status {
-  height: 100%;
-  display: flex;
-  flex-direction: column;
-  justify-content: space-between;
-  align-items: flex-end;
-  padding-right: 1rem;
-}
-
-.dashed-lines,
-.solid-lines {
-  position: absolute;
-  top: 0;
-  left: 0;
-  width: 100%;
-  height: 100%;
-  object-fit: contain;
-  padding: 1rem;
-  left: 112px;
-}
-
-.dashed-lines-right,
-.solid-lines-right {
-  left: -80px;
-}
-
-.solid-lines, .solid-lines-right {
-  z-index: 3;
-}
-
-.dashed-lines, .dashed-lines-right {
-  z-index 0;
-}
-
-.device-status {
-  display: flex;
-  flex-wrap: wrap;
-  gap: 1rem;
-  justify-content: center;
-  margin: 0.8rem 0;
-}
-
-.wifi-bands {
-  display: flex;
-  gap: 0.5rem;
-}
-
-.band {
-  padding: 0.25rem 1rem;
-  border: 2px solid var(--raspap-text-light);
-  border-radius: 4px;
-  background: transparent;
-  font-weight: 600;
-  color: var(--raspap-text-light);
-}
-
-.band.active {
-  border-color: var(--raspap-theme-color);
-  color: var(--raspap-theme-color);
-}
-
-.device-label {
-  font-size: 1.3rem;
-  text-align: center;
-  color: var(--raspap-theme-color);
-  margin-top: 1rem;
-}
-
-.status-item {
-  display: flex;
-  flex-direction: column;
-  align-items: center;
-  gap: 1.3rem;
-  color: var(--raspap-text-light);
-}
-
-.bottom {
-  display: flex;
-  flex-direction: column;
-  align-items: center;
-  gap: 1.3rem;
-  width: 100%;
-}
-
-.status-item .fa-stack {
-  width: 1.5em!important;
-}
-
-.connection-item>i {
-  color: var(--raspap-text-light);
-}
-
-.connection-item .fa-stack {
-  min-width: 2.5em;
-}
-
-.connections-left>.connection-item>span {
-  color: var(--raspap-text-light);
-  margin-right: 0.5rem;
-}
-
-.inactive {
-    color: var(--raspap-text-light)!important;
-}
-
-a.inactive:hover,
-a.inactive:focus {
-    color: var(--raspap-text-light) !important;
-}
-
-@media (max-width: 1200px) {
-  .connection-item a > span:not(.fa-stack) {
-    display: none!important;
-  }
-}
-
-@media (max-width: 991px) {
-  .connections-right,
-  .connections-left {
-    display: none!important;
-  }
-  .dashboard-container {
-    width: auto;
-    padding: 0;
-
-  }
-  .device-status {
-    gap: 0.5rem;
-  }
-  .clients-mobile {
-    display: flex!important;
-    flex-direction: row!important;
-  }
-}
-.connection-item.active > span {
-  color: var(--raspap-theme-color)!important;
-}
-.connection-item.active > i {
-  color: var(--raspap-theme-color)!important;
-}
-.status-item.active > span {
-  color: var(--raspap-theme-color)!important;
-}
-.status-item.active > i {
-  color: var(--raspap-theme-color)!important;
-}
-
-.clients-mobile {
-  display: none;
-  flex-direction: column;
-  gap: 1rem;
-  margin-top: 2rem;
-}
-
-.client-type {
-  position: relative;
-  display: inline-flex;
-  align-items: center;
-  gap: 1rem;
-}
-
-.client-type i {
-  font-size: 1.5rem;
-  color: var(--raspap-theme-color);
-  width: 45px;
-  height: 45px;
-  border-radius: 50%;
-  display: flex;
-  align-items: center;
-  justify-content: center;
-  border: 2px solid var(--raspap-theme-color);
-}
-
-.client-type i.badge-icon {
-  font-size: 0.7rem;
-  background: var(--raspap-theme-color);
-  color: var(--raspap-offwhite);
-  width: 20px;
-  height: 20px;
-  border: none;
-}
-
-.client-count {
-  position: absolute;
-  top: -5px;
-  right: -5px;
-  background: var(--raspap-theme-color);
-  color: var(--raspap-offwhite);
-  border-radius: 50%;
-  width: 20px;
-  height: 20px;
-  display: flex;
-  align-items: center;
-  justify-content: center;
-  font-size: 0.8rem;
-}
-
-.device-illustration {
-  min-width: 220px;
-  max-width: 250px;
-}
-

app/img/dashed.svg

@@ -1,54 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Generator: Adobe Illustrator 24.0.2, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
-<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
-	 viewBox="0 0 227 596" style="enable-background:new 0 0 227 596;" xml:space="preserve">
-<style type="text/css">
-	.st0{fill:none;stroke:#999999;stroke-width:3;}
-	.st1{fill:none;stroke:#999999;stroke-width:3;stroke-dasharray:6.0204,3.0102;}
-	.st2{fill:none;stroke:#999999;stroke-width:3;stroke-dasharray:5.7963,2.8981;}
-</style>
-<g id="dashed">
-	<g id="Line_1">
-		<g>
-			<line class="st0" x1="112.8" y1="0" x2="112.8" y2="3"/>
-			<line class="st1" x1="112.8" y1="6" x2="112.8" y2="591.5"/>
-			<line class="st0" x1="112.8" y1="593" x2="112.8" y2="596"/>
-		</g>
-	</g>
-	<g id="Line_2">
-		<g>
-			<line class="st0" x1="113.2" y1="0.8" x2="110.2" y2="0.8"/>
-			<line class="st2" x1="107.3" y1="0.8" x2="4.4" y2="0.8"/>
-			<line class="st0" x1="3" y1="0.8" x2="0" y2="0.8"/>
-		</g>
-	</g>
-	<g id="Line_3">
-		<g>
-			<line class="st0" x1="113.2" y1="198.9" x2="110.2" y2="198.9"/>
-			<line class="st2" x1="107.3" y1="198.9" x2="4.4" y2="198.9"/>
-			<line class="st0" x1="3" y1="198.9" x2="0" y2="198.9"/>
-		</g>
-	</g>
-	<g id="Line_4">
-		<g>
-			<line class="st0" x1="113.2" y1="397.1" x2="110.2" y2="397.1"/>
-			<line class="st2" x1="107.3" y1="397.1" x2="4.4" y2="397.1"/>
-			<line class="st0" x1="3" y1="397.1" x2="0" y2="397.1"/>
-		</g>
-	</g>
-	<g id="Line_5">
-		<g>
-			<line class="st0" x1="113.2" y1="595.2" x2="110.2" y2="595.2"/>
-			<line class="st2" x1="107.3" y1="595.2" x2="4.4" y2="595.2"/>
-			<line class="st0" x1="3" y1="595.2" x2="0" y2="595.2"/>
-		</g>
-	</g>
-	<g id="Line_6">
-		<g>
-			<line class="st0" x1="226.2" y1="297.8" x2="223.2" y2="297.8"/>
-			<line class="st2" x1="220.3" y1="297.8" x2="117.4" y2="297.8"/>
-			<line class="st0" x1="116" y1="297.8" x2="113" y2="297.8"/>
-		</g>
-	</g>
-</g>
-</svg>

app/img/right-dashed.svg

@@ -1,40 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Generator: Adobe Illustrator 24.0.2, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
-<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
-	 viewBox="0 0 314 594" style="enable-background:new 0 0 314 594;" xml:space="preserve">
-<style type="text/css">
-	.st0{fill:none;stroke:#999999;stroke-width:3;}
-	.st1{fill:none;stroke:#999999;stroke-width:3;stroke-dasharray:6.04,3.02;}
-	.st2{fill:none;stroke:#999999;stroke-width:3;stroke-dasharray:5.7963,2.8981;}
-</style>
-<g id="dashed">
-	<g id="horizontal">
-		<g>
-			<line class="st0" x1="113.2" y1="144" x2="113.2" y2="147"/>
-			<line class="st1" x1="113.2" y1="150" x2="113.3" y2="447.5"/>
-			<line class="st0" x1="113.3" y1="449" x2="113.3" y2="452"/>
-		</g>
-	</g>
-	<g id="top">
-		<g>
-			<line class="st0" x1="114" y1="144.8" x2="117" y2="144.8"/>
-			<line class="st2" x1="119.9" y1="144.8" x2="222.8" y2="144.8"/>
-			<line class="st0" x1="224.2" y1="144.8" x2="227.2" y2="144.8"/>
-		</g>
-	</g>
-	<g id="out">
-		<g>
-			<line class="st0" x1="0" y1="297.8" x2="3" y2="297.8"/>
-			<line class="st2" x1="5.9" y1="297.8" x2="108.8" y2="297.8"/>
-			<line class="st0" x1="110.2" y1="297.8" x2="113.2" y2="297.8"/>
-		</g>
-	</g>
-	<g id="bottom">
-		<g>
-			<line class="st0" x1="113" y1="450.8" x2="116" y2="450.8"/>
-			<line class="st2" x1="118.9" y1="450.8" x2="221.8" y2="450.8"/>
-			<line class="st0" x1="223.2" y1="450.8" x2="226.2" y2="450.8"/>
-		</g>
-	</g>
-</g>
-</svg>

app/img/right-solid.php

@@ -1,46 +0,0 @@
-<?php
-header("Content-Type: image/svg+xml");
-$showDevice1 = isset($_GET['device-1']);
-$showOut = isset($_GET['out']);
-$showDevice2 = isset($_GET['device-2']);
-?>
-
-<svg width="313" height="594" viewBox="0 0 313 594" fill="none" xmlns="http://www.w3.org/2000/svg">
-<g id="Frame 1">
-<g id="right connection frame">
-<g id="solid">
-<?php if ($showDevice2): ?>
-    <line id="joint-device-2" y1="-0.75" x2="154" y2="-0.75" 
-          transform="matrix(4.37114e-08 1 1 -4.37114e-08 114 297)" 
-          stroke="#008281" stroke-width="4"/>
-<?php endif; ?>
-
-<?php if ($showDevice1): ?>
-    <line id="joint-device-1" style="display: inline;" 
-          y1="-0.75" x2="154" y2="-0.75" 
-          transform="matrix(4.37114e-08 1 1 -4.37114e-08 114 144)" 
-          stroke="#008281" stroke-width="4"/>
-    
-    <line id="device-1" style="display: inline;" 
-          y1="-0.75" x2="113.231" y2="-0.75" 
-          transform="matrix(1 8.74228e-08 8.74228e-08 -1 114 144)" 
-          stroke="#008281" stroke-width="4"/>
-<?php endif; ?>
-
-<?php if ($showOut): ?>
-    <line id="out" style="display: inline;" 
-          y1="-0.75" x2="113.231" y2="-0.75" 
-          transform="matrix(1 8.74228e-08 8.74228e-08 -1 -0.000305176 297)" 
-          stroke="#008281" stroke-width="4"/>
-<?php endif; ?>
-
-<?php if ($showDevice2): ?>
-    <line id="device-2" style="display: inline;" 
-          y1="-0.75" x2="113.231" y2="-0.75" 
-          transform="matrix(1 8.74228e-08 8.74228e-08 -1 113 450)" 
-          stroke="#008281" stroke-width="4"/>
-<?php endif; ?>
-</g>
-</g>
-</g>
-</svg>

app/img/solid.php

@@ -1,65 +0,0 @@
-<?php
-header("Content-Type: image/svg+xml");
-
-require_once '../../includes/functions.php';
-$color = getColorOpt();
-
-$showJoint = isset($_GET['joint']);
-$showDevice1 = isset($_GET['device-1']);
-$showOut = isset($_GET['out']);
-$showDevice2 = isset($_GET['device-2']);
-$showDevice3 = isset($_GET['device-3']);
-$showDevice4 = isset($_GET['device-4']);
-?>
-
-<svg xmlns="http://www.w3.org/2000/svg" width="227" height="596" viewBox="0 0 227 596" fill="none">
-<?php 
-// Device positions array (y-coordinates)
-$devicePositions = [
-    'device-1' => 0.75,
-    'out' => 297.75,
-    'device-2' => 198.75,
-    'device-3' => 397.058,
-    'device-4' => 595.211
-];
-
-// Calculate joint line segments
-if ($showJoint) {
-    $activeDevices = array_filter([$showDevice1, $showDevice2, $showDevice3, $showDevice4]);
-    $activeYs = [];
-    
-    foreach ($devicePositions as $device => $y) {
-        if (isset($_GET[$device])) {
-            $activeYs[] = $y;
-        }
-    }
-    
-    // Add top/bottom if first/last device is connected
-    if ($showDevice1) array_unshift($activeYs, 0);
-    if ($showDevice4) $activeYs[] = 596;
-    
-    // Draw segments between consecutive points
-    for ($i = 1; $i < count($activeYs); $i++) {
-        $y1 = $activeYs[$i-1];
-        $y2 = $activeYs[$i];
-        echo "<line x1='112.75' y1='$y1' x2='112.75' y2='$y2' stroke='$color' stroke-width='4'/>";
-    }
-}
-?>
-
-<?php if ($showDevice1): ?>
-<line x1="113.231" y1="0.75" x2="7.69496e-06" y2="0.75001" stroke="<?php echo $color; ?>" stroke-width="6" id="device-1"/>
-<?php endif; ?>
-<?php if ($showOut): ?>
-<line x1="226.231" y1="297.75" x2="113" y2="297.75" stroke="<?php echo $color; ?>" stroke-width="4" id="out"/>
-<?php endif; ?>
-<?php if ($showDevice2): ?>
-<line x1="113.231" y1="198.75" x2="7.69496e-06" y2="198.75" stroke="<?php echo $color; ?>" stroke-width="4" id="device-2"/>
-<?php endif; ?>
-<?php if ($showDevice3): ?>
-<line x1="113.231" y1="397.058" x2="7.69496e-06" y2="397.058" stroke="<?php echo $color; ?>" stroke-width="4" id="device-3"/>
-<?php endif; ?>
-<?php if ($showDevice4): ?>
-<line x1="113.231" y1="595.211" x2="7.69496e-06" y2="595.211" stroke="<?php echo $color; ?>" stroke-width="4" id="device-4"/>
-<?php endif; ?>
-</svg>

app/img/uri-qr-code.php

@@ -1,29 +0,0 @@
-<?php
-
-if (!isset($_GET['uri']) || !filter_var($_GET['uri'], FILTER_VALIDATE_URL)) {
-    header("HTTP/1.1 400 Bad Request");
-    exit("Invalid or missing URI parameter");
-}
-
-$uri = $_GET['uri'];
-$command = "qrencode -t svg -m 0 -o - " . escapeshellarg($uri);
-
-$svg = shell_exec($command);
-if ($svg === null) {
-    error_log("QR generation failed for URI: $uri");
-    header("HTTP/1.1 500 Internal Server Error");
-    exit("Failed to generate QR code");
-}
-
-$etag = hash('sha256', $uri);
-$content_length = strlen($svg);
-$last_modified = gmdate("D, d M Y H:i:s") . " GMT";
-
-header("Content-Type: image/svg+xml");
-header("Content-Length: $content_length");
-header("Last-Modified: $last_modified");
-header("ETag: \"$etag\"");
-header("X-QR-Code-Content: " . htmlspecialchars($uri, ENT_QUOTES, 'UTF-8'));
-
-echo $svg;
-

app/img/wg-qr-code.php

@@ -13,7 +13,6 @@ if (!isset($_SERVER['HTTP_REFERER'])) {
 exec("sudo cat " .RASPI_WIREGUARD_PATH.'client.conf', $return);
 $peer_conf = implode(PHP_EOL,$return);
 $peer_conf.= PHP_EOL;
-$peer_conf_sanitized = str_replace(["\r", "\n"], '', $peer_conf);
 $command = "qrencode -t svg -m 0 -o - " . mb_escapeshellarg($peer_conf);
 $svg = shell_exec($command);
 $etag = hash('sha256', $peer_conf);
@@ -24,6 +23,6 @@ header("Content-Type: image/svg+xml");
 header("Content-Length: $content_length");
 header("Last-Modified: $last_modified");
 header("ETag: \"$etag\"");
-header("X-QR-Code-Content: $peer_conf_sanitized");
+header("X-QR-Code-Content: $peer_conf");
 echo shell_exec($command);
 

app/img/wifi-qr-code.php

@@ -12,12 +12,12 @@ if (!isset($_SERVER['HTTP_REFERER'])) {
 
 $hostapd = parse_ini_file(RASPI_HOSTAPD_CONFIG, false, INI_SCANNER_RAW);
 
-// assume WPA encryption and get the passphrase
+// assume wpa encryption and get the passphrase
 $type = "WPA";
 $password = isset($hostapd['wpa_psk']) ? $hostapd['wpa_psk'] : $hostapd['wpa_passphrase'];
 
-// use WEP if configured
-$wep_default_key = intval($hostapd['wep_default_key'] ?? 0);
+// use wep if configured
+$wep_default_key = intval($hostapd['wep_default_key']);
 $wep_key = 'wep_key' . $wep_default_key;
 if (array_key_exists($wep_key, $hostapd)) {
     $type = "WEP";
@@ -30,7 +30,7 @@ if (empty($password)) {
 }
 
 $ssid = $hostapd['ssid'];
-$hidden = intval($hostapd['ignore_broadcast_ssid'] ?? 0) !== 0 ? "H:true" : "";
+$hidden = intval($hostapd['ignore_broadcast_ssid']) != 0 ? "H:true" : "";
 
 $ssid = qr_encode($ssid);
 $password = qr_encode($password);

app/js/custom.js

@@ -332,42 +332,47 @@ $('#performupdateModal').on('shown.bs.modal', function (e) {
 });
 
 function fetchUpdateResponse() {
+    const xhr = new XMLHttpRequest();
     const complete = 6;
     const error = 7;
     let phpFile = 'ajax/system/sys_read_logfile.php';
-
     $.ajax({
         url: phpFile,
         type: 'GET',
-        success: function(response) { 
+        success: function(response) {
+            let endPolling = false;
             for (let i = 1; i <= 6; i++) {
                 let divId = '#updateStep' + i;
                 if (response.includes(i.toString())) {
                     $(divId).removeClass('invisible');
                 }
+                if (response.includes(complete)) {
+                    var successMsg = $('#successMsg').data('message');
+                    $('#updateMsg').after('<span class="small">' + successMsg + '</span>');
+                    $('#updateMsg').addClass('fa-check');
+                    $('#updateMsg').removeClass('invisible');
+                    $('#updateStep6').removeClass('invisible');
+                    $('#updateSync2').removeClass("fa-spin");
+                    $('#updateOk').removeAttr('disabled');
+                    endPolling = true;
+                    break;
+                } else if (response.includes(error)) {
+                    var errorMsg = $('#errorMsg').data('message');
+                    $('#updateMsg').after('<span class="small">' + errorMsg + '</span>');
+                    $('#updateMsg').addClass('fa-times');
+                    $('#updateMsg').removeClass('invisible');
+                    $('#updateSync2').removeClass("fa-spin");
+                    $('#updateOk').removeAttr('disabled');
+                    endPolling = true;
+                    break;
+                }
             }
-            // check if the update is complete or if there's an error
-            if (response.includes(complete)) {
-                var successMsg = $('#successMsg').data('message');
-                $('#updateMsg').after('<span class="small">' + successMsg + '</span>');
-                $('#updateMsg').addClass('fa-check');
-                $('#updateMsg').removeClass('invisible');
-                $('#updateStep6').removeClass('invisible');
-                $('#updateSync2').removeClass("fa-spin");
-                $('#updateOk').removeAttr('disabled');
-            } else if (response.includes(error)) {
-                var errorMsg = $('#errorMsg').data('message');
-                $('#updateMsg').after('<span class="small">' + errorMsg + '</span>');
-                $('#updateMsg').addClass('fa-times');
-                $('#updateMsg').removeClass('invisible');
-                $('#updateSync2').removeClass("fa-spin");
-                $('#updateOk').removeAttr('disabled');
-            } else {
+            if (!endPolling) {
                 setTimeout(fetchUpdateResponse, 500);
             }
         },
         error: function(xhr, status, error) {
-            console.error("AJAX Error:", error);
+            console.error(error);
         }
     });
 }
@@ -465,68 +470,54 @@ $('#js-sys-reboot, #js-sys-shutdown').on('click', function (e) {
 
 $('#install-user-plugin').on('shown.bs.modal', function (e) {
     var button = $(e.relatedTarget);
-    $(this).data('button', button);
     var manifestData = button.data('plugin-manifest');
-    var installed = button.data('plugin-installed') || false;
-    var repoPublic = button.data('repo-public') || false;
-    var installPath = manifestData.install_path;
+    var installed = button.data('plugin-installed');
 
-    if (!installed && repoPublic && installPath === 'plugins-available') {
-        insidersHTML = 'Available with <i class="fas fa-heart heart me-1"></i><a href="https://docs.raspap.com/insiders" target="_blank" rel="noopener">Insiders</a>';
-        $('#plugin-additional').html(insidersHTML);
-    } else {
-        $('#plugin-additional').empty();
-    }
     if (manifestData) {
-        $('#plugin-docs').html(manifestData.plugin_docs
-            ? `<a href="${manifestData.plugin_docs}" target="_blank">${manifestData.plugin_docs}</a>`
-            : 'Unknown');
+        $('#plugin-uri').html(manifestData.plugin_uri
+            ? `<a href="${manifestData.plugin_uri}" target="_blank">${manifestData.plugin_uri}</a>`
+            : 'Unknown'
+        );
         $('#plugin-icon').attr('class', `${manifestData.icon || 'fas fa-plug'} link-secondary h5 me-2`);
         $('#plugin-name').text(manifestData.name || 'Unknown');
         $('#plugin-version').text(manifestData.version || 'Unknown');
         $('#plugin-description').text(manifestData.description || 'No description provided');
         $('#plugin-author').html(manifestData.author
-            ? manifestData.author + (manifestData.author_uri
-            ? ` (<a href="${manifestData.author_uri}" target="_blank">profile</a>)` : '') : 'Unknown');
+                ? manifestData.author + (manifestData.author_uri
+                ? ` (<a href="${manifestData.author_uri}" target="_blank">profile</a>)` : '') : 'Unknown'
+            );
         $('#plugin-license').text(manifestData.license || 'Unknown');
         $('#plugin-locale').text(manifestData.default_locale || 'Unknown');
-        $('#plugin-configuration').html(formatProperty(manifestData.configuration || 'None'));
-        $('#plugin-packages').html(formatProperty(manifestData.keys || 'None'));
-        $('#plugin-dependencies').html(formatProperty(manifestData.dependencies || 'None'));
-        $('#plugin-javascript').html(formatProperty(manifestData.javascript || 'None'));
-        $('#plugin-sudoers').html(formatProperty(manifestData.sudoers || 'None'));
-        $('#plugin-user-name').html((manifestData.user_nonprivileged && manifestData.user_nonprivileged.name) || 'None');
+        $('#plugin-configuration').html(formatProperty(manifestData.configuration || {}));
+        $('#plugin-dependencies').html(formatProperty(manifestData.dependencies || {}));
+        $('#plugin-sudoers').html(formatProperty(manifestData.sudoers || []));
+        $('#plugin-user-name').html(manifestData.user_nonprivileged.name || 'None');
     }
     if (installed) {
         $('#js-install-plugin-confirm').html('OK');
-    } else if (!installed && repoPublic && installPath == 'plugins-available') {
-        $('#js-install-plugin-confirm').html('Get Insiders');
     } else {
         $('#js-install-plugin-confirm').html('Install now');
     }
 });
 
 $('#js-install-plugin-confirm').on('click', function (e) {
-    var button = $('#install-user-plugin').data('button');
-    var manifestData = button.data('plugin-manifest');
-    var installPath = manifestData.install_path;
-    var pluginUri = manifestData.plugin_uri;
-    var pluginVersion = manifestData.version;
-    var pluginConfirm = $('#js-install-plugin-confirm').text();
     var progressText = $('#js-install-plugin-confirm').attr('data-message');
     var successHtml = $('#plugin-install-message').attr('data-message');
     var successText = $('<div>').text(successHtml).text();
+    var pluginUri = $('#plugin-uri a').attr('href');
+    var pluginVersion = $('#plugin-version').text();
     var csrfToken = $('meta[name=csrf_token]').attr('content');
 
-    if (pluginConfirm  === 'Install now') {
-        $("#install-user-plugin").modal('hide');
+    $("#install-user-plugin").modal('hide');
+
+    if ($('#js-install-plugin-confirm').text() === 'Install now') {
         $("#install-plugin-progress").modal('show');
+
         $.post(
             'ajax/plugins/do_plugin_install.php',
             {
                 'plugin_uri': pluginUri,
                 'plugin_version': pluginVersion,
-                'install_path': installPath,
                 'csrf_token': csrfToken
             },
             function (data) {
@@ -564,11 +555,6 @@ $('#js-install-plugin-confirm').on('click', function (e) {
             $('#plugin-install-message').find('i').removeClass('fas fa-cog fa-spin link-secondary');
             $('#js-install-plugin-ok').removeAttr("disabled");
         });
-    } else if (pluginConfirm  === 'Get Insiders') {
-        window.open('https://docs.raspap.com/insiders/', '_blank');
-        return;
-    } else if (pluginConfirm === 'OK') {
-        $("#install-user-plugin").modal('hide');
     }
 });
 
@@ -990,9 +976,42 @@ function getCookie(cname) {
 // Define themes
 var themes = {
     "default": "custom.php",
-    "hackernews" : "hackernews.css"
+    "hackernews" : "hackernews.css",
+    "lightsout" : "lightsout.php",
+    "material-light" : "material-light.php",
+    "material-dark" : "material-dark.php",
 }
 
+// Toggles the sidebar navigation.
+// Overrides the default SB Admin 2 behavior
+$("#sidebarToggleTopbar").on('click', function(e) {
+    $("body").toggleClass("sidebar-toggled");
+    $(".sidebar").toggleClass("toggled d-none");
+});
+
+// Overrides SB Admin 2
+$("#sidebarToggle, #sidebarToggleTop").on('click', function(e) {
+    var toggled = $(".sidebar").hasClass("toggled");
+    // Persist state in cookie
+    setCookie('sidebarToggled',toggled, 90);
+});
+
+$(function() {
+    if ($(window).width() < 768) {
+        $('.sidebar').addClass('toggled');
+        setCookie('sidebarToggled',false, 90);
+    }
+});
+
+$(window).on("load resize",function(e) {
+    if ($(window).width() > 768) {
+        $('.sidebar').removeClass('d-none d-md-block');
+        if (getCookie('sidebarToggled') == 'false') {
+            $('.sidebar').removeClass('toggled');
+        }
+    }
+});
+
 // Adds active class to current nav-item
 $(window).bind("load", function() {
     var url = window.location;
@@ -1001,27 +1020,6 @@ $(window).bind("load", function() {
     }).parent().addClass('active');
 });
 
-// Sets focus on a specified tab
-document.addEventListener("DOMContentLoaded", function () {
-    const params = new URLSearchParams(window.location.search);
-    const targetTab = params.get("tab");
-    if (targetTab) {
-        let tabElement = document.querySelector(`[data-bs-toggle="tab"][href="#${targetTab}"]`);
-        if (tabElement) {
-            let tab = new bootstrap.Tab(tabElement);
-            tab.show();
-        }
-    }
-});
-
-function disableValidation(form) {
-    form.removeAttribute("novalidate");
-    form.classList.remove("needs-validation");
-    form.querySelectorAll("[required]").forEach(function (field) {
-        field.removeAttribute("required");
-    });
-}
-
 $(document).ready(function() {
     const $htmlElement = $('html');
     const $modeswitch = $('#night-mode');

config/hostapd.conf

@@ -4,7 +4,7 @@ ctrl_interface_group=0
 beacon_int=100
 auth_algs=1
 wpa_key_mgmt=WPA-PSK
-ssid=RaspAP
+ssid=raspi-webgui
 channel=1
 hw_mode=g
 wpa_passphrase=ChangeMe

includes/CSRF.php

@@ -1,66 +0,0 @@
-<?php
-
-namespace RaspAP\Tokens;
-
-class CSRF
-{
-    protected static ?CSRFTokenizer $instance = null;
-
-    /*
-     * Get the CSRFTokenizer instance (singleton)
-     *
-     * @return CSRFTokenizer
-     */
-    public static function instance(): CSRFTokenizer
-    {
-        if (self::$instance === null) {
-            self::$instance = new CSRFTokenizer();
-        }
-        return self::$instance;
-    }
-
-    public static function token(): string
-    {
-        return self::instance()->getToken();
-    }
-
-    public static function verify(): bool
-    {
-        $token = $_POST['csrf_token'];
-        return self::instance()->csrfValidateRequest() &&
-               self::instance()->CSRFValidate($_POST['csrf_token'] ?? '');
-    }
-
-    public static function metaTag(): string
-    {
-        return self::instance()->CSRFMetaTag();
-    }
-
-    public static function hiddenField(): string
-    {
-        return self::instance()->CSRFTokenFieldTag();
-    }
-
-    public static function handleInvalidToken(): void
-    {
-        self::instance()->handleInvalidCSRFToken();
-    }
-
-    /**
-     * Validates a CSRF Request
-     *
-     * @return bool
-     */
-    public static function validateRequest(): bool
-    {
-        return self::instance()->csrfValidateRequest();
-    }
-}
-
-if (\RaspAP\Tokens\CSRF::validateRequest()) {
-    if (!\RaspAP\Tokens\CSRF::verify()) {
-        error_log("CSRF verification failed. Token: " . ($_POST['csrf_token'] ?? 'not provided'));
-        \RaspAP\Tokens\CSRF::handleInvalidToken();
-    }
-}
-

includes/adblock.php

@@ -40,6 +40,7 @@ function DisplayAdBlockConfig()
                 file_put_contents("/tmp/dnsmasq_custom", $_POST['adblock-custom-hosts'].PHP_EOL);
                 system("sudo cp /tmp/dnsmasq_custom " .RASPI_ADBLOCK_LISTPATH .'custom.txt', $return);
                 $config.= 'addn-hosts=' .RASPI_ADBLOCK_LISTPATH .'custom.txt'.PHP_EOL;
+                $custom_enabled = true;
             }
 
             if (empty($errors)) {
@@ -63,13 +64,6 @@ function DisplayAdBlockConfig()
         }
     }
 
-    $custom_list = RASPI_ADBLOCK_LISTPATH . 'custom.txt';
-    $custom_enabled = false;
-
-    if (file_exists($custom_list) && filesize($custom_list) > 0) {
-        $custom_enabled = true;
-    }
-
     exec('cat '. RASPI_ADBLOCK_CONFIG, $return);
     $arrConf = ParseConfig($return);
     if (sizeof($arrConf) > 0) {

includes/admin.php

@@ -35,8 +35,6 @@ function DisplayAuthConfig($username)
         } else {
             $status->addMessage('Old password does not match', 'danger');
         }
-    } elseif (isset($_POST['logout'])) {
-        $auth->logout();
     }
 
     echo renderTemplate(

includes/autoload.php

@@ -9,13 +9,31 @@
  */
 spl_autoload_register(function ($class) {
 
-    // base directory where all class files are stored
-    $base_dir = __DIR__ . '/../src/';
+    // project-specific namespace prefix
+    $prefix = '';
 
-    // convert the fully qualified class name into a file path
-    $file = $base_dir . str_replace('\\', '/', $class) . '.php';
+    // base directory for the namespace prefix
+    $base_dir = 'src/';
 
-    // require the file if it exists
+    // normalize the base directory with a trailing separator
+    $base_dir = rtrim($base_dir, DIRECTORY_SEPARATOR) . '/';
+
+    // does the class use the namespace prefix?
+    $len = strlen($prefix);
+    if (strncmp($prefix, $class, $len) !== 0) {
+        // no, move to the next registered autoloader
+        return;
+    }
+
+    // get the relative class name
+    $relative_class = substr($class, $len);
+
+    // replace the namespace prefix with the base directory, replace namespace
+    // separators with directory separators in the relative class name, append
+    // with .php
+    $file = $base_dir . str_replace('\\', '/', $relative_class) . '.php';
+
+    // if the file exists, require it
     if (file_exists($file)) {
         require $file;
     }

includes/csrf.php

@@ -0,0 +1,7 @@
+<?php
+
+require_once 'functions.php';
+
+if (csrfValidateRequest() && !CSRFValidate()) {
+    handleInvalidCSRFToken();
+}

includes/dashboard.php

@@ -5,170 +5,226 @@ require_once 'includes/wifi_functions.php';
 require_once 'includes/functions.php';
 
 /**
- * Displays the dashboard
+ * Show dashboard page.
  */
-function DisplayDashboard(&$extraFooterScripts): void
+function DisplayDashboard(&$extraFooterScripts)
 {
-    // instantiate RaspAP objects
-    $system = new \RaspAP\System\Sysinfo;
-    $dashboard = new \RaspAP\UI\Dashboard;
-    $status = new \RaspAP\Messages\StatusMessage;
-    $pluginManager = \RaspAP\Plugins\PluginManager::getInstance();
-
-    // set AP and client interface session vars
     getWifiInterface();
-
-    $interface = $_SESSION['ap_interface'] ?? 'wlan0';
-    $clientInterface = $_SESSION['wifi_client_interface'];
-    $hostname = $system->hostname();
-    $revision = $system->rpiRevision();
-    $deviceImage = $dashboard->getDeviceImage($revision);
-    $hostapd = $system->hostapdStatus();
-    $adblock = $system->adBlockStatus();
-    $vpn = $system->getActiveVpnInterface();
-    $frequency = $dashboard->getFrequencyBand($interface);
-    $details = $dashboard->getInterfaceDetails($interface);
-    $wireless = $dashboard->getWirelessDetails($interface);
-    $connectionType = $dashboard->getConnectionType();
-    $connectionIcon = $dashboard->getConnectionIcon($connectionType);
-    $state = strtolower($details['state']);
-    $wirelessClients = $dashboard->getWirelessClients();
-    $ethernetClients = $dashboard->getEthernetClients();
-    $totalClients = $wirelessClients + $ethernetClients;
-    $plugins = $pluginManager->getInstalledPlugins();
-    $bridgedEnable = getBridgedState();
-
-    // handle page actions
-    if (!empty($_POST)) {
-        $status = $dashboard->handlePageAction($state, $_POST, $status, $interface);
-        // refresh interface details + state
-        $details = $dashboard->getInterfaceDetails($interface);
-        $state = strtolower($details['state']);
+    $status = new \RaspAP\Messages\StatusMessage;
+    // Need this check interface name for proper shell execution.
+    if (!preg_match('/^([a-zA-Z0-9]+)$/', $_SESSION['wifi_client_interface'])) {
+        $status->addMessage(_('Interface name invalid.'), 'danger');
+        $status->showMessages();
+        return;
     }
 
-    $ipv4Address = $details['ipv4'];
-    $ipv4Netmask = $details['ipv4_netmask'];
-    $macAddress = $details['mac'];
-    $ssid = $wireless['ssid'];
-    $ethernetActive = ($connectionType === 'ethernet') ? "active" : "inactive";
-    $wirelessActive = ($connectionType === 'wireless') ? "active" : "inactive";
-    $tetheringActive = ($connectionType === 'tethering') ? "active" : "inactive";
-    $cellularActive = ($connectionType === 'cellular') ? "active" : "inactive";
-    $bridgedStatus = ($bridgedEnable == 1) ? "active" : "";
-    $hostapdStatus = ($hostapd[0] == 1) ?  "active" : "";
-    $adblockStatus = ($adblock == true) ?  "active" : "";
-    $wirelessClientActive = ($wirelessClients > 0) ? "active" : "inactive";
-    $wirelessClientLabel = sprintf(
-        _('%d WLAN %s'),
-        $wirelessClients,
-        $dashboard->formatClientLabel($wirelessClients)
-    );
-    $ethernetClientActive = ($ethernetClients > 0) ? "active" : "inactive";
-    $ethernetClientLabel = sprintf(
-        _('%d LAN %s'),
-        $ethernetClients,
-        $dashboard->formatClientLabel($ethernetClients)
-    );
-    $totalClientsActive = ($totalClients > 0) ? "active": "inactive";
-    $freq5active = $freq24active = "";
-    $varName = "freq" . str_replace('.', '', $frequency) . "active";
-    $$varName = "active";
-    $vpnStatus = $vpn ? "active" : "inactive";
-    $vpnManaged = $vpn ? $dashboard->getVpnManaged($vpn) : null;
-    $firewallManaged = $firewallStatus = "";
-    $firewallInstalled = array_filter($plugins, fn($p) => str_ends_with($p, 'Firewall')) ? true : false;
-    if (!$firewallInstalled) {
-        $firewallUnavailable = '<i class="fas fa-slash fa-stack-1x"></i>';
+    if (!function_exists('exec')) {
+        $status->addMessage(_('Required exec function is disabled. Check if exec is not added to php disable_functions.'), 'danger');
+        $status->showMessages();
+        return;
+    }
+    exec('ip a show '.$_SESSION['ap_interface'], $stdoutIp);
+    $stdoutIpAllLinesGlued = implode(" ", $stdoutIp);
+    $stdoutIpWRepeatedSpaces = preg_replace('/\s\s+/', ' ', $stdoutIpAllLinesGlued);
+
+    preg_match('/link\/ether ([0-9a-f:]+)/i', $stdoutIpWRepeatedSpaces, $matchesMacAddr) || $matchesMacAddr[1] = _('No MAC Address Found');
+    $macAddr = $matchesMacAddr[1];
+
+    $ipv4Addrs = '';
+    $ipv4Netmasks = '';
+    if (!preg_match_all('/inet (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\/([0-3][0-9])/i', $stdoutIpWRepeatedSpaces, $matchesIpv4AddrAndSubnet, PREG_SET_ORDER)) {
+        $ipv4Addrs = _('No IPv4 Address Found');
     } else {
-        $firewallManaged = '<a href="/plugin__Firewall">';
-        $firewallStatus = ($dashboard->firewallEnabled() == true) ? "active" : "";
+        foreach ($matchesIpv4AddrAndSubnet as $inet) {
+            $address = $inet[1];
+            $suffix  = (int) $inet[2];
+            $netmask = long2ip(-1 << (32 - $suffix));
+            $ipv4Addrs    .= " $address";
+            $ipv4Netmasks .= " $netmask";
+        }
+        $ipv4Addrs    = trim($ipv4Addrs);
+        $ipv4Netmasks = trim($ipv4Netmasks);
     }
+    $ipv4Netmasks = empty($ipv4Netmasks) ? "-" : $ipv4Netmasks;
+
+    $ipv6Addrs = '';
+    if (!preg_match_all('/inet6 ([a-f0-9:]+)/i', $stdoutIpWRepeatedSpaces, $matchesIpv6Addr)) {
+        $ipv6Addrs = _('No IPv6 Address Found');
+    } else {
+        if (isset($matchesIpv6Addr[1])) {
+            $ipv6Addrs = implode(' ', $matchesIpv6Addr[1]);
+        }
+    }
+
+    preg_match('/state (UP|DOWN)/i', $stdoutIpWRepeatedSpaces, $matchesState) || $matchesState[1] = 'unknown';
+    $interfaceState = $matchesState[1];
+
+    // Because of table layout used in the ip output we get the interface statistics directly from
+    // the system. One advantage of this is that it could work when interface is disable.
+    exec('cat /sys/class/net/'.$_SESSION['ap_interface'].'/statistics/rx_packets ', $stdoutCatRxPackets);
+    $strRxPackets = _('No data');
+    if (ctype_digit($stdoutCatRxPackets[0])) {
+        $strRxPackets = $stdoutCatRxPackets[0];
+    }
+
+    exec('cat /sys/class/net/'.$_SESSION['ap_interface'].'/statistics/tx_packets ', $stdoutCatTxPackets);
+    $strTxPackets = _('No data');
+    if (ctype_digit($stdoutCatTxPackets[0])) {
+        $strTxPackets = $stdoutCatTxPackets[0];
+    }
+
+    exec('cat /sys/class/net/'.$_SESSION['ap_interface'].'/statistics/rx_bytes ', $stdoutCatRxBytes);
+    $strRxBytes = _('No data');
+    if (ctype_digit($stdoutCatRxBytes[0])) {
+        $strRxBytes = $stdoutCatRxBytes[0];
+        $strRxBytes .= getHumanReadableDatasize($strRxBytes);
+    }
+
+    exec('cat /sys/class/net/'.$_SESSION['ap_interface'].'/statistics/tx_bytes ', $stdoutCatTxBytes);
+    $strTxBytes = _('No data');
+    if (ctype_digit($stdoutCatTxBytes[0])) {
+        $strTxBytes = $stdoutCatTxBytes[0];
+        $strTxBytes .= getHumanReadableDatasize($strTxBytes);
+    }
+
+    exec ('vnstat --dbiflist', $stdoutVnStatDB);
+    if (!preg_match('/'.$_SESSION['ap_interface'].'/', $stdoutVnStatDB[0])) {
+        exec('sudo vnstat --add --iface '.$_SESSION['ap_interface'], $return);
+    }
+
+    define('SSIDMAXLEN', 32);
+    // Warning iw comes with: "Do NOT screenscrape this tool, we don't consider its output stable."
+    exec('iw dev ' .$_SESSION['wifi_client_interface']. ' link ', $stdoutIw);
+    $stdoutIwAllLinesGlued = implode('+', $stdoutIw); // Break lines with character illegal in SSID and MAC addr
+    $stdoutIwWRepSpaces = preg_replace('/\s\s+/', ' ', $stdoutIwAllLinesGlued);
+
+    preg_match('/Connected to (([0-9A-Fa-f]{2}:){5}([0-9A-Fa-f]{2}))/', $stdoutIwWRepSpaces, $matchesBSSID) || $matchesBSSID[1] = '';
+    $connectedBSSID = $matchesBSSID[1];
+    $connectedBSSID = empty($connectedBSSID) ? "-" : $connectedBSSID;
+
+    $wlanHasLink = false;
+    if ($interfaceState === 'UP') {
+        $wlanHasLink = true;
+    }
+
+    if (!preg_match('/SSID: ([^+]{1,'.SSIDMAXLEN.'})/', $stdoutIwWRepSpaces, $matchesSSID)) {
+        $wlanHasLink = false;
+        $matchesSSID[1] = 'None';
+    }
+    $connectedSSID = str_replace('\x20', '', $matchesSSID[1]);
+
+    preg_match('/freq: (\d+)/i', $stdoutIwWRepSpaces, $matchesFrequency) || $matchesFrequency[1] = '';
+    $frequency = $matchesFrequency[1].' MHz';
+
+    preg_match('/signal: (-?[0-9]+ dBm)/i', $stdoutIwWRepSpaces, $matchesSignal) || $matchesSignal[1] = '';
+    $signalLevel = $matchesSignal[1];
+    $signalLevel = empty($signalLevel) ? "-" : $signalLevel;
+
+    preg_match('/tx bitrate: ([0-9\.]+ [KMGT]?Bit\/s)/', $stdoutIwWRepSpaces, $matchesBitrate) || $matchesBitrate[1] = '';
+    $bitrate = $matchesBitrate[1];
+    $bitrate = empty($bitrate) ? "-" : $bitrate;
+
+    // txpower is now displayed on iw dev(..) info command, not on link command.
+    exec('iw dev '.$_SESSION['wifi_client_interface'].' info ', $stdoutIwInfo);
+    $stdoutIwInfoAllLinesGlued = implode(' ', $stdoutIwInfo);
+    $stdoutIpInfoWRepSpaces = preg_replace('/\s\s+/', ' ', $stdoutIwInfoAllLinesGlued);
+
+    preg_match('/txpower ([0-9\.]+ dBm)/i', $stdoutIpInfoWRepSpaces, $matchesTxPower) || $matchesTxPower[1] = '';
+    $txPower = $matchesTxPower[1];
+
+    // iw does not have the "Link Quality". This is a is an aggregate value,
+    // and depends on the driver and hardware.
+    // Display link quality as signal quality for now.
+    $strLinkQuality = 0;
+    if ($signalLevel > -100 && $wlanHasLink) {
+        if ($signalLevel >= 0) {
+            $strLinkQuality = 100;
+        } else {
+            $strLinkQuality = 100 + intval($signalLevel);
+        }
+    }
+
+    $wlan0up = false;
+    $classMsgDevicestatus = 'warning';
+    if ($interfaceState === 'UP') {
+        $wlan0up = true;
+        $classMsgDevicestatus = 'success';
+    }
+
+    if (!RASPI_MONITOR_ENABLED) {
+        if (isset($_POST['ifdown_wlan0'])) {
+            // Pressed stop button
+            if ($interfaceState === 'UP') {
+                $status->addMessage(sprintf(_('Interface is going %s.'), _('down')), 'warning');
+                exec('sudo ip link set '.$_SESSION['ap_interface'].' down');
+                $wlan0up = false;
+                $status->addMessage(sprintf(_('Interface is now %s.'), _('down')), 'success');
+            } elseif ($interfaceState === 'unknown') {
+                $status->addMessage(_('Interface state unknown.'), 'danger');
+            } else {
+                $status->addMessage(sprintf(_('Interface already %s.'), _('down')), 'warning');
+            }
+        } elseif (isset($_POST['ifup_wlan0'])) {
+            // Pressed start button
+            if ($interfaceState === 'DOWN') {
+                $status->addMessage(sprintf(_('Interface is going %s.'), _('up')), 'warning');
+                exec('sudo ip link set ' .$_SESSION['ap_interface']. ' up');
+                exec('sudo ip -s a f label ' .$_SESSION['ap_interface']);
+                $wlan0up = true;
+                $status->addMessage(sprintf(_('Interface is now %s.'), _('up')), 'success');
+            } elseif ($interfaceState === 'unknown') {
+                $status->addMessage(_('Interface state unknown.'), 'danger');
+            } else {
+                $status->addMessage(sprintf(_('Interface already %s.'), _('up')), 'warning');
+            }
+        } else {
+            $status->addMessage(sprintf(_('Interface is %s.'), strtolower($interfaceState)), $classMsgDevicestatus);
+        }
+    }
+    // brought in from template
+    $arrHostapdConf = parse_ini_file(RASPI_CONFIG.'/hostapd.ini');
+    $bridgedEnable = $arrHostapdConf['BridgedEnable'];
+    $clientInterface = $_SESSION['wifi_client_interface'];
+    $apInterface = $_SESSION['ap_interface'];
+    $MACPattern = '"([[:xdigit:]]{2}:){5}[[:xdigit:]]{2}"';
+
+    if (getBridgedState()) {
+        $moreLink = "hostapd_conf";
+        exec('iw dev ' . $apInterface . ' station dump | grep -oE ' . $MACPattern, $clients);
+    } else {
+        $moreLink = "dhcpd_conf";
+        exec('cat ' . RASPI_DNSMASQ_LEASES . '| grep -E $(iw dev ' . $apInterface . ' station dump | grep -oE ' . $MACPattern . ' | paste -sd "|")', $clients);
+    }
+    $ifaceStatus = $wlan0up ? "up" : "down";
 
     echo renderTemplate(
         "dashboard", compact(
-            "revision",
-            "deviceImage",
-            "interface",
+            "clients",
+            "moreLink",
+            "apInterface",
             "clientInterface",
-            "state",
-            "bridgedStatus",
-            "hostapdStatus",
-            "adblockStatus",
-            "vpnStatus",
-            "vpnManaged",
-            "firewallUnavailable",
-            "firewallStatus",
-            "firewallManaged",
-            "ipv4Address",
-            "ipv4Netmask",
-            "macAddress",
-            "ssid",
+            "ifaceStatus",
+            "bridgedEnable",
+            "status",
+            "ipv4Addrs",
+            "ipv4Netmasks",
+            "ipv6Addrs",
+            "macAddr",
+            "strRxPackets",
+            "strRxBytes",
+            "strTxPackets",
+            "strTxBytes",
+            "connectedSSID",
+            "connectedBSSID",
+            "bitrate",
+            "signalLevel",
+            "txPower",
             "frequency",
-            "freq5active",
-            "freq24active",
-            "wirelessClients",
-            "wirelessClientLabel",
-            "wirelessClientActive",
-            "ethernetClients",
-            "ethernetClientLabel",
-            "ethernetClientActive",
-            "totalClients",
-            "totalClientsActive",
-            "connectionType",
-            "connectionIcon",
-            "ethernetActive",
-            "wirelessActive",
-            "tetheringActive",
-            "cellularActive",
-            "status"
+            "strLinkQuality",
+            "wlan0up"
         )
     );
     $extraFooterScripts[] = array('src'=>'app/js/dashboardchart.js', 'defer'=>false);
+    $extraFooterScripts[] = array('src'=>'app/js/linkquality.js', 'defer'=>false);
 }
 
-/**
- * Renders a URL for an svg solid line representing the associated
- * connection type
- *
- * @param string $connectionType
- * @return string
- */
-function renderConnection(string $connectionType): string
-{
-    $deviceMap = [
-        'ethernet'  => 'device-1',
-        'wireless'  => 'device-2',
-        'tethering' => 'device-3',
-        'cellular'  => 'device-4'
-    ];
-    $device = $deviceMap[$connectionType] ?? 'device-unknown';
-
-    // return generated URL for solid.php
-    return sprintf('app/img/solid.php?joint&%s&out', $device);
-}
-
-/**
- * Renders a URL for an svg solid line representing associated
- * client connection(s)
- *
- * @param int $wirelessClients
- * @param int $ethernetClients
- * @return string
- */
-function renderClientConnections(int $wirelessClients, int $ethernetClients): string
-{
-    $devices = [];
-
-    if ($wirelessClients > 0) {
-        $devices[] = 'device-1&out';
-    }
-    if ($ethernetClients > 0) {
-        $devices[] = 'device-2&out';
-    }
-    return empty($devices) ? '' : sprintf(
-        '<img src="app/img/right-solid.php?%s" class="solid-lines solid-lines-right" alt="Client connections">',
-        implode('&', $devices)
-    );
-}
-
-

includes/defaults.php

@@ -7,7 +7,7 @@ if (!defined('RASPI_CONFIG')) {
 $defaults = [
   'RASPI_BRAND_TEXT' => 'RaspAP',
   'RASPI_BRAND_TITLE' => RASPI_BRAND_TEXT.' Admin Panel',
-  'RASPI_VERSION' => '3.3.2',
+  'RASPI_VERSION' => '3.2.7',
   'RASPI_CONFIG_NETWORK' => RASPI_CONFIG.'/networking/defaults.json',
   'RASPI_CONFIG_PROVIDERS' => 'config/vpn-providers.json',
   'RASPI_CONFIG_API' => RASPI_CONFIG.'/api',

includes/exceptions.php

@@ -0,0 +1,6 @@
+<?php
+require_once 'src/RaspAP/Exceptions/ExceptionHandler.php';
+
+$handler = new RaspAP\Exceptions\ExceptionHandler;
+?>
+

includes/footer.php

@@ -3,10 +3,10 @@
 <div class="d-flex align-items-center justify-content-between small">
   <div class="text-muted">
     <span class="pe-2"><a href="/about">v<?php echo RASPI_VERSION; ?></a></span>  |
-    <span class="ps-2"><?php echo sprintf(_('Created by the <a href="%s" target="_blank" rel="noopener">%s</a>'), 'https://github.com/RaspAP', _('RaspAP Team')); ?></span>
+    <span class="ps-2">Created by the <a href="https://github.com/RaspAP" target="_blank" rel="noopener">RaspAP Team</a></span>
   </div>
   <div class="text-muted">
-    <i class="fas fa-heart heart"></i> <a href="https://docs.raspap.com/insiders" target="_blank" rel="noopener"><?php echo _("Get Insiders"); ?></a>
+    <i class="fas fa-heart heart"></i> <a href="https://docs.raspap.com/insiders" target="_blank" rel="noopener">Get Insiders</a>
   </div>
 </div>
 

includes/functions.php

@@ -177,17 +177,15 @@ function getDefaultNetOpts($svc,$key)
  * @param string $key
  * @return object $json
  */
-function getProviderValue($id, $key)
+function getProviderValue($id,$key)
 {
     $obj = json_decode(file_get_contents(RASPI_CONFIG_PROVIDERS), true);
-    if (!isset($obj['providers']) || !is_array($obj['providers'])) {
+    if ($obj === null) {
         return false;
+    } else {
+        $id--;
+        return $obj['providers'][$id][$key];
     }
-    $id--;
-    if (!isset($obj['providers'][$id]) || !is_array($obj['providers'][$id])) {
-        return false;
-    }
-    return $obj['providers'][$id][$key] ?? false;
 }
 
 /* Functions to write ini files */
@@ -306,6 +304,82 @@ function filter_comments($var)
     return $var[0] != '#';
 }
 
+/**
+ * Saves a CSRF token in the session
+ */
+function ensureCSRFSessionToken()
+{
+    if (empty($_SESSION['csrf_token'])) {
+        $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
+    }
+}
+
+/**
+ * Add CSRF Token to form
+ */
+function CSRFTokenFieldTag()
+{
+    $token = htmlspecialchars($_SESSION['csrf_token']);
+    return '<input type="hidden" name="csrf_token" value="' . $token . '">';
+}
+
+/**
+ * Retuns a CSRF meta tag (for use with xhr, for example)
+ */
+function CSRFMetaTag()
+{
+    $token = htmlspecialchars($_SESSION['csrf_token']);
+    return '<meta name="csrf_token" content="' . $token . '">';
+}
+
+/**
+ * Validate CSRF Token
+ */
+function CSRFValidate()
+{
+    if (empty($_SESSION['csrf_token']) || !is_string($_SESSION['csrf_token'])) {
+        error_log('Session expired or CSRF token is missing.');
+        header('Location: /login');
+        exit;
+    }
+
+    $post_token = $_POST['csrf_token'] ?? null;
+    $header_token = $_SERVER['HTTP_X_CSRF_TOKEN'] ?? null;
+
+    if (empty($post_token) && is_null($header_token)) {
+        error_log('CSRF token missing in the request');
+        return false;
+    }
+    $request_token = $post_token ?: $header_token;
+
+    if (hash_equals($_SESSION['csrf_token'], $request_token)) {
+        return true;
+    } else {
+        error_log('CSRF token mismatch');
+        return false;
+    }
+}
+
+/**
+ * Should the request be CSRF-validated?
+ */
+function csrfValidateRequest()
+{
+    $request_method = strtolower($_SERVER['REQUEST_METHOD']);
+    return in_array($request_method, [ "post", "put", "patch", "delete" ]);
+}
+
+/**
+ * Handle invalid CSRF
+ */
+function handleInvalidCSRFToken()
+{
+    header('HTTP/1.1 500 Internal Server Error');
+    header('Content-Type: text/plain');
+    echo 'Invalid CSRF token';
+    exit;
+}
+
 /**
  * Test whether array is associative
  */
@@ -555,13 +629,6 @@ function mb_escapeshellarg($arg)
     }
 }
 
-function safeOutputValue($def, $arr)
-{
-    if (array_key_exists($def, $arr)) {
-        echo htmlspecialchars($arr[$def], ENT_QUOTES);
-    }
-}
-
 function dnsServers()
 {
     $data = json_decode(file_get_contents("./config/dns-servers.json"));
@@ -637,6 +704,7 @@ function formatDateAgo($datetime, $full = false)
 function initializeApp()
 {
     $_SESSION["theme_url"] = getThemeOpt();
+    $_SESSION["toggleState"] = getSidebarState();
     $_SESSION["bridgedEnabled"] = getBridgedState();
     $_SESSION["providerID"] = getProviderID();
 }
@@ -662,17 +730,22 @@ function getColorOpt()
     return $color;
 }
 
+function getSidebarState()
+{
+    if(isset($_COOKIE['sidebarToggled'])) {
+        if ($_COOKIE['sidebarToggled'] == 'true' ) {
+            return "toggled";
+        }
+    }
+}
+
+// Returns bridged AP mode status
 function getBridgedState()
 {
-
-	$hostapdIni = RASPI_CONFIG . '/hostapd.ini';
-	if (!file_exists($hostapdIni)) {
-		return 0;
-	} else {
-		$arrHostapdConf = parse_ini_file($hostapdIni);
-	}
+    $arrHostapdConf = parse_ini_file(RASPI_CONFIG.'/hostapd.ini');
+    // defaults to false
     return  $arrHostapdConf['BridgedEnable'];
- }
+}
 
 // Returns VPN provider ID, if defined
 function getProviderID()

includes/hostapd.php

@@ -19,7 +19,7 @@ function DisplayHostAPDConfig()
         'a' => '802.11a - 5 GHz',
         'b' => '802.11b - 2.4 GHz',
         'g' => '802.11g - 2.4 GHz',
-        'n' => '802.11n - 2.4/5 GHz',
+        'n' => '802.11n - 2.4 GHz',
         'ac' => '802.11ac - 5 GHz'
     ];
     $languageCode = strtok($_SESSION['locale'], '_');
@@ -46,12 +46,7 @@ function DisplayHostAPDConfig()
             SaveHostAPDConfig($arrSecurity, $arrEncType, $arr80211Standard, $interfaces, $reg_domain, $status);
         }
     }
-
-    $arrHostapdConf = [];
-    $hostapdIni = RASPI_CONFIG . '/hostapd.ini';
-	if (file_exists($hostapdIni)) {
-        $arrHostapdConf = parse_ini_file($hostapdIni);
-    }
+    $arrHostapdConf = parse_ini_file(RASPI_CONFIG.'/hostapd.ini');
 
     if (!RASPI_MONITOR_ENABLED) {
          if (isset($_POST['StartHotspot']) || isset($_POST['RestartHotspot'])) {
@@ -141,9 +136,6 @@ function DisplayHostAPDConfig()
         }
     }
 
-    $arrConfig['ignore_broadcast_ssid'] ??= 0;
-    $arrConfig['max_num_sta'] ??= 0;
-    $arrConfig['wep_default_key'] ??= 0;
     exec('sudo /bin/chmod o+r '.RASPI_HOSTAPD_LOG);
     $logdata = getLogLimited(RASPI_HOSTAPD_LOG);
 
@@ -289,13 +281,18 @@ function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $reg_dom
         $good_input = false;
     }
 
-    $ignore_broadcast_ssid = $_POST['hiddenSSID'] ?? '0';
-    if (!ctype_digit($ignore_broadcast_ssid)) {
-        $status->addMessage('Parameter hiddenSSID not a number.', 'danger');
-        $good_input = false;
-    } elseif ((int)$ignore_broadcast_ssid < 0 || (int)$ignore_broadcast_ssid >= 3) {
-        $status->addMessage('Parameter hiddenSSID contains an invalid configuration value.', 'danger');
-        $good_input = false;
+    if (isset($_POST['hiddenSSID'])) {
+        if (!is_int((int)$_POST['hiddenSSID'])) {
+            $status->addMessage('Parameter hiddenSSID not a number.', 'danger');
+            $good_input = false;
+        } elseif ((int)$_POST['hiddenSSID'] < 0 || (int)$_POST['hiddenSSID'] >= 3) {
+            $status->addMessage('Parameter hiddenSSID contains invalid configuratie value.', 'danger');
+            $good_input = false;
+        } else {
+            $ignore_broadcast_ssid = $_POST['hiddenSSID'];
+        }
+    } else {
+        $ignore_broadcast_ssid = '0';
     }
 
     if (! in_array($_POST['interface'], $interfaces)) {
@@ -367,17 +364,14 @@ function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $reg_dom
 
         // Set dhcp values from system config, fallback to default if undefined
         $jsonData = json_decode(getNetConfig($ap_iface), true);
-        $ip_address = empty($jsonData['StaticIP'])
-            ? getDefaultNetValue('dhcp', $ap_iface, 'static ip_address') : $jsonData['StaticIP'];
-        $domain_name_server = empty($jsonData['StaticDNS']) 
-            ? getDefaultNetValue('dhcp', $ap_iface, 'static domain_name_server') : $jsonData['StaticDNS'];
-        $routers = empty($jsonData['StaticRouters']) 
-            ? getDefaultNetValue('dhcp', $ap_iface, 'static routers') : $jsonData['StaticRouters'];
-        $netmask = (empty($jsonData['SubnetMask']) || $jsonData['SubnetMask'] === '0.0.0.0') 
-            ? getDefaultNetValue('dhcp', $ap_iface, 'subnetmask') : $jsonData['SubnetMask'];
+        $ip_address = ($jsonData['StaticIP'] == '') ? getDefaultNetValue('dhcp',$ap_iface,'static ip_address') : $jsonData['StaticIP'];
+        $domain_name_server = ($jsonData['StaticDNS'] =='') ? getDefaultNetValue('dhcp',$ap_iface,'static domain_name_server') : $jsonData['StaticDNS'];
+        $routers = ($jsonData['StaticRouters'] == '') ? getDefaultNetValue('dhcp',$ap_iface,'static routers') : $jsonData['StaticRouters'];
+        $netmask = ($jsonData['SubnetMask'] == '' || $jsonData['SubnetMask'] == '0.0.0.0') ? getDefaultNetValue('dhcp',$ap_iface,'subnetmask') : $jsonData['SubnetMask'];
         if (isset($ip_address) && !preg_match('/.*\/\d+/', $ip_address)) {
             $ip_address.='/'.mask2cidr($netmask);
         }
+
         if ($bridgedEnable == 1) {
             $config = array_keys(getDefaultNetOpts('dhcp','options'));
             $config[] = PHP_EOL.'# RaspAP br0 configuration';
@@ -398,9 +392,7 @@ function SaveHostAPDConfig($wpa_array, $enc_types, $modes, $interfaces, $reg_dom
             $config[] = 'static ip_address='.$ip_address;
             $config[] = 'static routers='.$routers;
             $config[] = 'static domain_name_server='.$domain_name_server;
-            if (!empty($jsonData['Metric'])) {
-                $config[] = 'metric ' . $jsonData['Metric'];
-            }
+            if (! is_null($jsonData['Metric'])) { $config[] = 'metric '.$jsonData['Metric']; }
         }
         $dhcp_cfg = file_get_contents(RASPI_DHCPCD_CONFIG);
 

includes/locale.php

@@ -11,7 +11,7 @@
  *
  * Refer to: https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.4
  */
-if (empty($_SESSION['locale']) && !empty($_SERVER['HTTP_ACCEPT_LANGUAGE']) && strlen($_SERVER['HTTP_ACCEPT_LANGUAGE']) >= 2) {
+if (empty($_SESSION['locale']) && strlen($_SERVER['HTTP_ACCEPT_LANGUAGE']) >= 2) {
     $lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
     switch ($lang) {
     case "de":
@@ -90,10 +90,9 @@ if (empty($_SESSION['locale']) && !empty($_SERVER['HTTP_ACCEPT_LANGUAGE']) && st
 // Use: 'sudo raspi-configure' and select 'Localisation Options'
 
 // activate the locale setting
-if (!empty($_SESSION['locale'])) {
-    putenv("LANG=" . $_SESSION['locale']);
-    setlocale(LC_ALL, $_SESSION['locale']);
-}
+putenv("LANG=" . $_SESSION['locale']);
+setlocale(LC_ALL, $_SESSION['locale']);
+
 bindtextdomain(LOCALE_DOMAIN, LOCALE_ROOT);
 bind_textdomain_codeset(LOCALE_DOMAIN, 'UTF-8');
 

includes/navbar.php

@@ -13,7 +13,7 @@
     <!-- Auth user -->
     <li class="nav-item mt-1">
       <a class="nav-link" href="auth_conf">
-        <span class="mr-2 small nav-user"><?php echo htmlspecialchars($_SESSION['user_id'] ?? '', ENT_QUOTES); ?></span>
+        <span class="mr-2 small nav-user"><?php echo htmlspecialchars($_SESSION['user_id'], ENT_QUOTES); ?></span>
         <i class="fas fa-user-circle text-muted mt-2 fa-3x"></i>
       </a>
     </li>

includes/sysstats.php

@@ -50,6 +50,6 @@ if ($hostapd[0] ==1) {
     $hostapd_led = "service-status-up";
 } else {
     $hostapd_status = "down";
-    $hostapd_led = "service-status-warn";
+    $hostapd_led = "service-status-down";
 }
 

includes/system.php

@@ -9,7 +9,6 @@ require_once 'config.php';
 function DisplaySystem(&$extraFooterScripts)
 {
     $status = new \RaspAP\Messages\StatusMessage;
-    $dashboard = new \RaspAP\UI\Dashboard;
     $pluginInstaller = \RaspAP\Plugins\PluginInstaller::getInstance();
 
     if (isset($_POST['SaveLanguage'])) {
@@ -87,7 +86,6 @@ function DisplaySystem(&$extraFooterScripts)
     $kernel   = $system->kernelVersion();
     $systime  = $system->systime();
     $revision = $system->rpiRevision();
-    $deviceImage = $dashboard->getDeviceImage($revision);
 
     // memory use
     $memused  = $system->usedMemory();
@@ -131,7 +129,6 @@ function DisplaySystem(&$extraFooterScripts)
         "uptime",
         "systime",
         "revision",
-        "deviceImage",
         "cores",
         "os",
         "kernel",

includes/wifi_functions.php

@@ -160,20 +160,19 @@ function sortNetworksByRSSI(&$networks)
  */
 function getWifiInterface()
 {
-    $hostapdIni = RASPI_CONFIG . '/hostapd.ini';
-    $arrHostapdConf = file_exists($hostapdIni) ? parse_ini_file($hostapdIni) : [];
+        $arrHostapdConf = parse_ini_file(RASPI_CONFIG.'/hostapd.ini');
+        $iface = $_SESSION['ap_interface'] = isset($arrHostapdConf['WifiInterface']) ?  $arrHostapdConf['WifiInterface'] : RASPI_WIFI_AP_INTERFACE;
+        // check for 2nd wifi interface -> wifi client on different interface
+        exec("iw dev | awk '$1==\"Interface\" && $2!=\"$iface\" {print $2}'",$iface2);
+        $client_iface = $_SESSION['wifi_client_interface'] = (empty($iface2) ? $iface : trim($iface2[0]));
 
-    $iface = $_SESSION['ap_interface'] = $arrHostapdConf['WifiInterface'] ?? RASPI_WIFI_AP_INTERFACE;
-
-    // check for 2nd wifi interface -> wifi client on different interface
-    exec("iw dev | awk '$1==\"Interface\" && $2!=\"$iface\" {print $2}'", $iface2);
-    $client_iface = $_SESSION['wifi_client_interface'] = empty($iface2) ? $iface : trim($iface2[0]);
-
-    // handle special case for RPi Zero W in AP-STA mode
-    if ($client_iface === "uap0" && ($arrHostapdConf['WifiAPEnable'] ?? 0)) {
-        $_SESSION['wifi_client_interface'] = $iface;
-        $_SESSION['ap_interface'] = $client_iface;
-    }
+        // specifically for rpi0W in AP-STA mode, the above check ends up with the interfaces
+        // crossed over (wifi_client_interface vs 'ap_interface'), because the second interface (uap0) is 
+        // created by raspap and used as the access point.
+        if ($client_iface == "uap0"  && ($arrHostapdConf['WifiAPEnable'] ?? 0)){
+            $_SESSION['wifi_client_interface'] = $iface;
+            $_SESSION['ap_interface'] = $client_iface; 
+        } 
 }
 
 /*

includes/wireguard.php

@@ -10,10 +10,10 @@ function DisplayWireGuardConfig()
     $status = new \RaspAP\Messages\StatusMessage;
     $parseFlag = true;
     if (!RASPI_MONITOR_ENABLED) {
-        $optRules     = isset($_POST['wgRules']) ? $_POST['wgRules'] : null;
-        $optConf      = isset($_POST['wgCnfOpt']) ? $_POST['wgCnfOpt'] : null;
-        $optSrvEnable = isset($_POST['wgSrvEnable']) ? $_POST['wgSrvEnable'] : null;
-        $optLogEnable = isset($_POST['wgLogEnable']) ? $_POST['wgLogEnable'] : null;
+        $optRules     = $_POST['wgRules'];
+        $optConf      = $_POST['wgCnfOpt'];
+        $optSrvEnable = $_POST['wgSrvEnable'];
+        $optLogEnable = $_POST['wgLogEnable'];
         if (isset($_POST['savewgsettings']) && $optConf == 'manual' && $optSrvEnable == 1 ) {
             SaveWireGuardConfig($status);
         } elseif (isset($_POST['savewgsettings']) && $optConf == 'upload' && is_uploaded_file($_FILES["wgFile"]["tmp_name"])) {
@@ -69,14 +69,6 @@ function DisplayWireGuardConfig()
     $wg_state = ($wgstatus[0] == 'active' ? true : false );
     $public_ip = get_public_ip();
 
-    // retrieve wg log
-    $wg_log = "";
-    if (file_exists('/tmp/wireguard.log')) {
-        exec('sudo chmod o+r /tmp/wireguard.log');
-        $wg_log = file_get_contents('/tmp/wireguard.log');
-    }
-    $peer_id = $peer_id ?? "1";
-
     echo renderTemplate(
         "wireguard", compact(
             "status",
@@ -97,8 +89,7 @@ function DisplayWireGuardConfig()
             "wg_peerpubkey",
             "wg_pendpoint",
             "wg_pallowedips",
-            "wg_pkeepalive",
-            "wg_log"
+            "wg_pkeepalive"
         )
     );
 }

index.php

@@ -8,13 +8,13 @@
  * Recommended distribution is Raspberry Pi OS (64-bit) Lite. Specific instructions to install the supported software are
  * in the README and original post by @SirLagz. For a quick run through, the packages required for the WebGUI are:
  * lighttpd (version 1.4.69 installed via apt)
- * php-cgi (version 8.2.28 installed via apt)
+ * php-cgi (version 8.2.26 installed via apt)
  * along with their supporting packages, php8.2 will also need to be enabled.
  *
  * @author  Lawrence Yau <sirlagz@gmail.com>
  * @author  Bill Zimmerman <billzimmerman@gmail.com>
  * @license GNU General Public License, version 3 (GPL-3.0)
- * @version 3.3.2
+ * @version 3.2.7
  * @link    https://github.com/RaspAP/raspap-webgui/
  * @link    https://raspap.com/
  * @see     http://sirlagz.net/2013/02/08/raspap-webgui/
@@ -23,12 +23,13 @@
  * as you leave these references intact in the header comments of your source files.
  */
 
+require 'includes/session.php';
+require 'includes/csrf.php';
+ensureCSRFSessionToken();
+
+require_once 'includes/exceptions.php';
 require_once 'includes/config.php';
 require_once 'includes/autoload.php';
-$handler = new RaspAP\Exceptions\ExceptionHandler;
-
-require_once 'includes/CSRF.php';
-require_once 'includes/session.php';
 require_once 'includes/defaults.php';
 require_once 'includes/locale.php';
 require_once 'includes/functions.php';
@@ -58,7 +59,7 @@ initializeApp();
 <html lang="en" <?php setTheme();?>>
   <head>
     <meta charset="utf-8">
-    <?php echo \RaspAP\Tokens\CSRF::metaTag(); ?>
+    <?php echo CSRFMetaTag() ?>
     <meta http-equiv="X-UA-Compatible" content="IE=edge" />
     <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
     <meta name="description" content="">

installers/common.sh

@@ -318,7 +318,7 @@ function _create_hostapd_scripts() {
 # Generate plugin helper scripts
 function _create_plugin_scripts() {
     _install_log "Creating plugin helper scripts"
-    sudo mkdir -p $raspap_dir/plugins || _install_status 1 "Unable to create directory '$raspap_dir/plugins'"
+    sudo mkdir $raspap_dir/plugins || _install_status 1 "Unable to create directory '$raspap_dir/plugins'"
 
     # Copy plugin helper script
     sudo cp "$webroot_dir/installers/"plugin_helper.sh "$raspap_dir/plugins" || _install_status 1 "Unable to move plugin script"
@@ -600,7 +600,6 @@ function _download_latest_files() {
         if [ -n "$username" ] && [ -n "$acctoken" ]; then
             insiders_source_url="https://${username}:${acctoken}@github.com/$repo"
             git clone --branch $branch --depth 1 --recurse-submodules -c advice.detachedHead=false $insiders_source_url $source_dir || clone=false
-            git -C $source_dir submodule update --remote plugins || clone=false
         else
             _install_status 3
             echo "Insiders please read this: https://docs.raspap.com/insiders/#authentication"
@@ -608,7 +607,6 @@ function _download_latest_files() {
     fi
     if [ -z "$insiders_source_url" ]; then
         git clone --branch $branch --depth 1 --recurse-submodules -c advice.detachedHead=false $git_source_url $source_dir || clone=false
-        git -C $source_dir submodule update --remote plugins || clone=false
     fi
     if [ "$clone" = false ]; then
         _install_status 1 "Unable to download files from GitHub"

installers/plugin_helper.sh

@@ -46,7 +46,7 @@ case "$action" in
 
     username=$1
     password=$2
-
+    
     if id "$username" &>/dev/null; then # user already exists
         echo "OK"
         exit 0
@@ -73,33 +73,10 @@ case "$action" in
 
     mkdir -p "$(dirname "$destination")"
     cp "$source" "$destination"
-    chown -R $raspap_user:$raspap_user "$destination"
 
     echo "OK"
     ;;
 
-  "javascript")
-    [ $# -lt 2 ] && { echo "Usage: $0 javascript <source> <destination>"; exit 1; }
-
-    source=$1
-    destination=$2
-
-    if [ ! -f "$source" ]; then
-        echo "Source file $source does not exist."
-        exit 1
-    fi
-
-    if [ ! -d "$destination" ]; then
-        mkdir -p "$destination"
-    fi
-
-    cp "$source" "$destination"
-    chown -R $raspap_user:$raspap_user "$destination"
-
-    echo "OK"
-    ;;
-
-
   "plugin")
     [ $# -lt 2 ] && { echo "Usage: $0 plugin <source> <destination>"; exit 1; }
 
@@ -112,7 +89,7 @@ case "$action" in
     fi
 
     plugin_dir=$(dirname "$destination")
-    if [ ! -d "$plugin_dir" ]; then
+    if [ ! -d "$lugin_dir" ]; then
         mkdir -p "$plugin_dir"
     fi
 
@@ -122,50 +99,15 @@ case "$action" in
     echo "OK"
     ;;
 
-  "keys")
-    [ $# -ne 4 ] && { echo "Usage: $0 keys <key_url> <keyring> <repo> <sources>"; exit 1; }
-
-    key_url="$1"
-    keyring="$2"
-    repo="$3"
-    list_file="$4"
-
-    # add repository GPG key if it doesn't already exist
-    if [ ! -f "$keyring" ]; then
-        echo "Downloading GPG key from $key_url..."
-        curl -fsSL "$key_url" | sudo tee "$keyring" > /dev/null || { echo "Error: Failed to download GPG key."; exit 1; }
-    else
-        echo "Repository GPG key already exists at $keyring"
-    fi
-
-    # add repository list if not present
-    if [ ! -f "$list_file" ]; then
-        echo "Adding repository $repo to sources list"
-        curl -fsSL "$repo" | sudo tee "$list_file" > /dev/null || { echo "Error: Failed to add repository to sources list."; exit 1; }
-        update_required=1
-    else
-        echo "Repository already exists in sources list"
-    fi
-
-    # update apt package list if required
-    if [ "$update_required" == "1" ]; then
-        sudo apt-get update || { echo "Error: Failed to update apt"; exit 1; }
-    fi
-
-    echo "OK"
-    ;;
-
   *)
     echo "Invalid action: $action"
     echo "Usage: $0 <action> [parameters...]"
     echo "Actions:"
-    echo "  sudoers <file>                              Install a sudoers file"
-    echo "  packages <packages>                         Install aptitude package(s)"
-    echo "  user <name> <password>                      Add user non-interactively"
-    echo "  config <source <destination>                Applies a config file"
-    echo "  javascript <source> <destination>           Applies a JavaScript file"
-    echo "  plugin <source> <destination>               Copies a plugin directory"
-    echo "  keys <key_url> <keyring> <repo> <sources>   Installs a GPG key for a third-party repo"
+    echo "  sudoers <file>                 Install a sudoers file"
+    echo "  packages <packages>            Install aptitude package(s)"
+    echo "  user <name> <password>         Add user non-interactively"
+    echo "  config <source <destination>   Applies a config file"
+    echo "  plugin <source <destination>   Copies a plugin directory"
     exit 1
     ;;
 esac

locale/en_US/LC_MESSAGES/messages.po

@@ -25,8 +25,8 @@ msgstr "RaspAP Wifi Configuration Portal"
 msgid "Toggle navigation"
 msgstr "Toggle navigation"
 
-msgid "RaspAP Admin Panel"
-msgstr "RaspAP Admin Panel"
+msgid "RaspAP Wifi Portal"
+msgstr "RaspAP Wifi Portal"
 
 msgid "Dashboard"
 msgstr "Dashboard"
@@ -244,8 +244,8 @@ msgstr "Frequency"
 msgid "Link Quality"
 msgstr "Link Quality"
 
-msgid "Information provided by raspap.system"
-msgstr "Information provided by raspap.system"
+msgid "Information provided by ip and iw and from system"
+msgstr "Information provided by ip and iw and from system"
 
 msgid "No MAC Address Found"
 msgstr "No MAC Address Found"
@@ -283,53 +283,9 @@ msgstr "Connected Devices"
 msgid "Client: Ethernet cable"
 msgstr "Client: Ethernet cable"
 
-msgid "Current status"
-msgstr "Current status"
-
 msgid "Ethernet"
 msgstr "Ethernet"
 
-msgid "Repeater"
-msgstr "Repeater"
-
-msgid "Tethering"
-msgstr "Tethering"
-
-msgid "Cellular"
-msgstr "Cellular"
-
-msgid "AP"
-msgstr "AP"
-
-msgid "Bridged"
-msgstr "Bridged"
-
-msgid "Adblock"
-msgstr "Adblock"
-
-msgid "VPN"
-msgstr "VPN"
-
-msgid "Firewall"
-msgstr "Firewall"
-
-msgid "Netmask"
-msgstr "Netmask"
-
-msgid "5G"
-msgstr "5G"
-
-msgid "2.4G"
-msgstr "2.4G"
-
-msgid "%d WLAN %s"
-msgstr "%d WLAN %s"
-
-msgid "client"
-msgid_plural "clients"
-msgstr[0] "client"
-msgstr[1] "clients"
-
 msgid "Client: Smartphone (USB tethering)"
 msgstr "Client: Smartphone (USB tethering)"
 
@@ -378,16 +334,6 @@ msgstr "Signal strength"
 msgid "No Client device or not yet configured"
 msgstr "No Client device or not yet configured"
 
-#: includes/footer.php
-msgid "Created by the <a href=\"%s\" target=\"_blank\" rel=\"noopener\">%s</a>"
-msgstr "Created by the <a href=\"%s\" target=\"_blank\" rel=\"noopener\">%s</a>"
-
-msgid "RaspAP Team"
-msgstr "RaspAP Team"
-
-msgid "Get Insiders"
-msgstr "Get Insiders"
-
 #: includes/dhcp.php
 msgid "DHCP server settings"
 msgstr "DHCP server settings"

plugins

@@ -1 +1 @@
-Subproject commit 38331709b6c8198c0dbf1c7c85cb52b8ae3ea79a
+Subproject commit 825f74edf49ae34705deb4625d3f3c571dc69bda

src/RaspAP/Auth/HTTPAuth.php

@@ -74,21 +74,6 @@ class HTTPAuth
         return false;
     }
 
-    /*
-     * Logs out the administrative user
-     */
-    public function logout(): void
-    {
-        session_regenerate_id(true); // generate a new session id
-        session_unset(); // unset all session variables
-        session_destroy(); // destroy the session
-        $redirectUrl = $_SERVER['REQUEST_URI'];
-        if (strpos($redirectUrl, '/login') === false) {
-            header('Location: /login?action=' . urlencode($redirectUrl));
-            exit();
-        }
-    }
-
     /*
      * Gets the current authentication config
      * return array $config

src/RaspAP/DotEnv/DotEnv.php

@@ -37,7 +37,7 @@ class DotEnv
                 }
             }
         } else {
-            throw new \Exception(".env file '{$this->envFile}' not found.");
+            throw new Exception(".env file '{$this->envFile}' not found.");
         }
     }
 
@@ -75,7 +75,7 @@ class DotEnv
         file_put_contents("/tmp/.env", $content);
         system('sudo mv /tmp/.env '.$this->envFile, $result);
         if ($result !== 0) {
-            throw new \Exception("Unable to move .env file: ". $this->envFile);
+            throw new Exception("Unable to move .env file: ". $this->envFile);
         }
     }
 
@@ -83,7 +83,7 @@ class DotEnv
     {
         exec('sudo touch '. escapeshellarg($this->envFile), $output, $result);
         if ($result !== 0) {
-            throw new \Exception("Unable to create .env file: ". $this->envFile);
+            throw new Exception("Unable to create .env file: ". $this->envFile);
         }
     }
 }

src/RaspAP/Parsers/IwParser.php

@@ -47,7 +47,7 @@ class IwParser
             "(no IR)"
         ];
         $excluded_pattern = implode('|', array_map('preg_quote', $excluded));
-        $pattern = '/\*\s+([\d.]+)\s+MHz \[(\d+)\] \(([\d.]+) dBm\)\s(?!' .$excluded_pattern. ')/';
+        $pattern = '/\*\s+(\d+)\s+MHz \[(\d+)\] \(([\d.]+) dBm\)\s(?!' .$excluded_pattern. ')/';
         $supportedFrequencies = [];
 
         // Match iw_output containing supported frequencies

src/RaspAP/Plugins/PluginInstaller.php

@@ -22,8 +22,6 @@ class PluginInstaller
     private $refModules;
     private $rootPath;
     private $pluginsManifest;
-    private $repoPublic;
-    private $helperScriptPath;
 
     public function __construct()
     {
@@ -34,8 +32,6 @@ class PluginInstaller
         $this->refModules = '/refs/heads/master/.gitmodules';
         $this->rootPath = $_SERVER['DOCUMENT_ROOT'];
         $this->pluginsManifest = '/plugins/manifest.json';
-        $this->repoPublic = $this->getRepository();
-        $this->helperScriptPath = RASPI_CONFIG.'/plugins/plugin_helper.sh';
     }
 
     // Returns a single instance of PluginInstaller
@@ -67,70 +63,51 @@ class PluginInstaller
             if (json_last_error() !== JSON_ERROR_NONE) {
                 throw new \Exception("Error parsing manifest.json: " . json_last_error_msg());
             }
-
             // fetch installed plugins
             $installedPlugins = $this->getPlugins();
+
             $plugins = [];
 
             foreach ($manifestData as $pluginManifest) {
-                $pluginEntries = [];
+                $installed = false;
 
-                foreach ($pluginManifest as $plugin) {
-                    $installed = false;
-
-                    if (!empty($plugin['namespace'])) {
-                        foreach ($installedPlugins as $installedPlugin) {
-                            if (strpos($installedPlugin['class'], $plugin['namespace']) !== false) {
-                                $installed = true;
-                                break;
-                            }
-                        }
+                // Check if the plugin is installed
+                foreach ($installedPlugins as $plugin) {
+                    if (str_contains($plugin, $pluginManifest[0]['namespace'])) {
+                        $installed = true;
+                        break;
                     }
-                    $pluginEntries[] = [
-                        'manifest' => $plugin,
-                        'installed' => $installed
-                    ];
                 }
-                $plugins[] = $pluginEntries;
+                $plugins[] = [
+                    'manifest' => $pluginManifest,
+                    'installed' => $installed
+                ];
             }
-            return array_merge(...$plugins);
+            return $plugins;
         } catch (\Exception $e) {
             error_log("An error occurred: " . $e->getMessage());
-            throw $e; // re-throw to global ExceptionHandler
+            throw $e;  // re-throw to global ExceptionHandler
+            return [];
         }
     }
 
     /**
      * Returns an array of installed plugins in pluginPath
      *
-     * @param string|null $path; optional path to search for plugins. Defaults to $this->pluginPath.
      * @return array $plugins
-     */
-    public function getPlugins(?string $path = null): array
+     */ 
+    public function getPlugins(): array
     {
         $plugins = [];
-        $pluginPath = $path ?? $this->pluginPath;
-
-        if (file_exists($pluginPath)) {
-            $directories = scandir($pluginPath);
+        if (file_exists($this->pluginPath)) {
+            $directories = scandir($this->pluginPath);
 
             foreach ($directories as $directory) {
-                if ($directory === '.' || $directory === '..') {
-                    continue;
-                }
                 $pluginClass = "RaspAP\\Plugins\\$directory\\$directory";
-                $pluginFile = "$pluginPath/$directory/$directory.php";
+                $pluginFile = $this->pluginPath . "/$directory/$directory.php";
 
-                if (file_exists($pluginFile)) {
-                    if ($path === 'plugins-available') {
-                        require_once $pluginFile;
-                    }
-                    if (class_exists($pluginClass)) {
-                        $plugins[] = [
-                            'class' => $pluginClass,
-                            'installPath' => $pluginPath
-                        ];
-                    }
+                if (file_exists($pluginFile) && class_exists($pluginClass)) {
+                    $plugins[] = $pluginClass;
                 }
             }
         }
@@ -138,61 +115,30 @@ class PluginInstaller
     }
 
     /**
-     * Installs a plugin by either extracting an archive or creating a symlink,
-     * then performs required actions as defined in the plugin manifest
+     * Retrieves a plugin archive and performs install actions defined in the manifest
      *
-     * @param string $pluginUri
-     * @param string $pluginVersion
-     * @param string $installPath
+     * @param string $archiveUrl
      * @return boolean
      * @throws \Exception
      */
-    public function installPlugin(string $pluginUri, string $pluginVersion, string $installPath): bool
+    public function installPlugin($archiveUrl): bool
     {
         $tempFile = null;
         $extractDir = null;
         $pluginDir = null;
 
         try {
-            if ($installPath === 'plugins-available') {
-                // extract plugin name from URI
-                $pluginName = basename($pluginUri);
-                $sourcePath = $this->rootPath . '/plugins-available/' . $pluginName;
-                $targetPath = $this->rootPath . '/plugins/' . $pluginName;
-
-                if (!is_dir($sourcePath)) {
-                    throw new \Exception("Plugin '$pluginName' not found in plugins-available");
-                }
-
-                // ensure target does not already exist
-                if (file_exists($targetPath)) {
-                    throw new \Exception("Plugin '$pluginName' is already installed.");
-                }
-
-                // create symlink
-                if (!symlink($sourcePath, $targetPath)) {
-                    throw new \Exception("Failed to symlink '$pluginName' to plugins/");
-                }
-                $pluginDir = $targetPath;
-            } else {
-                // fetch and extract the plugin archive
-                $archiveUrl = rtrim($pluginUri, '/') . '/archive/refs/tags/' .$pluginVersion.'.zip';
-                list($tempFile, $extractDir, $pluginDir) = $this->getPluginArchive($archiveUrl);
-            }
+            list($tempFile, $extractDir, $pluginDir) = $this->getPluginArchive($archiveUrl);
 
             $manifest = $this->parseManifest($pluginDir);
             $this->pluginName = preg_replace('/\s+/', '', $manifest['name']);
-            $rollbackStack = []; // Store actions to rollback on failure
+            $rollbackStack = []; // store actions to rollback on failure
 
             try {
                 if (!empty($manifest['sudoers'])) {
                     $this->addSudoers($manifest['sudoers']);
                     $rollbackStack[] = 'removeSudoers';
                 }
-                if (!empty($manifest['keys'])) {
-                    $this->installRepositoryKeys($manifest['keys']);
-                    $rollbackStack[] = 'uninstallRepositoryKeys';
-                }
                 if (!empty($manifest['dependencies'])) {
                     $this->installDependencies($manifest['dependencies']);
                     $rollbackStack[] = 'uninstallDependencies';
@@ -205,26 +151,26 @@ class PluginInstaller
                     $this->copyConfigFiles($manifest['configuration'], $pluginDir);
                     $rollbackStack[] = 'removeConfigFiles';
                 }
-                if (!empty($manifest['javascript'])) {
-                    $this->copyJavaScriptFiles($manifest['javascript'], $pluginDir);
-                    $rollbackStack[] = 'removeJavaScript';
-                }
-                if ($installPath === 'plugins') {
-                    $this->copyPluginFiles($pluginDir, $this->rootPath);
-                    $rollbackStack[] = 'removePluginFiles';
-                }
+                $this->copyPluginFiles($pluginDir, $this->rootPath);
+                $rollbackStack[] = 'removePluginFiles';
+
                 return true;
+
             } catch (\Exception $e) {
+                //$this->rollback($rollbackStack, $manifest, $pluginDir);
                 throw new \Exception('Installation step failed: ' . $e->getMessage());
+                error_log('Plugin installation failed: ' . $e->getMessage());
             }
+
         } catch (\Exception $e) {
-            error_log('Plugin installation failed: ' . $e->getMessage());
-            throw new \Exception($e->getMessage());
+            error_log('An error occured: ' .$e->getMessage());
+            throw new \Exception( $e->getMessage());
+            //throw $e;
         } finally {
-            if (isset($tempFile) && file_exists($tempFile)) {
+            if (!empty($tempFile) && file_exists($tempFile)) {
                 unlink($tempFile);
             }
-            if (isset($extractDir) && is_dir($extractDir)) {
+            if (!empty($extractDir) && is_dir($extractDir)) {
                 $this->deleteDir($extractDir);
             }
         }
@@ -248,7 +194,7 @@ class PluginInstaller
         $cmd = sprintf('sudo visudo -cf %s', escapeshellarg($tmpSudoers));
         $return = shell_exec($cmd);
         if (strpos(strtolower($return), 'parsed ok') !== false) {
-            $cmd = sprintf('sudo %s sudoers %s', escapeshellarg($this->helperScriptPath), escapeshellarg($tmpSudoers));
+            $cmd = sprintf('sudo /etc/raspap/plugins/plugin_helper.sh sudoers %s', escapeshellarg($tmpSudoers));
             $return = shell_exec($cmd);
             if (strpos(strtolower($return), 'ok') === false) {
                 throw new \Exception('Plugin helper failed to install sudoers.');
@@ -268,7 +214,7 @@ class PluginInstaller
         $packages = array_keys($dependencies);
         $packageList = implode(' ', $packages);
 
-        $cmd = sprintf('sudo %s packages %s', escapeshellarg($this->helperScriptPath), escapeshellarg($packageList));
+        $cmd = sprintf('sudo /etc/raspap/plugins/plugin_helper.sh packages %s', escapeshellarg($packageList));
         $return = shell_exec($cmd);
         if (strpos(strtolower($return), 'ok') === false) {
             throw new \Exception('Plugin helper failed to install depedencies.');
@@ -288,7 +234,7 @@ class PluginInstaller
         $username = escapeshellarg($user['name']);
         $password = escapeshellarg($user['pass']);
 
-        $cmd = sprintf('sudo %s user %s %s', escapeshellarg($this->helperScriptPath), $username, $password);
+        $cmd = sprintf('sudo /etc/raspap/plugins/plugin_helper.sh user %s %s', $username, $password);
         $return = shell_exec($cmd);
         if (strpos(strtolower($return), 'ok') === false) {
             throw new \Exception('Plugin helper failed to create user: ' . $user['name']);
@@ -305,13 +251,8 @@ class PluginInstaller
     {
         foreach ($configurations as $config) {
             $source = escapeshellarg($pluginDir . DIRECTORY_SEPARATOR . $config['source']);
-            $destination = $config['destination'];
-
-            if (!str_starts_with($destination, '/')) {
-                $destination = $this->rootPath . '/' . ltrim($destination, '/');
-            }
-            $destination = escapeshellarg($destination);
-            $cmd = sprintf('sudo %s config %s %s', escapeshellarg($this->helperScriptPath), $source, $destination);
+            $destination = escapeshellarg($config['destination']);
+            $cmd = sprintf('sudo /etc/raspap/plugins/plugin_helper.sh config %s %s', $source, $destination);
             $return = shell_exec($cmd);
             if (strpos(strtolower($return), 'ok') === false) {
                 throw new \Exception("Failed to copy configuration file: $source to $destination");
@@ -319,25 +260,6 @@ class PluginInstaller
         }
     }
 
-    /**
-     * Copies plugin JavaScript files to their destination
-     *
-     * @param array $javascript
-     * @param string $pluginDir
-     */
-    private function copyJavaScriptFiles(array $javascript, string $pluginDir): void
-    {
-        foreach ($javascript as $js) {
-            $source = escapeshellarg($pluginDir . DIRECTORY_SEPARATOR . $js);
-            $destination = escapeshellarg($this->rootPath . DIRECTORY_SEPARATOR . 'app/js/plugins/');
-            $cmd = sprintf('sudo %s javascript %s %s', escapeshellarg($this->helperScriptPath), $source, $destination);
-            $return = shell_exec($cmd);
-            if (strpos(strtolower($return), 'ok') === false) {
-                throw new \Exception("Failed to copy JavaScript file: $source");
-            }
-        }
-    }
-
     /**
      * Copies an extracted plugin directory from /tmp to /plugins
      *
@@ -348,43 +270,13 @@ class PluginInstaller
     {
         $source = escapeshellarg($source);
         $destination = escapeshellarg($destination . DIRECTORY_SEPARATOR .$this->pluginPath . DIRECTORY_SEPARATOR . $this->pluginName);
-        $cmd = sprintf('sudo %s plugin %s %s', escapeshellarg($this->helperScriptPath), $source, $destination);
+        $cmd = sprintf('sudo /etc/raspap/plugins/plugin_helper.sh plugin %s %s', $source, $destination);
         $return = shell_exec($cmd);
         if (strpos(strtolower($return), 'ok') === false) {
             throw new \Exception('Failed to copy plugin files to: ' . $destination);
         }
     }
 
-    /**
-     * Installs repository keys for third-party apt packages
-     *
-     * @param array $keys Array containing key_url, keyring, repo, and sources
-     * @throws Exception on key installation failure
-     */
-    public function installRepositoryKeys(array $keys): void
-    {
-        if (!is_array($keys)) {
-            throw new \Exception("Invalid repository key structure: array expected");
-        }
-        foreach ($keys as $keyData) {
-            if (!isset($keyData['key_url'], $keyData['keyring'], $keyData['repo'], $keyData['sources'])) {
-                throw new \Exception("Invalid repository key structure: " . json_encode($keyData));
-            }
-            $cmd = sprintf(
-                'sudo %s keys %s %s %s %s',
-                escapeshellarg($this->helperScriptPath),
-                escapeshellarg($keyData['key_url']),
-                escapeshellarg($keyData['keyring']),
-                escapeshellarg($keyData['repo']),
-                escapeshellarg($keyData['sources'])
-            );
-            $return = shell_exec($cmd);
-            if (strpos(strtolower($return), 'ok') === false) {
-                throw new \Exception("Failed to add repository and key");
-            }
-        }
-    }
-
     /**
      * Parses and returns a downloaded plugin manifest
      *
@@ -421,7 +313,6 @@ class PluginInstaller
         try {
             $tempFile = sys_get_temp_dir() . DIRECTORY_SEPARATOR . uniqid('plugin_', true) . '.zip';
             $extractDir = sys_get_temp_dir() . DIRECTORY_SEPARATOR . uniqid('plugin_', true);
-
             $data = @file_get_contents($archiveUrl); // suppress PHP warnings for better exception handling
 
             if ($data === false) {
@@ -490,27 +381,29 @@ class PluginInstaller
         $html .= '</tr></thead><tbody>';
 
         foreach ($plugins as $plugin) {
-            $manifestData = $plugin['manifest'] ?? [];
-            $installed = $plugin['installed'] ?? false;
-            $manifest = htmlspecialchars(json_encode($manifestData), ENT_QUOTES, 'UTF-8');
 
+            $manifestData = $plugin['manifest'][0] ?? []; // Access the first manifest entry or default to an empty array
+
+            $manifest = htmlspecialchars(json_encode($manifestData), ENT_QUOTES, 'UTF-8');
+            $installed = $plugin['installed'];
             if ($installed === true) {
                 $button = '<button type="button" class="btn btn-outline btn-primary btn-sm text-nowrap"
                     name="plugin-details" data-bs-toggle="modal" data-bs-target="#install-user-plugin"
-                    data-plugin-manifest="' .$manifest. '" data-plugin-installed="' .$installed. '">' . _("Installed") .'</button>';
+                    data-plugin-manifest="' .$manifest. '" data-plugin-installed="' .$installed. '"> ' . _("Installed") .'</button>';
             } elseif (!RASPI_MONITOR_ENABLED) {
                 $button = '<button type="button" class="btn btn-outline btn-primary btn-sm text-nowrap"
                     name="install-plugin" data-bs-toggle="modal" data-bs-target="#install-user-plugin"
-                    data-plugin-manifest="' .$manifest. '" data-repo-public="' .$this->repoPublic. '">' . _("Details") .'</button>';
+                    data-plugin-manifest="' .$manifest. '"> ' . _("Details") .'</button>';
             }
 
             $icon = htmlspecialchars($manifestData['icon'] ?? '');
-            $pluginDocs = htmlspecialchars($manifestData['plugin_docs'] ?? '');
+            $pluginUri = htmlspecialchars($manifestData['plugin_uri'] ?? '');
             $nameText = htmlspecialchars($manifestData['name'] ?? 'Unknown Plugin');
-            $name = '<i class="' .$icon. ' link-secondary me-2"></i><a href="'
-                .$pluginDocs
-                .'" target="_blank">'
-                .$nameText. '</a>';
+
+            $name = '<i class="' . $icon . ' link-secondary me-2"></i><a href="'
+                . $pluginUri
+                . '" target="_blank">'
+                . $nameText. '</a>';
 
             $version = htmlspecialchars($manifestData['version'] ?? 'N/A');
             $description = htmlspecialchars($manifestData['description'] ?? 'No description available');
@@ -523,25 +416,6 @@ class PluginInstaller
         $html .= '</tbody></table>';
         return $html;
     }
-
-    /**
-     * Determines remote repository of installed application
-     *
-     * @return boolean; true if public repo
-     */
-    public function getRepository(): bool
-    {
-        $output = [];
-        exec('git -C ' . escapeshellarg($this->rootPath) . ' remote -v', $output);
-
-        foreach ($output as $line) {
-            if (preg_match('#github\.com/RaspAP/(raspap-\w+)#', $line, $matches)) {
-                $repo = $matches[1];
-                $public = ($repo === 'raspap-webgui');
-                return $public;
-            }
-        }
-        return false;
-    }
 }
 
+

src/RaspAP/System/Sysinfo.php

@@ -95,50 +95,48 @@ class Sysinfo
 
     /*
      * Returns RPi Model and PCB Revision from Pi Revision Code (cpuinfo)
-     * @see https://github.com/raspberrypi/documentation/blob/develop/documentation/asciidoc/computers/raspberry-pi/revision-codes.adoc
+     * @see http://www.raspberrypi-spy.co.uk/2012/09/checking-your-raspberry-pi-board-version/
      */
     public function rpiRevision()
     {
         $revisions = array(
-        '0002' => 'Raspberry Pi Model B Rev 1.0',
-        '0003' => 'Raspberry Pi Model B Rev 1.0',
-        '0004' => 'Raspberry Pi Model B Rev 2.0',
-        '0005' => 'Raspberry Pi Model B Rev 2.0',
-        '0006' => 'Raspberry Pi Model B Rev 2.0',
-        '0007' => 'Raspberry Pi Model A',
-        '0008' => 'Raspberry Pi Model A',
-        '0009' => 'Raspberry Pi Model A',
-        '000d' => 'Raspberry Pi Model B Rev 2.0',
-        '000e' => 'Raspberry Pi Model B Rev 2.0',
-        '000f' => 'Raspberry Pi Model B Rev 2.0',
-        '0010' => 'Raspberry Pi Model B+',
-        '0013' => 'Raspberry Pi Model B+',
-        '0011' => 'Compute Module 1',
-        '0012' => 'Raspberry Pi Model A+',
-        'a01041' => 'Raspberry Pi 2 Model B',
-        'a21041' => 'Raspberry Pi 2 Model B',
-        '900092' => 'Raspberry Pi Zero 1.2',
-        '900093' => 'Raspberry Pi Zero 1.3',
-        '9000c1' => 'Raspberry Pi Zero W',
-        'a02082' => 'Raspberry Pi 3 Model B',
-        'a22082' => 'Raspberry Pi 3 Model B',
-        'a32082' => 'Raspberry Pi 3 Model B',
-        'a52082' => 'Raspberry Pi 3 Model B+',
-        '9020e0' => 'Raspberry Pi 3 Model A+',
+        '0002' => 'Model B Revision 1.0',
+        '0003' => 'Model B Revision 1.0 + ECN0001',
+        '0004' => 'Model B Revision 2.0 (256 MB)',
+        '0005' => 'Model B Revision 2.0 (256 MB)',
+        '0006' => 'Model B Revision 2.0 (256 MB)',
+        '0007' => 'Model A',
+        '0008' => 'Model A',
+        '0009' => 'Model A',
+        '000d' => 'Model B Revision 2.0 (512 MB)',
+        '000e' => 'Model B Revision 2.0 (512 MB)',
+        '000f' => 'Model B Revision 2.0 (512 MB)',
+        '0010' => 'Model B+',
+        '0013' => 'Model B+',
+        '0011' => 'Compute Module',
+        '0012' => 'Model A+',
+        'a01041' => 'a01041',
+        'a21041' => 'a21041',
+        '900092' => 'PiZero 1.2',
+        '900093' => 'PiZero 1.3',
+        '9000c1' => 'PiZero W',
+        'a02082' => 'Pi 3 Model B',
+        'a22082' => 'Pi 3 Model B',
+        'a32082' => 'Pi 3 Model B',
+        'a52082' => 'Pi 3 Model B',
+        'a020d3' => 'Pi 3 Model B+',
+        'a220a0' => 'Compute Module 3',
+        'a020a0' => 'Compute Module 3',
         'a02100' => 'Compute Module 3+',
-        'a03111' => 'Raspberry Pi 4 Model B (1 GB)',
-        'b03111' => 'Raspberry Pi 4 Model B (2 GB)',
-        'c03111' => 'Raspberry Pi 4 Model B (4 GB)',
-        'b03112' => 'Raspberry Pi 4 Model B (2 GB)',
-        'c03112' => 'Raspberry Pi 4 Model B (4 GB)',
-        'd03114' => 'Raspberry Pi 4 Model B (8 GB)',
-        '902120' => 'Raspberry Pi Zero 2 W',
+        'a03111' => 'Model 4B Revision 1.1 (1 GB)',
+        'b03111' => 'Model 4B Revision 1.1 (2 GB)',
+        'c03111' => 'Model 4B Revision 1.1 (4 GB)',
         'a03140' => 'Compute Module 4 (1 GB)',
         'b03140' => 'Compute Module 4 (2 GB)',
         'c03140' => 'Compute Module 4 (4 GB)',
         'd03140' => 'Compute Module 4 (8 GB)',
-        'c04170' => 'Raspberry Pi 5 (4 GB)',
-        'd04170' => 'Raspberry Pi 5 (8 GB)'
+        'c04170' => 'Pi 5 (4 GB)',
+        'd04170' => 'Pi 5 (8 GB)'
         );
 
         $cpuinfo_array = '';
@@ -157,48 +155,5 @@ class Sysinfo
             }
         }
     }
-
-    /**
-     * Determines if ad blocking is enabled and active
-     *
-     * @return bool $status
-     */
-    public function adBlockStatus(): bool
-    {
-        exec('cat '. RASPI_ADBLOCK_CONFIG, $return);
-        $arrConf = ParseConfig($return);
-        if (sizeof($arrConf) > 0) {
-            $enabled = true;
-        }
-        exec('pidof dnsmasq | wc -l', $dnsmasq);
-        $dnsmasq_state = ($dnsmasq[0] > 0);
-        $status = $dnsmasq_state && $enabled ? true : false;
-        return $status;
-    }
-
-    /**
-     * Determines if a VPN interface is active
-     *
-     * @return string $interface
-     */
-    public function getActiveVpnInterface(): ?string
-    {
-        $output = shell_exec('ip a 2>/dev/null');
-        if (!$output) {
-            return null;
-        }
-        $vpnInterfaces = ['wg0', 'tun0', 'tailscale0'];
-
-        // interface must have an 'UP' status and an IP address
-        foreach ($vpnInterfaces as $interface) {
-            if (strpos($output, "$interface:") !== false) {
-                if (preg_match("/\d+: $interface: .*<.*UP.*>/", $output) &&
-                    preg_match("/inet\b.*$interface/", $output)) {
-                        return $interface;
-                }
-            }
-        }
-        return null;
-    }
 }
 

src/RaspAP/Tokens/CSRFTokenizer.php

@@ -1,136 +0,0 @@
-<?php
-
-/**
- * CSRF tokenizer class
- *
- * @description CSRF tokenizer class for RaspAP
- * @author      Bill Zimmerman <billzimmerman@gmail.com>
- * @author      Martin Glaß <mail@glasz.org>
- * @license     https://github.com/raspap/raspap-webgui/blob/master/LICENSE
- */
-
-declare(strict_types=1);
-
-namespace RaspAP\Tokens;
-
-class CSRFTokenizer {
-
-    // Constructor
-    public function __construct()
-    {
-        $this->ensureSession();
-
-        // ensure a CSRF token exists in the session
-        if (empty($_SESSION['csrf_token'])) {
-            $this->ensureCSRFSessionToken();
-            header("Location: " .$_SERVER['REQUEST_URI']);
-            exit;
-        }
-
-        if ($this->csrfValidateRequest()) {
-            $token = $_POST['csrf_token'] ?? $_SERVER['HTTP_X_CSRF_TOKEN'] ?? '';
-            if (!$this->CSRFValidate($token)) {
-                $this->handleInvalidCSRFToken();
-            }
-        }
-    }
-
-    /**
-     * Saves a CSRF token in the session
-     */
-    public function ensureCSRFSessionToken(): void
-    {
-        if (empty($_SESSION['csrf_token'])) {
-            $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
-        }
-    }
-
-    /**
-     * Adds a CSRF Token to form
-     */
-    public function CSRFTokenFieldTag(): string
-    {
-        $token = htmlspecialchars($_SESSION['csrf_token']);
-        return '<input type="hidden" name="csrf_token" value="' . $token . '">';
-    }
-
-    /**
-     * Returns a CSRF meta tag (for use with xhr, for example)
-     */
-    public function CSRFMetaTag(): string
-    {
-        // if session has expired or user has logged out,
-        // create a new session and token
-        if (empty($_SESSION['csrf_token'])) {
-            $this->ensureSession();
-            $this->ensureCSRFSessionToken();
-            return $_SESSION['csrf_token'];
-        } else {
-            $token = htmlspecialchars($_SESSION['csrf_token']);
-            return '<meta name="csrf_token" content="' . $token . '">';
-        }
-    }
-
-    /**
-     * Validates a CSRF Token
-     *
-     * @param string $token
-     */
-    public function CSRFValidate(string $token): bool
-    {
-        if (empty($_SESSION['csrf_token']) || !is_string($_SESSION['csrf_token'])) {
-            error_log('Session expired or CSRF token is missing.');
-            header('Location: /login');
-            exit;
-        }
-
-        $post_token = $token ?? null;
-        $header_token = $_SERVER['HTTP_X_CSRF_TOKEN'] ?? null;
-
-        if (empty($post_token) && is_null($header_token)) {
-            error_log('CSRF token missing in the request');
-            return false;
-        }
-        $request_token = $post_token ?: $header_token;
-
-        if (hash_equals($_SESSION['csrf_token'], $request_token)) {
-            return true;
-        } else {
-            error_log('CSRF token mismatch');
-            return false;
-        }
-    }
-
-    /**
-     * Should the request be CSRF-validated?
-     */
-    public function csrfValidateRequest(): bool
-    {
-        $request_method = strtolower($_SERVER['REQUEST_METHOD']);
-        return in_array($request_method, [ "post", "put", "patch", "delete" ]);
-    }
-
-    /**
-     * Handle invalid CSRF
-     */
-    public function handleInvalidCSRFToken(): string
-    {
-        if (function_exists('http_response_code')) { 
-            http_response_code(500);
-            echo 'Invalid CSRF token';
-        } else {
-            header('HTTP/1.1 500 Internal Server Error');
-            header('Content-Type: text/plain');
-            echo 'Invalid CSRF token';
-        }
-        exit;
-    }
-    
-    protected function ensureSession()
-    {
-        if (session_status() == PHP_SESSION_NONE) {
-            session_start();
-        }
-    } 
-}
-

src/RaspAP/UI/Dashboard.php

@@ -1,368 +0,0 @@
-<?php
-
-/**
- * Dashboard UI class
- *
- * @description A class for rendering the RaspAP dashboard
- * @author      Bill Zimmerman <billzimmerman@gmail.com>
- * @license     https://github.com/raspap/raspap-webgui/blob/master/LICENSE
- */
-
-namespace RaspAP\UI;
-
-class Dashboard {
-
-    private string $firewallConfig;
-
-    public function __construct() {
-        $this->firewallConfig = RASPI_CONFIG.'/networking/firewall.conf';
-    }
-
-    /*
-     * Returns the management page for an associated VPN
-     *
-     * @param string $interface
-     * @return string
-     */
-    public function getVpnManaged(?string $interface = null): ?string
-    {
-        switch ($interface) {
-            case 'wg0':
-                return '/wg_conf';
-            case 'tun0':
-                return '/openvpn_conf';
-            case 'tailscale0':
-                return '/plugin__Tailscale';
-            default:
-                return null;
-        }
-    }
-
-    /*
-     * Parses output of iw, extracts frequency (MHz) and classifies
-     * it as 2.4 or 5 GHz. Returns null if not found
-     *
-     * @param string $interface
-     * @return string frequency
-     */
-    public function getFrequencyBand(string $interface): ?string
-    {
-        $output = shell_exec("iw dev " . escapeshellarg($interface) . " info 2>/dev/null");
-        if (!$output) {
-            return null;
-        }
-
-        if (preg_match('/channel\s+\d+\s+\((\d+)\s+MHz\)/', $output, $matches)) {
-            $frequency = (int)$matches[1];
-
-            if ($frequency >= 2400 && $frequency < 2500) {
-                return "2.4";
-            } elseif ($frequency >= 5000 && $frequency < 6000) {
-                return "5";
-            }
-        }
-        return null;
-    }
-
-    /*
-     * Aggregate function that fetches output of ip and calls
-     * functions to parse output into discreet network properties
-     *
-     * @param string $interface
-     * @return array
-     */
-    public function getInterfaceDetails(string $interface): array
-    {
-        $output = shell_exec('ip a show ' . escapeshellarg($interface));
-        if (!$output) {
-            return [
-                'mac' => _('No MAC Address Found'),
-                'ipv4' => 'None',
-                'ipv4_netmask' => '-',
-                'ipv6' => _('No IPv6 Address Found'),
-                'state' => 'unknown'
-            ];
-        }
-        $cleanOutput = preg_replace('/\s\s+/', ' ', implode(' ', explode("\n", $output)));
-
-        return [
-            'mac' => $this->getMacAddress($cleanOutput),
-            'ipv4' => $this->getIPv4Addresses($cleanOutput),
-            'ipv4_netmask' => $this->getIPv4Netmasks($cleanOutput),
-            'ipv6' => $this->getIPv6Addresses($cleanOutput),
-            'state' => $this->getInterfaceState($cleanOutput),
-        ];
-    }
-
-    private function getMacAddress(string $output): string
-    {
-        return preg_match('/link\/ether ([0-9a-f:]+)/i', $output, $matches) ? $matches[1] : _('No MAC Address Found');
-    }
-
-    private function getIPv4Addresses(string $output): string
-    {
-        if (!preg_match_all('/inet (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\/([0-3][0-9])/i', $output, $matches, PREG_SET_ORDER)) {
-            return 'None';
-        }
-
-        $addresses = array_column($matches, 1);
-        return implode(' ', $addresses);
-    }
-
-    private function getIPv4Netmasks(string $output): string
-    {
-        if (!preg_match_all('/inet (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\/([0-3][0-9])/i', $output, $matches, PREG_SET_ORDER)) {
-            return '-';
-        }
-
-        $netmasks = array_map(fn($match) => long2ip(-1 << (32 - (int)$match[2])), $matches);
-        return implode(' ', $netmasks);
-    }
-
-    private function getIPv6Addresses(string $output): string
-    {
-        return preg_match_all('/inet6 ([a-f0-9:]+)/i', $output, $matches) && isset($matches[1])
-            ? implode(' ', $matches[1])
-            : _('No IPv6 Address Found');
-    }
-
-    private function getInterfaceState(string $output): string
-    {
-        return preg_match('/state (UP|DOWN)/i', $output, $matches) ? $matches[1] : 'unknown';
-    }
-
-    public function getWirelessDetails(string $interface): array
-    {
-        $output = shell_exec('iw dev ' . escapeshellarg($interface) . ' info');
-        if (!$output) {
-            return ['bssid' => '-', 'ssid' => '-'];
-        }
-        $cleanOutput = preg_replace('/\s\s+/', ' ', trim($output)); // Fix here
-
-        return [
-            'bssid' => $this->getConnectedBSSID($cleanOutput),
-            'ssid' => $this->getSSID($cleanOutput),
-        ];
-    }
-
-    private function getConnectedBSSID(string $output): string
-    {
-        return preg_match('/Connected to (([0-9A-Fa-f]{2}:){5}([0-9A-Fa-f]{2}))/i', $output, $matches)
-            ? $matches[1]
-            : '-';
-    }
-
-    private function getSSID(string $output): string
-    {
-        return preg_match('/ssid ([^\n\s]+)/i', $output, $matches)
-            ? $matches[1]
-            : '-';
-    }
-
-    /*
-     * Parses the output of iw to obtain a list of wireless clients
-     *
-     * @return integer $clientCount
-     */
-    public function getWirelessClients()
-    {
-        exec('iw dev wlan0 station dump', $output, $status);
-
-        if ($status !== 0) {
-            return 0;
-        }
-        // enumerate 'station' entries (each represents a wireless client)
-        $clientCount = 0;
-        foreach ($output as $line) {
-            if (strpos($line, 'Station') === 0) {
-                $clientCount++;
-            }
-        }
-        return $clientCount;
-    }
-
-    /*
-     * Retrieves ethernet neighbors from ARP cache, parses DHCP leases 
-     * to find matching MAC addresses and returns only clients that
-     * exist in both sources
-     *
-     * @return int $ethernetClients
-     */
-    public function getEthernetClients(): int
-    {
-        $ethernetClients = [];
-
-        // Get ARP table entries and filter ethernet clients
-        $arpOutput = shell_exec("ip neigh show");
-        if ($arpOutput) {
-            foreach (explode("\n", trim($arpOutput)) as $line) {
-                /* match both traditional interface names (eth0...n) and predictable names like
-                 * enp3s0 (PCI ethernet)
-                 * eno1 (onboard ethernet)
-                 * ens160, etc.
-                 * ...ignoring STALE entries
-                 */
-                if (preg_match('/^(\S+) dev (eth[0-9]+|en\w+) lladdr (\S+) (REACHABLE|DELAY|PROBE)/', $line, $matches)) {
-                    $ethernetClients[$matches[3]] = $matches[1]; // MAC => IP
-                }
-            }
-        }
-
-        // compare against active DHCP leases
-        $leaseFile = RASPI_DNSMASQ_LEASES;
-        if (file_exists($leaseFile)) {
-            $leases = file($leaseFile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
-            $activeLeases = [];
-            foreach ($leases as $lease) {
-                $fields = preg_split('/\s+/', $lease);
-                if (count($fields) >= 3) {
-                    $activeLeases[$fields[1]] = true; // MAC as key
-                }
-            }
-            // keep only clients that exist in the DHCP lease file
-            $ethernetClients = array_intersect_key($ethernetClients, $activeLeases);
-        }
-        return count($ethernetClients);
-    }
-
-    public function formatClientLabel($clientCount)
-    {
-        return ngettext('client', 'clients', $clientCount);
-    }
-
-    /*
-     * Determines the device's primary connection type by
-     * parsing the output of ip route; the interface listed
-     * as the default gateway is used for internet connectivity.
-     * 
-     * The following interface classifications are matched:
-     * - ethernet (eth0, enp*, ens*, enx*)
-     * - wireless (wlan*, wlp*, wlx*)
-     * - tethered USB (usb*, eth1-9)
-     * - cellular (ppp*, wwan*, wwp*)
-     * - fallback
-     * @return string
-     */ 
-    public function getConnectionType(): string
-    {
-        // get the interface associated with the default route
-        $interface = trim(shell_exec("ip route show default | awk '{print $5}'"));
-
-        if (empty($interface)) {
-            return 'unknown';
-        }
-        // classify interface type
-        if (preg_match('/^eth0|enp\d+s\d+|ens\d+s\d+|enx[0-9a-f]*/', $interface)) {
-            return 'ethernet';
-        }
-        if (preg_match('/^wlan\d+|wlp\d+s\d+|wlx[0-9a-f]*/', $interface)) {
-            return 'wireless';
-        }
-        if (preg_match('/^usb\d+|^eth[1-9]\d*/', $interface)) {
-            return 'tethering';
-        }
-        if (preg_match('/^ppp\d+|wwan\d+|wwp\d+s\d+/', $interface)) {
-            return 'cellular';
-        }
-
-        // if none match, return the interface name as a fallback
-        return "other ($interface)";
-    }
-
-    /**
-     * Returns a fontawesome icon associated with a connection
-     * type/class
-     *
-     * @param $type
-     * @return string
-     */
-    public function getConnectionIcon($type): string
-    {
-        switch (strtolower($type)) {
-            case 'ethernet':
-                return 'fa-ethernet';
-            case 'wireless':
-                return 'fa-wifi';
-            case 'tethering':
-                return 'fa-mobile-alt';
-            case 'cellular':
-                return 'fa-broadcast-tower';
-            default:
-                return 'fa-question-circle'; // unknown
-        }
-    }
-
-    /**
-     * Retrieves the firewall's current status
-     *
-     * @return bool status
-     */
-    public function firewallEnabled(): bool
-    {
-        $conf = array();
-        if (file_exists($this->firewallConfig) ) {
-            $conf = parse_ini_file($this->firewallConfig);
-        }
-        if ($conf["firewall-enable"] == 1) {
-            return true;
-        }
-        return false;
-    }
-
-    /*
-     * Returns an SVG resource associated with a Pi revision
-     *
-     * @param string $deviceName
-     * @return string
-     */
-    public function getDeviceImage($deviceName): string
-    {
-        if (stripos($deviceName, 'zero') !== false) {
-            return 'zero.php';
-        }
-        if (stripos($deviceName, 'compute') !== false) {
-            return 'compute.php';
-        }
-        return 'default.php';
-    }
-
-    /**
-     * Handles dashboard page actions
-     *
-     * @param string $state
-     * @param array $post
-     * @param object $status
-     * @param string $interface
-     */
-    public function handlePageAction(string $state, array $post, $status, string $interface): object
-    {
-        if (!RASPI_MONITOR_ENABLED) {
-            if (isset($post['ifdown_wlan0'])) {
-                if ($state === 'up') {
-                    $status->addMessage(sprintf(_('Interface %s is going %s'), $interface, _('down')), 'warning');
-                    exec('sudo ip link set ' .escapeshellarg($interface). ' down');
-                    $status->addMessage(sprintf(_('Interface %s is %s'), $interface, _('down')), 'success');
-                } elseif ($details['state'] === 'unknown') {
-                    $status->addMessage(_('Interface state unknown'), 'danger');
-                } else {
-                    $status->addMessage(sprintf(_('Interface %s is already %s'), $interface, _('down')), 'warning');
-                }
-            } elseif (isset($post['ifup_wlan0'])) {
-                if ($state === 'down') {
-                    $status->addMessage(sprintf(_('Interface %s is going %s'), $interface, _('up')), 'warning');
-                    exec('sudo ip link set ' .escapeshellarg($interface). ' up');
-                    exec('sudo ip -s a f label ' .escapeshellarg($interface));
-                    usleep(250000);
-                    $status->addMessage(sprintf(_('Interface %s is %s'), $interface, _('up')), 'success');
-                } elseif ($state === 'unknown') {
-                    $status->addMessage(_('Interface state unknown'), 'danger');
-                } else {
-                    $status->addMessage(sprintf(_('Interface %s is already %s'), $interface, _('up')), 'warning');
-                }
-            }
-            return $status;
-        }
-    }
-
-}
-

src/RaspAP/UI/Sidebar.php

@@ -16,7 +16,7 @@ class Sidebar {
     public function __construct() {
         // Load default sidebar items
         $this->addItem(_('Dashboard'), 'fa-solid fa-gauge-high', 'wlan0_info', 10);
-        $this->addItem(_('Hotspot'), 'fas fa-bullseye', 'hostapd_conf', 20,
+        $this->addItem(_('Hotspot'), 'far fa-dot-circle', 'hostapd_conf', 20,
             fn() => RASPI_HOTSPOT_ENABLED
         );
         $this->addItem(_('DHCP Server'), 'fas fa-exchange-alt', 'dhcpd_conf', 30,
@@ -39,6 +39,9 @@ class Sidebar {
         );
         $this->addItem(_(getProviderValue($_SESSION["providerID"], "name")), 'fas fa-shield-alt', 'provider_conf', 90,
             fn() => RASPI_VPN_PROVIDER_ENABLED
+        );
+         $this->addItem(_('Authentication'), 'fas fa-user-lock', 'auth_conf', 100,
+            fn() => RASPI_CONFAUTH_ENABLED
         );
         $this->addItem(_('Data usage'), 'fas fa-chart-area', 'data_use', 110,
             fn() => RASPI_VNSTAT_ENABLED

templates/about.php

@@ -69,7 +69,7 @@ require_once 'app/lib/Parsedown.php';
       </div>
       <div class="modal-body">
         <div class="col-md-12 mb-3 mt-1" id="msg-check-update"><?php echo _("Application is being updated..."); ?></div>
-        <div class="ms-5"><i class="fas fa-check me-2" id="updateStep1"></i><?php echo _("Configuring update"); ?></div>
+        <div class="ms-5"><i class="fas fa-check me-2 invisible" id="updateStep1"></i><?php echo _("Configuring update"); ?></div>
         <div class="ms-5"><i class="fas fa-check me-2 invisible" id="updateStep2"></i><?php echo _("Updating sources"); ?></div>
         <div class="ms-5"><i class="fas fa-check me-2 invisible" id="updateStep3"></i><?php echo _("Installing package updates"); ?></div>
         <div class="ms-5"><i class="fas fa-check me-2 invisible" id="updateStep4"></i><?php echo _("Downloading latest files"); ?></div>

templates/adblock.php

@@ -28,7 +28,7 @@
         <div class="card-body">
         <?php $status->showMessages(); ?>
           <form role="form" action="adblock_conf" enctype="multipart/form-data" method="POST">
-            <?php echo \RaspAP\Tokens\CSRF::hiddenField();?>
+            <?php echo CSRFTokenFieldTag() ?>
             <!-- Nav tabs -->
             <ul class="nav nav-tabs">
                 <li class="nav-item"><a class="nav-link active" id="blocklisttab" href="#adblocklistsettings" data-bs-toggle="tab"><?php echo _("Blocklist settings"); ?></a></li>

templates/admin.php

@@ -1,17 +1,10 @@
-<?php ob_start() ?>
-  <?php if (!RASPI_MONITOR_ENABLED) : ?>
-    <input type="submit" class="btn btn-outline btn-primary" name="UpdateAdminPassword" value="<?php echo _("Save settings"); ?>" />
-    <input type="submit" class="btn btn-warning" name="logout" value="<?php echo _("Logout") ?>" onclick="disableValidation(this.form)"/>
-  <?php endif ?>
-<?php $buttons = ob_get_clean(); ob_end_clean() ?>
-
 <div class="row">
   <div class="col-lg-12">
     <div class="card">
       <div class="card-header">
         <div class="row">
-	      <div class="col">
-            <i class="fas fa-user-lock me-2"></i><?php echo _("Authentication"); ?>
+	        <div class="col">
+						<i class="fas fa-user-lock me-2"></i><?php echo _("Authentication"); ?>
           </div>
         </div><!-- /.row -->
       </div><!-- /.card-header -->
@@ -19,7 +12,7 @@
         <?php $status->showMessages(); ?>
         <h4><?php echo _("Authentication settings") ;?></h4>
         <form role="form" action="auth_conf" method="POST" class="needs-validation" novalidate>
-            <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+            <?php echo CSRFTokenFieldTag() ?>
           <div class="row">
             <div class="mb-3 col-md-6">
               <label for="username"><?php echo _("Username"); ?></label>
@@ -65,7 +58,7 @@
               </div>
             </div>
           </div>
-          <?php echo $buttons ?>
+          <input type="submit" class="btn btn-outline btn-primary" name="UpdateAdminPassword" value="<?php echo _("Save settings"); ?>" />
         </form>
       </div><!-- /.card-body -->
       <div class="card-footer"></div>

templates/configure_client.php

@@ -27,7 +27,7 @@
         <div class="row" id="wpaConf">
           <div class="col">
             <form method="POST" action="wpa_conf" name="wpa_conf_form">
-              <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+              <?php echo CSRFTokenFieldTag() ?>
               <input type="hidden" name="client_settings" ?>
               <div class="js-wifi-stations loading-spinner"></div>
             </form>

templates/dashboard.php

@@ -1,56 +1,149 @@
-<?php ob_start() ?>
-  <?php if (!RASPI_MONITOR_ENABLED) : ?>
-    <?php if ($state === "down") : ?>
-      <input type="submit" class="btn btn-success mt-2" value="<?php echo _("Start").' '.$interface ?>" name="ifup_wlan0" />
-    <?php else : ?>
-      <input type="submit" class="btn btn-warning mt-2" value="<?php echo _("Stop").' '.$interface ?>"  name="ifdown_wlan0" />
-    <?php endif ?>
-  <?php endif ?>
-  <button type="button" onClick="window.location.reload();" class="btn btn-outline btn-primary mt-2"><i class="fas fa-sync-alt"></i> <?php echo _("Refresh") ?></a>
-<?php $buttons = ob_get_clean(); ob_end_clean() ?>
-
 <div class="row">
   <div class="col-lg-12">
     <div class="card">
       <div class="card-header">
         <div class="row">
-          <div class="col">
-            <i class="fas fa-tachometer-alt fa-fw me-2"></i>
-            <?php echo _("Dashboard"); ?>
-          </div>
-          <div class="col">
-            <button class="btn btn-light btn-icon-split btn-sm service-status float-end">
-              <span class="icon"><i class="fas fa-circle service-status-<?php echo $state ?>"></i></span>
-              <span class="text service-status"><?php echo strtolower($interface) .' '. _($state) ?></span>
-            </button>
-          </div>
+    <div class="col">
+      <i class="fas fa-tachometer-alt fa-fw me-2"></i><?php echo _("Dashboard"); ?>
+    </div>
+    <div class="col">
+      <button class="btn btn-light btn-icon-split btn-sm service-status float-end">
+        <span class="icon"><i class="fas fa-circle service-status-<?php echo $ifaceStatus ?>"></i></span>
+        <span class="text service-status"><?php echo strtolower($apInterface) .' '. _($ifaceStatus) ?></span>
+      </button>
+    </div>
         </div><!-- /.row -->
       </div><!-- /.card-header -->
 
       <div class="card-body">
-        <?php $status->showMessages(); ?>
-        <form action="wlan0_info" method="POST">
-          <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+        <div class="row">
 
-          <!-- Nav tabs -->
-          <ul class="nav nav-tabs">
-            <li class="nav-item"><a class="nav-link active" id="statustab" href="#status" aria-controls="status" data-bs-toggle="tab"><?php echo _("Status"); ?></a></li>
-            <li class="nav-item"><a class="nav-link" id="datatab" href="#data" data-bs-toggle="tab"><?php echo _("Data usage"); ?></a></li>
-          </ul>
+          <div class="col-lg-12">
+            <div class="card mb-3">
+              <div class="card-body">
+                <h4 class="card-title"><?php echo _("Hourly traffic amount"); ?></h4>
+                <div id="divInterface" class="d-none"><?php echo $apInterface; ?></div>
+                <div class="col-md-12">
+                  <div class="col dbChart">
+                    <canvas id="divDBChartBandwidthhourly"></canvas>
+                  </div>
+                </div>
+              </div><!-- /.card-body -->
+            </div><!-- /.card-->
+          </div>
 
-          <!-- Tab panes -->
-          <div class="tab-content">
-            <?php echo renderTemplate("dashboard/status", $__template_data) ?>
-            <?php echo renderTemplate("dashboard/data", $__template_data) ?>
-          </div><!-- /.tab-content -->
+          <div class="col-sm-6 align-items-stretch">
+            <div class="card h-100">
+              <div class="card-body wireless">
+                <h4 class="card-title"><?php echo _("Wireless Client"); ?></h4>
+                <div class="row ms-1">
+                  <div class="col-sm">
+                    <div class="row mb-1">
+                      <div class="info-item col"><?php echo _("Connected To"); ?></div><div class="info-value col"><?php echo htmlspecialchars($connectedSSID, ENT_QUOTES); ?></div>
+                    </div>
+                    <div class="row mb-1">
+                      <div class="info-item col"><?php echo _("Interface"); ?></div><div class="info-value col"><?php echo htmlspecialchars($clientInterface); ?></div>
+                    </div>
+                    <div class="row mb-1">
+                      <div class="info-item col"><?php echo _("AP Mac Address"); ?></div><div class="info-value col"><?php echo htmlspecialchars($connectedBSSID, ENT_QUOTES); ?></div>
+                    </div>
+                    <div class="row mb-1">
+                      <div class="info-item col"><?php echo _("Bitrate"); ?></div><div class="info-value col"><?php echo htmlspecialchars($bitrate, ENT_QUOTES); ?></div>
+                    </div>
+                    <div class="row mb-1">
+                      <div class="info-item col"><?php echo _("Signal Level"); ?></div><div class="info-value col"><?php echo htmlspecialchars($signalLevel, ENT_QUOTES); ?></div>
+                    </div>
+                    <div class="row mb-1">
+                      <div class="info-item col"><?php echo _("Transmit Power"); ?></div><div class="info-value col"><?php echo htmlspecialchars($txPower, ENT_QUOTES); ?></div>
+                    </div>
+                    <div class="row mb-1">
+                      <div class="info-item col"><?php echo _("Frequency"); ?></div><div class="info-value col"><?php echo htmlspecialchars($frequency, ENT_QUOTES); ?></div>
+                    </div>
+                  </div>
+                  <div class="col-md d-flex">
+                    <script>var linkQ = <?php echo json_encode($strLinkQuality); ?>;</script>
+                    <div class="chart-container">
+                      <canvas id="divChartLinkQ"></canvas>
+                    </div>
+                  </div>
+                </div><!--row-->
+              </div><!-- /.card-body -->
+            </div><!-- /.card -->
+          </div><!-- /.col-md-6 -->
+          <div class="col-sm-6">
+            <div class="card h-100 mb-3">
+              <div class="card-body">
+                <h4 class="card-title"><?php echo _("Connected Devices"); ?></h4>
+                <div class="table-responsive">
+                  <table class="table table-hover">
+                    <thead>
+                      <tr>
+                        <?php if ($bridgedEnable == 1) : ?>
+                          <th><?php echo _("MAC Address"); ?></th>
+                        <?php else : ?>
+                          <th><?php echo _("Host name"); ?></th>
+                          <th><?php echo _("IP Address"); ?></th>
+                          <th><?php echo _("MAC Address"); ?></th>
+                        <?php endif; ?>
+                      </tr>
+                    </thead>
+                    <tbody>
+                        <?php if ($bridgedEnable == 1) : ?>
+                          <tr>
+                            <td><small class="text-muted"><?php echo _("Bridged AP mode is enabled. For Hostname and IP, see your router's admin page.");?></small></td>
+                          </tr>
+                        <?php endif; ?>
+                        <?php foreach (array_slice($clients,0, 2) as $client) : ?>
+                        <tr>
+                          <?php if ($arrHostapdConf['BridgedEnable'] == 1): ?>
+                            <td><?php echo htmlspecialchars($client, ENT_QUOTES) ?></td>
+                          <?php else : ?>
+                            <?php $props = explode(' ', $client) ?>
+                            <td><?php echo htmlspecialchars($props[3], ENT_QUOTES) ?></td>
+                            <td><?php echo htmlspecialchars($props[2], ENT_QUOTES) ?></td>
+                            <td><?php echo htmlspecialchars($props[1], ENT_QUOTES) ?></td>
+                          <?php endif; ?>
+                        </tr>
+                        <?php endforeach ?>
+                    </tbody>
+                  </table>
+                  <?php if (sizeof($clients) >2) : ?>
+                      <div class="col-lg-12 float-end">
+                        <a class="btn btn-outline-info" role="button" href="<?php echo $moreLink ?>"><?php echo _("More");?>  <i class="fas fa-chevron-right"></i></a>
+                      </div>
+                  <?php elseif (sizeof($clients) ==0) : ?>
+                      <div class="col-lg-12 mt-3"><?php echo _("No connected devices");?></div>
+                  <?php endif; ?>
+                </div><!-- /.table-responsive -->
+              </div><!-- /.card-body -->
+            </div><!-- /.card -->
+          </div><!-- /.col-md-6 -->
+        </div><!-- /.row -->
+
+        <div class="col-lg-12 mt-3">
+          <div class="row">
+            <form action="wlan0_info" method="POST">
+                <?php echo CSRFTokenFieldTag() ?>
+                <?php if (!RASPI_MONITOR_ENABLED) : ?>
+                    <?php if (!$wlan0up) : ?>
+                    <input type="submit" class="btn btn-success" value="<?php echo _("Start").' '.$apInterface ?>" name="ifup_wlan0" />
+                    <?php else : ?>
+                    <input type="submit" class="btn btn-warning" value="<?php echo _("Stop").' '.$apInterface ?>"  name="ifdown_wlan0" />
+                    <?php endif ?>
+                <?php endif ?>
+              <button type="button" onClick="window.location.reload();" class="btn btn-outline btn-primary"><i class="fas fa-sync-alt"></i> <?php echo _("Refresh") ?></a>
+            </form>
+          </div>
+        </div>
 
-          <?php echo $buttons ?>
-        </form>
       </div><!-- /.card-body -->
-
-      <div class="card-footer"><?php echo _("Information provided by raspap.sysinfo"); ?></div>
-
+      <div class="card-footer"><?php echo _("Information provided by ip and iw and from system"); ?></div>
     </div><!-- /.card -->
   </div><!-- /.col-lg-12 -->
 </div><!-- /.row -->
-
+<script type="text/javascript"<?php //echo ' nonce="'.$csp_page_nonce.'"'; ?>>
+// js translations:
+var t = new Array();
+t['send'] = '<?php echo addslashes(_('Send')); ?>';
+t['receive'] = '<?php echo addslashes(_('Receive')); ?>';
+</script>

templates/dashboard/data.php

@@ -1,19 +0,0 @@
-<div class="tab-pane" id="data">
-  <h4 class="card-title mt-3">
-    <?php echo _("Hourly traffic"); ?>
-  </h4>
-
-  <div class="col-md-12">
-    <div class="col dbChart">
-      <canvas id="divDBChartBandwidthhourly"></canvas>
-    </div>
-  </div>
-
-</div><!-- /.tab-pane | data tab -->
-
-<script type="text/javascript"<?php //echo ' nonce="'.$csp_page_nonce.'"'; ?>>
-  // js translations:
-  var t = new Array();
-  t['send'] = '<?php echo addslashes(_('Send')); ?>';
-  t['receive'] = '<?php echo addslashes(_('Receive')); ?>';
-</script>

templates/dashboard/status.php

@@ -1,123 +0,0 @@
-<div class="tab-pane active" id="status">
-  <h4 class="card-title mt-3">
-    <?php echo _("Current status"); ?>
-  </h4>
-  <div class="dashboard-container row">
-    <div class="connections-left col-lg-4">
-      <div class="connection-item">
-        <a href="/network_conf" class="<?php echo $ethernetActive; ?>"><span><?php echo _("Ethernet"); ?></span></a>
-        <a href="/network_conf" class="<?php echo $ethernetActive; ?>"><i class="fas fa-ethernet fa-2xl"></i></a>
-      </div>
-      <div class="connection-item">
-        <a href="/network_conf" class="<?php echo $wirelessActive; ?>"><span><?php echo _("Repeater"); ?></span>
-        <a href="/network_conf" class="<?php echo $wirelessActive; ?>"><i class="fas fa-wifi fa-2xl"></i></a>
-      </div>
-      <div class="connection-item">
-        <a href="/network_conf" class="<?php echo $tetheringActive; ?>"><span><?php echo _("Tethering"); ?></span></a>
-        <a href="/network_conf" class="<?php echo $tetheringActive; ?>"><i class="fas fa-mobile-alt fa-2xl"></i></a>
-      </div>
-      <div class="connection-item">
-        <a href="/network_conf" class="<?php echo $cellularActive; ?>"><span><?php echo _("Cellular"); ?></span></a>
-        <a href="/network_conf" class="<?php echo $cellularActive; ?>"><i class="fas fa-broadcast-tower fa-2xl"></i></a>
-      </div>
-      <img src="app/img/dashed.svg" class="dashed-lines" alt="">
-      <img src="<?php echo htmlspecialchars(renderConnection($connectionType)); ?>" class="solid-lines" alt="Network connection">
-    </div>
-    <div class="center-device col-12 col-lg-4">
-      <div class="center-device-top">
-        <a href="/system_info"><img class="device-illustration" src="app/img/devices/<?php echo $deviceImage; ?>" alt="<?php echo htmlspecialchars($revision, ENT_QUOTES); ?>"></a>
-        <div class="device-label"><a href="/system_info"><?php echo htmlspecialchars($revision, ENT_QUOTES); ?></a></div>
-        <div class="mt-1 small"><?php echo _("IP Address"); ?>: <a href="/dhcpd_conf"><?php echo htmlspecialchars($ipv4Address, ENT_QUOTES); ?></a></div>
-        <div class="small"><?php echo _("Netmask"); ?>: <a href="/dhcpd_conf"><?php echo htmlspecialchars($ipv4Netmask, ENT_QUOTES); ?></a></div>
-        <div class="small"><?php echo _("MAC Address"); ?>: <a href="/dhcpd_conf"><?php echo htmlspecialchars($macAddress, ENT_QUOTES); ?></a></div>
-        <div class="small"><?php echo _("SSID"); ?>: <a href="/hostapd_conf"><?php echo htmlspecialchars($ssid, ENT_QUOTES); ?></a></div>
-      </div>
-
-      <div class="bottom">
-        <div class="device-status">
-          <a href="/hostapd_conf">
-            <div class="status-item <?php echo $hostapdStatus; ?>">
-              <i class="fas fa-bullseye fa-2xl"></i>
-              <span><?php echo _('AP'); ?></span>
-            </div>
-          </a>
-          <a href="/hostapd_conf?tab=advanced">
-            <div class="status-item <?php echo $bridgedStatus; ?>">
-              <i class="fas fa-bridge fa-2xl"></i>
-              <span><?php echo _('Bridged'); ?></span>
-            </div>
-          </a>
-          <a href="/adblock_conf">
-            <div class="status-item <?php echo $adblockStatus; ?>">
-              <i class="far fa-hand-paper fa-2xl"></i>
-              <span><?php echo _('Adblock'); ?></span>
-            </div>
-          </a>
-          <a href="<?php echo $vpnManaged; ?>">
-            <div class="status-item <?php echo $vpnStatus; ?>">
-              <i class="fas fa-shield-alt fa-2xl"></i>
-              <span><?php echo _('VPN'); ?></span>
-            </div>
-          </a>
-          <?php echo $firewallManaged; ?>
-            <div class="status-item <?php echo $firewallStatus; ?>">
-              <span class="fa-stack fa-2xl" style="line-height: 0!important;height: 100%!important;">
-                <i class="fas fa-fire-flame-curved fa-stack-1x"></i>
-                <?php echo $firewallUnavailable; ?>
-              </span>
-              <span><?php echo _('Firewall'); ?></span>
-            </div>
-          </a>
-        </div>
-
-        <div class="wifi-bands">
-          <a href="/hostapd_conf"><span class="band <?php echo $freq5active; ?>"><?php echo _("5G"); ?></span></a>
-          <a href="/hostapd_conf"><span class="band <?php echo $freq24active; ?>"><?php echo _("2.4G"); ?></span></a>
-        </div>
-      </div>
-
-      <div class="clients-mobile">
-        <div class="client-type">
-          <a href="/network_conf">
-            <i class="fas fa-globe"></i>
-            <div class="client-count">
-              <i class="fas <?php echo $connectionIcon; ?> badge-icon"></i>
-            </div>
-          </a>
-        </div>
-        <div class="client-type">
-          <a href="/dhcpd_conf">
-            <i class="fas fa-laptop <?php echo $totalClientsActive; ?>"></i>
-            <span class="client-count"><?php echo $totalClients; ?></span>
-          </a>
-        </div>
-      </div>
-    </div>
-
-    <div class="connections-right col-lg-4">
-      <div class="d-flex flex-column justify-content-around h-100">
-        <div class="connection-item connection-right">
-          <a href="/dhcpd_conf" class="<?php echo $wirelessClientActive; ?>">
-            <span class="fa-stack">
-              <i class="fas fa-laptop fa-stack-1x fa-2xl"></i>
-              <i class="fas fa-wifi fa-stack-1x fa-xs"></i>
-            </span>
-          </a>
-          <a href="/dhcpd_conf"><span class="text-nowrap <?php echo $wirelessClientActive; ?>"><?php echo $wirelessClientLabel; ?></span></a>
-        </div>
-        <div class="connection-item connection-right">
-          <a href="/dhcpd_conf" class="<?php echo $ethernetClientActive; ?>">
-            <span class="fa-stack">
-              <i class="fas fa-laptop fa-stack-1x fa-2xl"></i>
-              <i class="fas fa-ethernet fa-stack-1x fa-xs"></i>
-            </span>
-          </a>
-          <a href="/dhcpd_conf"><span class="text-nowrap <?php echo $ethernetClientActive; ?>"><?php echo $ethernetClientLabel; ?></span></a>
-        </div>
-      </div>
-      <?php echo renderClientConnections($wirelessClients, $ethernetClients); ?>
-      <img src="app/img/right-dashed.svg" class="dashed-lines dashed-lines-right" alt="">
-    </div>
-  </div>
-</div><!-- /.tab-pane | status tab -->
-

templates/dhcp.php

@@ -30,7 +30,7 @@
       <div class="card-body">
         <?php $status->showMessages(); ?>
         <form method="POST" action="dhcpd_conf" class="js-dhcp-settings-form needs-validation" novalidate>
-          <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+          <?php echo CSRFTokenFieldTag() ?>
 
           <!-- Nav tabs -->
           <ul class="nav nav-tabs mb-3">

templates/dhcp/clients.php

@@ -20,17 +20,11 @@
               <tbody>
                 <?php foreach ($leases as $lease) : ?>
                 <tr>
-                    <?php
-                    $props = explode(' ', $lease);
-                    if (!empty($props)) {
-                        $props[0] = date('Y-m-d H:i:s', (int)$props[0]);
-                    }
-                    ?>
-                    <?php foreach ($props as $prop) : ?>
-                        <td><?php echo htmlspecialchars($prop, ENT_QUOTES) ?></td>
-                    <?php endforeach ?>
+                  <?php foreach (explode(' ', $lease) as $prop) : ?>
+                  <td><?php echo htmlspecialchars($prop, ENT_QUOTES) ?></td>
+                  <?php endforeach ?>
                 </tr>
-            <?php endforeach ?>
+                <?php endforeach ?>
               </tbody>
             </table>
           </div><!-- /.table-responsive -->

templates/hostapd.php

@@ -36,7 +36,7 @@
       <div class="card-header">
         <div class="row">
           <div class="col">
-            <i class="fas fa-bullseye me-2"></i><?php echo _("Hotspot"); ?>
+            <i class="far fa-dot-circle me-2"></i><?php echo _("Hotspot"); ?>
           </div>
           <div class="col">
             <button class="btn btn-light btn-icon-split btn-sm service-status float-end">
@@ -50,7 +50,7 @@
       <div class="card-body">
         <?php $status->showMessages(); ?>
         <form role="form" action="hostapd_conf" method="POST" class="needs-validation" novalidate>
-          <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+          <?php echo CSRFTokenFieldTag() ?>
 
           <!-- Nav tabs -->
           <ul class="nav nav-tabs">

templates/login.php

@@ -15,7 +15,7 @@
             </div>
             <div class="text-center mb-4">
               <form id="admin-login-form" action="login" method="POST" class="needs-validation" novalidate>
-              <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+              <?php echo CSRFTokenFieldTag() ?>
                 <div class="form-group">
                   <input type="hidden" name="login-auth">
                   <input type="hidden" id="redirect-url" name="redirect-url" value="<?php echo htmlspecialchars($redirectUrl, ENT_QUOTES, 'UTF-8'); ?>">
@@ -32,7 +32,6 @@
                 </div>
                 <button type="submit" class="btn btn-outline btn-admin-login rounded-pill w-75 mt-4"><?php echo _("Login") ?></button>
                 <div class="small mt-2"><a href="https://docs.raspap.com/authentication/#restoring-defaults" target="_blank"><?php echo _("Forgot password") ?></a></div>
-                <img src="app/img/uri-qr-code.php?uri=https://docs.raspap.com/authentication/" class="figure-img img-fluid mt-2" alt="RaspAP docs" style="width:75px;">
               </form>
             </div>
           </div><!-- /.col -->

templates/openvpn.php

@@ -29,7 +29,7 @@
         <div class="card-body">
         <?php $status->showMessages(); ?>
           <form role="form" action="openvpn_conf" enctype="multipart/form-data" method="POST">
-            <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+            <?php echo CSRFTokenFieldTag() ?>
             <!-- Nav tabs -->
             <ul class="nav nav-tabs">
                 <li class="nav-item"><a class="nav-link active" id="clienttab" href="#openvpnclient" data-bs-toggle="tab"><?php echo _("Client settings"); ?></a></li>

templates/provider.php

@@ -28,7 +28,7 @@
         <div class="card-body">
         <?php $status->showMessages(); ?>
           <form role="form" action="provider_conf" enctype="multipart/form-data" method="POST">
-            <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+            <?php echo CSRFTokenFieldTag() ?>
             <!-- Nav tabs -->
             <ul class="nav nav-tabs">
                 <li class="nav-item"><a class="nav-link active" id="clienttab" href="#providerclient" data-bs-toggle="tab"><?php echo _("Settings"); ?></a></li>

templates/restapi.php

@@ -28,7 +28,7 @@
         <div class="card-body">
         <?php $status->showMessages(); ?>
           <form role="form" action="restapi_conf" method="POST" class="needs-validation" novalidate>
-            <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+            <?php echo CSRFTokenFieldTag() ?>
             <!-- Nav tabs -->
             <ul class="nav nav-tabs">
                 <li class="nav-item"><a class="nav-link active" id="restapisettingstab" href="#restapisettings" data-bs-toggle="tab"><?php echo _("Settings"); ?></a></li>

templates/system.php

@@ -11,7 +11,7 @@
       <div class="card-body">
         <?php $status->showMessages(); ?>
         <form role="form" action="system_info" method="POST">
-        <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+        <?php echo CSRFTokenFieldTag() ?>
         <ul class="nav nav-tabs" role="tablist">
           <li role="presentation" class="nav-item"><a class="nav-link active" id="basictab" href="#basic" aria-controls="basic" role="tab" data-bs-toggle="tab"><?php echo _("Basic"); ?></a></li>
           <li role="presentation" class="nav-item"><a class="nav-link" id="languagetab" href="#language" aria-controls="language" role="tab" data-bs-toggle="tab"><?php echo _("Language"); ?></a></li>
@@ -121,14 +121,13 @@
       <div class="modal-body">
 
         <i id="plugin-icon" class="fas fa-plug link-secondary me-2"></i><span id="plugin-name" class="h4 mb-0"></span>
-        <p id="plugin-description" class="mb-1"></p>
-        <p id="plugin-additional" class="mb-3"></p>
+        <p id="plugin-description" class="mb-3"></p>
 
         <table class="table table-bordered">
           <tbody>
             <tr>
-              <th><?php echo _("Plugin docs"); ?></th>
-              <td><span id="plugin-docs"></span></td>
+              <th><?php echo _("Plugin source"); ?></th>
+              <td><span id="plugin-uri"></span></td>
             </tr>
             <tr>
               <th><?php echo _("Version"); ?></th>
@@ -151,18 +150,10 @@
               <td><small><code><span id="plugin-configuration" class="mb-0"></span></code></small></td>
               </td>
             </tr>
-            <tr>
-              <th><?php echo _("Signed Packages"); ?></th>
-              <td><small><code><span id="plugin-packages" class="mb-0"></span></code></small></td>
-            </tr>
             <tr>
               <th><?php echo _("Dependencies"); ?></th>
               <td><small><code><span id="plugin-dependencies" class="mb-0"></span></code></small></td>
             </tr>
-            <tr>
-              <th><?php echo _("JavaScript"); ?></th>
-              <td><small><code><span id="plugin-javascript" class="mb-0"></span></code></small></td>
-            </tr>
             <tr>
               <th><?php echo _("Permissions"); ?></th>
               <td><small><code><span id="plugin-sudoers" class="mb-0"></span></code></small></td>

templates/system/advanced.php

@@ -3,7 +3,7 @@
   <h4 class="mt-3"><?php echo _("Advanced settings") ;?></h4>
     <?php if (!RASPI_MONITOR_ENABLED) : ?>
     <form action="system_info" method="POST">
-    <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+    <?php echo CSRFTokenFieldTag() ?>
       <div class="row">
         <div class="mb-3 col-md-6">
           <label for="code"><?php echo _("Web server port") ;?></label>

templates/system/basic.php

@@ -9,9 +9,6 @@ include('includes/sysstats.php');
     <div class="col-lg-6">
       <h4 class="mt-3"><?php echo _("System Information"); ?></h4>
         <div class="row ms-1">
-          <div class="col-4">
-            <img class="device-illustration mx-3 my-2" src="app/img/devices/<?php echo $deviceImage; ?>" alt="<?php echo htmlspecialchars($revision, ENT_QUOTES); ?>"></a>
-          </div>
           <div class="col-sm-10">
             <div class="row mb-1">
               <div class="info-item col-4"><?php echo _("Hostname"); ?></div><div class="info-value col"><?php echo htmlspecialchars($hostname, ENT_QUOTES); ?></div>
@@ -56,7 +53,7 @@ include('includes/sysstats.php');
       </div>
 
       <form action="system_info" method="POST">
-        <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+        <?php echo CSRFTokenFieldTag() ?>
         <?php if (!RASPI_MONITOR_ENABLED) : ?>
             <input type="button" class="btn btn-warning" data-bs-toggle="modal" data-bs-target="#system-confirm-reboot" value="<?php echo _("Reboot"); ?>" />
             <input type="button" class="btn btn-warning" data-bs-toggle="modal" data-bs-target="#system-confirm-shutdown" value="<?php echo _("Shutdown"); ?>" />

templates/system/plugins.php

@@ -1,7 +1,7 @@
 <!-- plugins tab -->
 <div role="tabpanel" class="tab-pane" id="plugins">
   <h4 class="mt-3"><?php echo _("Plugins") ;?></h4>
-  <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+  <?php echo CSRFTokenFieldTag() ?>
   <div class="row">
     <div class="form-group col-lg-8 col-md-8">
     <label>

templates/system/theme.php

@@ -12,7 +12,7 @@
     </div>
     </div>
     <form action="system_info" method="POST">
-    <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+    <?php echo CSRFTokenFieldTag() ?>
     <button type="button" onClick="window.location.reload();" class="btn btn-outline btn-primary"><i class="fas fa-sync-alt"></i> <?php echo _("Refresh") ?></a>
     </form>
 </div>

templates/system/tools.php

@@ -2,7 +2,7 @@
 <div role="tabpanel" class="tab-pane" id="tools">
   <h4 class="mt-3"><?php echo _("System tools") ;?></h4>
     <?php if (!RASPI_MONITOR_ENABLED) : ?>
-    <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+    <?php echo CSRFTokenFieldTag() ?>
 
       <div class="row">
         <div class="mb-3 col-lg-8 col-md-8">

templates/wg/logging.php

@@ -8,7 +8,10 @@
           <input class="form-check-input" id="wgLogEnable" type="checkbox" name="wgLogEnable" value="1" <?php echo $optLogEnable ? ' checked="checked"' : "" ?> aria-describedby="wgLogEnable">
           <label class="form-check-label" for="wgLogEnable"><?php echo _("Logfile output") ?></label>
         </div>
-        <?php echo '<textarea class="logoutput text-secondary my-3">'.htmlspecialchars($wg_log, ENT_QUOTES).'</textarea>';
+        <?php
+          exec('sudo chmod o+r /tmp/wireguard.log');
+          $log = file_get_contents('/tmp/wireguard.log');
+          echo '<textarea class="logoutput text-secondary my-3">'.htmlspecialchars($log, ENT_QUOTES).'</textarea>';
         ?>
     </div>
   </div><!-- /.row -->

templates/wireguard.php

@@ -28,7 +28,7 @@
         <div class="card-body">
         <?php $status->showMessages(); ?>
           <form role="form" action="wg_conf" enctype="multipart/form-data" method="POST">
-            <?php echo \RaspAP\Tokens\CSRF::hiddenField(); ?>
+            <?php echo CSRFTokenFieldTag() ?>
             <!-- Nav tabs -->
             <ul class="nav nav-tabs">
                 <li class="nav-item"><a class="nav-link active" id="settingstab" href="#wgsettings" data-bs-toggle="tab"><?php echo _("Settings"); ?></a></li>