From 1bb17f97050d00ace05446baeaf838a4e1bcb518 Mon Sep 17 00:00:00 2001
From: ehpersonal38 <103586016+ehpersonal38@users.noreply.github.com>
Date: Tue, 9 May 2023 15:06:14 -0400
Subject: [PATCH] Update play.php
---
scripts/play.php | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/scripts/play.php b/scripts/play.php
index 4f3bada..0d3bb34 100644
--- a/scripts/play.php
+++ b/scripts/play.php
@@ -101,6 +101,31 @@ $shifted_path = $home."/BirdSongs/Extracted/By_Date/shifted/";
if(isset($_GET['shiftfile'])) {
+ if (file_exists('./scripts/thisrun.txt')) {
+ $config = parse_ini_file('./scripts/thisrun.txt');
+} elseif (file_exists('./scripts/firstrun.ini')) {
+ $config = parse_ini_file('./scripts/firstrun.ini');
+}
+$user = shell_exec("awk -F: '/1000/{print $1}' /etc/passwd");
+$home = shell_exec("awk -F: '/1000/{print $6}' /etc/passwd");
+$home = trim($home);
+$caddypwd = $config['CADDY_PWD'];
+if (!isset($_SERVER['PHP_AUTH_USER'])) {
+ header('WWW-Authenticate: Basic realm="My Realm"');
+ header('HTTP/1.0 401 Unauthorized');
+ echo '
| You cannot shift files for this installation |
';
+ exit;
+} else {
+ $submittedpwd = $_SERVER['PHP_AUTH_PW'];
+ $submitteduser = $_SERVER['PHP_AUTH_USER'];
+ if($submittedpwd !== $caddypwd || $submitteduser !== 'birdnet'){
+ header('WWW-Authenticate: Basic realm="My Realm"');
+ header('HTTP/1.0 401 Unauthorized');
+ echo '| You cannot shift files for this installation< |
';
+ exit;
+ }
+}
+
$filename = $_GET['shiftfile'];
$pp = pathinfo($filename);
$dir = $pp['dirname'];