diff --git a/api.php b/api.php index 62ece967..0673ad28 100644 --- a/api.php +++ b/api.php @@ -4,7 +4,8 @@ * Network-wide ad blocking via your own hardware. * * This file is copyright under the latest version of the EUPL. -* Please see LICENSE file for your rights under this license */ +* Please see LICENSE file for your rights under this license +*/ $api = true; require_once("scripts/pi-hole/php/FTL.php"); @@ -17,181 +18,181 @@ $data = array(); // Common API functions if (isset($_GET['enable']) && $auth) { - if(isset($_GET["auth"])) - { - if($_GET["auth"] !== $pwhash) - die("Not authorized!"); - } - else - { - // Skip token validation if explicit auth string is given - check_csrf($_GET['token']); - } - pihole_execute('enable'); - $data = array_merge($data, array("status" => "enabled")); - if (file_exists("../custom_disable_timer")) - { - unlink("../custom_disable_timer"); - } + if(isset($_GET["auth"])) + { + if($_GET["auth"] !== $pwhash) + die("Not authorized!"); + } + else + { + // Skip token validation if explicit auth string is given + check_csrf($_GET['token']); + } + pihole_execute('enable'); + $data = array_merge($data, array("status" => "enabled")); + if (file_exists("../custom_disable_timer")) + { + unlink("../custom_disable_timer"); + } } elseif (isset($_GET['disable']) && $auth) { - if(isset($_GET["auth"])) - { - if($_GET["auth"] !== $pwhash) - die("Not authorized!"); - } - else - { - // Skip token validation if explicit auth string is given - check_csrf($_GET['token']); - } - $disable = intval($_GET['disable']); - // intval returns the integer value on success, or 0 on failure - if($disable > 0) - { - $timestamp = time(); - pihole_execute("disable ".$disable."s"); - file_put_contents("../custom_disable_timer",($timestamp+$disable)*1000); - } - else - { - pihole_execute('disable'); - if (file_exists("../custom_disable_timer")) - { - unlink("../custom_disable_timer"); - } - } - $data = array_merge($data, array("status" => "disabled")); + if(isset($_GET["auth"])) + { + if($_GET["auth"] !== $pwhash) + die("Not authorized!"); + } + else + { + // Skip token validation if explicit auth string is given + check_csrf($_GET['token']); + } + $disable = intval($_GET['disable']); + // intval returns the integer value on success, or 0 on failure + if($disable > 0) + { + $timestamp = time(); + pihole_execute("disable ".$disable."s"); + file_put_contents("../custom_disable_timer",($timestamp+$disable)*1000); + } + else + { + pihole_execute('disable'); + if (file_exists("../custom_disable_timer")) + { + unlink("../custom_disable_timer"); + } + } + $data = array_merge($data, array("status" => "disabled")); } elseif (isset($_GET['versions'])) { - // Determine if updates are available for Pi-hole - // using the same script that we use for the footer - // on the dashboard (update notifications are - // suppressed if on development branches) - require "scripts/pi-hole/php/update_checker.php"; - $updates = array("core_update" => $core_update, - "web_update" => $web_update, - "FTL_update" => $FTL_update); - $current = array("core_current" => $core_current, - "web_current" => $web_current, - "FTL_current" => $FTL_current); - $latest = array("core_latest" => $core_latest, - "web_latest" => $web_latest, - "FTL_latest" => $FTL_latest); - $branches = array("core_branch" => $core_branch, - "web_branch" => $web_branch, - "FTL_branch" => $FTL_branch); - $data = array_merge($data, $updates); - $data = array_merge($data, $current); - $data = array_merge($data, $latest); - $data = array_merge($data, $branches); + // Determine if updates are available for Pi-hole + // using the same script that we use for the footer + // on the dashboard (update notifications are + // suppressed if on development branches) + require "scripts/pi-hole/php/update_checker.php"; + $updates = array("core_update" => $core_update, + "web_update" => $web_update, + "FTL_update" => $FTL_update); + $current = array("core_current" => $core_current, + "web_current" => $web_current, + "FTL_current" => $FTL_current); + $latest = array("core_latest" => $core_latest, + "web_latest" => $web_latest, + "FTL_latest" => $FTL_latest); + $branches = array("core_branch" => $core_branch, + "web_branch" => $web_branch, + "FTL_branch" => $FTL_branch); + $data = array_merge($data, $updates); + $data = array_merge($data, $current); + $data = array_merge($data, $latest); + $data = array_merge($data, $branches); } elseif (isset($_GET['list'])) { - if (!$auth) - die("Not authorized!"); + if (!$auth) + die("Not authorized!"); - if(!isset($_GET["list"])) - die("List has not been specified."); + if(!isset($_GET["list"])) + die("List has not been specified."); - switch ($_GET["list"]) { - case 'black': - $_POST['type'] = ListType::blacklist; - break; - case 'regex_black': - $_POST['type'] = ListType::regex_blacklist; - break; - case 'white': - $_POST['type'] = ListType::whitelist; - break; - case 'regex_white': - $_POST['type'] = ListType::regex_whitelist; - break; + switch ($_GET["list"]) { + case 'black': + $_POST['type'] = ListType::blacklist; + break; + case 'regex_black': + $_POST['type'] = ListType::regex_blacklist; + break; + case 'white': + $_POST['type'] = ListType::whitelist; + break; + case 'regex_white': + $_POST['type'] = ListType::regex_whitelist; + break; - default: - die("Invalid list [supported: black, regex_black, white, regex_white]"); - } + default: + die("Invalid list [supported: black, regex_black, white, regex_white]"); + } - if (isset($_GET['add'])) - { - // Set POST parameters and invoke script to add domain to list - $_POST['domain'] = $_GET['add']; - $_POST['action'] = 'add_domain'; - require("scripts/pi-hole/php/groups.php"); - } - elseif (isset($_GET['sub'])) - { - // Set POST parameters and invoke script to remove domain from list - $_POST['domain'] = $_GET['sub']; - $_POST['action'] = 'delete_domain_string'; - require("scripts/pi-hole/php/groups.php"); - } - else - { - // Set POST parameters and invoke script to get all domains - $_POST['action'] = 'get_domains'; - require("scripts/pi-hole/php/groups.php"); - } + if (isset($_GET['add'])) + { + // Set POST parameters and invoke script to add domain to list + $_POST['domain'] = $_GET['add']; + $_POST['action'] = 'add_domain'; + require("scripts/pi-hole/php/groups.php"); + } + elseif (isset($_GET['sub'])) + { + // Set POST parameters and invoke script to remove domain from list + $_POST['domain'] = $_GET['sub']; + $_POST['action'] = 'delete_domain_string'; + require("scripts/pi-hole/php/groups.php"); + } + else + { + // Set POST parameters and invoke script to get all domains + $_POST['action'] = 'get_domains'; + require("scripts/pi-hole/php/groups.php"); + } - return; + return; } elseif(isset($_GET['customdns']) && $auth) { - if (isset($_GET["auth"])) { - if ($_GET["auth"] !== $pwhash) { - die("Not authorized!"); - } - } else { - // Skip token validation if explicit auth string is given - check_csrf($_GET['token']); - } + if (isset($_GET["auth"])) { + if ($_GET["auth"] !== $pwhash) { + die("Not authorized!"); + } + } else { + // Skip token validation if explicit auth string is given + check_csrf($_GET['token']); + } - switch ($_GET["action"]) { - case 'get': - $data = echoCustomDNSEntries(); - break; + switch ($_GET["action"]) { + case 'get': + $data = echoCustomDNSEntries(); + break; - case 'add': - $data = addCustomDNSEntry(); - break; + case 'add': + $data = addCustomDNSEntry(); + break; - case 'delete': - $data = deleteCustomDNSEntry(); - break; + case 'delete': + $data = deleteCustomDNSEntry(); + break; - default: - die("Wrong action"); - } + default: + die("Wrong action"); + } } elseif(isset($_GET['customcname']) && $auth) { - if (isset($_GET["auth"])) { - if ($_GET["auth"] !== $pwhash) { - die("Not authorized!"); - } - } else { - // Skip token validation if explicit auth string is given - check_csrf($_GET['token']); - } + if (isset($_GET["auth"])) { + if ($_GET["auth"] !== $pwhash) { + die("Not authorized!"); + } + } else { + // Skip token validation if explicit auth string is given + check_csrf($_GET['token']); + } - switch ($_GET["action"]) { - case 'get': - $data = echoCustomCNAMEEntries(); - break; + switch ($_GET["action"]) { + case 'get': + $data = echoCustomCNAMEEntries(); + break; - case 'add': - $data = addCustomCNAMEEntry(); - break; + case 'add': + $data = addCustomCNAMEEntry(); + break; - case 'delete': - $data = deleteCustomCNAMEEntry(); - break; + case 'delete': + $data = deleteCustomCNAMEEntry(); + break; - default: - die("Wrong action"); - } + default: + die("Wrong action"); + } } // Other API functions diff --git a/api_FTL.php b/api_FTL.php index cb0a8574..dafa4eef 100644 --- a/api_FTL.php +++ b/api_FTL.php @@ -4,7 +4,8 @@ * Network-wide ad blocking via your own hardware. * * This file is copyright under the latest version of the EUPL. -* Please see LICENSE file for your rights under this license */ +* Please see LICENSE file for your rights under this license +*/ if (!isset($api)) { die("Direct call to api_FTL.php is not allowed!"); @@ -21,14 +22,14 @@ if (isset($_GET['version'])) { if (isset($_GET['status'])) { $return = callFTLAPI("stats"); if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - if (in_array("status enabled", $return)) { - $data = array_merge($data, array("status" => "enabled")); - } else { - $data = array_merge($data, array("status" => "disabled")); - } - } + if (in_array("status enabled", $return)) { + $data = array_merge($data, array("status" => "enabled")); + } else { + $data = array_merge($data, array("status" => "disabled")); + } + } } if (isset($_GET['summary']) || isset($_GET['summaryRaw']) || !count($_GET)) { @@ -36,67 +37,67 @@ if (isset($_GET['summary']) || isset($_GET['summaryRaw']) || !count($_GET)) { $return = callFTLAPI("stats"); if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - $stats = []; - foreach ($return as $line) { - $tmp = explode(" ",$line); + $stats = []; + foreach ($return as $line) { + $tmp = explode(" ",$line); - if ($tmp[0] === "domains_being_blocked" && !is_numeric($tmp[1]) || $tmp[0] === "status") { - // Expect string response - $stats[$tmp[0]] = $tmp[1]; - } elseif (isset($_GET['summary'])) { - // "summary" expects a formmated string response - if ($tmp[0] !== "ads_percentage_today") { - $stats[$tmp[0]] = number_format($tmp[1]); - } else { - $stats[$tmp[0]] = number_format($tmp[1], 1, '.', ''); - } - } else { - // Expect float response - $stats[$tmp[0]] = floatval($tmp[1]); - } + if ($tmp[0] === "domains_being_blocked" && !is_numeric($tmp[1]) || $tmp[0] === "status") { + // Expect string response + $stats[$tmp[0]] = $tmp[1]; + } elseif (isset($_GET['summary'])) { + // "summary" expects a formmated string response + if ($tmp[0] !== "ads_percentage_today") { + $stats[$tmp[0]] = number_format($tmp[1]); + } else { + $stats[$tmp[0]] = number_format($tmp[1], 1, '.', ''); + } + } else { + // Expect float response + $stats[$tmp[0]] = floatval($tmp[1]); + } - } - $stats['gravity_last_updated'] = gravity_last_update(true); - $data = array_merge($data,$stats); + } + $stats['gravity_last_updated'] = gravity_last_update(true); + $data = array_merge($data,$stats); } } if (isset($_GET["getMaxlogage"]) && $auth) { $return = callFTLAPI("maxlogage"); if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - // Convert seconds to hours and rounds to one decimal place. - $ret = round(intval($return[0]) / 3600, 1); - // Return 24h if value is 0, empty, null or non numeric. - $ret = $ret ?: 24; + // Convert seconds to hours and rounds to one decimal place. + $ret = round(intval($return[0]) / 3600, 1); + // Return 24h if value is 0, empty, null or non numeric. + $ret = $ret ?: 24; - $data = array_merge($data, array("maxlogage" => $ret)); - } + $data = array_merge($data, array("maxlogage" => $ret)); + } } if (isset($_GET['overTimeData10mins'])) { $return = callFTLAPI("overTime"); if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - $domains_over_time = array(); - $ads_over_time = array(); - foreach ($return as $line) { - $tmp = explode(" ",$line); - $domains_over_time[intval($tmp[0])] = intval($tmp[1]); - $ads_over_time[intval($tmp[0])] = intval($tmp[2]); - } + $domains_over_time = array(); + $ads_over_time = array(); + foreach ($return as $line) { + $tmp = explode(" ",$line); + $domains_over_time[intval($tmp[0])] = intval($tmp[1]); + $ads_over_time[intval($tmp[0])] = intval($tmp[2]); + } - $result = array( - 'domains_over_time' => $domains_over_time, - 'ads_over_time' => $ads_over_time - ); + $result = array( + 'domains_over_time' => $domains_over_time, + 'ads_over_time' => $ads_over_time + ); - $data = array_merge($data, $result); - } + $data = array_merge($data, $result); + } } if (isset($_GET['topItems']) && $auth) { @@ -109,18 +110,18 @@ if (isset($_GET['topItems']) && $auth) { } if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - $top_queries = array(); - foreach ($return as $line) { - $tmp = explode(" ",$line); - if (count($tmp) == 2) { - $tmp[2]=""; - } - $domain = utf8_encode($tmp[2]); - $top_queries[$domain] = intval($tmp[1]); + $top_queries = array(); + foreach ($return as $line) { + $tmp = explode(" ",$line); + if (count($tmp) == 2) { + $tmp[2]=""; + } + $domain = utf8_encode($tmp[2]); + $top_queries[$domain] = intval($tmp[1]); + } } - } if ($_GET['topItems'] === "audit") { $return = callFTLAPI("top-ads for audit"); @@ -131,26 +132,26 @@ if (isset($_GET['topItems']) && $auth) { } if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - $top_ads = array(); - foreach ($return as $line) { - $tmp = explode(" ",$line); - $domain = utf8_encode($tmp[2]); - if (count($tmp) > 3) { - $top_ads[$domain." (".$tmp[3].")"] = intval($tmp[1]); - } else { - $top_ads[$domain] = intval($tmp[1]); - } - } + $top_ads = array(); + foreach ($return as $line) { + $tmp = explode(" ",$line); + $domain = utf8_encode($tmp[2]); + if (count($tmp) > 3) { + $top_ads[$domain." (".$tmp[3].")"] = intval($tmp[1]); + } else { + $top_ads[$domain] = intval($tmp[1]); + } + } - $result = array( - 'top_queries' => $top_queries, - 'top_ads' => $top_ads - ); + $result = array( + 'top_queries' => $top_queries, + 'top_ads' => $top_ads + ); - $data = array_merge($data, $result); - } + $data = array_merge($data, $result); + } } if ((isset($_GET['topClients']) || isset($_GET['getQuerySources'])) && $auth) { @@ -167,23 +168,23 @@ if ((isset($_GET['topClients']) || isset($_GET['getQuerySources'])) && $auth) { $return = callFTLAPI("top-clients"); } if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - $top_clients = array(); - foreach ($return as $line) { - $tmp = explode(" ",$line); - $clientip = utf8_encode($tmp[2]); - if (count($tmp) > 3 && strlen($tmp[3]) > 0) { - $clientname = utf8_encode($tmp[3]); - $top_clients[$clientname."|".$clientip] = intval($tmp[1]); - } else { - $top_clients[$clientip] = intval($tmp[1]); - } - } + $top_clients = array(); + foreach ($return as $line) { + $tmp = explode(" ",$line); + $clientip = utf8_encode($tmp[2]); + if (count($tmp) > 3 && strlen($tmp[3]) > 0) { + $clientname = utf8_encode($tmp[3]); + $top_clients[$clientname."|".$clientip] = intval($tmp[1]); + } else { + $top_clients[$clientip] = intval($tmp[1]); + } + } - $result = array('top_sources' => $top_clients); - $data = array_merge($data, $result); - } + $result = array('top_sources' => $top_clients); + $data = array_merge($data, $result); + } } if (isset($_GET['topClientsBlocked']) && $auth) { @@ -198,23 +199,23 @@ if (isset($_GET['topClientsBlocked']) && $auth) { $return = callFTLAPI("top-clients blocked"); } if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - $top_clients = array(); - foreach ($return as $line) { - $tmp = explode(" ",$line); - $clientip = utf8_encode($tmp[2]); - if (count($tmp) > 3 && strlen($tmp[3]) > 0) { - $clientname = utf8_encode($tmp[3]); - $top_clients[$clientname."|".$clientip] = intval($tmp[1]); - } else { - $top_clients[$clientip] = intval($tmp[1]); - } - } + $top_clients = array(); + foreach ($return as $line) { + $tmp = explode(" ",$line); + $clientip = utf8_encode($tmp[2]); + if (count($tmp) > 3 && strlen($tmp[3]) > 0) { + $clientname = utf8_encode($tmp[3]); + $top_clients[$clientname."|".$clientip] = intval($tmp[1]); + } else { + $top_clients[$clientip] = intval($tmp[1]); + } + } - $result = array('top_sources_blocked' => $top_clients); - $data = array_merge($data, $result); - } + $result = array('top_sources_blocked' => $top_clients); + $data = array_merge($data, $result); + } } if (isset($_GET['getForwardDestinations']) && $auth) { @@ -224,57 +225,57 @@ if (isset($_GET['getForwardDestinations']) && $auth) { $return = callFTLAPI("forward-dest"); } if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - $forward_dest = array(); - foreach ($return as $line) { - $tmp = explode(" ",$line); - $forwardip = utf8_encode($tmp[2]); - if (count($tmp) > 3 && strlen($tmp[3]) > 0) { - $forwardname = utf8_encode($tmp[3]); - $forward_dest[$forwardname."|".$forwardip] = floatval($tmp[1]); - } else { - $forward_dest[$forwardip] = floatval($tmp[1]); - } - } + $forward_dest = array(); + foreach ($return as $line) { + $tmp = explode(" ",$line); + $forwardip = utf8_encode($tmp[2]); + if (count($tmp) > 3 && strlen($tmp[3]) > 0) { + $forwardname = utf8_encode($tmp[3]); + $forward_dest[$forwardname."|".$forwardip] = floatval($tmp[1]); + } else { + $forward_dest[$forwardip] = floatval($tmp[1]); + } + } - $result = array('forward_destinations' => $forward_dest); - $data = array_merge($data, $result); - } + $result = array('forward_destinations' => $forward_dest); + $data = array_merge($data, $result); + } } if (isset($_GET['getQueryTypes']) && $auth) { $return = callFTLAPI("querytypes"); if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - $querytypes = array(); - foreach ($return as $ret) { - $tmp = explode(": ",$ret); - // Reply cannot contain non-ASCII characters - $querytypes[$tmp[0]] = floatval($tmp[1]); - } + $querytypes = array(); + foreach ($return as $ret) { + $tmp = explode(": ",$ret); + // Reply cannot contain non-ASCII characters + $querytypes[$tmp[0]] = floatval($tmp[1]); + } - $result = array('querytypes' => $querytypes); - $data = array_merge($data, $result); - } + $result = array('querytypes' => $querytypes); + $data = array_merge($data, $result); + } } if (isset($_GET['getCacheInfo']) && $auth) { $return = callFTLAPI("cacheinfo"); if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - $cacheinfo = array(); - foreach ($return as $ret) { - $tmp = explode(": ",$ret); - // Reply cannot contain non-ASCII characters - $cacheinfo[$tmp[0]] = floatval($tmp[1]); - } + $cacheinfo = array(); + foreach ($return as $ret) { + $tmp = explode(": ",$ret); + // Reply cannot contain non-ASCII characters + $cacheinfo[$tmp[0]] = floatval($tmp[1]); + } - $result = array('cacheinfo' => $cacheinfo); - $data = array_merge($data, $result); - } + $result = array('cacheinfo' => $cacheinfo); + $data = array_merge($data, $result); + } } if (isset($_GET['getAllQueries']) && $auth) { @@ -304,38 +305,37 @@ if (isset($_GET['getAllQueries']) && $auth) { } if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - // Set the header - header('Content-type: application/json'); + // Set the header + header('Content-type: application/json'); - // Start the JSON string - echo '{"data":['; - $first = true; + // Start the JSON string + echo '{"data":['; + $first = true; - foreach($return as $line) { + foreach($return as $line) { + // Insert a comma before the next record (except on the first one) + if (!$first) { + echo ","; + } else { + $first = false; + } - // Insert a comma before the next record (except on the first one) - if (!$first) { - echo ","; - } else { - $first = false; - } + $row = str_getcsv($line," "); + // UTF-8 encode domain + $domain = utf8_encode(str_replace("~"," ",$row[2])); + // UTF-8 encode client host name + $client = utf8_encode($row[3]); - $row = str_getcsv($line," "); - // UTF-8 encode domain - $domain = utf8_encode(str_replace("~"," ",$row[2])); - // UTF-8 encode client host name - $client = utf8_encode($row[3]); - - // Insert into array and output it in JSON format - // array: time type domain client status dnssecStatus reply response_time CNAMEDomain regexID upstream destination EDE - echo json_encode([$row[0], $row[1], $domain, $client, $row[4], $row[5], $row[6], $row[7], $row[8], $row[9], $row[10], $row[11]]); - } - // Finish the JSON string - echo ']}'; - // exit at the end - exit(); + // Insert into array and output it in JSON format + // array: time type domain client status dnssecStatus reply response_time CNAMEDomain regexID upstream destination EDE + echo json_encode([$row[0], $row[1], $domain, $client, $row[4], $row[5], $row[6], $row[7], $row[8], $row[9], $row[10], $row[11]]); + } + // Finish the JSON string + echo ']}'; + // exit at the end + exit(); } } @@ -348,94 +348,94 @@ if (isset($_GET['getForwardDestinationNames']) && $auth) { $return = callFTLAPI("forward-names"); if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - $forward_dest = array(); - foreach ($return as $line) { - $tmp = explode(" ",$line); - $forwardip = utf8_encode($tmp[2]); - if (count($tmp) > 3) { - $forwardname = utf8_encode($tmp[3]); - $forward_dest[$forwardname."|".$forwardip] = floatval($tmp[1]); - } else { - $forward_dest[$forwardip] = floatval($tmp[1]); - } - } + $forward_dest = array(); + foreach ($return as $line) { + $tmp = explode(" ",$line); + $forwardip = utf8_encode($tmp[2]); + if (count($tmp) > 3) { + $forwardname = utf8_encode($tmp[3]); + $forward_dest[$forwardname."|".$forwardip] = floatval($tmp[1]); + } else { + $forward_dest[$forwardip] = floatval($tmp[1]); + } + } - $result = array('forward_destinations' => $forward_dest); - $data = array_merge($data, $result); - } + $result = array('forward_destinations' => $forward_dest); + $data = array_merge($data, $result); + } } if (isset($_GET['overTimeDataQueryTypes']) && $auth) { $return = callFTLAPI("QueryTypesoverTime"); if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - $over_time = array(); - foreach ($return as $line) { - $tmp = explode(" ",$line); - for ($i=0; $i < count($tmp)-1; $i++) { - $over_time[intval($tmp[0])][$i] = floatval($tmp[$i+1]); - } - } - $result = array('over_time' => $over_time); - $data = array_merge($data, $result); - } + $over_time = array(); + foreach ($return as $line) { + $tmp = explode(" ",$line); + for ($i=0; $i < count($tmp)-1; $i++) { + $over_time[intval($tmp[0])][$i] = floatval($tmp[$i+1]); + } + } + $result = array('over_time' => $over_time); + $data = array_merge($data, $result); + } } if (isset($_GET['getClientNames']) && $auth) { $return = callFTLAPI("client-names"); if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - $client_names = array(); - foreach ($return as $line) { - $tmp = explode(" ", $line); - $client_names[] = array( - "name" => utf8_encode($tmp[0]), - "ip" => utf8_encode($tmp[1]) - ); - } + $client_names = array(); + foreach ($return as $line) { + $tmp = explode(" ", $line); + $client_names[] = array( + "name" => utf8_encode($tmp[0]), + "ip" => utf8_encode($tmp[1]) + ); + } - $result = array('clients' => $client_names); - $data = array_merge($data, $result); - } + $result = array('clients' => $client_names); + $data = array_merge($data, $result); + } } if (isset($_GET['overTimeDataClients']) && $auth) { $return = callFTLAPI("ClientsoverTime"); if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - $over_time = array(); - foreach ($return as $line) { - $tmp = explode(" ",$line); - for ($i=0; $i < count($tmp)-1; $i++) { - $over_time[intval($tmp[0])][$i] = floatval($tmp[$i+1]); - } - } - $result = array('over_time' => $over_time); - $data = array_merge($data, $result); - } + $over_time = array(); + foreach ($return as $line) { + $tmp = explode(" ",$line); + for ($i=0; $i < count($tmp)-1; $i++) { + $over_time[intval($tmp[0])][$i] = floatval($tmp[$i+1]); + } + } + $result = array('over_time' => $over_time); + $data = array_merge($data, $result); + } } if (isset($_GET['delete_lease']) && $auth) { $return = callFTLAPI("delete-lease ".$_GET['delete_lease']); if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - $data["delete_lease"] = $return[0]; - } + $data["delete_lease"] = $return[0]; + } } if (isset($_GET['dns-port']) && $auth) { $return = callFTLAPI("dns-port"); if (array_key_exists("FTLnotrunning", $return)) { - $data = array("FTLnotrunning" => true); + $data = array("FTLnotrunning" => true); } else { - $data["dns-port"] = $return[0]; + $data["dns-port"] = $return[0]; } } ?> diff --git a/api_db.php b/api_db.php index 4430a324..50362ad0 100644 --- a/api_db.php +++ b/api_db.php @@ -4,7 +4,8 @@ * Network-wide ad blocking via your own hardware. * * This file is copyright under the latest version of the EUPL. -* Please see LICENSE file for your rights under this license */ +* Please see LICENSE file for your rights under this license +*/ $api = true; header('Content-type: application/json'); @@ -27,428 +28,428 @@ $db = SQLite3_connect($QUERYDB); if(isset($_GET["network"]) && $auth) { - $network = array(); - $results = $db->query('SELECT * FROM network'); + $network = array(); + $results = $db->query('SELECT * FROM network'); - while($results !== false && $res = $results->fetchArray(SQLITE3_ASSOC)) - { - $id = intval($res["id"]); + while($results !== false && $res = $results->fetchArray(SQLITE3_ASSOC)) + { + $id = intval($res["id"]); - // Get IP addresses and host names for this device - $res["ip"] = array(); - $res["name"] = array(); - $network_addresses = $db->query("SELECT ip,name FROM network_addresses WHERE network_id = $id ORDER BY lastSeen DESC"); - while($network_addresses !== false && $network_address = $network_addresses->fetchArray(SQLITE3_ASSOC)) - { - array_push($res["ip"],$network_address["ip"]); - if($network_address["name"] !== null) - array_push($res["name"],utf8_encode($network_address["name"])); - else - array_push($res["name"],""); - } - $network_addresses->finalize(); + // Get IP addresses and host names for this device + $res["ip"] = array(); + $res["name"] = array(); + $network_addresses = $db->query("SELECT ip,name FROM network_addresses WHERE network_id = $id ORDER BY lastSeen DESC"); + while($network_addresses !== false && $network_address = $network_addresses->fetchArray(SQLITE3_ASSOC)) + { + array_push($res["ip"],$network_address["ip"]); + if($network_address["name"] !== null) + array_push($res["name"],utf8_encode($network_address["name"])); + else + array_push($res["name"],""); + } + $network_addresses->finalize(); - // UTF-8 encode vendor - $res["macVendor"] = utf8_encode($res["macVendor"]); - array_push($network, $res); - } - $results->finalize(); + // UTF-8 encode vendor + $res["macVendor"] = utf8_encode($res["macVendor"]); + array_push($network, $res); + } + $results->finalize(); - $data = array_merge($data, array('network' => $network)); + $data = array_merge($data, array('network' => $network)); } if (isset($_GET['getAllQueries']) && $auth) { - $allQueries = array(); - if($_GET['getAllQueries'] !== "empty") - { - $from = intval($_GET["from"]); - $until = intval($_GET["until"]); + $allQueries = array(); + if($_GET['getAllQueries'] !== "empty") + { + $from = intval($_GET["from"]); + $until = intval($_GET["until"]); - // Use table "query_storage" - // - replace domain ID with domain - // - replace client ID with client name - // - replace forward ID with forward destination - $dbquery = "SELECT timestamp, type,"; - $dbquery .= " CASE typeof(domain) WHEN 'integer' THEN (SELECT domain FROM domain_by_id d WHERE d.id = q.domain) ELSE domain END domain,"; - $dbquery .= " CASE typeof(client) WHEN 'integer' THEN ("; - $dbquery .= " SELECT CASE TRIM(name) WHEN '' THEN c.ip ELSE c.name END name FROM client_by_id c WHERE c.id = q.client"; - $dbquery .= " ) ELSE client END client,"; - $dbquery .= " CASE typeof(forward) WHEN 'integer' THEN (SELECT forward FROM forward_by_id f WHERE f.id = q.forward) ELSE forward END forward,"; - $dbquery .= " status, reply_type, reply_time, dnssec"; - $dbquery .= " FROM query_storage q"; - $dbquery .= " WHERE timestamp >= :from AND timestamp <= :until "; - if(isset($_GET["types"])) - { - $types = $_GET["types"]; - if(preg_match("/^[0-9]+(?:,[0-9]+)*$/", $types) === 1) - { - // Append selector to DB query. The used regex ensures - // that only numbers, separated by commas are accepted - // to avoid code injection and other malicious things - // We accept only valid lists like "1,2,3" - // We reject ",2,3", "1,2," and similar arguments - $dbquery .= "AND status IN (".$types.") "; - } - else - { - die("Error. Selector types specified using an invalid format."); - } - } - $dbquery .= "ORDER BY timestamp ASC"; - $stmt = $db->prepare($dbquery); - $stmt->bindValue(":from", intval($from), SQLITE3_INTEGER); - $stmt->bindValue(":until", intval($until), SQLITE3_INTEGER); - $results = $stmt->execute(); + // Use table "query_storage" + // - replace domain ID with domain + // - replace client ID with client name + // - replace forward ID with forward destination + $dbquery = "SELECT timestamp, type,"; + $dbquery .= " CASE typeof(domain) WHEN 'integer' THEN (SELECT domain FROM domain_by_id d WHERE d.id = q.domain) ELSE domain END domain,"; + $dbquery .= " CASE typeof(client) WHEN 'integer' THEN ("; + $dbquery .= " SELECT CASE TRIM(name) WHEN '' THEN c.ip ELSE c.name END name FROM client_by_id c WHERE c.id = q.client"; + $dbquery .= " ) ELSE client END client,"; + $dbquery .= " CASE typeof(forward) WHEN 'integer' THEN (SELECT forward FROM forward_by_id f WHERE f.id = q.forward) ELSE forward END forward,"; + $dbquery .= " status, reply_type, reply_time, dnssec"; + $dbquery .= " FROM query_storage q"; + $dbquery .= " WHERE timestamp >= :from AND timestamp <= :until "; + if(isset($_GET["types"])) + { + $types = $_GET["types"]; + if(preg_match("/^[0-9]+(?:,[0-9]+)*$/", $types) === 1) + { + // Append selector to DB query. The used regex ensures + // that only numbers, separated by commas are accepted + // to avoid code injection and other malicious things + // We accept only valid lists like "1,2,3" + // We reject ",2,3", "1,2," and similar arguments + $dbquery .= "AND status IN (".$types.") "; + } + else + { + die("Error. Selector types specified using an invalid format."); + } + } + $dbquery .= "ORDER BY timestamp ASC"; + $stmt = $db->prepare($dbquery); + $stmt->bindValue(":from", intval($from), SQLITE3_INTEGER); + $stmt->bindValue(":until", intval($until), SQLITE3_INTEGER); + $results = $stmt->execute(); - // Start the JSON string - echo '{"data":['; + // Start the JSON string + echo '{"data":['; - if (!is_bool($results)) { - $first = true; - while ($row = $results->fetchArray(SQLITE3_ASSOC)) { - // Insert a comma before the next record (except on the first one) - if (!$first) { - echo ","; - } else { - $first = false; - } + if (!is_bool($results)) { + $first = true; + while ($row = $results->fetchArray(SQLITE3_ASSOC)) { + // Insert a comma before the next record (except on the first one) + if (!$first) { + echo ","; + } else { + $first = false; + } - // Format, encode, transform each field (if necessary). - $time = $row["timestamp"]; - $query_type = getQueryTypeStr($row["type"]); // Convert query type ID to name - $domain = utf8_encode(str_replace("~"," ",$row["domain"])); - $client = $row["client"]; - $status = $row["status"]; - $destination = utf8_encode($row["forward"]); - $reply_type = $row["reply_type"]; - $reply_time = $row["reply_time"]; - $dnssec = $row["dnssec"]; + // Format, encode, transform each field (if necessary). + $time = $row["timestamp"]; + $query_type = getQueryTypeStr($row["type"]); // Convert query type ID to name + $domain = utf8_encode(str_replace("~"," ",$row["domain"])); + $client = $row["client"]; + $status = $row["status"]; + $destination = utf8_encode($row["forward"]); + $reply_type = $row["reply_type"]; + $reply_time = $row["reply_time"]; + $dnssec = $row["dnssec"]; - // Insert into array and output it in JSON format - echo json_encode([$time, $query_type, $domain, $client, $status, $destination, $reply_type, $reply_time, $dnssec]); - } - } + // Insert into array and output it in JSON format + echo json_encode([$time, $query_type, $domain, $client, $status, $destination, $reply_type, $reply_time, $dnssec]); + } + } - // Finish the JSON string - echo ']}'; + // Finish the JSON string + echo ']}'; - // exit at the end - exit(); - } - // only used if getAllQueries==empty - $result = array('data' => $allQueries); - $data = array_merge($data, $result); + // exit at the end + exit(); + } + // only used if getAllQueries==empty + $result = array('data' => $allQueries); + $data = array_merge($data, $result); } if (isset($_GET['topClients']) && $auth) { - // $from = intval($_GET["from"]); - $limit = ""; - if(isset($_GET["from"]) && isset($_GET["until"])) - { - $limit = "WHERE timestamp >= :from AND timestamp <= :until"; - } - elseif(isset($_GET["from"]) && !isset($_GET["until"])) - { - $limit = "WHERE timestamp >= :from"; - } - elseif(!isset($_GET["from"]) && isset($_GET["until"])) - { - $limit = "WHERE timestamp <= :until"; - } + // $from = intval($_GET["from"]); + $limit = ""; + if(isset($_GET["from"]) && isset($_GET["until"])) + { + $limit = "WHERE timestamp >= :from AND timestamp <= :until"; + } + elseif(isset($_GET["from"]) && !isset($_GET["until"])) + { + $limit = "WHERE timestamp >= :from"; + } + elseif(!isset($_GET["from"]) && isset($_GET["until"])) + { + $limit = "WHERE timestamp <= :until"; + } $dbquery = "SELECT CASE typeof(client) WHEN 'integer' THEN ("; $dbquery .= " SELECT CASE TRIM(name) WHEN '' THEN c.ip ELSE c.name END name FROM client_by_id c WHERE c.id = q.client)"; $dbquery .= " ELSE client END client, count(client) FROM query_storage q ".$limit." GROUP BY client ORDER BY count(client) DESC LIMIT 20"; - $stmt = $db->prepare($dbquery); - $stmt->bindValue(":from", intval($_GET['from']), SQLITE3_INTEGER); - $stmt->bindValue(":until", intval($_GET['until']), SQLITE3_INTEGER); - $results = $stmt->execute(); + $stmt = $db->prepare($dbquery); + $stmt->bindValue(":from", intval($_GET['from']), SQLITE3_INTEGER); + $stmt->bindValue(":until", intval($_GET['until']), SQLITE3_INTEGER); + $results = $stmt->execute(); - $clientnums = array(); + $clientnums = array(); - if(!is_bool($results)) - while ($row = $results->fetchArray()) - { - // $row[0] is the client IP + if(!is_bool($results)) + while ($row = $results->fetchArray()) + { + // $row[0] is the client IP - if(array_key_exists($row[0], $clientnums)) - { - // Entry already exists, add to it (might appear multiple times due to mixed capitalization in the database) - $clientnums[$row[0]] += intval($row[1]); - } - else - { - // Entry does not yet exist - $clientnums[$row[0]] = intval($row[1]); - } - } + if(array_key_exists($row[0], $clientnums)) + { + // Entry already exists, add to it (might appear multiple times due to mixed capitalization in the database) + $clientnums[$row[0]] += intval($row[1]); + } + else + { + // Entry does not yet exist + $clientnums[$row[0]] = intval($row[1]); + } + } - // Sort by number of hits - arsort($clientnums); + // Sort by number of hits + arsort($clientnums); - // Extract only the first ten entries - $clientnums = array_slice($clientnums, 0, 10); + // Extract only the first ten entries + $clientnums = array_slice($clientnums, 0, 10); - $result = array('top_sources' => $clientnums); - $data = array_merge($data, $result); + $result = array('top_sources' => $clientnums); + $data = array_merge($data, $result); } if (isset($_GET['topDomains']) && $auth) { - $limit = ""; + $limit = ""; - if(isset($_GET["from"]) && isset($_GET["until"])) - { - $limit = " AND timestamp >= :from AND timestamp <= :until"; - } - elseif(isset($_GET["from"]) && !isset($_GET["until"])) - { - $limit = " AND timestamp >= :from"; - } - elseif(!isset($_GET["from"]) && isset($_GET["until"])) - { - $limit = " AND timestamp <= :until"; - } - // Select top permitted domains only - $stmt = $db->prepare('SELECT domain,count(domain) FROM queries WHERE status IN (2,3,12,13,14)'.$limit.' GROUP by domain order by count(domain) desc limit 20'); - $stmt->bindValue(":from", intval($_GET['from']), SQLITE3_INTEGER); - $stmt->bindValue(":until", intval($_GET['until']), SQLITE3_INTEGER); - $results = $stmt->execute(); + if(isset($_GET["from"]) && isset($_GET["until"])) + { + $limit = " AND timestamp >= :from AND timestamp <= :until"; + } + elseif(isset($_GET["from"]) && !isset($_GET["until"])) + { + $limit = " AND timestamp >= :from"; + } + elseif(!isset($_GET["from"]) && isset($_GET["until"])) + { + $limit = " AND timestamp <= :until"; + } + // Select top permitted domains only + $stmt = $db->prepare('SELECT domain,count(domain) FROM queries WHERE status IN (2,3,12,13,14)'.$limit.' GROUP by domain order by count(domain) desc limit 20'); + $stmt->bindValue(":from", intval($_GET['from']), SQLITE3_INTEGER); + $stmt->bindValue(":until", intval($_GET['until']), SQLITE3_INTEGER); + $results = $stmt->execute(); - $domains = array(); + $domains = array(); - if(!is_bool($results)) - while ($row = $results->fetchArray()) - { - // Convert domain to lower case UTF-8 - $c = utf8_encode(strtolower($row[0])); - if(array_key_exists($c, $domains)) - { - // Entry already exists, add to it (might appear multiple times due to mixed capitalization in the database) - $domains[$c] += intval($row[1]); - } - else - { - // Entry does not yet exist - $domains[$c] = intval($row[1]); - } - } + if(!is_bool($results)) + while ($row = $results->fetchArray()) + { + // Convert domain to lower case UTF-8 + $c = utf8_encode(strtolower($row[0])); + if(array_key_exists($c, $domains)) + { + // Entry already exists, add to it (might appear multiple times due to mixed capitalization in the database) + $domains[$c] += intval($row[1]); + } + else + { + // Entry does not yet exist + $domains[$c] = intval($row[1]); + } + } - // Sort by number of hits - arsort($domains); + // Sort by number of hits + arsort($domains); - // Extract only the first ten entries - $domains = array_slice($domains, 0, 10); + // Extract only the first ten entries + $domains = array_slice($domains, 0, 10); - $result = array('top_domains' => $domains); - $data = array_merge($data, $result); + $result = array('top_domains' => $domains); + $data = array_merge($data, $result); } if (isset($_GET['topAds']) && $auth) { - $limit = ""; + $limit = ""; - if(isset($_GET["from"]) && isset($_GET["until"])) - { - $limit = " AND timestamp >= :from AND timestamp <= :until"; - } - elseif(isset($_GET["from"]) && !isset($_GET["until"])) - { - $limit = " AND timestamp >= :from"; - } - elseif(!isset($_GET["from"]) && isset($_GET["until"])) - { - $limit = " AND timestamp <= :until"; - } - $stmt = $db->prepare('SELECT domain,count(domain) FROM queries WHERE status IN (1,4,5,6,7,8,9,10,11)'.$limit.' GROUP by domain order by count(domain) desc limit 10'); - $stmt->bindValue(":from", intval($_GET['from']), SQLITE3_INTEGER); - $stmt->bindValue(":until", intval($_GET['until']), SQLITE3_INTEGER); - $results = $stmt->execute(); + if(isset($_GET["from"]) && isset($_GET["until"])) + { + $limit = " AND timestamp >= :from AND timestamp <= :until"; + } + elseif(isset($_GET["from"]) && !isset($_GET["until"])) + { + $limit = " AND timestamp >= :from"; + } + elseif(!isset($_GET["from"]) && isset($_GET["until"])) + { + $limit = " AND timestamp <= :until"; + } + $stmt = $db->prepare('SELECT domain,count(domain) FROM queries WHERE status IN (1,4,5,6,7,8,9,10,11)'.$limit.' GROUP by domain order by count(domain) desc limit 10'); + $stmt->bindValue(":from", intval($_GET['from']), SQLITE3_INTEGER); + $stmt->bindValue(":until", intval($_GET['until']), SQLITE3_INTEGER); + $results = $stmt->execute(); - $addomains = array(); + $addomains = array(); - if(!is_bool($results)) - while ($row = $results->fetchArray()) - { - $addomains[utf8_encode($row[0])] = intval($row[1]); - } - $result = array('top_ads' => $addomains); - $data = array_merge($data, $result); + if(!is_bool($results)) + while ($row = $results->fetchArray()) + { + $addomains[utf8_encode($row[0])] = intval($row[1]); + } + $result = array('top_ads' => $addomains); + $data = array_merge($data, $result); } if (isset($_GET['getMinTimestamp']) && $auth) { - $results = $db->query('SELECT MIN(timestamp) FROM queries'); + $results = $db->query('SELECT MIN(timestamp) FROM queries'); - if(!is_bool($results)) - $result = array('mintimestamp' => $results->fetchArray()[0]); - else - $result = array(); + if(!is_bool($results)) + $result = array('mintimestamp' => $results->fetchArray()[0]); + else + $result = array(); - $data = array_merge($data, $result); + $data = array_merge($data, $result); } if (isset($_GET['getMaxTimestamp']) && $auth) { - $results = $db->query('SELECT MAX(timestamp) FROM queries'); + $results = $db->query('SELECT MAX(timestamp) FROM queries'); - if(!is_bool($results)) - $result = array('maxtimestamp' => $results->fetchArray()[0]); - else - $result = array(); + if(!is_bool($results)) + $result = array('maxtimestamp' => $results->fetchArray()[0]); + else + $result = array(); - $data = array_merge($data, $result); + $data = array_merge($data, $result); } if (isset($_GET['getQueriesCount']) && $auth) { - $results = $db->query('SELECT COUNT(timestamp) FROM queries'); + $results = $db->query('SELECT COUNT(timestamp) FROM queries'); - if(!is_bool($results)) - $result = array('count' => $results->fetchArray()[0]); - else - $result = array(); + if(!is_bool($results)) + $result = array('count' => $results->fetchArray()[0]); + else + $result = array(); - $data = array_merge($data, $result); + $data = array_merge($data, $result); } if (isset($_GET['getDBfilesize']) && $auth) { - $filesize = filesize("/etc/pihole/pihole-FTL.db"); - $result = array('filesize' => $filesize); - $data = array_merge($data, $result); + $filesize = filesize("/etc/pihole/pihole-FTL.db"); + $result = array('filesize' => $filesize); + $data = array_merge($data, $result); } if (isset($_GET['getGraphData']) && $auth) { - $limit = ""; + $limit = ""; - if(isset($_GET["from"]) && isset($_GET["until"])) - { - $limit = " AND timestamp >= :from AND timestamp <= :until"; - } - elseif(isset($_GET["from"]) && !isset($_GET["until"])) - { - $limit = " AND timestamp >= :from"; - } - elseif(!isset($_GET["from"]) && isset($_GET["until"])) - { - $limit = " AND timestamp <= :until"; - } + if(isset($_GET["from"]) && isset($_GET["until"])) + { + $limit = " AND timestamp >= :from AND timestamp <= :until"; + } + elseif(isset($_GET["from"]) && !isset($_GET["until"])) + { + $limit = " AND timestamp >= :from"; + } + elseif(!isset($_GET["from"]) && isset($_GET["until"])) + { + $limit = " AND timestamp <= :until"; + } - $interval = 600; + $interval = 600; - if(isset($_GET["interval"])) - { - $q = intval($_GET["interval"]); - if($q >= 10) - $interval = $q; - } + if(isset($_GET["interval"])) + { + $q = intval($_GET["interval"]); + if($q >= 10) + $interval = $q; + } - // Round $from and $until to match the requested $interval - $from = intval((intval($_GET['from'])/$interval)*$interval); - $until = intval((intval($_GET['until'])/$interval)*$interval); + // Round $from and $until to match the requested $interval + $from = intval((intval($_GET['from'])/$interval)*$interval); + $until = intval((intval($_GET['until'])/$interval)*$interval); - // Count permitted queries in intervals - $stmt = $db->prepare('SELECT (timestamp/:interval)*:interval interval, COUNT(*) FROM queries WHERE (status != 0 )'.$limit.' GROUP by interval ORDER by interval'); - $stmt->bindValue(":from", $from, SQLITE3_INTEGER); - $stmt->bindValue(":until", $until, SQLITE3_INTEGER); - $stmt->bindValue(":interval", $interval, SQLITE3_INTEGER); - $results = $stmt->execute(); + // Count permitted queries in intervals + $stmt = $db->prepare('SELECT (timestamp/:interval)*:interval interval, COUNT(*) FROM queries WHERE (status != 0 )'.$limit.' GROUP by interval ORDER by interval'); + $stmt->bindValue(":from", $from, SQLITE3_INTEGER); + $stmt->bindValue(":until", $until, SQLITE3_INTEGER); + $stmt->bindValue(":interval", $interval, SQLITE3_INTEGER); + $results = $stmt->execute(); - // Parse the DB result into graph data, filling in missing interval sections with zero - function parseDBData($results, $interval, $from, $until) { - $data = array(); - $first_db_timestamp = -1; + // Parse the DB result into graph data, filling in missing interval sections with zero + function parseDBData($results, $interval, $from, $until) { + $data = array(); + $first_db_timestamp = -1; - if(!is_bool($results)) { - // Read in the data - while($row = $results->fetchArray()) { - // $data[timestamp] = value_in_this_interval - $data[$row[0]] = intval($row[1]); - if($first_db_timestamp === -1) - $first_db_timestamp = intval($row[0]); - } - } + if(!is_bool($results)) { + // Read in the data + while($row = $results->fetchArray()) { + // $data[timestamp] = value_in_this_interval + $data[$row[0]] = intval($row[1]); + if($first_db_timestamp === -1) + $first_db_timestamp = intval($row[0]); + } + } - // It is unpredictable what the first timestamp returned by the database - // will be. This depends on live data. Hence, we re-align the FROM - // timestamp to avoid unaligned holes appearing as additional - // (incorrect) data points - $aligned_from = $from + (($first_db_timestamp - $from) % $interval); + // It is unpredictable what the first timestamp returned by the database + // will be. This depends on live data. Hence, we re-align the FROM + // timestamp to avoid unaligned holes appearing as additional + // (incorrect) data points + $aligned_from = $from + (($first_db_timestamp - $from) % $interval); - // Fill gaps in returned data - for($i = $aligned_from; $i < $until; $i += $interval) { - if(!array_key_exists($i, $data)) - $data[$i] = 0; - } + // Fill gaps in returned data + for($i = $aligned_from; $i < $until; $i += $interval) { + if(!array_key_exists($i, $data)) + $data[$i] = 0; + } - return $data; - } + return $data; + } - $domains = parseDBData($results, $interval, $from, $until); + $domains = parseDBData($results, $interval, $from, $until); - $result = array('domains_over_time' => $domains); - $data = array_merge($data, $result); + $result = array('domains_over_time' => $domains); + $data = array_merge($data, $result); - // Count blocked queries in intervals - $stmt = $db->prepare('SELECT (timestamp/:interval)*:interval interval, COUNT(*) FROM queries WHERE status IN (1,4,5,6,7,8,9,10,11)'.$limit.' GROUP by interval ORDER by interval'); - $stmt->bindValue(":from", $from, SQLITE3_INTEGER); - $stmt->bindValue(":until", $until, SQLITE3_INTEGER); - $stmt->bindValue(":interval", $interval, SQLITE3_INTEGER); - $results = $stmt->execute(); + // Count blocked queries in intervals + $stmt = $db->prepare('SELECT (timestamp/:interval)*:interval interval, COUNT(*) FROM queries WHERE status IN (1,4,5,6,7,8,9,10,11)'.$limit.' GROUP by interval ORDER by interval'); + $stmt->bindValue(":from", $from, SQLITE3_INTEGER); + $stmt->bindValue(":until", $until, SQLITE3_INTEGER); + $stmt->bindValue(":interval", $interval, SQLITE3_INTEGER); + $results = $stmt->execute(); - $addomains = parseDBData($results, $interval, $from, $until); + $addomains = parseDBData($results, $interval, $from, $until); - $result = array('ads_over_time' => $addomains); - $data = array_merge($data, $result); + $result = array('ads_over_time' => $addomains); + $data = array_merge($data, $result); } if (isset($_GET['status']) && $auth) { - $extra = ";"; - if(isset($_GET["ignore"]) && $_GET["ignore"] === 'DNSMASQ_WARN') - $extra = "WHERE type != 'DNSMASQ_WARN';"; - $results = $db->query('SELECT COUNT(*) FROM message '.$extra); + $extra = ";"; + if(isset($_GET["ignore"]) && $_GET["ignore"] === 'DNSMASQ_WARN') + $extra = "WHERE type != 'DNSMASQ_WARN';"; + $results = $db->query('SELECT COUNT(*) FROM message '.$extra); - if(!is_bool($results)) - $result = array('message_count' => $results->fetchArray()[0]); - else - $result = array(); + if(!is_bool($results)) + $result = array('message_count' => $results->fetchArray()[0]); + else + $result = array(); - $data = array_merge($data, $result); + $data = array_merge($data, $result); } if(isset($_GET["messages"]) && $auth) { - $extra = ";"; - if(isset($_GET["ignore"]) && $_GET["ignore"] === 'DNSMASQ_WARN') - $extra = "WHERE type != 'DNSMASQ_WARN';"; + $extra = ";"; + if(isset($_GET["ignore"]) && $_GET["ignore"] === 'DNSMASQ_WARN') + $extra = "WHERE type != 'DNSMASQ_WARN';"; - $messages = array(); - $results = $db->query('SELECT * FROM message '.$extra); + $messages = array(); + $results = $db->query('SELECT * FROM message '.$extra); - while($results !== false && $res = $results->fetchArray(SQLITE3_ASSOC)) - { - // Convert string to to UTF-8 encoding to ensure php-json can handle it. - // Furthermore, convert special characters to HTML entities to prevent XSS attacks. - foreach ($res as $key => $value) { - if (is_string($value)) - $res[$key] = htmlspecialchars(utf8_encode($value)); - } - array_push($messages, $res); - } + while($results !== false && $res = $results->fetchArray(SQLITE3_ASSOC)) + { + // Convert string to to UTF-8 encoding to ensure php-json can handle it. + // Furthermore, convert special characters to HTML entities to prevent XSS attacks. + foreach ($res as $key => $value) { + if (is_string($value)) + $res[$key] = htmlspecialchars(utf8_encode($value)); + } + array_push($messages, $res); + } - $data = array_merge($data, array('messages' => $messages)); + $data = array_merge($data, array('messages' => $messages)); } if(isset($_GET["jsonForceObject"])) { - echo json_encode($data, JSON_FORCE_OBJECT); + echo json_encode($data, JSON_FORCE_OBJECT); } else { - echo json_encode($data); + echo json_encode($data); } diff --git a/auditlog.php b/auditlog.php index fd1219ed..42eed377 100644 --- a/auditlog.php +++ b/auditlog.php @@ -1,11 +1,14 @@ - @@ -15,62 +18,62 @@
-
-
-

Allowed queries

-
- -
-
- - - - - - - - - - -
DomainHitsActions
+
+
+

Allowed queries

+ +
+
+ + + + + + + + + + +
DomainHitsActions
+
+
+
+ +
+
-
- -
- -
- +
-
-
-

Blocked queries

-
- -
-
- - - - - - - - - - -
DomainHitsActions
+
+
+

Blocked queries

+ +
+
+ + + + + + + + + + +
DomainHitsActions
+
+
+
+ +
+
-
- -
- -
- +
@@ -79,5 +82,5 @@ diff --git a/cname_records.php b/cname_records.php index 17b51b69..7fce4339 100644 --- a/cname_records.php +++ b/cname_records.php @@ -5,7 +5,8 @@ * Network-wide ad blocking via your own hardware. * * This file is copyright under the latest version of the EUPL. -* Please see LICENSE file for your rights under this license. */ +* Please see LICENSE file for your rights under this license. +*/ require "scripts/pi-hole/php/header.php"; ?> @@ -40,9 +41,9 @@ require "scripts/pi-hole/php/header.php";
- Note: -

The target of a CNAME must be a domain that the Pi-hole already has in its cache or is authoritative for. This is a universal limitation of CNAME records.

-

The reason for this is that Pi-hole will not send additional queries upstream when serving CNAME replies. As consequence, if you set a target that isn't already known, the reply to the client may be incomplete. Pi-hole just returns the information it knows at the time of the query. This results in certain limitations for CNAME targets, + Note: +

The target of a CNAME must be a domain that the Pi-hole already has in its cache or is authoritative for. This is a universal limitation of CNAME records.

+

The reason for this is that Pi-hole will not send additional queries upstream when serving CNAME replies. As consequence, if you set a target that isn't already known, the reply to the client may be incomplete. Pi-hole just returns the information it knows at the time of the query. This results in certain limitations for CNAME targets, for instance, only active DHCP leases work as targets - mere DHCP leases aren't sufficient as they aren't (yet) valid DNS records.

Additionally, you can't CNAME external domains (bing.com to google.com) successfully as this could result in invalid SSL certificate errors when the target server does not serve content for the requested domain.

@@ -63,11 +64,11 @@ require "scripts/pi-hole/php/header.php";
- - - - - + + + + +
DomainTargetAction
DomainTargetAction
diff --git a/db_graph.php b/db_graph.php index 07fc7067..6594411e 100644 --- a/db_graph.php +++ b/db_graph.php @@ -1,11 +1,14 @@ - @@ -17,64 +20,63 @@

Compute graphical statistics from the Pi-hole query database

-
-
-
-

- Select date and time range -

-
-
-
-
-
-
- -
- +
+
+
+

+ Select date and time range +

+
+
+
+
+
+
+ +
+ +
+
+
-
-
-
-
-
-
-
-
-

- Queries over the selected time period -

-
-
-
-
-
- +
+
+
+

+ Queries over the selected time period +

+
+
+
+
+
+ +
+
+
+
+ -
-
-
-
- diff --git a/db_lists.php b/db_lists.php index 34951ab5..a49da502 100644 --- a/db_lists.php +++ b/db_lists.php @@ -1,11 +1,14 @@ - @@ -18,27 +21,27 @@
-
-
-
-

- Select date and time range -

-
-
-
-
-
-
- -
- +
+
+
+

+ Select date and time range +

+
+
+
+
+
+
+ +
+ +
+
+
-
-
-
@@ -1403,7 +1416,7 @@ if (isset($_GET['tab']) && in_array($_GET['tab'], array("sysadmin", "dns", "piho
@@ -1420,8 +1433,8 @@ if (isset($_GET['tab']) && in_array($_GET['tab'], array("sysadmin", "dns", "piho
+ name="teleporter_iframe" height="100" + tabindex="-1">
diff --git a/taillog-FTL.php b/taillog-FTL.php index 047c6948..facaad8f 100644 --- a/taillog-FTL.php +++ b/taillog-FTL.php @@ -1,11 +1,14 @@ -
@@ -27,5 +30,5 @@ diff --git a/taillog.php b/taillog.php index 2041f5e2..f9f6690c 100644 --- a/taillog.php +++ b/taillog.php @@ -1,11 +1,14 @@ -
@@ -27,5 +30,5 @@