diff options
author | Erich Eckner <git@eckner.net> | 2019-07-31 10:06:53 +0200 |
---|---|---|
committer | Erich Eckner <git@eckner.net> | 2019-07-31 10:06:53 +0200 |
commit | 74ee1b02b08e6c517d533be74ec6b491cf4e5d00 (patch) | |
tree | 99914d2475eedaf7eeb48229dd696b1a90e62f41 | |
parent | 81f1a2ea72b11e974993e0253e39e9d488e7e7ad (diff) | |
download | raspi-lights-out-74ee1b02b08e6c517d533be74ec6b491cf4e5d00.tar.xz |
httpdocs/index.php: password-protection
-rw-r--r-- | httpdocs/index.php | 76 |
1 files changed, 54 insertions, 22 deletions
diff --git a/httpdocs/index.php b/httpdocs/index.php index 0513515..f3a8df2 100644 --- a/httpdocs/index.php +++ b/httpdocs/index.php @@ -1,6 +1,6 @@ <?php -$f = popen('/usr/bin/gpio read 27','r'); +$f = popen('/usr/bin/gpio read 27', 'r'); if ($f === false) { print 'Cannot access gpio'; die(); @@ -8,32 +8,64 @@ if ($f === false) { $l = trim(fgets($f)); pclose($f); -print "<html>\n"; -print "<head>\n"; +if (array_key_exists('HTTPS', $_SERVER) +&& ($_SERVER['HTTPS'] == 'on')) + $https = true; +else + $https = false; + +function push_it() { + if (!array_key_exists('password', $_POST)) + return; + $f = fopen('../password', 'r'); + if ($f === false) { + print '<font color="ff0000">Cannot read password file</font><br>' . "\n"; + return; + } + $saved_hash = trim(fgets($f)); + fclose($f); + $entered_hash = hash('sha512', $_POST['password']); + if ($saved_hash != $entered_hash) { + print '<font color="ff0000">Wrong password: ' . $entered_hash . '</font><br>' . "\n"; + return; + } + foreach ($_POST as $key => $dummy) + if (preg_match('/^push_([0-9]+)$/', $key, $duration)) + break; + if (count($duration) != 2) + return; + $duration = $duration[1]; + if (($duration > 0) + && ($duration < 300)) { + print 'pushing for ' . ($duration * 0.1) . ' seconds ... <br>' . "\n"; + shell_exec('/usr/bin/gpio write 28 1'); + flush(); + usleep(100000 * $duration); + shell_exec('/usr/bin/gpio write 28 0'); + print '... done<br>' . "\n"; + } +} + +print '<html>' . "\n"; +print '<head>' . "\n"; print '<title>fileserver lights-out</title>' . "\n"; -if (array_key_exists('push', $_GET)) +if (array_key_exists('password', $_POST)) print '<meta http-equiv="refresh" content="1;/">' . "\n"; -print "</head>\n"; -print "<body>\n"; +print '</head>' . "\n"; +print '<body>' . "\n"; print 'Fileserver is currently '; if ($l == '1') print '<font color="ff0000">off</font>'; else print '<font color="00ff00">on</font>'; -print "<br>\n"; -if (array_key_exists('push', $_GET) -&& ($_GET['push'] > 0) -&& ($_GET['push'] < 300)) { - print 'pushing for ' . ($_GET['push'] * 0.1) . ' seconds ... <br>' . "\n"; - shell_exec('/usr/bin/gpio write 28 1'); - flush(); - usleep(100000 * $_GET['push']); - shell_exec('/usr/bin/gpio write 28 0'); - print '... done<br>' . "\n"; +print '<br>' . "\n"; +if ($https) { + push_it(); + print '<form action="" method="post">' . "\n"; + print 'Passwort: <input name="password" type="password"><br>' . "\n"; + print '<input type="submit" name="push_1" value="short power button push"><br>' . "\n"; + print '<input type="submit" name="push_150" value="long power button push"><br>' . "\n"; + print '</form>' . "\n"; } -print '<a href="?push=1">short power button push</a>'; -print "<br>\n"; -print '<a href="?push=150">long power button push</a>'; -print "<br>\n"; -print "</body>\n"; -print "</html>\n"; +print '</body>' . "\n"; +print '</html>' . "\n"; |