|
1
|
<?php
|
|
2
|
/*
|
|
3
|
edit.php
|
|
4
|
*/
|
|
5
|
/* ====================================================================
|
|
6
|
* Copyright (c) 2004-2015 Electric Sheep Fencing, LLC. All rights reserved.
|
|
7
|
* Copyright (c) 2004, 2005 Scott Ullrich
|
|
8
|
*
|
|
9
|
* Redistribution and use in source and binary forms, with or without modification,
|
|
10
|
* are permitted provided that the following conditions are met:
|
|
11
|
*
|
|
12
|
* 1. Redistributions of source code must retain the above copyright notice,
|
|
13
|
* this list of conditions and the following disclaimer.
|
|
14
|
*
|
|
15
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
16
|
* notice, this list of conditions and the following disclaimer in
|
|
17
|
* the documentation and/or other materials provided with the
|
|
18
|
* distribution.
|
|
19
|
*
|
|
20
|
* 3. All advertising materials mentioning features or use of this software
|
|
21
|
* must display the following acknowledgment:
|
|
22
|
* "This product includes software developed by the pfSense Project
|
|
23
|
* for use in the pfSense software distribution. (http://www.pfsense.org/).
|
|
24
|
*
|
|
25
|
* 4. The names "pfSense" and "pfSense Project" must not be used to
|
|
26
|
* endorse or promote products derived from this software without
|
|
27
|
* prior written permission. For written permission, please contact
|
|
28
|
* coreteam@pfsense.org.
|
|
29
|
*
|
|
30
|
* 5. Products derived from this software may not be called "pfSense"
|
|
31
|
* nor may "pfSense" appear in their names without prior written
|
|
32
|
* permission of the Electric Sheep Fencing, LLC.
|
|
33
|
*
|
|
34
|
* 6. Redistributions of any form whatsoever must retain the following
|
|
35
|
* acknowledgment:
|
|
36
|
*
|
|
37
|
* "This product includes software developed by the pfSense Project
|
|
38
|
* for use in the pfSense software distribution (http://www.pfsense.org/).
|
|
39
|
*
|
|
40
|
* THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY
|
|
41
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
42
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
43
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR
|
|
44
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
45
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
46
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
47
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
48
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
49
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
50
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
51
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
52
|
*
|
|
53
|
* ====================================================================
|
|
54
|
*
|
|
55
|
*/
|
|
56
|
/*
|
|
57
|
pfSense_MODULE: shell
|
|
58
|
*/
|
|
59
|
|
|
60
|
##|+PRIV
|
|
61
|
##|*IDENT=page-diagnostics-edit
|
|
62
|
##|*NAME=Diagnostics: Edit FIle
|
|
63
|
##|*DESCR=Allow access to the 'Diagnostics: Edit File' page.
|
|
64
|
##|*MATCH=edit.php*
|
|
65
|
##|*MATCH=browser.php*
|
|
66
|
##|*MATCH=filebrowser/browser.php*
|
|
67
|
##|-PRIV
|
|
68
|
|
|
69
|
$pgtitle = array(gettext("Diagnostics"), gettext("Edit file"));
|
|
70
|
require("guiconfig.inc");
|
|
71
|
|
|
72
|
if ($_POST['action']) {
|
|
73
|
switch ($_POST['action']) {
|
|
74
|
case 'load':
|
|
75
|
if (strlen($_POST['file']) < 1) {
|
|
76
|
print('|5|' . '<div class="alert alert-danger" role="alert">'.gettext("No file name specified").'</div>' . '|');
|
|
77
|
} elseif (is_dir($_POST['file'])) {
|
|
78
|
print('|4|' . '<div class="alert alert-danger" role="alert">' . gettext("Loading a directory is not supported") .'</div>' . '|');
|
|
79
|
} elseif (!is_file($_POST['file'])) {
|
|
80
|
print('|3|' . '<div class="alert alert-danger" role="alert">' . gettext("File does not exist or is not a regular file") . '</div>' . '|');
|
|
81
|
} else {
|
|
82
|
$data = file_get_contents(urldecode($_POST['file']));
|
|
83
|
if ($data === false) {
|
|
84
|
print('|1|' . '<div class="alert alert-danger" role="alert">' . gettext("Failed to read file") . '</div>' . '|');
|
|
85
|
} else {
|
|
86
|
$data = base64_encode($data);
|
|
87
|
print("|0|{$_POST['file']}|{$data}|");
|
|
88
|
}
|
|
89
|
}
|
|
90
|
exit;
|
|
91
|
|
|
92
|
case 'save':
|
|
93
|
if (strlen($_POST['file']) < 1) {
|
|
94
|
print('|' . '<div class="alert alert-danger" role="alert">'.gettext("No file name specified").'</div>' . '|');
|
|
95
|
} else {
|
|
96
|
conf_mount_rw();
|
|
97
|
$_POST['data'] = str_replace("\r", "", base64_decode($_POST['data']));
|
|
98
|
$ret = file_put_contents($_POST['file'], $_POST['data']);
|
|
99
|
conf_mount_ro();
|
|
100
|
if ($_POST['file'] == "/conf/config.xml" || $_POST['file'] == "/cf/conf/config.xml") {
|
|
101
|
if (file_exists("/tmp/config.cache")) {
|
|
102
|
unlink("/tmp/config.cache");
|
|
103
|
}
|
|
104
|
disable_security_checks();
|
|
105
|
}
|
|
106
|
if ($ret === false) {
|
|
107
|
print('|' . '<div class="alert alert-danger" role="alert">' . gettext("Failed to write file") . '</div>' . '|');
|
|
108
|
} elseif ($ret != strlen($_POST['data'])) {
|
|
109
|
print('|' . '<div class="alert alert-danger" role="alert">' . gettext("Error while writing file") . '</div>' . '|');
|
|
110
|
} else {
|
|
111
|
print('|' . '<div class="alert alert-success" role="alert">' . gettext("File saved successfully") . '</div>' . '|');
|
|
112
|
}
|
|
113
|
}
|
|
114
|
exit;
|
|
115
|
}
|
|
116
|
exit;
|
|
117
|
}
|
|
118
|
|
|
119
|
require("head.inc");
|
|
120
|
?>
|
|
121
|
<!-- file status box -->
|
|
122
|
<div style="display:none; background:#eeeeee;" id="fileStatusBox">
|
|
123
|
<strong id="fileStatus"></strong>
|
|
124
|
</div>
|
|
125
|
|
|
126
|
<div class="panel panel-default">
|
|
127
|
<div class="panel-heading"><h2 class="panel-title"><?=gettext("Save / Load a file from the filesystem")?></h2></div>
|
|
128
|
<div class="panel-body">
|
|
129
|
<div class="content">
|
|
130
|
<form>
|
|
131
|
<input type="text" class="form-control" id="fbTarget"/>
|
|
132
|
<input type="button" class="btn btn-default btn-sm" onclick="loadFile();" value="<?=gettext('Load')?>" />
|
|
133
|
<input type="button" class="btn btn-default btn-sm" id="fbOpen" value="<?=gettext('Browse')?>" />
|
|
134
|
<input type="button" class="btn btn-default btn-sm" onclick="saveFile();" value="<?=gettext('Save')?>" />
|
|
135
|
</form>
|
|
136
|
|
|
137
|
<div id="fbBrowser" style="display:none; border:1px dashed gray; width:98%;"></div>
|
|
138
|
|
|
139
|
<div style="background:#eeeeee;" id="fileOutput">
|
|
140
|
<script type="text/javascript">
|
|
141
|
//<![CDATA[
|
|
142
|
window.onload=function(){
|
|
143
|
document.getElementById("fileContent").wrap='off';
|
|
144
|
}
|
|
145
|
//]]>
|
|
146
|
</script>
|
|
147
|
<textarea id="fileContent" name="fileContent" class="form-control" rows="30" cols=""></textarea>
|
|
148
|
</div>
|
|
149
|
</div>
|
|
150
|
</div>
|
|
151
|
</div>
|
|
152
|
|
|
153
|
<script>
|
|
154
|
function loadFile() {
|
|
155
|
jQuery("#fileStatus").html("");
|
|
156
|
jQuery("#fileStatusBox").show(500);
|
|
157
|
jQuery.ajax(
|
|
158
|
"<?=$_SERVER['SCRIPT_NAME']?>", {
|
|
159
|
type: "post",
|
|
160
|
data: "action=load&file=" + jQuery("#fbTarget").val(),
|
|
161
|
complete: loadComplete
|
|
162
|
}
|
|
163
|
);
|
|
164
|
}
|
|
165
|
|
|
166
|
function loadComplete(req) {
|
|
167
|
jQuery("#fileContent").show(1000);
|
|
168
|
var values = req.responseText.split("|");
|
|
169
|
values.shift(); values.pop();
|
|
170
|
|
|
171
|
if (values.shift() == "0") {
|
|
172
|
var file = values.shift();
|
|
173
|
var fileContent = window.atob(values.join("|"));
|
|
174
|
|
|
175
|
jQuery("#fileContent").val(fileContent);
|
|
176
|
}
|
|
177
|
else {
|
|
178
|
jQuery("#fileStatus").html(values[0]);
|
|
179
|
jQuery("#fileContent").val("");
|
|
180
|
}
|
|
181
|
|
|
182
|
jQuery("#fileContent").show(1000);
|
|
183
|
}
|
|
184
|
|
|
185
|
function saveFile(file) {
|
|
186
|
jQuery("#fileStatus").html("");
|
|
187
|
jQuery("#fileStatusBox").show(500);
|
|
188
|
|
|
189
|
var fileContent = Base64.encode(jQuery("#fileContent").val());
|
|
190
|
fileContent = fileContent.replace(/\+/g, "%2B");
|
|
191
|
|
|
192
|
jQuery.ajax(
|
|
193
|
"<?=$_SERVER['SCRIPT_NAME']?>", {
|
|
194
|
type: "post",
|
|
195
|
data: "action=save&file=" + jQuery("#fbTarget").val() +
|
|
196
|
"&data=" + fileContent,
|
|
197
|
complete: function(req) {
|
|
198
|
var values = req.responseText.split("|");
|
|
199
|
jQuery("#fileStatus").html(values[1]);
|
|
200
|
}
|
|
201
|
}
|
|
202
|
);
|
|
203
|
}
|
|
204
|
|
|
205
|
/**
|
|
206
|
*
|
|
207
|
* Base64 encode / decode
|
|
208
|
* http://www.webtoolkit.info/
|
|
209
|
* http://www.webtoolkit.info/licence
|
|
210
|
**/
|
|
211
|
|
|
212
|
var Base64 = {
|
|
213
|
|
|
214
|
// private property
|
|
215
|
_keyStr : "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",
|
|
216
|
|
|
217
|
// public method for encoding
|
|
218
|
encode : function (input) {
|
|
219
|
var output = "";
|
|
220
|
var chr1, chr2, chr3, enc1, enc2, enc3, enc4;
|
|
221
|
var i = 0;
|
|
222
|
|
|
223
|
input = Base64._utf8_encode(input);
|
|
224
|
|
|
225
|
while (i < input.length) {
|
|
226
|
|
|
227
|
chr1 = input.charCodeAt(i++);
|
|
228
|
chr2 = input.charCodeAt(i++);
|
|
229
|
chr3 = input.charCodeAt(i++);
|
|
230
|
|
|
231
|
enc1 = chr1 >> 2;
|
|
232
|
enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
|
|
233
|
enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
|
|
234
|
enc4 = chr3 & 63;
|
|
235
|
|
|
236
|
if (isNaN(chr2)) {
|
|
237
|
enc3 = enc4 = 64;
|
|
238
|
} else if (isNaN(chr3)) {
|
|
239
|
enc4 = 64;
|
|
240
|
}
|
|
241
|
|
|
242
|
output = output +
|
|
243
|
this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) +
|
|
244
|
this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4);
|
|
245
|
|
|
246
|
}
|
|
247
|
|
|
248
|
return output;
|
|
249
|
},
|
|
250
|
|
|
251
|
// public method for decoding
|
|
252
|
decode : function (input) {
|
|
253
|
var output = "";
|
|
254
|
var chr1, chr2, chr3;
|
|
255
|
var enc1, enc2, enc3, enc4;
|
|
256
|
var i = 0;
|
|
257
|
|
|
258
|
input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
|
|
259
|
|
|
260
|
while (i < input.length) {
|
|
261
|
|
|
262
|
enc1 = this._keyStr.indexOf(input.charAt(i++));
|
|
263
|
enc2 = this._keyStr.indexOf(input.charAt(i++));
|
|
264
|
enc3 = this._keyStr.indexOf(input.charAt(i++));
|
|
265
|
enc4 = this._keyStr.indexOf(input.charAt(i++));
|
|
266
|
|
|
267
|
chr1 = (enc1 << 2) | (enc2 >> 4);
|
|
268
|
chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
|
|
269
|
chr3 = ((enc3 & 3) << 6) | enc4;
|
|
270
|
|
|
271
|
output = output + String.fromCharCode(chr1);
|
|
272
|
|
|
273
|
if (enc3 != 64) {
|
|
274
|
output = output + String.fromCharCode(chr2);
|
|
275
|
}
|
|
276
|
if (enc4 != 64) {
|
|
277
|
output = output + String.fromCharCode(chr3);
|
|
278
|
}
|
|
279
|
|
|
280
|
}
|
|
281
|
|
|
282
|
output = Base64._utf8_decode(output);
|
|
283
|
|
|
284
|
return output;
|
|
285
|
|
|
286
|
},
|
|
287
|
|
|
288
|
// private method for UTF-8 encoding
|
|
289
|
_utf8_encode : function (string) {
|
|
290
|
string = string.replace(/\r\n/g,"\n");
|
|
291
|
var utftext = "";
|
|
292
|
|
|
293
|
for (var n = 0; n < string.length; n++) {
|
|
294
|
|
|
295
|
var c = string.charCodeAt(n);
|
|
296
|
|
|
297
|
if (c < 128) {
|
|
298
|
utftext += String.fromCharCode(c);
|
|
299
|
}
|
|
300
|
else if((c > 127) && (c < 2048)) {
|
|
301
|
utftext += String.fromCharCode((c >> 6) | 192);
|
|
302
|
utftext += String.fromCharCode((c & 63) | 128);
|
|
303
|
}
|
|
304
|
else {
|
|
305
|
utftext += String.fromCharCode((c >> 12) | 224);
|
|
306
|
utftext += String.fromCharCode(((c >> 6) & 63) | 128);
|
|
307
|
utftext += String.fromCharCode((c & 63) | 128);
|
|
308
|
}
|
|
309
|
|
|
310
|
}
|
|
311
|
|
|
312
|
return utftext;
|
|
313
|
},
|
|
314
|
|
|
315
|
// private method for UTF-8 decoding
|
|
316
|
_utf8_decode : function (utftext) {
|
|
317
|
var string = "";
|
|
318
|
var i = 0;
|
|
319
|
var c = c1 = c2 = 0;
|
|
320
|
|
|
321
|
while ( i < utftext.length ) {
|
|
322
|
|
|
323
|
c = utftext.charCodeAt(i);
|
|
324
|
|
|
325
|
if (c < 128) {
|
|
326
|
string += String.fromCharCode(c);
|
|
327
|
i++;
|
|
328
|
}
|
|
329
|
else if((c > 191) && (c < 224)) {
|
|
330
|
c2 = utftext.charCodeAt(i+1);
|
|
331
|
string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));
|
|
332
|
i += 2;
|
|
333
|
}
|
|
334
|
else {
|
|
335
|
c2 = utftext.charCodeAt(i+1);
|
|
336
|
c3 = utftext.charCodeAt(i+2);
|
|
337
|
string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));
|
|
338
|
i += 3;
|
|
339
|
}
|
|
340
|
|
|
341
|
}
|
|
342
|
|
|
343
|
return string;
|
|
344
|
}
|
|
345
|
|
|
346
|
};
|
|
347
|
|
|
348
|
<?php if ($_GET['action'] == "load"): ?>
|
|
349
|
events.push(function() {
|
|
350
|
jQuery("#fbTarget").val("<?=htmlspecialchars($_GET['path'])?>");
|
|
351
|
loadFile();
|
|
352
|
});
|
|
353
|
<?php endif; ?>
|
|
354
|
</script>
|
|
355
|
|
|
356
|
<?php include("foot.inc");
|
|
357
|
|
|
358
|
outputJavaScriptFileInline("filebrowser/browser.js");
|
