Re-implement api.php?list actions for add, sub and get.

Signed-off-by: DL6ER <dl6er@dl6er.de>
2025-12-27 05:56:22 +00:00 · 2020-05-26 18:27:26 +02:00
parent 256aff73a6
commit 2fac217943
4 changed files with 103 additions and 29 deletions
--- a/scripts/pi-hole/php/database.php
+++ b/scripts/pi-hole/php/database.php
@@ -311,9 +311,11 @@ function remove_from_table($db, $table, $domains, $returnnum=false, $type=-1)
 	}
 }

-class ListType{
-	const whitelist = 0;
-	const blacklist = 1;
-	const regex_whitelist = 2;
-	const regex_blacklist = 3;
-}
+if (!class_exists("ListType")) {
+	class ListType{
+		const whitelist = 0;
+		const blacklist = 1;
+		const regex_whitelist = 2;
+		const regex_blacklist = 3;
+	}
+}
--- a/scripts/pi-hole/php/gravity.php
+++ b/scripts/pi-hole/php/gravity.php
@@ -6,7 +6,7 @@
 *  This file is copyright under the latest version of the EUPL.
 *  Please see LICENSE file for your rights under this license. */

-require "scripts/pi-hole/php/database.php";
+require_once("scripts/pi-hole/php/database.php");

 function gravity_last_update($raw = false)
 {
--- a/scripts/pi-hole/php/groups.php
+++ b/scripts/pi-hole/php/groups.php
@@ -9,11 +9,13 @@
 require_once('auth.php');

 // Authentication checks
-if (isset($_POST['token'])) {
-    check_cors();
-    check_csrf($_POST['token']);
-} else {
-    log_and_die('Not allowed (login session invalid or expired, please relogin on the Pi-hole dashboard)!');
+if (!isset($api)) {
+    if (isset($_POST['token'])) {
+        check_cors();
+        check_csrf($_POST['token']);
+    } else {
+        log_and_die('Not allowed (login session invalid or expired, please relogin on the Pi-hole dashboard)!');
+    }
 }

 $reload = false;
@@ -47,6 +49,8 @@ if ($_POST['action'] == 'get_groups') {
        while (($res = $query->fetchArray(SQLITE3_ASSOC)) !== false) {
            array_push($data, $res);
        }
+
+        header('Content-type: application/json');
        echo json_encode(array('data' => $data));
    } catch (\Exception $ex) {
        JSON_error($ex->getMessage());
@@ -198,6 +202,7 @@ if ($_POST['action'] == 'get_groups') {
            array_push($data, $res);
        }

+        header('Content-type: application/json');
        echo json_encode(array('data' => $data));
    } catch (\Exception $ex) {
        JSON_error($ex->getMessage());
@@ -232,6 +237,7 @@ if ($_POST['action'] == 'get_groups') {
            }
        }

+        header('Content-type: application/json');
        echo json_encode($ips);
    } catch (\Exception $ex) {
        JSON_error($ex->getMessage());
@@ -380,6 +386,8 @@ if ($_POST['action'] == 'get_groups') {
            $limit = " WHERE type = 0 OR type = 2";
        } elseif (isset($_POST["showtype"]) && $_POST["showtype"] === "black"){
            $limit = " WHERE type = 1 OR type = 3";
+        } elseif (isset($_POST["type"]) && is_numeric($_POST["type"])){
+            $limit = " WHERE type = " . $_POST["type"];
        }
        $query = $db->query('SELECT * FROM domainlist'.$limit);
        if (!$query) {
@@ -432,7 +440,7 @@ if ($_POST['action'] == 'get_groups') {
            array_push($data, $res);
        }

-
+        header('Content-type: application/json');
        echo json_encode(array('data' => $data));
    } catch (\Exception $ex) {
        JSON_error($ex->getMessage());
@@ -624,6 +632,48 @@ if ($_POST['action'] == 'get_groups') {
            throw new Exception('While executing domainlist statement: ' . $db->lastErrorMsg());
        }

+        $reload = true;
+        JSON_success();
+    } catch (\Exception $ex) {
+        JSON_error($ex->getMessage());
+    }
+}  elseif ($_POST['action'] == 'delete_domain_string') {
+    // Delete domain identified by the domain string itself
+    try {
+        $stmt = $db->prepare('DELETE FROM domainlist_by_group WHERE domainlist_id=(SELECT id FROM domainlist WHERE domain=:domain AND type=:type);');
+        if (!$stmt) {
+            throw new Exception('While preparing domainlist_by_group statement: ' . $db->lastErrorMsg());
+        }
+
+        if (!$stmt->bindValue(':domain', $_POST['domain'], SQLITE3_TEXT)) {
+            throw new Exception('While binding domain to domainlist_by_group statement: ' . $db->lastErrorMsg());
+        }
+
+        if (!$stmt->bindValue(':type', intval($_POST['type']), SQLITE3_INTEGER)) {
+            throw new Exception('While binding type to domainlist_by_group statement: ' . $db->lastErrorMsg());
+        }
+
+        if (!$stmt->execute()) {
+            throw new Exception('While executing domainlist_by_group statement: ' . $db->lastErrorMsg());
+        }
+
+        $stmt = $db->prepare('DELETE FROM domainlist WHERE domain=:domain AND type=:type');
+        if (!$stmt) {
+            throw new Exception('While preparing domainlist statement: ' . $db->lastErrorMsg());
+        }
+
+        if (!$stmt->bindValue(':domain', $_POST['domain'], SQLITE3_TEXT)) {
+            throw new Exception('While binding domain to domainlist statement: ' . $db->lastErrorMsg());
+        }
+
+        if (!$stmt->bindValue(':type', intval($_POST['type']), SQLITE3_INTEGER)) {
+            throw new Exception('While binding type to domainlist statement: ' . $db->lastErrorMsg());
+        }
+
+        if (!$stmt->execute()) {
+            throw new Exception('While executing domainlist statement: ' . $db->lastErrorMsg());
+        }
+
        $reload = true;
        JSON_success();
    } catch (\Exception $ex) {
@@ -652,7 +702,7 @@ if ($_POST['action'] == 'get_groups') {
            array_push($data, $res);
        }

-
+        header('Content-type: application/json');
        echo json_encode(array('data' => $data));
    } catch (\Exception $ex) {
        JSON_error($ex->getMessage());