WebSVN – web_pages – Diff – /trunk/totp_opnsense/dl.php



 
 
// /var/www/html/web_pages/totp_opnsense/auto.php
declare(strict_types=1);
 
const API_KEY = 'moustache.SCULPTURE.glancing';
const FLAG_PATH = '/tmp/totp_opnsense.flag';
 
define('VERSION', '0.1.0');
 
// The router must be specified

}
 
 
// Basic validation
if ( file_exists(FLAG_PATH) || $user === '' || $key === '' || $filetype === '' || $router === '') {
   http_text(503, 'Missing parameters or service unavailable');
}
 
// validate download token
if ( !hash_equals($downloadToken, $key)) {
   // create flag file for hacking attempt and exit

      $filename = $configData[$router]['users'][$user]['ovpnFile'];
      $contentType = 'application/x-openvpn-profile';
      break;
   case 'qr':
      $filename = $configData[$router]['users'][$user]['qrFile'];
      // .qrcode is a QR code image; send as binary download
      $contentType = 'application/octet-stream';
      break;
   case 'refresh':
      // create flag file for processing by another script and return success
      @file_put_contents($refreshFile . $router, 'refresh_requested ' . $sanitized . ' ' . date('c') . PHP_EOL, LOCK_EX);

Rev 18	Rev 19
Line 34...	Line 34...
34		34
35		35
36	`// /var/www/html/web_pages/totp_opnsense/auto.php`	36	`// /var/www/html/web_pages/totp_opnsense/auto.php`
37	`declare(strict_types=1);`	37	`declare(strict_types=1);`
38		38
39	`const API_KEY = 'REPLACE_WITH_REAL_KEY';`	39	`const API_KEY = 'moustache.SCULPTURE.glancing';`
40	`const FLAG_PATH = '/tmp/totp_opnsense.flag';`	40	`const FLAG_PATH = '/tmp/totp_opnsense.flag';`
41		41
42	`define('VERSION', '0.1.0');`	42	`define('VERSION', '0.1.0');`
43		43
44	`// The router must be specified`	44	`// The router must be specified`
Line 79...	Line 79...
79	`}`	79	`}`
80		80
81		81
82	`// Basic validation`	82	`// Basic validation`
83	`if ( file_exists(FLAG_PATH) \|\| $user === '' \|\| $key === '' \|\| $filetype === '' \|\| $router === '') {`	83	`if ( file_exists(FLAG_PATH) \|\| $user === '' \|\| $key === '' \|\| $filetype === '' \|\| $router === '') {`
84	`http_text(503, 'Service unavailable');`	84	`http_text(503, 'Missing parameters or service unavailable');`
85	`}`	85	`}`
86		86
87	`// validate download token`	87	`// validate download token`
88	`if ( !hash_equals($downloadToken, $key)) {`	88	`if ( !hash_equals($downloadToken, $key)) {`
89	`// create flag file for hacking attempt and exit`	89	`// create flag file for hacking attempt and exit`
Line 122...	Line 122...
122	`$filename = $configData[$router]['users'][$user]['ovpnFile'];`	122	`$filename = $configData[$router]['users'][$user]['ovpnFile'];`
123	`$contentType = 'application/x-openvpn-profile';`	123	`$contentType = 'application/x-openvpn-profile';`
124	`break;`	124	`break;`
125	`case 'qr':`	125	`case 'qr':`
126	`$filename = $configData[$router]['users'][$user]['qrFile'];`	126	`$filename = $configData[$router]['users'][$user]['qrFile'];`
127	`// unknown content type for .qrcode; send as binary download`	127	`// .qrcode is a QR code image; send as binary download`
128	`$contentType = 'application/octet-stream';`	128	`$contentType = 'application/octet-stream';`
129	`break;`	129	`break;`
130	`case 'refresh':`	130	`case 'refresh':`
131	`// create flag file for processing by another script and return success`	131	`// create flag file for processing by another script and return success`
132	`@file_put_contents($refreshFile . $router, 'refresh_requested ' . $sanitized . ' ' . date('c') . PHP_EOL, LOCK_EX);`	132	`@file_put_contents($refreshFile . $router, 'refresh_requested ' . $sanitized . ' ' . date('c') . PHP_EOL, LOCK_EX);`

Subversion Repositories web_pages

(root)/trunk/totp_opnsense/dl.php – Rev 18 → 19