jostreff/nsedit
1
0
Fork 0
mirror of https://github.com/tuxis-ie/nsedit.git synced 2025-04-19 20:09:14 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #182 from tuxis-ie/margau-patch-1

Browse source 
Margau patch 1
This commit is contained in:
Tuxis Internet Engineering V.O.F 2018-08-22 16:45:32 +02:00 committed by GitHub
commit 23b9fe2c54
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 23 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -50,7 +50,7 @@ Installing
* Copy ```includes/config.inc.php-dist``` to ```includes/config.inc.php``` and edit config.inc.php to your needs. * Copy ```includes/config.inc.php-dist``` to ```includes/config.inc.php``` and edit config.inc.php to your needs.
* By default, nsedit writes its user database to ../etc/pdns.users.sqlite3. Be sure that your webserver can create that directory and write to it. * By default, nsedit writes its user database to ../etc/pdns.users.sqlite3. Be sure that your webserver can create that directory and write to it. **Make sure the Webserver doesn't serve this file/folder to the public!**
* Visit http(s)://<url>/nsedit/ and login with admin/admin (Don't forget to update your password!) * Visit http(s)://<url>/nsedit/ and login with admin/admin (Don't forget to update your password!)

1
includes/config.inc.php-dist
View file

@ -24,6 +24,7 @@ $logsdirectory = "../etc";
#$adminapiips = array(); #$adminapiips = array();
#$adminapikey = 'thisshouldbequitealongstring,youknow'; #$adminapikey = 'thisshouldbequitealongstring,youknow';
# Location of user-database. Make sure its writeable and not served by the webserver!
$authdb = "../etc/pdns.users.sqlite3"; $authdb = "../etc/pdns.users.sqlite3";
# Set a random generated secret to enable auto-login and long living csrf tokens # Set a random generated secret to enable auto-login and long living csrf tokens

21
index.php
View file

@ -4,6 +4,9 @@ include_once('includes/config.inc.php');
include_once('includes/session.inc.php'); include_once('includes/session.inc.php');
include_once('includes/misc.inc.php'); include_once('includes/misc.inc.php');
$testpath = str_replace(basename($_SERVER['REQUEST_URI']), $authdb, $_SERVER['REQUEST_URI']);
$testurl = $_SERVER['REQUEST_SCHEME']."://".$_SERVER['HTTP_HOST'].$testpath;
global $errormsg, $blocklogin; global $errormsg, $blocklogin;
if (isset($_GET['logout']) or isset($_POST['logout'])) { if (isset($_GET['logout']) or isset($_POST['logout'])) {
@ -33,6 +36,24 @@ if (is_logged_in() and isset($_POST['formname']) and $_POST['formname'] === "cha
<html> <html>
<head> <head>
<title>NSEdit!</title> <title>NSEdit!</title>
<script type="text/javascript">
var reader = new XMLHttpRequest();
var checkFor = "<?php echo $testurl; ?>";
reader.open('get', checkFor, true);
reader.onreadystatechange = checkReadyState;
function checkReadyState() {
if (reader.readyState === 4) {
//check to see whether request for the file failed or succeeded
if ((reader.status == 200) || (reader.status == 0)) {
alert('Your authdb is downloadable. Please secure your install');
} else {
return;
}
}
}
reader.send(null);
</script>
<link href="jquery-ui/themes/base/all.css" rel="stylesheet" type="text/css"/> <link href="jquery-ui/themes/base/all.css" rel="stylesheet" type="text/css"/>
<link href="jtable/lib/themes/metro/blue/jtable.min.css" rel="stylesheet" type="text/css"/> <link href="jtable/lib/themes/metro/blue/jtable.min.css" rel="stylesheet" type="text/css"/>
<link href="css/base.css" rel="stylesheet" type="text/css"/> <link href="css/base.css" rel="stylesheet" type="text/css"/>