Save password last to avoid auth check preventing saving other settings
Because saveSetting() checks each time to see that the user has authenticated, if the password is changed first then very next setting will cause a auth prompt (as the password changed) and if cancelled then the other setting won't save. Putting it last will allow us to save all the other setting and then change the password, then the next attempt to execute a action or access a page that required auth will prompt the user the the password.
This commit is contained in:
+22
-15
@@ -23,26 +23,11 @@ if (!isset($_SERVER['PHP_AUTH_USER'])) {
|
||||
}
|
||||
|
||||
if(isset($_GET['submit'])) {
|
||||
if(isset($_GET["caddy_pwd"])) {
|
||||
$caddy_pwd = $_GET["caddy_pwd"];
|
||||
saveSetting('CADDY_PWD', "\"$caddy_pwd\"");
|
||||
//Make sure the caddy file is set directly
|
||||
update_caddyfile();
|
||||
}
|
||||
|
||||
if(isset($_GET["ice_pwd"])) {
|
||||
$ice_pwd = $_GET["ice_pwd"];
|
||||
saveSetting('ICE_PWD', $ice_pwd);
|
||||
}
|
||||
|
||||
if(isset($_GET["birdnetpi_url"])) {
|
||||
$birdnetpi_url = $_GET["birdnetpi_url"];
|
||||
// remove trailing slash to prevent conf from becoming broken
|
||||
$birdnetpi_url = rtrim($birdnetpi_url, '/');
|
||||
saveSetting('BIRDNETPI_URL', $birdnetpi_url);
|
||||
update_caddyfile();
|
||||
}
|
||||
|
||||
if(isset($_GET["rtsp_stream"])) {
|
||||
$rtsp_stream = str_replace("\r\n", ",", $_GET["rtsp_stream"]);
|
||||
saveSetting('RTSP_STREAM', "\"$rtsp_stream\"", ['restart birdnet_recording', 'restart livestream']);
|
||||
@@ -165,6 +150,28 @@ if(isset($_GET['submit'])) {
|
||||
|
||||
saveSetting('LogLevel_LiveAudioStreamService', "\"$livestream_audio_service_log_level\"",['restart livestream','restart icecast2']);
|
||||
}
|
||||
|
||||
if(isset($_GET["birdnetpi_url"])) {
|
||||
$birdnetpi_url = $_GET["birdnetpi_url"];
|
||||
// remove trailing slash to prevent conf from becoming broken
|
||||
$birdnetpi_url = rtrim($birdnetpi_url, '/');
|
||||
saveSetting('BIRDNETPI_URL', $birdnetpi_url);
|
||||
update_caddyfile();
|
||||
}
|
||||
|
||||
if(isset($_GET["caddy_pwd"])) {
|
||||
$caddy_pwd_value = "";
|
||||
$caddy_pwd = $_GET["caddy_pwd"];
|
||||
//If the BirdNET-Pi Password is empty, return a empty string instead of a string that was surrounded by double quotes
|
||||
//else return the supplied password
|
||||
//so in the ini file ['CADDY_PWD']= , instead of ['CADDY_PWD']="" (which still prompts for auth but password is required)
|
||||
//this returns the password setting to it's default state when no password is set
|
||||
$caddy_pwd_value = !empty($caddy_pwd) ? "\"$caddy_pwd\"" : "";
|
||||
|
||||
saveSetting('CADDY_PWD', "$caddy_pwd_value");
|
||||
//Make sure the caddy file is set directly
|
||||
update_caddyfile();
|
||||
}
|
||||
}
|
||||
|
||||
$count = getLabelsCount();
|
||||
|
||||
+7
-23
@@ -614,9 +614,6 @@ function deleteDetection($filename)
|
||||
//Check authentication before going any further
|
||||
//the front end would have done this check already and such should pass
|
||||
authenticateUser();
|
||||
if (!userIsAuthenticated()) {
|
||||
return [];
|
||||
}
|
||||
|
||||
$filename_exploded = explode("/", $filename);
|
||||
$actual_filename = $filename_exploded[2];
|
||||
@@ -728,9 +725,6 @@ function frequencyShiftDetectionAudio($filename, $performShift = null)
|
||||
//Check authentication before going any further
|
||||
//the front end would have done this check already and such should pass
|
||||
authenticateUser();
|
||||
if (!userIsAuthenticated()) {
|
||||
return [];
|
||||
}
|
||||
|
||||
$shifted_path = getDirectory('shifted_audio') . '/';
|
||||
|
||||
@@ -1176,9 +1170,6 @@ function saveSetting($setting_name, $setting_value, $post_save_command = null)
|
||||
//Check authentication before going any further
|
||||
//the front end would have done this check already and such should pass
|
||||
authenticateUser();
|
||||
if(!userIsAuthenticated()){
|
||||
return;
|
||||
}
|
||||
|
||||
//Setting exists already, see if the value changed
|
||||
if (array_key_exists($setting_name, $config)) {
|
||||
@@ -1285,9 +1276,6 @@ function executeSysCommand($command_type, $extra_data_to_pass = null)
|
||||
//Check authentication before going any further
|
||||
//the front end would have done this check already and such should pass
|
||||
authenticateUser();
|
||||
if(!userIsAuthenticated()){
|
||||
return "";
|
||||
}
|
||||
|
||||
$command_type = strtolower($command_type);
|
||||
$result = null;
|
||||
@@ -1382,9 +1370,6 @@ function serviceMaintenance($command)
|
||||
//Check authentication before going any further
|
||||
//the front end would have done this check already and such should pass
|
||||
authenticateUser();
|
||||
if(!userIsAuthenticated()){
|
||||
return "";
|
||||
}
|
||||
|
||||
///e.g $command = 'service stop livestream.service', match the service name
|
||||
////// BIRDNET LOG SERVICE //////
|
||||
@@ -1575,15 +1560,14 @@ function syslog_shell_exec($cmd, $sudo_user = null)
|
||||
//Check authentication before going any further
|
||||
//the front end would have done this check already and such should pass
|
||||
authenticateUser();
|
||||
if(userIsAuthenticated()){
|
||||
if ($sudo_user) {
|
||||
$cmd = "sudo -u $sudo_user $cmd";
|
||||
}
|
||||
$output = shell_exec($cmd);
|
||||
|
||||
if (strlen($output) > 0) {
|
||||
syslog(LOG_INFO, $output);
|
||||
}
|
||||
if ($sudo_user) {
|
||||
$cmd = "sudo -u $sudo_user $cmd";
|
||||
}
|
||||
$output = shell_exec($cmd);
|
||||
|
||||
if (strlen($output) > 0) {
|
||||
syslog(LOG_INFO, $output);
|
||||
}
|
||||
|
||||
return $output;
|
||||
|
||||
Reference in New Issue
Block a user