diff --git a/scripts/advanced.php b/scripts/advanced.php index 8de3286..4dbfbf2 100644 --- a/scripts/advanced.php +++ b/scripts/advanced.php @@ -7,6 +7,23 @@ if (file_exists('/home/pi/BirdNET-Pi/thisrun.txt')) { } elseif (file_exists('/home/pi/BirdNET-Pi/firstrun.ini')) { $config = parse_ini_file('/home/pi/BirdNET-Pi/firstrun.ini'); } +$caddypwd = $config['CADDY_PWD']; +if (!isset($_SERVER['PHP_AUTH_USER'])) { + header('WWW-Authenticate: Basic realm="My Realm"'); + header('HTTP/1.0 401 Unauthorized'); + echo 'You cannot edit the settings for this installation'; + exit; +} else { + $submittedpwd = $_SERVER['PHP_AUTH_PW']; + $submitteduser = $_SERVER['PHP_AUTH_USER']; + if($submittedpwd !== $caddypwd || $submitteduser !== 'birdnet'){ + header('WWW-Authenticate: Basic realm="My Realm"'); + header('HTTP/1.0 401 Unauthorized'); + echo 'You cannot edit the settings for this installation'; + exit; + } +} + if(isset($_POST['submit'])) { $contents = file_get_contents("/home/pi/BirdNET-Pi/birdnet.conf"); diff --git a/scripts/config.php b/scripts/config.php index 0ead4e2..33118f2 100644 --- a/scripts/config.php +++ b/scripts/config.php @@ -51,7 +51,24 @@ if (file_exists('/home/pi/BirdNET-Pi/thisrun.txt')) { $config = parse_ini_file('/home/pi/BirdNET-Pi/thisrun.txt'); } elseif (file_exists('/home/pi/BirdNET-Pi/firstrun.ini')) { $config = parse_ini_file('/home/pi/BirdNET-Pi/firstrun.ini'); -} ?> +} +$caddypwd = $config['CADDY_PWD']; +if (!isset($_SERVER['PHP_AUTH_USER'])) { + header('WWW-Authenticate: Basic realm="My Realm"'); + header('HTTP/1.0 401 Unauthorized'); + echo 'You cannot edit the settings for this installation'; + exit; +} else { + $submittedpwd = $_SERVER['PHP_AUTH_PW']; + $submitteduser = $_SERVER['PHP_AUTH_USER']; + if($submittedpwd !== $caddypwd || $submitteduser !== 'birdnet'){ + header('WWW-Authenticate: Basic realm="My Realm"'); + header('HTTP/1.0 401 Unauthorized'); + echo 'You cannot edit the settings for this installation'; + exit; + } +} +?>