mirror of
https://github.com/pi-hole/web.git
synced 2026-04-24 18:59:48 +01:00
Merge pull request #1387 from pi-hole/new/api_add_sub_get_lists
(Re-)Add API endpoints for list manipulations
This commit is contained in:
Adam Warner
GitHub
@@ -1,93 +0,0 @@
|
||||
<?php
|
||||
/* Pi-hole: A black hole for Internet advertisements
|
||||
* (c) 2017 Pi-hole, LLC (https://pi-hole.net)
|
||||
* Network-wide ad blocking via your own hardware.
|
||||
*
|
||||
* This file is copyright under the latest version of the EUPL.
|
||||
* Please see LICENSE file for your rights under this license. */
|
||||
|
||||
require_once('auth.php');
|
||||
|
||||
$list = $_POST['list'];
|
||||
|
||||
// Perform all of the authentication for list editing
|
||||
// when NOT invoked and authenticated from API
|
||||
if (empty($api)) {
|
||||
list_verify($list);
|
||||
}
|
||||
|
||||
// Split individual domains into array
|
||||
$domains = preg_split('/\s+/', trim($_POST['domain']));
|
||||
|
||||
// Get comment if available
|
||||
$comment = null;
|
||||
if(isset($_POST['comment'])) {
|
||||
$comment = trim($_POST['comment']);
|
||||
}
|
||||
|
||||
// Convert domain name to IDNA ASCII form for international domains
|
||||
// Do this only for exact domains, not for regex filters
|
||||
// Only do it when the php-intl extension is available
|
||||
if (extension_loaded("intl") && ($list === "white" || $list === "black")) {
|
||||
foreach($domains as &$domain)
|
||||
{
|
||||
$domain = idn_to_ascii($domain);
|
||||
}
|
||||
}
|
||||
|
||||
// Only check domains we add to the exact lists.
|
||||
// Regex are validated by FTL during import
|
||||
$check_lists = ["white","black","audit"];
|
||||
if(in_array($list, $check_lists)) {
|
||||
check_domain($domains);
|
||||
}
|
||||
|
||||
require_once("func.php");
|
||||
require_once("database.php");
|
||||
$GRAVITYDB = getGravityDBFilename();
|
||||
$db = SQLite3_connect($GRAVITYDB, SQLITE3_OPEN_READWRITE);
|
||||
|
||||
$reload = true;
|
||||
switch($list) {
|
||||
case "white":
|
||||
$domains = array_map('strtolower', $domains);
|
||||
echo add_to_table($db, "domainlist", $domains, $comment, false, false, ListType::whitelist);
|
||||
break;
|
||||
|
||||
case "black":
|
||||
$domains = array_map('strtolower', $domains);
|
||||
echo add_to_table($db, "domainlist", $domains, $comment, false, false, ListType::blacklist);
|
||||
break;
|
||||
|
||||
case "white_regex":
|
||||
echo add_to_table($db, "domainlist", $domains, $comment, false, false, ListType::regex_whitelist);
|
||||
break;
|
||||
|
||||
case "white_wild":
|
||||
echo add_to_table($db, "domainlist", $domains, $comment, true, false, ListType::regex_whitelist);
|
||||
break;
|
||||
|
||||
case "black_regex":
|
||||
echo add_to_table($db, "domainlist", $domains, $comment, false, false, ListType::regex_blacklist);
|
||||
break;
|
||||
|
||||
case "black_wild":
|
||||
echo add_to_table($db, "domainlist", $domains, $comment, true, false, ListType::regex_blacklist);
|
||||
break;
|
||||
|
||||
case "audit":
|
||||
$reload = false;
|
||||
echo add_to_table($db, "domain_audit", $domains);
|
||||
break;
|
||||
|
||||
default:
|
||||
die("Invalid list!");
|
||||
}
|
||||
|
||||
// Reload lists in pihole-FTL after having added something
|
||||
if ($reload) {
|
||||
$output = pihole_execute("restartdns reload-lists");
|
||||
echo implode("\n", $output);
|
||||
}
|
||||
?>
|
||||
|
||||
@@ -311,9 +311,11 @@ function remove_from_table($db, $table, $domains, $returnnum=false, $type=-1)
|
||||
}
|
||||
}
|
||||
|
||||
class ListType{
|
||||
const whitelist = 0;
|
||||
const blacklist = 1;
|
||||
const regex_whitelist = 2;
|
||||
const regex_blacklist = 3;
|
||||
}
|
||||
if (!class_exists("ListType")) {
|
||||
class ListType{
|
||||
const whitelist = 0;
|
||||
const blacklist = 1;
|
||||
const regex_whitelist = 2;
|
||||
const regex_blacklist = 3;
|
||||
}
|
||||
}
|
||||
@@ -6,7 +6,7 @@
|
||||
* This file is copyright under the latest version of the EUPL.
|
||||
* Please see LICENSE file for your rights under this license. */
|
||||
|
||||
require "scripts/pi-hole/php/database.php";
|
||||
require_once("scripts/pi-hole/php/database.php");
|
||||
|
||||
function gravity_last_update($raw = false)
|
||||
{
|
||||
|
||||
@@ -9,11 +9,13 @@
|
||||
require_once('auth.php');
|
||||
|
||||
// Authentication checks
|
||||
if (isset($_POST['token'])) {
|
||||
check_cors();
|
||||
check_csrf($_POST['token']);
|
||||
} else {
|
||||
log_and_die('Not allowed (login session invalid or expired, please relogin on the Pi-hole dashboard)!');
|
||||
if (!isset($api)) {
|
||||
if (isset($_POST['token'])) {
|
||||
check_cors();
|
||||
check_csrf($_POST['token']);
|
||||
} else {
|
||||
log_and_die('Not allowed (login session invalid or expired, please relogin on the Pi-hole dashboard)!');
|
||||
}
|
||||
}
|
||||
|
||||
$reload = false;
|
||||
@@ -47,6 +49,8 @@ if ($_POST['action'] == 'get_groups') {
|
||||
while (($res = $query->fetchArray(SQLITE3_ASSOC)) !== false) {
|
||||
array_push($data, $res);
|
||||
}
|
||||
|
||||
header('Content-type: application/json');
|
||||
echo json_encode(array('data' => $data));
|
||||
} catch (\Exception $ex) {
|
||||
JSON_error($ex->getMessage());
|
||||
@@ -198,6 +202,7 @@ if ($_POST['action'] == 'get_groups') {
|
||||
array_push($data, $res);
|
||||
}
|
||||
|
||||
header('Content-type: application/json');
|
||||
echo json_encode(array('data' => $data));
|
||||
} catch (\Exception $ex) {
|
||||
JSON_error($ex->getMessage());
|
||||
@@ -232,6 +237,7 @@ if ($_POST['action'] == 'get_groups') {
|
||||
}
|
||||
}
|
||||
|
||||
header('Content-type: application/json');
|
||||
echo json_encode($ips);
|
||||
} catch (\Exception $ex) {
|
||||
JSON_error($ex->getMessage());
|
||||
@@ -380,6 +386,8 @@ if ($_POST['action'] == 'get_groups') {
|
||||
$limit = " WHERE type = 0 OR type = 2";
|
||||
} elseif (isset($_POST["showtype"]) && $_POST["showtype"] === "black"){
|
||||
$limit = " WHERE type = 1 OR type = 3";
|
||||
} elseif (isset($_POST["type"]) && is_numeric($_POST["type"])){
|
||||
$limit = " WHERE type = " . $_POST["type"];
|
||||
}
|
||||
$query = $db->query('SELECT * FROM domainlist'.$limit);
|
||||
if (!$query) {
|
||||
@@ -432,7 +440,7 @@ if ($_POST['action'] == 'get_groups') {
|
||||
array_push($data, $res);
|
||||
}
|
||||
|
||||
|
||||
header('Content-type: application/json');
|
||||
echo json_encode(array('data' => $data));
|
||||
} catch (\Exception $ex) {
|
||||
JSON_error($ex->getMessage());
|
||||
@@ -448,7 +456,13 @@ if ($_POST['action'] == 'get_groups') {
|
||||
throw new Exception('While preparing statement: ' . $db->lastErrorMsg());
|
||||
}
|
||||
|
||||
$type = intval($_POST['type']);
|
||||
if (isset($_POST['type'])) {
|
||||
$type = intval($_POST['type']);
|
||||
} else if (isset($_POST['list']) && $_POST['list'] === "white") {
|
||||
$type = ListType::whitelist;
|
||||
} else if (isset($_POST['list']) && $_POST['list'] === "black") {
|
||||
$type = ListType::blacklist;
|
||||
}
|
||||
|
||||
if (!$stmt->bindValue(':type', $type, SQLITE3_TEXT)) {
|
||||
throw new Exception('While binding type: ' . $db->lastErrorMsg());
|
||||
@@ -624,6 +638,48 @@ if ($_POST['action'] == 'get_groups') {
|
||||
throw new Exception('While executing domainlist statement: ' . $db->lastErrorMsg());
|
||||
}
|
||||
|
||||
$reload = true;
|
||||
JSON_success();
|
||||
} catch (\Exception $ex) {
|
||||
JSON_error($ex->getMessage());
|
||||
}
|
||||
} elseif ($_POST['action'] == 'delete_domain_string') {
|
||||
// Delete domain identified by the domain string itself
|
||||
try {
|
||||
$stmt = $db->prepare('DELETE FROM domainlist_by_group WHERE domainlist_id=(SELECT id FROM domainlist WHERE domain=:domain AND type=:type);');
|
||||
if (!$stmt) {
|
||||
throw new Exception('While preparing domainlist_by_group statement: ' . $db->lastErrorMsg());
|
||||
}
|
||||
|
||||
if (!$stmt->bindValue(':domain', $_POST['domain'], SQLITE3_TEXT)) {
|
||||
throw new Exception('While binding domain to domainlist_by_group statement: ' . $db->lastErrorMsg());
|
||||
}
|
||||
|
||||
if (!$stmt->bindValue(':type', intval($_POST['type']), SQLITE3_INTEGER)) {
|
||||
throw new Exception('While binding type to domainlist_by_group statement: ' . $db->lastErrorMsg());
|
||||
}
|
||||
|
||||
if (!$stmt->execute()) {
|
||||
throw new Exception('While executing domainlist_by_group statement: ' . $db->lastErrorMsg());
|
||||
}
|
||||
|
||||
$stmt = $db->prepare('DELETE FROM domainlist WHERE domain=:domain AND type=:type');
|
||||
if (!$stmt) {
|
||||
throw new Exception('While preparing domainlist statement: ' . $db->lastErrorMsg());
|
||||
}
|
||||
|
||||
if (!$stmt->bindValue(':domain', $_POST['domain'], SQLITE3_TEXT)) {
|
||||
throw new Exception('While binding domain to domainlist statement: ' . $db->lastErrorMsg());
|
||||
}
|
||||
|
||||
if (!$stmt->bindValue(':type', intval($_POST['type']), SQLITE3_INTEGER)) {
|
||||
throw new Exception('While binding type to domainlist statement: ' . $db->lastErrorMsg());
|
||||
}
|
||||
|
||||
if (!$stmt->execute()) {
|
||||
throw new Exception('While executing domainlist statement: ' . $db->lastErrorMsg());
|
||||
}
|
||||
|
||||
$reload = true;
|
||||
JSON_success();
|
||||
} catch (\Exception $ex) {
|
||||
@@ -652,7 +708,7 @@ if ($_POST['action'] == 'get_groups') {
|
||||
array_push($data, $res);
|
||||
}
|
||||
|
||||
|
||||
header('Content-type: application/json');
|
||||
echo json_encode(array('data' => $data));
|
||||
} catch (\Exception $ex) {
|
||||
JSON_error($ex->getMessage());
|
||||
|
||||
Reference in New Issue
Block a user