Auth on delete protection change

This commit is contained in:
ehpersonal38
2022-05-19 17:16:03 -04:00
parent 389abfdd01
commit 9a906dcbc8
+47 -29
View File
@@ -20,30 +20,46 @@ $home = shell_exec("awk -F: '/1000/{print $6}' /etc/passwd");
$home = trim($home); $home = trim($home);
if(isset($_GET['excludefile'])) { if(isset($_GET['excludefile'])) {
if(!file_exists($home."/BirdNET-Pi/scripts/disk_check_exclude.txt")) { if(isset($_SERVER['PHP_AUTH_USER'])) {
file_put_contents($home."/BirdNET-Pi/scripts/disk_check_exclude.txt", "##start\n##end"); $submittedpwd = $_SERVER['PHP_AUTH_PW'];
} $submitteduser = $_SERVER['PHP_AUTH_USER'];
if(isset($_GET['exclude_add'])) { if($submittedpwd == $config['CADDY_PWD'] && $submitteduser == 'birdnet'){
$myfile = fopen($home."/BirdNET-Pi/scripts/disk_check_exclude.txt", "a") or die("Unable to open file!"); if(!file_exists($home."/BirdNET-Pi/scripts/disk_check_exclude.txt")) {
$txt = $_GET['excludefile']; file_put_contents($home."/BirdNET-Pi/scripts/disk_check_exclude.txt", "##start\n##end");
fwrite($myfile, $txt."\n"); }
fwrite($myfile, $txt.".png\n"); if(isset($_GET['exclude_add'])) {
fclose($myfile); $myfile = fopen($home."/BirdNET-Pi/scripts/disk_check_exclude.txt", "a") or die("Unable to open file!");
echo "OK"; $txt = $_GET['excludefile'];
die(); fwrite($myfile, $txt."\n");
} else { fwrite($myfile, $txt.".png\n");
$lines = file($home."/BirdNET-Pi/scripts/disk_check_exclude.txt"); fclose($myfile);
$search = $_GET['excludefile']; echo "OK";
die();
} else {
$lines = file($home."/BirdNET-Pi/scripts/disk_check_exclude.txt");
$search = $_GET['excludefile'];
$result = ''; $result = '';
foreach($lines as $line) { foreach($lines as $line) {
if(stripos($line, $search) === false && stripos($line, $search.".png") === false) { if(stripos($line, $search) === false && stripos($line, $search.".png") === false) {
$result .= $line; $result .= $line;
}
} }
file_put_contents($home."/BirdNET-Pi/scripts/disk_check_exclude.txt", $result);
echo "OK";
die();
}
} else {
header('WWW-Authenticate: Basic realm="My Realm"');
header('HTTP/1.0 401 Unauthorized');
echo 'You must be authenticated to change the protection of files.';
exit;
} }
file_put_contents($home."/BirdNET-Pi/scripts/disk_check_exclude.txt", $result); } else {
echo "OK"; header('WWW-Authenticate: Basic realm="My Realm"');
die(); header('HTTP/1.0 401 Unauthorized');
echo 'You must be authenticated to change the protection of files.';
exit;
} }
} }
@@ -121,14 +137,16 @@ if(isset($_GET['bydate'])){
function toggleLock(filename, type, elem) { function toggleLock(filename, type, elem) {
const xhttp = new XMLHttpRequest(); const xhttp = new XMLHttpRequest();
xhttp.onload = function() { xhttp.onload = function() {
if(type == "add") { if(this.responseText == "OK"){
elem.setAttribute("src","images/lock.svg"); if(type == "add") {
elem.setAttribute("title", "This file is delete protected."); elem.setAttribute("src","images/lock.svg");
elem.setAttribute("onclick", elem.getAttribute("onclick").replace("add","del")); elem.setAttribute("title", "This file is delete protected.");
} else { elem.setAttribute("onclick", elem.getAttribute("onclick").replace("add","del"));
elem.setAttribute("src","images/unlock.svg"); } else {
elem.setAttribute("title", "This file is not delete protected."); elem.setAttribute("src","images/unlock.svg");
elem.setAttribute("onclick", elem.getAttribute("onclick").replace("del","add")); elem.setAttribute("title", "This file is not delete protected.");
elem.setAttribute("onclick", elem.getAttribute("onclick").replace("del","add"));
}
} }
} }
if(type == "add") { if(type == "add") {