Esempio n. 1
0
    $Delay = $Mem->get('Delay');
    //Load Delay from Memcache
    if ($Delay) {
        //If it is set then Wait
        $Msg = 'Wait';
    } else {
        //No Delay, check Password
        $Password = $_POST['password'];
        if (isset($_POST['username'])) {
            $Username = $_POST['username'];
        } else {
            $Username = '';
        }
        if (!file_exists($FileAccessLog)) {
            //Create ntrk-access.log file
            ExecAction('create-accesslog', true, false);
        }
        //Use built in password_verify function to compare with $Config['Password'] hash
        if ($Username == $Config['Username'] && password_verify($Password, $Config['Password'])) {
            $_SESSION['sid'] = 1;
            //Set session to enabled
            header('Location: index.php');
            //Redirect to index.php
        } else {
            $Mem->set('Delay', $Config['Delay'], 0, $Config['Delay']);
            $Msg = "Incorrect username or password";
            //Deny attacker knowledge of whether username OR password is wrong
            error_log(date('d/m/Y H:i:s') . ': Authentication failure for ' . $Username . ' from ' . $_SERVER['REMOTE_ADDR'] . ' port ' . $_SERVER['REMOTE_PORT'] . PHP_EOL, 3, $FileAccessLog);
        }
    }
}
Esempio n. 2
0
function ActionTopMenu()
{
    global $Config, $Mem;
    //Function to Action GET requests from Top Menu
    //Return value false when no action carried out
    //1. Is _GET['a'] (action) set?
    //2a. Delete config out of Memcached, since its about to be changed by ntrk-pause
    //2b. Execute appropriate action
    //2c. In the case of Restart or Shutdown we want to delay execution of the command for a couple of seconds to finish off any disk writes
    //2d. For any other value of 'a' leave this function and carry on with previous page
    //3. Sleep for 5 seconds to prevent a Race Condition occuring where new config could be loaded before ntrk-pause has been able to modify /etc/notrack/notrack.conf
    //   5 seconds is too much for an x86 based server, but for a Raspberry Pi 1 its just enough.
    if (isset($_POST['operation'])) {
        switch ($_POST['operation']) {
            case 'force-notrack':
                ExecAction('force-notrack', true, true);
                sleep(5);
                header("Location: ?");
                break;
            case 'restart':
                sleep(2);
                ExecAction('restart', true, true);
                exit(0);
                break;
            case 'shutdown':
                sleep(2);
                ExecAction('shutdown', true, true);
                exit(0);
                break;
        }
    }
    //if (isset($_GET['a'])) {
    if (isset($_POST['pause-time'])) {
        $Mem->delete('Config');
        //Force reload of config
        switch ($_POST['pause-time']) {
            case 'pause5':
                ExecAction('pause5', true, true);
                break;
            case 'pause15':
                ExecAction('pause15', true, true);
                break;
            case 'pause30':
                ExecAction('pause30', true, true);
                break;
            case 'pause60':
                ExecAction('pause60', true, true);
                break;
            case 'start':
                if ($Config['Status'] != 'Enabled') {
                    ExecAction('start', true, true);
                } else {
                    return false;
                }
                break;
            case 'stop':
                ExecAction('stop', true, true);
                break;
            default:
                return false;
        }
        sleep(5);
        header("Location: ?");
    }
    return true;
}
Esempio n. 3
0
function UpdateWebserverConfig()
{
    global $Config;
    if (isset($_GET['block'])) {
        switch ($_GET['block']) {
            case 'pixel':
                $Config['BlockMessage'] = 'pixel';
                ExecAction('blockmsg-pixel', false);
                break;
            case 'message':
                $Config['BlockMessage'] = 'message';
                ExecAction('blockmsg-message', false);
                break;
        }
    }
}
Esempio n. 4
0
</head>

<body>
<?php 
ActionTopMenu();
draw_topmenu();
draw_configmenu();
echo '<div id="main">' . PHP_EOL;
//Main---------------------------------------------------------------
if (isset($_GET['u'])) {
    //Check if we are running upgrade or displaying status
    if ($_GET['u'] == '1') {
        //Doing the upgrade
        echo '<div class="sys-group">' . PHP_EOL;
        echo '<h5>NoTrack Upgrade</h5></div>' . PHP_EOL;
        ExecAction('upgrade-notrack', false);
        echo '<pre>';
        passthru('sudo ntrk-exec 2>&1');
        //echo $Msg;
        echo '</pre>' . PHP_EOL;
        echo '<div class="sys-group">' . PHP_EOL;
        echo '<div class="centered">' . PHP_EOL;
        //Center div for button
        echo '<button class="button-blue" onclick="window.location=\'./\'">Back</button>' . PHP_EOL;
        echo '</div></div>' . PHP_EOL;
        $Mem->delete('Config');
        //Delete config from Memcache
    } else {
        echo 'Invalid upgrade request';
    }
} else {
Esempio n. 5
0
function UpdateWebserverConfig()
{
    global $Config;
    //1. Config should already be in Memcache
    //2. Has POST request block got a value?
    //3. Run ntrk-exec with appropriate change to Webserver setting
    //4. Onward process is WriteTmpConfig function
    if (isset($_POST['block'])) {
        switch ($_POST['block']) {
            case 'pixel':
                $Config['BlockMessage'] = 'pixel';
                ExecAction('blockmsg-pixel', false);
                break;
            case 'message':
                $Config['BlockMessage'] = 'message';
                ExecAction('blockmsg-message', false);
                break;
        }
    }
}