Commit graph

70 commits

Author SHA1 Message Date
glaszig
29d4653524 prevent variable name collision in renderTemplate() function 2020-03-06 16:54:48 +01:00
glaszig
cfa3f9cfd3 added selectable hosted dns servers 2020-03-04 19:43:22 +01:00
glaszig
ad1ca08de3 escape qrencode arguments in multibyte-safe way 2020-02-27 23:52:35 +00:00
billz
457da91008 Processed with phpcbf 2020-02-15 17:57:46 +00:00
billz
3292bc580b Added disabled param to SelectorOptions() 2019-12-27 03:08:51 +00:00
billz
6d7aa1b401 Added optional $event param to SelectorOptions() 2019-12-26 06:16:13 +00:00
billz
25d1ddeed6 Templatized Tor proxy config 2019-11-12 21:05:21 +00:00
billz
e4225086e1 Moved DisplayOpenVPNConfig() to new file 2019-11-12 16:02:05 +00:00
billz
9d38e6a806 Update OpenVPN + Tor to bootstrap4. Todo: templatize 2019-10-24 23:35:59 +01:00
billz
b29bbf4f11 Replace HTML linebreaks in ConvertToSecurity() 2019-10-15 21:07:21 +01:00
billz
8be24381a8 Processed with phpcbf for PSR-2 coding standard 2019-09-07 16:42:31 +01:00
glaszig
5a49768614 fix renderTemplate() function to allow data-less rendering 2019-08-19 22:35:29 +02:00
glaszig
20d9e919c3 generate only one csrf token per session
some pages issue xhr which lead to new
tokens in the session and a future check
is garuanteed to fail.
2019-08-19 03:12:37 +01:00
Bill Zimmerman
5858971762
Merge pull request #372 from glaszig/ui/xhr-load-cached-wifi-stations
load wifi stations via ajax, cache the scan result
2019-08-17 09:53:13 +02:00
glaszig
f5e3b717ff add missing CSRFTokenFieldTag's 2019-08-14 02:41:58 +02:00
glaszig
993dc633a9 load wifi stations via ajax, cache the scan result
until the "rescan" button is pressed. speeds up
"configure client" page massively.
2019-08-08 03:44:28 +02:00
glaszig
8f3489cd4a remove id attribute from csrf token field due to obsolescence
and if there's multiple form's on the page it would lead to
multiple elements with the same id which is illegal in html
2019-08-06 20:55:16 +02:00
glaszig
f36b08c10a rename CSRFToken() to the more apt CSRFTokenFieldTag() 2019-08-06 20:55:16 +02:00
glaszig
0a255e8b49 don't write the csrf token field to the output buffer
but return and echo it
2019-08-06 20:55:16 +02:00
glaszig
6f1ae104f3 improve CSRFToken() implementation 2019-08-06 20:55:16 +02:00
glaszig
2f6dc2cc05 remove superfluous semi-colon 2019-08-06 20:55:16 +02:00
glaszig
964dc00fab generate a new csrf token for each request 2019-08-06 20:55:16 +02:00
glaszig
7898dc24c8 mcrypt_create_iv is deprecated, openssl_random_pseudo_bytes
depends on openssl. php7 has the platform-independent
`random_bytes` to generate "cryptographically secure"
random data. use that for csrf token.
2019-08-06 20:55:16 +02:00
glaszig
b9e9b7fe39 move csrf token initialization into function 2019-08-06 20:55:16 +02:00
glaszig
0967a53152 validate token value from csrf token header
if supplied and not overridden by post request param
2019-08-06 20:55:16 +02:00
glaszig
20bb9fe42f add csrf meta tag (for use with xhr, for example) 2019-08-06 20:55:16 +02:00
glaszig
f989b8060b always verify csrf token for resource-modifying requests,
that is post, put, patch, delete
2019-08-06 20:55:16 +02:00
glaszig
d18dbd7def add ui to manage static dhcp leases
* add support to parse duplicate options in ParseConfig()
* add logic, html and js to edit dhcp leases
2019-08-01 18:15:32 +02:00
billz
3f9b422f5f Update safefilerewrite with PHP_EOL 2019-04-30 22:57:12 +00:00
billz
1008f83cc4 Update write_php_ini 2019-04-30 22:36:35 +00:00
billz
ce93faa277 Update write_php_ini 2019-04-30 22:18:44 +00:00
billz
c0570b616e Processed with phpcs for PSR-2 coding standard 2019-04-10 08:37:35 +00:00
D9ping
54e55775ea Fix incorrect escaping break lines of WPA and WPA2 secured networks.
Signed-off-by: D9ping <D9ping@users.noreply.github.com>
2018-10-24 01:42:47 +02:00
D9ping
73f5e4f2da Properly use for attribute for label tags on hostapd page.
Added support for id attribute for SelectorOptions function.

Signed-off-by: D9ping <D9ping@users.noreply.github.com>
2018-10-03 22:20:06 +02:00
D9ping
5988dab56e Fixed html option end tag.
Signed-off-by: D9ping <D9ping@users.noreply.github.com>
2018-08-16 14:48:47 +02:00
Bill Zimmerman
a02b525fc1 Added missing double-quote. Fixes #222. Thanks @seebz 2018-08-15 11:30:24 -07:00
D9ping
fb7ba20055 Fixed php notices log messages.
Signed-off-by: D9ping <D9ping@users.noreply.github.com>
2018-08-06 01:18:11 +02:00
D9ping
2b03fa316d Escape client input, console output etc. before doing any echo.
Signed-off-by: D9ping <D9ping@users.noreply.github.com>
2018-08-04 02:05:56 +02:00
Russ Marshall
ff36dbb3b4 support for 5GHz channels 2018-02-19 08:13:20 -05:00
Lawrence
068c4c519e Merge from Upstream 2017-11-04 12:49:48 +08:00
Lawrence
f61cc31b20 Created new branch off master to help troubleshoot with #132 2017-11-02 22:43:41 +08:00
Lawrence
7749b79e2f Implemented start of web interface to update Static IP addresses or use DHCP.
Currently saves to files in /etc/raspap/networking, still need to build something to generate a working config for dhcpcd
2017-10-28 02:40:30 +08:00
Joe Haig
20eb3b0107 Merge branch 'master' into dashboard 2016-08-16 20:44:22 +01:00
Joe Haig
e953e68556 Redo 'Configure client' page 2016-08-14 16:40:59 +00:00
Joe Haig
c7ed97dd8b Change method of calculating channel and security 2016-08-12 17:29:56 +00:00
Joe Haig
fe3b0e9513 Move client wifi configuration into separate file 2016-08-12 17:00:43 +00:00
Joe Haig
095e1afa8c Move Dashboard function to separate file 2016-08-08 12:48:16 +00:00
Joe Haig
7406a5050c Move system page into separate file 2016-08-08 12:31:19 +00:00
Joe Haig
bff9dfbbbc Some validation on POST data 2016-08-05 20:38:02 +00:00
Joe Haig
671016e685 Add CSRF to hostapd config
And tidy things up a bit
2016-08-05 15:50:05 +01:00