From dbfc900e124832c2d283532229e012375bc0deec Mon Sep 17 00:00:00 2001
From: Andreas Blaesius <skate4life@gmx.de>
Date: Wed, 10 Mar 2021 07:01:12 +0100
Subject: [PATCH] protection: handle login check earlier to protect other
 endpoints

---
 admin/diskusage.php | 22 +++++++++++------
 admin/index.php     | 25 ++++++++++---------
 index.php           | 58 ++++++++++++++++++++++++---------------------
 livechroma.php      | 47 ++++++++++++++++++++----------------
 4 files changed, 86 insertions(+), 66 deletions(-)

diff --git a/admin/diskusage.php b/admin/diskusage.php
index f4d4a6295..6ae3f2d60 100644
--- a/admin/diskusage.php
+++ b/admin/diskusage.php
@@ -1,8 +1,21 @@
 <?php
 session_start();
 
-require_once('../lib/config.php');
-require_once('../lib/diskusage.php');
+require_once '../lib/config.php';
+
+// Login / Authentication check
+if (
+    !$config['login']['enabled'] ||
+    (!$config['protect']['localhost_admin'] && $_SERVER['REMOTE_ADDR'] === $_SERVER['SERVER_ADDR']) ||
+    (isset($_SESSION['auth']) && $_SESSION['auth'] === true) ||
+    !$config['protect']['admin']
+) {
+    require_once '../lib/diskusage.php';
+} else {
+    header('location: ../login');
+    exit();
+}
+
 ?>
 
 <!DOCTYPE html>
@@ -38,7 +51,6 @@
 <body class="loginbody">
 	<div class="login-panel">
 		<h2>Photobooth <span data-i18n="disk_usage"></span></h2>
-		<?php if( !$config['login']['enabled'] || !$config['protect']['localhost_admin'] && $_SERVER['REMOTE_ADDR'] === $_SERVER['SERVER_ADDR'] || (isset($_SESSION['auth']) && $_SESSION['auth'] === true) || !$config['protect']['admin']): ?>
 		<a class="btn btn--tiny btn--flex back-to-admin" href="./"><i class="fa fa-arrow-left"></i></a>
 		<button class="download-zip-btn btn btn--tiny btn--flex">
 			<span data-i18n="download_zip"></span>
@@ -55,10 +67,6 @@
 
     }
 ?>
-		<?php else:
-		header("location: ../login");
-		exit;
-		endif; ?>
 	</div>
 
 	<div id="adminsettings">
diff --git a/admin/index.php b/admin/index.php
index 23b4271fe..30a45f0bd 100644
--- a/admin/index.php
+++ b/admin/index.php
@@ -1,7 +1,19 @@
 <?php
 session_start();
-require_once('../lib/config.php');
-require_once('../lib/configsetup.inc.php');
+require_once '../lib/config.php';
+
+// Login / Authentication check
+if (
+    !$config['login']['enabled'] ||
+    (!$config['protect']['localhost_admin'] && $_SERVER['REMOTE_ADDR'] === $_SERVER['SERVER_ADDR']) ||
+    (isset($_SESSION['auth']) && $_SESSION['auth'] === true) ||
+    !$config['protect']['admin']
+) {
+    require_once '../lib/configsetup.inc.php';
+} else {
+    header('location: ../login');
+    exit();
+}
 ?>
 <!DOCTYPE html>
 <html>
@@ -26,10 +38,6 @@
 <body>
 <!-- NavBar content -->
 <?php
-        // Login / Authentication check
-        if( !$config['login']['enabled'] || !$config['protect']['localhost_admin'] && $_SERVER['REMOTE_ADDR'] === $_SERVER['SERVER_ADDR'] || (isset($_SESSION['auth']) && $_SESSION['auth'] === true) || !$config['protect']['admin'] )
-        {
-
                 /***********************
                 ** PHP helper functions
                 ***********************/
@@ -258,11 +266,6 @@ function isElementHidden($element_class, $setting)
                         echo '</div>';
                 }
         }
-        else
-        {
-                header("location: ../login");
-                exit;
-        }
 ?>
 </div>
 </form>
diff --git a/index.php b/index.php
index d1f6545d4..9d6cb9070 100644
--- a/index.php
+++ b/index.php
@@ -1,31 +1,41 @@
 <?php
 session_start();
 
-require_once('lib/config.php');
-require_once('lib/db.php');
-require_once('lib/filter.php');
-
-if ($config['database']['enabled']) {
-	$images = getImagesFromDB();
-} else {
-	$images = getImagesFromDirectory($config['foldersAbs']['images']);
+require_once 'lib/config.php';
+if ($config['live_keying']['enabled']) {
+    header('location: livechroma.php');
 }
 
-$imagelist = ($config['gallery']['newest_first'] === true) ? array_reverse($images) : $images;
-
-if ($config['ui']['style'] === 'modern') {
-	$btnClass1 = 'round-btn';
-	$btnClass2 = 'round-btn';
-	$galleryIcon = 'fa-picture-o';
+// Login / Authentication check
+if (
+    !$config['login']['enabled'] ||
+    (!$config['protect']['localhost_index'] && $_SERVER['REMOTE_ADDR'] === $_SERVER['SERVER_ADDR']) ||
+    ((isset($_SESSION['auth']) && $_SESSION['auth'] === true) || !$config['protect']['index'])
+) {
+    require_once 'lib/db.php';
+    require_once 'lib/filter.php';
+
+    if ($config['database']['enabled']) {
+        $images = getImagesFromDB();
+    } else {
+        $images = getImagesFromDirectory($config['foldersAbs']['images']);
+    }
+
+    $imagelist = $config['gallery']['newest_first'] === true ? array_reverse($images) : $images;
+
+    if ($config['ui']['style'] === 'modern') {
+        $btnClass1 = 'round-btn';
+        $btnClass2 = 'round-btn';
+        $galleryIcon = 'fa-picture-o';
+    } else {
+        $btnClass1 = 'btn';
+        $btnClass2 = '';
+        $galleryIcon = 'fa-th';
+    }
 } else {
-	$btnClass1 = 'btn';
-	$btnClass2 = '';
-	$galleryIcon = 'fa-th';
+    header('location: login');
+    exit();
 }
-
-if ($config['live_keying']['enabled']):
-header("location: livechroma.php");
-endif;
 ?>
 <!DOCTYPE html>
 <html>
@@ -65,8 +75,6 @@
 <video id="video--preview" autoplay playsinline></video>
 <body class="deselect">
 	<div id="wrapper">
-	<?php if( !$config['login']['enabled'] || !$config['protect']['localhost_index'] && $_SERVER['REMOTE_ADDR'] === $_SERVER['SERVER_ADDR'] || (isset($_SESSION['auth']) && $_SESSION['auth'] === true || !$config['protect']['index'])): ?>
-
 		<?php include('template/' . $config['ui']['style'] . '.template.php'); ?>
 
 		<!-- image Filter Pane -->
@@ -184,10 +192,6 @@
 		<div style="position:absolute; bottom:0; right:0;">
 			<img src="resources/img/spacer.png" alt="adminsettings" ondblclick="adminsettings()" />
 		</div>
-	<?php else:
-	header("location: login");
-	exit;
-	endif; ?>
 	</div>
 
 	<script src="node_modules/whatwg-fetch/dist/fetch.umd.js"></script>
diff --git a/livechroma.php b/livechroma.php
index 3a86047c6..8f6b481bd 100644
--- a/livechroma.php
+++ b/livechroma.php
@@ -1,24 +1,34 @@
 <?php
 session_start();
 
-require_once('lib/config.php');
-require_once('lib/db.php');
-
-if ($config['database']['enabled']) {
-	$images = getImagesFromDB();
+require_once 'lib/config.php';
+
+// Login / Authentication check
+if (
+    !$config['login']['enabled'] ||
+    (!$config['protect']['localhost_index'] && $_SERVER['REMOTE_ADDR'] === $_SERVER['SERVER_ADDR']) ||
+    ((isset($_SESSION['auth']) && $_SESSION['auth'] === true) || !$config['protect']['index'])
+) {
+    require_once 'lib/db.php';
+
+    if ($config['database']['enabled']) {
+        $images = getImagesFromDB();
+    } else {
+        $images = getImagesFromDirectory($config['foldersAbs']['images']);
+    }
+    $imagelist = $config['gallery']['newest_first'] === true ? array_reverse($images) : $images;
+
+    if ($config['ui']['style'] === 'modern') {
+        $btnClass1 = 'round-btn';
+        $btnClass2 = 'round-btn';
+    } else {
+        $btnClass1 = 'btn btn--small btn--flex';
+        $btnClass2 = 'btn';
+    }
 } else {
-	$images = getImagesFromDirectory($config['foldersAbs']['images']);
+    header('location: login');
+    exit();
 }
-$imagelist = ($config['gallery']['newest_first'] === true) ? array_reverse($images) : $images;
-
-if ($config['ui']['style'] === 'modern') {
-	$btnClass1 = 'round-btn';
-	$btnClass2 = 'round-btn';
-} else {
-	$btnClass1 = 'btn btn--small btn--flex';
-	$btnClass2 = 'btn';
-}
-
 ?>
 <!doctype html>
 <html>
@@ -53,7 +63,6 @@
 	</head>
 <body>
 	<div class="chromawrapper">
-	<?php if( !$config['login']['enabled'] || !$config['protect']['localhost_index'] && $_SERVER['REMOTE_ADDR'] === $_SERVER['SERVER_ADDR'] || (isset($_SESSION['auth']) && $_SESSION['auth'] === true || !$config['protect']['index'])): ?>
 		<div class="top-bar">
 			<?php if (!$config['live_keying']['enabled']): ?>
 			<a href="index.php" class="<?php echo $btnClass1; ?> closebtn"><i class="fa fa-times"></i></a>
@@ -140,10 +149,6 @@
 
 	<div class="modal" id="print_mesg">
 		<div class="modal__body"><span data-i18n="printing"></span></div>
-	<?php else:
-	header("location: login");
-	exit;
-	endif; ?>
 	</div>
 
 	<script src="node_modules/whatwg-fetch/dist/fetch.umd.js"></script>