Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2025-12-25 05:05:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rebase off devel to only add "-bp" functionality

Browse Source 
* Included pcre.recursion_limit as a safety cutoff measure
This commit is contained in:
WaLLy3K
2017-07-19 00:29:47 +10:00
committed by GitHub
parent ab126d94e0
commit 3a17f9da13
1 changed files with 44 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
scripts/pi-hole/php/queryads.php
View File

@@ -9,31 +9,57 @@
ob_end_flush();
ini_set("output_buffering", "0");
ob_implicit_flush(true);
header("Content-Type: text/event-stream");
header("Cache-Control: no-cache");
header('Content-Type: text/event-stream');
header('Cache-Control: no-cache');
function echoEvent($datatext) {
if(!isset($_GET["IE"]))
echo "data: ".implode("\ndata: ", explode("\n", $datatext))."\n\n";
else
echo $datatext;
}
// Credit: http://stackoverflow.com/a/4694816/2087442
ini_set("pcre.recursion_limit", 1500);
function validate_domain($domain) { // Cr: http://stackoverflow.com/a/4694816
return (preg_match("/^([a-z\d]((-|_)*[a-z\d])*)(\.([a-z\d]((-|_)*[a-z\d])*))*$/i", $domain) // Valid chars check
&& preg_match("/^.{1,253}$/", $domain) // Overall length check
&& preg_match("/^[^\.]{1,63}(\.[^\.]{1,63})*$/", $domain)); // Length of each label
function is_valid_domain_name($domain_name)
{
return (preg_match("/^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$/i", $domain_name) // Valid chars check
&& preg_match("/^.{1,253}$/", $domain_name) // Overall length check
&& preg_match("/^[^\.]{1,63}(\.[^\.]{1,63})*$/", $domain_name) ); // Length of each label
}
// Validate domain, if set
if(isset($_GET["domain"])) {
if(validate_domain($_GET["domain"])) {
$domain = $_GET["domain"];
} else {
die("::: Invalid domain");
// Test if domain is set
if(isset($_GET["domain"]))
{
// Is this a valid domain?
$url = $_GET["domain"];
if(!is_valid_domain_name($url))
{
echoEvent("Invalid domain!");
die();
}
} else {
die("::: Domain query not specified");
}
else
{
echoEvent("No domain provided");
die();
}
$exact = isset($_GET["exact"]) ? "-exact" : "";
if(isset($_GET["exact"]))
{
$exact = "-exact";
}
elseif(isset($_GET["bp"]))
{
$exact = "-bp";
}
else
{
$exact = "";
}
$proc = popen("sudo pihole -q ".escapeshellarg($domain)." $exact", "r");
$proc = popen("sudo pihole -q ".$url." ".$exact, 'r');
while (!feof($proc)) {
echo fread($proc, 4096);
echoEvent(fread($proc, 4096));
}
?>