Signed-off-by: Chuanhong Guo <gch981213@gmail.com>

Some applications only support ipv4 so add ipv4only option
to host and hostport datatypes so that for thos applications
that when an IP address is specified only and ipv4 ip address
gets accepted.

The previous versiono of ipaddrport validator only worked for ipv4
due to disallowing colons (:) in ip address which obvious fails for
ipv6.  We now instead allow either ipv4 address or an ipv6 address of
the form [<ipv6address>]:port

Some files and pointers to files are not safe to remove without a replacement
file and config pointing to the file.  For instance for uhttpd application in
the works, removing the certificate or key config or files without having the
replacements in places renders the WeUI inaccessible.

The only other place where FileUpload is currently used is for wifi certificates
for which the 'safe' handling is also preferred.  Therefore make the default for
the FileUpload widget the safe handling and add a property self.unsafeupload that
allows for the old unsafe handling should it prove useful in some case.

Also allow to specify a file already on router instead of uploading a file.

Signed-off By: Daniel Dickinson <openwrt@daniel.thecshore.com>

UCI config for the firewall has the option of specifying time and date
limitations; add these options the UI.

Adding LuCI configuation of the firewall time and data uci options
is in progress and this adds the necessary datatypes for validating
those fields.

/lib/uci/upload is a rather odd place for configuration files

Also the files were not saved across sysupgrade, which is somewhat
counter-productive for configuration files.

Signed-off By: Daniel Dickinson <openwrt@daniel.thecshore.com>

The new function is twice as fast as the old implementation and properly
summarizes outgoing and incoming byte and packet counters.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

Sync translations.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

Add two new types 'hostport' and 'ipaddrport' to validate strings in the form
'sub.example.org:1234' and '0.0.0.0:80'. The 'hostport' accepts hostnames or
IP addresses followed by a colon and a port number while the 'ipaddrport' type
accepts numeric IP addresses only, followed by a colon and a port.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

When using os.execute or luci.sys.call the shell is called with the
command line which means that standard shell interpretation of strings
occurs.  To allow to use these commands more easily we add functions
for properly escaping single-quoted strings used on the command line

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

Add dependency on luci-lib-jsonc and use it to
reimplement luci.util.serialize_json().

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

Also implement :ipaddrs() and :ip6addrs() helper for network instances.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

* Prevents an empty Location header
* Useful in environments where build_url() could return an empty string (such as http server rewrites requests to /cgi-bin/luci)

Signed-off-by: Joel Pedraza <github@saik0.net>

Two new arguments url, defpath were added to cbi_dynlist_init() for
initializing the brower button.

An example of usage

    identity = section:taboption("general", DynamicList, "identity",
	    translate("List of SSH key files for auth"))
    identity.datatype = "file"

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

As per http://tools.ietf.org/html/rfc3986#section-2.3

   Characters that are allowed in a URI but do not have a reserved
   purpose are called unreserved.  These include uppercase and lowercase
   letters, decimal digits, hyphen, period, underscore, and tilde.

      unreserved  = ALPHA / DIGIT / "-" / "." / "_" / "~"

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>

template cbi/value.htm implement already documented property maxlength

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>

cbi.lua: Implement "readonly" property for "Value"

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>

template cbi/value.htm: add "readonly" property

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>

cbi.lua
- Implement Flag.validate function to be overwritable
- rewritten if clause for easier reading ;-)

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>

Rewrite `luci.sys.wifi.getiwinfo()` to use the ubus wireless state instead of
depreacated uci state vars in order to map abstract network notation to
wireless ifnames.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

Allows external code to perform POST and token checking manually.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

Now that we don't have an url token anymore, '/cgi-bin/luci' becomes a valid
url while cookies are restricted to only '/cgi-bin/luci/' and below.

In order to ensure that the first request after login refers to a path
covered by the authentication cookie, change build_url() to always append
a trailing slash if we're referring to the base url.

This should fix the login problems mentioned in #516.

While we're touching the dispatcher, also remove remaining url token code.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

Now that sensitive urls require post requests and only accept them if a valid
security token is sent along the request, we can drop the global random url
token to improve LuCI usability.

The main improvement is the ability to use multiple tabs with the same login
session, but also deep linking to specific urls without the need for another
login becomes feasible, e.g. for documentation purposes.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

* Add a generic helper function to check need for post / csrf token validation
* Remove custom token verification in cbi targets
* Support requiring post security depending on specific submit parameters,
  usable through post_on() action

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

Sync translations to the current strings.

Changes in luci-app-ddns, luci-app-mjpg-streamer, luci-app-qos,
luci-app-shadowsocks-libev, luci-app-statistics and luci-base

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

Update i18n base template to match the current strings.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

Changes in 2015g:
http://mm.icann.org/pipermail/tz-announce/2015-October/000034.html

     Norfolk moves from +1130 to +1100 on 2015-10-04 at 02:00 local time.

     Fiji's 2016 fall-back transition is scheduled for January 17, not 24.

     Fort Nelson, British Columbia will not fall back on 2015-11-01. It has
     effectively been on MST (-0700) since it advanced its clocks on 2015-03-08.
     New zone America/Fort_Nelson.

Note: the Turkey-related one-time rule change is not apparently catched by
the zoneinfo2lua script, so that change is not included in this commit.
(Turkey's 2015 fall-back transition is scheduled for Nov. 8, not Oct. 25.)

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>

Signed-off by: Rosen Penev <rosenp@gmail.com>

Only process submitted data if the "cbi.submit" parameter is present as the
dispatcher will verify the integrity of the CSRF token in this case.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

Also concat multiple string arguments into one while we're at it.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

Switches the service reload calls to CSRF token protected POST action.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>