New build. Edit html, css, ect in browser. Rename files

Current News

Moderator: Mmiscool

 Reply

User avatar

Re: New build. Edit html, css, ect in browser. Rename files

By forlotto
- Sat Mar 05, 2016 9:51 pm #42520 Excellent! But what makes it private this is what gets me is there some kind of built in password or what makes it not public why couldn't someone request files from root instead of just /uploads technically couldn't someone upload files to the upload directory if they used the right parameters as well how about a code that would change uploads to root access more or less I am just thinking outside the box I know this thing isn't exactly fort knox we are dealing with but there are somethings that people should be well aware of I suppose.

I suppose whatever makes it private is technically already public in the source but I was just curious in general terminology how is security really assured from these things happening is there some kind of routine that checks things out before making the transactions and receptions? Or is it more like a linux type permissions thing?
User avatar

Re: New build. Edit html, css, ect in browser. Rename files

By Mmiscool
- Sat Mar 05, 2016 11:39 pm #42525 currently it is hard coded to allow access to files in the uploads directory.

If the file is not in the uploads directory it has no way of being served up.
User avatar

Re: New build. Edit html, css, ect in browser. Rename files

By forlotto
- Sun Mar 06, 2016 10:15 am #42553 Oh but it does in the form of one of the files for wireless configuration or how about the file that is storing the password for settings? Anyways thanks for the input on this as I said I understand that this thing is not something you would want to archive your taxes on etc... It was just to raise an awareness more or less of the possible threats it faces from a security standpoint while it remains fairly secure and obscure as this thing grows at such a rapid pace in acceptance there may be room for mischief from some users.

Mmiscool thank you for being active and answering these questions to do with security they helped me do what I set out to do and that was include a security section. While I still would like to see some example code of password protection for a program or possibly just write one myself to really finish this section up for the time being.

I am curious if you ever tested the WIFI code that I provided as well? Originally I would just click a button and all the wifi options would simply pop up keeping the page fairly clean of artifacts not needed unless you wished to configure the wifi or ap settings. I will note I did make some changes that I was not able to test in the code the addition of the WiFioff command was one of them and I noticed I had networkPW as a variable for both ap mode and wifi mode so I changed them but they should not effect the code in the manner they currently do.

Thanks again mmiscool!
User avatar

Re: New build. Edit html, css, ect in browser. Rename files

By Mmiscool
- Sun Mar 06, 2016 10:55 am #42556 I thought i posted this before but here is the password code again.

Code: Select allmySuperSecretPassword$ = "test"
passwordbox pass$
print
button "ON" [turnon]
button "OFF" [turnoff]
wait

[turnon]
if pass$ == mySuperSecretPassword$ then io(po,d4,0)
pass$ = ""
wait

[turnoff]
if pass$ == mySuperSecretPassword$ then io(po,d4,1)
pass$ = ""
wait
 Reply
Return to News