making things more secure
This commit is contained in:
@@ -101,7 +101,7 @@ if(isset($_GET['submit'])) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if(isset($_GET["freqshift_hi"])) {
|
if(isset($_GET["freqshift_hi"]) && is_numeric($_GET['freqshift_hi'])) {
|
||||||
$freqshift_hi = $_GET["freqshift_hi"];
|
$freqshift_hi = $_GET["freqshift_hi"];
|
||||||
if(strcmp($freqshift_hi,$config['FREQSHIFT_HI']) !== 0) {
|
if(strcmp($freqshift_hi,$config['FREQSHIFT_HI']) !== 0) {
|
||||||
$contents = preg_replace("/FREQSHIFT_HI=.*/", "FREQSHIFT_HI=$freqshift_hi", $contents);
|
$contents = preg_replace("/FREQSHIFT_HI=.*/", "FREQSHIFT_HI=$freqshift_hi", $contents);
|
||||||
@@ -109,7 +109,7 @@ if(isset($_GET['submit'])) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if(isset($_GET["freqshift_lo"])) {
|
if(isset($_GET["freqshift_lo"]) && is_numeric($_GET['freqshift_lo'])) {
|
||||||
$freqshift_lo = $_GET["freqshift_lo"];
|
$freqshift_lo = $_GET["freqshift_lo"];
|
||||||
if(strcmp($freqshift_lo,$config['FREQSHIFT_LO']) !== 0) {
|
if(strcmp($freqshift_lo,$config['FREQSHIFT_LO']) !== 0) {
|
||||||
$contents = preg_replace("/FREQSHIFT_LO=.*/", "FREQSHIFT_LO=$freqshift_lo", $contents);
|
$contents = preg_replace("/FREQSHIFT_LO=.*/", "FREQSHIFT_LO=$freqshift_lo", $contents);
|
||||||
@@ -117,7 +117,7 @@ if(isset($_GET['submit'])) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if(isset($_GET["freqshift_pitch"])) {
|
if(isset($_GET["freqshift_pitch"]) && is_numeric($_GET['freqshift_pitch'])) {
|
||||||
$freqshift_pitch = $_GET["freqshift_pitch"];
|
$freqshift_pitch = $_GET["freqshift_pitch"];
|
||||||
if(strcmp($freqshift_pitch,$config['FREQSHIFT_PITCH']) !== 0) {
|
if(strcmp($freqshift_pitch,$config['FREQSHIFT_PITCH']) !== 0) {
|
||||||
$contents = preg_replace("/FREQSHIFT_PITCH=.*/", "FREQSHIFT_PITCH=$freqshift_pitch", $contents);
|
$contents = preg_replace("/FREQSHIFT_PITCH=.*/", "FREQSHIFT_PITCH=$freqshift_pitch", $contents);
|
||||||
|
|||||||
+8
-2
@@ -76,7 +76,7 @@ if(isset($_GET["latitude"])){
|
|||||||
$apprise_weekly_report = 0;
|
$apprise_weekly_report = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(isset($timezone)) {
|
if(isset($timezone) && in_array($timezone, DateTimeZone::listIdentifiers())) {
|
||||||
shell_exec("sudo timedatectl set-timezone ".$timezone);
|
shell_exec("sudo timedatectl set-timezone ".$timezone);
|
||||||
date_default_timezone_set($timezone);
|
date_default_timezone_set($timezone);
|
||||||
echo "<script>setTimeout(
|
echo "<script>setTimeout(
|
||||||
@@ -92,7 +92,11 @@ if(isset($_GET["latitude"])){
|
|||||||
// can't set the date manually if it's getting it from the internet, disable ntp
|
// can't set the date manually if it's getting it from the internet, disable ntp
|
||||||
exec("sudo timedatectl set-ntp false");
|
exec("sudo timedatectl set-ntp false");
|
||||||
|
|
||||||
|
// check if valid date and time
|
||||||
|
$datetime = DateTime::createFromFormat('Y-m-d H:i', $_GET['date'] . ' ' . $_GET['time']);
|
||||||
|
if ($datetime && $datetime->format('Y-m-d H:i') === $_GET['date'] . ' ' . $_GET['time']) {
|
||||||
exec("sudo date -s '".$_GET['date']." ".$_GET['time']."'");
|
exec("sudo date -s '".$_GET['date']." ".$_GET['time']."'");
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
// user checked 'use time from internet if available,' so make sure that's on
|
// user checked 'use time from internet if available,' so make sure that's on
|
||||||
if(strlen(trim(exec("sudo timedatectl | grep \"NTP service: active\""))) == 0){
|
if(strlen(trim(exec("sudo timedatectl | grep \"NTP service: active\""))) == 0){
|
||||||
@@ -109,6 +113,7 @@ if(isset($_GET["latitude"])){
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ($model != $lang_config['MODEL'] || $language != $lang_config['DATABASE_LANG']){
|
if ($model != $lang_config['MODEL'] || $language != $lang_config['DATABASE_LANG']){
|
||||||
|
if(strlen($language) == 2){
|
||||||
$user = trim(shell_exec("awk -F: '/1000/{print $1}' /etc/passwd"));
|
$user = trim(shell_exec("awk -F: '/1000/{print $1}' /etc/passwd"));
|
||||||
$home = trim(shell_exec("awk -F: '/1000/{print $6}' /etc/passwd"));
|
$home = trim(shell_exec("awk -F: '/1000/{print $6}' /etc/passwd"));
|
||||||
|
|
||||||
@@ -124,6 +129,7 @@ if(isset($_GET["latitude"])){
|
|||||||
|
|
||||||
syslog(LOG_INFO, "Successfully changed language to '$language' and model to '$model'");
|
syslog(LOG_INFO, "Successfully changed language to '$language' and model to '$model'");
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
$contents = file_get_contents("/etc/birdnet/birdnet.conf");
|
$contents = file_get_contents("/etc/birdnet/birdnet.conf");
|
||||||
@@ -271,7 +277,7 @@ if(isset($_GET['sendtest']) && $_GET['sendtest'] == "true") {
|
|||||||
$body = str_replace("\$overlap", $overlap, $body);
|
$body = str_replace("\$overlap", $overlap, $body);
|
||||||
$body = str_replace("\$flickrimage", $exampleimage, $body);
|
$body = str_replace("\$flickrimage", $exampleimage, $body);
|
||||||
|
|
||||||
echo "<pre class=\"bash\">".shell_exec($home."/BirdNET-Pi/birdnet/bin/apprise -vv --plugin-path ".$home."/.apprise/plugins "." -t '".$title."' -b '".$body."' ".$attach." ".$cf." ")."</pre>";
|
echo "<pre class=\"bash\">".shell_exec($home."/BirdNET-Pi/birdnet/bin/apprise -vv --plugin-path ".$home."/.apprise/plugins "." -t '".escapeshellcmd($title)."' -b '".escapeshellcmd($body)."' ".$attach." ".$cf." ")."</pre>";
|
||||||
|
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user