Thermal Sensors Widget (for pfSense v2.1-BETA1 and up). #486

Merged
merged 1 commit into from Mar 21, 2013

Conversation

Projects
None yet
3 participants
@01101001c
Contributor

01101001c commented Mar 19, 2013

Original post: http://forum.pfsense.org/index.php/topic,59193.0.html
NOTE: I've changed the widget name from "Core Temperatures" to "Thermal Sensors", which I think is more appropriate.

Description:
Thermal Sensors Widget is a stand-alone widget.
No existing/original file changes required.
Displays Thermal Sensors data for anything returned by "sysctl -a | grep temperature" command (in will fall back to "No Thermal Sensors data available" message if no data available).
Configurable thresholds and display appearance.
NOTE: depends on proper cofing in System >> Advanced >> Miscellaneous tab >> Thermal Sensors section.

Designed and tested for:
pfSense 2.1-BETA1 (i386)
Browsers: FF, Chrome and IE9.
Hardware tested on: Intel DH77EB, Core i3 3225

@ermal

This comment has been minimized.

Show comment Hide comment
@ermal

ermal Mar 19, 2013

Contributor

Is there any reason why you disable csrf protection?

Contributor

ermal commented Mar 19, 2013

Is there any reason why you disable csrf protection?

@cbuechler

This comment has been minimized.

Show comment Hide comment
@cbuechler

cbuechler Mar 19, 2013

Contributor

disabling CSRF protection is not acceptable.

Contributor

cbuechler commented Mar 19, 2013

disabling CSRF protection is not acceptable.

@cbuechler cbuechler closed this Mar 19, 2013

@01101001c

This comment has been minimized.

Show comment Hide comment
@01101001c

01101001c Mar 20, 2013

Contributor

@ermal: Good question. Have to admit that I just started learning/using PHP less then 2 months ago.
So naturally I was just following the same style as all other widgets (including index.php) by disabling CSRF protection.
Besides, that was the only way I could make "save" widget's settings to work without "CSRF check failed..." msg.
If you have any suggestions/hints on how to implement it properly without disabling CSRF protection, I would definitely try that.

@cbuechler: please see above

Cheers!

Contributor

01101001c commented Mar 20, 2013

@ermal: Good question. Have to admit that I just started learning/using PHP less then 2 months ago.
So naturally I was just following the same style as all other widgets (including index.php) by disabling CSRF protection.
Besides, that was the only way I could make "save" widget's settings to work without "CSRF check failed..." msg.
If you have any suggestions/hints on how to implement it properly without disabling CSRF protection, I would definitely try that.

@cbuechler: please see above

Cheers!

@ermal

This comment has been minimized.

Show comment Hide comment
@ermal

ermal Mar 20, 2013

Contributor

Normally you should not need to disable csrf it shuold override the javascript that does the calls to post/get or the php would have the cookie by itself.

Can you please open a ticket in redmine.pfsense.org with any error you get about that?

Contributor

ermal commented Mar 20, 2013

Normally you should not need to disable csrf it shuold override the javascript that does the calls to post/get or the php would have the cookie by itself.

Can you please open a ticket in redmine.pfsense.org with any error you get about that?

@01101001c

This comment has been minimized.

Show comment Hide comment
@01101001c

01101001c Mar 21, 2013

Contributor

Thank you Ermal,
I did some digging, the "$nocsrf = true;" line can be removed from the widget, but only if it is also removed from dashboard (\www\index.php) page as well. This way it works perfectly.
That was the reason I was getting "CSRF check failed" msg. Cannot have CSRF enabled in widget, but disabled in the hosting page.

Apparently, CSRF was disabled in the dashboard (\www\index.php) page as well as in ALL widgets over 2 years ago by Scott Ullrich.
I'm sure there was a reason for that, but with my limited knowledge of the system as well as PHP I couldn't figure it out.

At this point it is up to you guys, either push this code as is and fix CSRF for all widgets and dashboard later,
or hold this code until all others are fixed. (That is if this widget will be of any use of course).

Cheers!

Contributor

01101001c commented Mar 21, 2013

Thank you Ermal,
I did some digging, the "$nocsrf = true;" line can be removed from the widget, but only if it is also removed from dashboard (\www\index.php) page as well. This way it works perfectly.
That was the reason I was getting "CSRF check failed" msg. Cannot have CSRF enabled in widget, but disabled in the hosting page.

Apparently, CSRF was disabled in the dashboard (\www\index.php) page as well as in ALL widgets over 2 years ago by Scott Ullrich.
I'm sure there was a reason for that, but with my limited knowledge of the system as well as PHP I couldn't figure it out.

At this point it is up to you guys, either push this code as is and fix CSRF for all widgets and dashboard later,
or hold this code until all others are fixed. (That is if this widget will be of any use of course).

Cheers!

@ermal ermal reopened this Mar 21, 2013

ermal pushed a commit that referenced this pull request Mar 21, 2013

Ermal Luçi
Merge pull request #486 from 01101001c/master
Thermal Sensors Widget (for pfSense v2.1-BETA1 and up).

@ermal ermal merged commit 0e0f9b9 into pfsense:master Mar 21, 2013

@ermal

This comment has been minimized.

Show comment Hide comment
@ermal

ermal Mar 21, 2013

Contributor

Merged and removed nocsrf.

Contributor

ermal commented Mar 21, 2013

Merged and removed nocsrf.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment