Difuse/luci
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
luci/modules/luci-mod-admin-full/luasrc/view/admin_system/upgrade.htm
Jo-Philipp Wich 94ab57f48c luci-mod-admin-full: restructure and fix backup, restore and sysuprade (#517) 
Do not use standard post security checking for actions that require file upload
since reading the token value will trigger parsing of the http message body
before the file upload handler has been set, which causes LuCI to buffer the
entire request body in memory.

In order to simplify the code and logic flow, split action_flashops() into
separate handlers for reset, backup, restore and sysupgrade.

Let the backup restore and sysupgrade handlers use the new test_post_security()
method in luci.dispatcher to perform token checking *after* setting the upload
handler.

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
2015-10-22 08:48:06 +02:00

57 lines
1.6 KiB
HTML
Raw Blame History

<%#
Copyright 2008 Steven Barth <steven@midlink.org>
Copyright 2008-2009 Jo-Philipp Wich <jow@openwrt.org>
Licensed to the public under the Apache License 2.0.
-%>
<%+header%>
<h2 name="content"><%:Flash Firmware%> - <%:Verify%></h2>
<p>
<%_ The flash image was uploaded.
Below is the checksum and file size listed,
compare them with the original file to ensure data integrity.<br />
Click "Proceed" below to start the flash procedure. %>
<% if storage > 0 and size > storage then %>
<br /><br />
<div class="error"><%:It appears that you are trying to
flash an image that does not fit into the flash memory, please verify
the image file! %></div>
<% end %>
</p>
<fieldset class="cbi-section">
<ul>
<li><%:Checksum%>: <code><%=checksum%></code></li>
<li><%:Size%>: <%
local w = require "luci.tools.webadmin"
write(w.byte_format(size))
if storage > 0 then
write(luci.i18n.translatef(
" (%s available)",
w.byte_format(storage)
))
end
%></li>
<li><% if keep then %>
<%:Configuration files will be kept.%>
<% else %>
<%:Note: Configuration files will be erased.%>
<% end %></li>
</ul>
</fieldset>
<div class="cbi-page-actions right">
<form class="inline" action="<%=REQUEST_URI%>" method="post">
<input type="hidden" name="token" value="<%=token%>" />
<input type="hidden" name="step" value="2" />
<input type="hidden" name="keep" value="<%=keep and "1" or ""%>" />
<input class="cbi-button cbi-button-reset" name="cancel" type="submit" value="<%:Cancel%>" />
<input class="cbi-button cbi-button-apply" type="submit" value="<%:Proceed%>" />
</form>
</div>
<%+footer%>
Reference in a new issue View git blame Copy permalink