mirror of
https://github.com/jokob-sk/NetAlertX.git
synced 2026-01-17 11:18:22 -05:00
301 lines
9.1 KiB
PHP
Executable File
301 lines
9.1 KiB
PHP
Executable File
<?php
|
|
//------------------------------------------------------------------------------
|
|
// NetAlertX
|
|
// Open Source Network Guard / WIFI & LAN intrusion detector
|
|
//
|
|
// util.php - Front module. Server side. Settings and utility functions
|
|
//------------------------------------------------------------------------------
|
|
# Puche 2021 / 2022+ jokob jokob@duck.com GNU GPLv3
|
|
//------------------------------------------------------------------------------
|
|
|
|
require dirname(__FILE__).'/../templates/globals.php';
|
|
require dirname(__FILE__).'/../templates/skinUI.php';
|
|
|
|
|
|
//------------------------------------------------------------------------------
|
|
// check if authenticated
|
|
require_once $_SERVER['DOCUMENT_ROOT'] . '/php/templates/security.php';
|
|
|
|
$FUNCTION = [];
|
|
$SETTINGS = [];
|
|
|
|
// init request params
|
|
if(array_key_exists('function', $_REQUEST) != FALSE)
|
|
{
|
|
$FUNCTION = $_REQUEST['function'];
|
|
}
|
|
if(array_key_exists('settings', $_REQUEST) != FALSE)
|
|
{
|
|
$SETTINGS = $_REQUEST['settings'];
|
|
}
|
|
|
|
|
|
// call functions based on requested params
|
|
switch ($FUNCTION) {
|
|
|
|
case 'savesettings':
|
|
|
|
saveSettings();
|
|
break;
|
|
|
|
default:
|
|
// Handle any other cases or errors if needed
|
|
break;
|
|
}
|
|
|
|
|
|
// ----------------------------------------------------------------------------------------
|
|
// 🔺----- API ENDPOINTS SUPERSEDED -----🔺
|
|
// check server/api_server/api_server_start.py for equivalents
|
|
// equivalent: /messaging/in-app/write
|
|
// 🔺----- API ENDPOINTS SUPERSEDED -----🔺
|
|
function displayMessage($message, $logAlert = FALSE, $logConsole = TRUE, $logFile = TRUE, $logEcho = FALSE)
|
|
{
|
|
global $logFolderPath, $log_file, $timestamp;
|
|
|
|
// sanitize
|
|
$message = str_replace(array("\n", "\r", PHP_EOL), '', $message);
|
|
|
|
echo "<script>function escape(html, encode) {
|
|
return html.replace(!encode ? /&(?!#?\w+;)/g : /&/g, '&')
|
|
.replace(/\t/g, '')
|
|
}</script>";
|
|
|
|
// Javascript Alert pop-up
|
|
if($logAlert)
|
|
{
|
|
echo '<script>alert(escape("'.$message.'"));</script>';
|
|
}
|
|
|
|
// F12 Browser dev console
|
|
if($logConsole)
|
|
{
|
|
echo '<script>console.log(escape("'.str_replace('"',"'",$message).'"));</script>';
|
|
}
|
|
|
|
//File
|
|
if($logFile)
|
|
{
|
|
|
|
if (is_writable($logFolderPath.$log_file)) {
|
|
|
|
|
|
if(file_exists($logFolderPath.$log_file) != 1) // file doesn't exist, create one
|
|
{
|
|
$log = fopen($logFolderPath.$log_file, "w") or die("Unable to open file!");
|
|
}else // file exists, append
|
|
{
|
|
$log = fopen($logFolderPath.$log_file, "a") or die("Unable to open file - Permissions issue!");
|
|
}
|
|
|
|
fwrite($log, "[".$timestamp. "] " . str_replace('<br>',"\n ",str_replace('<br/>',"\n ",$message)).PHP_EOL."" );
|
|
fclose($log);
|
|
|
|
} else {
|
|
echo 'The file is not writable: '.$logFolderPath.$log_file;
|
|
}
|
|
|
|
|
|
}
|
|
|
|
//echo
|
|
if($logEcho)
|
|
{
|
|
echo $message;
|
|
}
|
|
|
|
}
|
|
|
|
|
|
// -------------------------------------------------------------------------------------------
|
|
function saveSettings()
|
|
{
|
|
global $SETTINGS, $FUNCTION, $config_file, $fullConfPath, $configFolderPath, $timestamp;
|
|
|
|
// save to the file
|
|
$new_name = $config_file.'_'.$timestamp.'.backup';
|
|
$new_location = $configFolderPath.'/'.$new_name;
|
|
|
|
if(file_exists( $fullConfPath) != 1)
|
|
{
|
|
displayMessage('File "'.$fullConfPath.'" not found or missing read permissions. Creating a new <code>'.$config_file.'</code> file.', FALSE, TRUE, TRUE, TRUE);
|
|
}
|
|
// create a backup copy
|
|
elseif (!copy($fullConfPath, $new_location))
|
|
{
|
|
displayMessage("Failed to copy file ".$fullConfPath." to ".$new_location." <br/> Check your permissions to allow read/write access to the /config folder.", FALSE, TRUE, TRUE, TRUE);
|
|
}
|
|
|
|
|
|
// generate a clean .conf file
|
|
$groups = [];
|
|
|
|
$txt = "";
|
|
|
|
$txt = $txt."#-----------------AUTOGENERATED FILE-----------------#\n";
|
|
$txt = $txt."# #\n";
|
|
$txt = $txt."# Generated: ".$timestamp." #\n";
|
|
$txt = $txt."# #\n";
|
|
$txt = $txt."# Config file for the LAN intruder detection app: #\n";
|
|
$txt = $txt."# https://github.com/jokob-sk/NetAlertX #\n";
|
|
$txt = $txt."# #\n";
|
|
$txt = $txt."#-----------------AUTOGENERATED FILE-----------------#\n";
|
|
|
|
// collect all groups
|
|
|
|
$decodedSettings = json_decode((string)$SETTINGS, true);
|
|
|
|
if ($decodedSettings === null) {
|
|
echo "Error: Invalid JSON in settings data.";
|
|
return;
|
|
}
|
|
|
|
foreach ($decodedSettings as $setting) {
|
|
if( in_array($setting[0] , $groups) == false) {
|
|
array_push($groups ,$setting[0]);
|
|
}
|
|
}
|
|
|
|
// go thru the groups and prepare settings to write to file
|
|
foreach ($groups as $group) {
|
|
$txt .= "\n\n# " . $group;
|
|
$txt .= "\n#---------------------------\n";
|
|
|
|
foreach ($decodedSettings as $setting) {
|
|
$settingGroup = $setting[0];
|
|
$setKey = $setting[1];
|
|
$dataType = $setting[2];
|
|
$settingValue = $setting[3];
|
|
|
|
// Sanity check
|
|
if($setKey == "UI_LANG" && $settingValue == "") {
|
|
echo "🔴 Error: important settings missing. Refresh the page with 🔃 on the top and try again.";
|
|
return;
|
|
}
|
|
|
|
if ($group == $settingGroup) {
|
|
|
|
if ($dataType == 'string' ) {
|
|
$val = encode_single_quotes($settingValue);
|
|
$txt .= $setKey . "='" . $val . "'\n";
|
|
} elseif ($dataType == 'integer') {
|
|
$txt .= $setKey . "=" . $settingValue . "\n";
|
|
} elseif ($dataType == 'none') {
|
|
$txt .= $setKey . "=''\n";
|
|
} elseif ($dataType == 'json') {
|
|
$txt .= $setKey . "=" . $settingValue . "\n";
|
|
} elseif ($dataType == 'boolean') {
|
|
$val = ($settingValue === true || $settingValue === 1 || strtolower($settingValue) === 'true') ? "True" : "False";
|
|
$txt .= $setKey . "=" . $val . "\n";
|
|
} elseif ($dataType == 'array' ) {
|
|
$temp = '';
|
|
|
|
if(is_array($settingValue) == FALSE)
|
|
{
|
|
$settingValue = json_decode($settingValue);
|
|
}
|
|
// skipping __metadata entries (?)
|
|
if (count($setting) > 3 && is_array($settingValue) == true) {
|
|
foreach ($settingValue as $val) {
|
|
$temp .= "'" . encode_single_quotes($val) . "',";
|
|
}
|
|
|
|
$temp = substr_replace($temp, "", -1); // remove last comma ','
|
|
}
|
|
|
|
$temp = '['.$temp.']'; // wrap brackets
|
|
$txt .= $setKey . "=" . $temp . "\n";
|
|
|
|
} else {
|
|
$txt .= $setKey . "='⭕Not handled⭕'\n";
|
|
}
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
$txt = $txt."\n\n";
|
|
$txt = $txt."#-------------------IMPORTANT INFO-------------------#\n";
|
|
$txt = $txt."# This file is ingested by a python script, so if #\n";
|
|
$txt = $txt."# modified it needs to use python syntax #\n";
|
|
$txt = $txt."#-------------------IMPORTANT INFO-------------------#\n";
|
|
|
|
// open new file and write the new configuration
|
|
// Backup the original file
|
|
if (file_exists($fullConfPath)) {
|
|
copy($fullConfPath, $fullConfPath . ".bak");
|
|
}
|
|
|
|
// Open the file for writing without changing permissions
|
|
$file = fopen($fullConfPath, "w") or die("Unable to open file!");
|
|
fwrite($file, $txt);
|
|
fclose($file);
|
|
|
|
echo "OK";
|
|
|
|
}
|
|
|
|
// -------------------------------------------------------------------------------------------
|
|
// 🔺----- API ENDPOINTS SUPERSEDED -----🔺
|
|
// check server/api_server/api_server_start.py for equivalents
|
|
// equivalent: /settings/<key>
|
|
// 🔺----- API ENDPOINTS SUPERSEDED -----🔺
|
|
function getSettingValue($setKey) {
|
|
// Define the JSON endpoint URL
|
|
$apiRoot = rtrim(getenv('NETALERTX_API') ?: '/tmp/api', '/');
|
|
$url = $apiRoot . '/table_settings.json';
|
|
|
|
// Fetch the JSON data
|
|
$json = file_get_contents($url);
|
|
|
|
// Check if the JSON data was successfully fetched
|
|
if ($json === false) {
|
|
return 'Could not get json data';
|
|
}
|
|
|
|
// Decode the JSON data
|
|
$data = json_decode($json, true);
|
|
|
|
// Check if the JSON decoding was successful
|
|
if (json_last_error() !== JSON_ERROR_NONE) {
|
|
return 'Could not decode json data';
|
|
}
|
|
|
|
// Search for the setting by setKey
|
|
foreach ($data['data'] as $setting) {
|
|
if ($setting['setKey'] === $setKey) {
|
|
return $setting['setValue'];
|
|
}
|
|
}
|
|
|
|
// Return false if the setting was not found
|
|
return 'Could not find setting '.$setKey;
|
|
}
|
|
|
|
// -------------------------------------------------------------------------------------------
|
|
function encode_single_quotes ($val) {
|
|
$result = str_replace ('\'','{s-quote}',$val);
|
|
return $result;
|
|
}
|
|
|
|
// -------------------------------------------------------------------------------------------
|
|
function checkPermissions($files)
|
|
{
|
|
foreach ($files as $file)
|
|
{
|
|
|
|
// // make sure the file ownership is correct
|
|
// chown($file, 'nginx');
|
|
// chgrp($file, 'www-data');
|
|
|
|
// check access to database
|
|
if(file_exists($file) != 1)
|
|
{
|
|
$message = "File '".$file."' not found or inaccessible. Correct file permissions, create one yourself or generate a new one in 'Settings' by clicking the 'Save' button.";
|
|
displayMessage($message, TRUE);
|
|
}
|
|
}
|
|
}
|
|
|
|
?>
|