aboutsummaryrefslogtreecommitdiffstats
path: root/config/autoconfigbackup/autoconfigbackup.php
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2014-02-11 13:06:48 -0500
committerjim-p <jimp@pfsense.org>2014-02-11 13:14:52 -0500
commit7de75e388f9c8e094bc737bcc30b31b026fc4e4d (patch)
tree7a471b030637647f476eb302b3e9c7a516bbbf33 /config/autoconfigbackup/autoconfigbackup.php
parentcb1a7e1e52a8f54199e917f64f4e621c32de2422 (diff)
downloadpfsense-packages-7de75e388f9c8e094bc737bcc30b31b026fc4e4d.tar.gz
pfsense-packages-7de75e388f9c8e094bc737bcc30b31b026fc4e4d.tar.bz2
pfsense-packages-7de75e388f9c8e094bc737bcc30b31b026fc4e4d.zip
Set credentials in headers for basic auth, rather than the URL. Corrects issues with special characters in passwords.
Diffstat (limited to 'config/autoconfigbackup/autoconfigbackup.php')
-rw-r--r--config/autoconfigbackup/autoconfigbackup.php13
1 files changed, 9 insertions, 4 deletions
diff --git a/config/autoconfigbackup/autoconfigbackup.php b/config/autoconfigbackup/autoconfigbackup.php
index 5ebe8e20..c0c15b95 100644
--- a/config/autoconfigbackup/autoconfigbackup.php
+++ b/config/autoconfigbackup/autoconfigbackup.php
@@ -46,13 +46,13 @@ $username = $config['installedpackages']['autoconfigbackup']['config'][0]['use
$password = $config['installedpackages']['autoconfigbackup']['config'][0]['password'];
// URL to restore.php
-$get_url = "https://{$username}:{$password}@portal.pfsense.org/pfSconfigbackups/restore.php";
+$get_url = "https://portal.pfsense.org/pfSconfigbackups/restore.php";
// URL to stats
-$stats_url = "https://{$username}:{$password}@portal.pfsense.org/pfSconfigbackups/showstats.php";
+$stats_url = "https://portal.pfsense.org/pfSconfigbackups/showstats.php";
// URL to delete.php
-$del_url = "https://{$username}:{$password}@portal.pfsense.org/pfSconfigbackups/delete.php";
+$del_url = "https://portal.pfsense.org/pfSconfigbackups/delete.php";
// Set hostname
if($_REQUEST['hostname'])
@@ -79,10 +79,11 @@ else
include("head.inc");
function get_hostnames() {
- global $stats_url, $username, $oper_sep;
+ global $stats_url, $username, $password, $oper_sep;
// Populate available backups
$curl_session = curl_init();
curl_setopt($curl_session, CURLOPT_URL, $stats_url);
+ curl_setopt($curl_session, CURLOPT_HTTPHEADER, array("Authorization: Basic " . base64_encode("{$username}:{$password}")));
curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl_session, CURLOPT_POST, 1);
curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1);
@@ -157,6 +158,7 @@ function get_hostnames() {
if($_REQUEST['rmver'] != "") {
$curl_session = curl_init();
curl_setopt($curl_session, CURLOPT_URL, $del_url);
+ curl_setopt($curl_session, CURLOPT_HTTPHEADER, array("Authorization: Basic " . base64_encode("{$username}:{$password}")));
curl_setopt($curl_session, CURLOPT_POST, 3);
curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1);
@@ -183,6 +185,7 @@ function get_hostnames() {
// Phone home and obtain backups
$curl_session = curl_init();
curl_setopt($curl_session, CURLOPT_URL, $get_url);
+ curl_setopt($curl_session, CURLOPT_HTTPHEADER, array("Authorization: Basic " . base64_encode("{$username}:{$password}")));
curl_setopt($curl_session, CURLOPT_POST, 3);
curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1);
@@ -246,6 +249,7 @@ EOF;
// Phone home and obtain backups
$curl_session = curl_init();
curl_setopt($curl_session, CURLOPT_URL, $get_url);
+ curl_setopt($curl_session, CURLOPT_HTTPHEADER, array("Authorization: Basic " . base64_encode("{$username}:{$password}")));
curl_setopt($curl_session, CURLOPT_POST, 3);
curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1);
@@ -297,6 +301,7 @@ EOF;
// Populate available backups
$curl_session = curl_init();
curl_setopt($curl_session, CURLOPT_URL, $get_url);
+ curl_setopt($curl_session, CURLOPT_HTTPHEADER, array("Authorization: Basic " . base64_encode("{$username}:{$password}")));
curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl_session, CURLOPT_POST, 1);
curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1);