Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2026-05-03 15:14:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'devel' into new/mac_clients

Browse Source 
Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
DL6ER
2020-06-05 22:22:07 +02:00
parent eb3c672545 efd9281fa4
commit a901489a96
258 changed files with 4930 additions and 13929 deletions
Download Patch File Download Diff File Expand all files Collapse all files

126
scripts/pi-hole/php/groups.php
View File

@@ -9,11 +9,13 @@
require_once('auth.php');
// Authentication checks
if (isset($_POST['token'])) {
check_cors();
check_csrf($_POST['token']);
} else {
log_and_die('Not allowed (login session invalid or expired, please relogin on the Pi-hole dashboard)!');
if (!isset($api)) {
if (isset($_POST['token'])) {
check_cors();
check_csrf($_POST['token']);
} else {
log_and_die('Not allowed (login session invalid or expired, please relogin on the Pi-hole dashboard)!');
}
}
$reload = false;
@@ -47,6 +49,8 @@ if ($_POST['action'] == 'get_groups') {
while (($res = $query->fetchArray(SQLITE3_ASSOC)) !== false) {
array_push($data, $res);
}
header('Content-type: application/json');
echo json_encode(array('data' => $data));
} catch (\Exception $ex) {
JSON_error($ex->getMessage());
@@ -54,7 +58,7 @@ if ($_POST['action'] == 'get_groups') {
} elseif ($_POST['action'] == 'add_group') {
// Add new group
try {
$names = explode(' ', trim($_POST['name']));
$names = str_getcsv(trim($_POST['name']), ' ');
$total = count($names);
$added = 0;
$stmt = $db->prepare('INSERT INTO "group" (name,description) VALUES (:name,:desc)');
@@ -62,7 +66,12 @@ if ($_POST['action'] == 'get_groups') {
throw new Exception('While preparing statement: ' . $db->lastErrorMsg());
}
if (!$stmt->bindValue(':desc', $_POST['desc'], SQLITE3_TEXT)) {
$desc = $_POST['desc'];
if (strlen($desc) === 0) {
// Store NULL in database for empty descriptions
$desc = null;
}
if (!$stmt->bindValue(':desc', $desc, SQLITE3_TEXT)) {
throw new Exception('While binding desc: ' . $db->lastErrorMsg());
}
@@ -102,7 +111,7 @@ if ($_POST['action'] == 'get_groups') {
}
$desc = $_POST['desc'];
if (strlen($desc) == 0) {
if (strlen($desc) === 0) {
// Store NULL in database for empty descriptions
$desc = null;
}
@@ -199,6 +208,7 @@ if ($_POST['action'] == 'get_groups') {
array_push($data, $res);
}
header('Content-type: application/json');
echo json_encode(array('data' => $data));
} catch (\Exception $ex) {
JSON_error($ex->getMessage());
@@ -276,6 +286,7 @@ if ($_POST['action'] == 'get_groups') {
}
}
header('Content-type: application/json');
echo json_encode($ips);
} catch (\Exception $ex) {
JSON_error($ex->getMessage());
@@ -297,7 +308,7 @@ if ($_POST['action'] == 'get_groups') {
}
$comment = $_POST['comment'];
if (strlen($comment) == 0) {
if (strlen($comment) === 0) {
// Store NULL in database for empty comments
$comment = null;
}
@@ -327,7 +338,7 @@ if ($_POST['action'] == 'get_groups') {
}
$comment = $_POST['comment'];
if (strlen($comment) == 0) {
if (strlen($comment) === 0) {
// Store NULL in database for empty comments
$comment = null;
}
@@ -424,6 +435,8 @@ if ($_POST['action'] == 'get_groups') {
$limit = " WHERE type = 0 OR type = 2";
} elseif (isset($_POST["showtype"]) && $_POST["showtype"] === "black"){
$limit = " WHERE type = 1 OR type = 3";
} elseif (isset($_POST["type"]) && is_numeric($_POST["type"])){
$limit = " WHERE type = " . $_POST["type"];
}
$query = $db->query('SELECT * FROM domainlist'.$limit);
if (!$query) {
@@ -476,7 +489,7 @@ if ($_POST['action'] == 'get_groups') {
array_push($data, $res);
}
header('Content-type: application/json');
echo json_encode(array('data' => $data));
} catch (\Exception $ex) {
JSON_error($ex->getMessage());
@@ -485,6 +498,7 @@ if ($_POST['action'] == 'get_groups') {
// Add new domain
try {
$domains = explode(' ', trim($_POST['domain']));
$before = intval($db->querySingle("SELECT COUNT(*) FROM domainlist;"));
$total = count($domains);
$added = 0;
$stmt = $db->prepare('REPLACE INTO domainlist (domain,type,comment) VALUES (:domain,:type,:comment)');
@@ -492,13 +506,24 @@ if ($_POST['action'] == 'get_groups') {
throw new Exception('While preparing statement: ' . $db->lastErrorMsg());
}
$type = intval($_POST['type']);
if (isset($_POST['type'])) {
$type = intval($_POST['type']);
} else if (isset($_POST['list']) && $_POST['list'] === "white") {
$type = ListType::whitelist;
} else if (isset($_POST['list']) && $_POST['list'] === "black") {
$type = ListType::blacklist;
}
if (!$stmt->bindValue(':type', $type, SQLITE3_TEXT)) {
throw new Exception('While binding type: ' . $db->lastErrorMsg());
}
if (!$stmt->bindValue(':comment', $_POST['comment'], SQLITE3_TEXT)) {
$comment = $_POST['comment'];
if (strlen($comment) === 0) {
// Store NULL in database for empty comments
$comment = null;
}
if (!$stmt->bindValue(':comment', $comment, SQLITE3_TEXT)) {
throw new Exception('While binding comment: ' . $db->lastErrorMsg());
}
@@ -555,8 +580,23 @@ if ($_POST['action'] == 'get_groups') {
$added++;
}
$after = intval($db->querySingle("SELECT COUNT(*) FROM domainlist;"));
$difference = $after - $before;
if($total === 1) {
if($difference !== 1) {
$msg = "Not adding ". htmlentities(utf8_encode($domain)) . " as it is already on the list";
} else {
$msg = "Added " . htmlentities(utf8_encode($domain));
}
} else {
if($difference !== $total) {
$msg = "Added " . ($after-$before) . " out of ". $total . " domains (skipped duplicates)";
} else {
$msg = "Added " . $total . " domains";
}
}
$reload = true;
JSON_success();
JSON_success($msg);
} catch (\Exception $ex) {
JSON_error($ex->getMessage());
}
@@ -578,7 +618,7 @@ if ($_POST['action'] == 'get_groups') {
}
$comment = $_POST['comment'];
if (strlen($comment) == 0) {
if (strlen($comment) === 0) {
// Store NULL in database for empty comments
$comment = null;
}
@@ -668,6 +708,48 @@ if ($_POST['action'] == 'get_groups') {
throw new Exception('While executing domainlist statement: ' . $db->lastErrorMsg());
}
$reload = true;
JSON_success();
} catch (\Exception $ex) {
JSON_error($ex->getMessage());
}
} elseif ($_POST['action'] == 'delete_domain_string') {
// Delete domain identified by the domain string itself
try {
$stmt = $db->prepare('DELETE FROM domainlist_by_group WHERE domainlist_id=(SELECT id FROM domainlist WHERE domain=:domain AND type=:type);');
if (!$stmt) {
throw new Exception('While preparing domainlist_by_group statement: ' . $db->lastErrorMsg());
}
if (!$stmt->bindValue(':domain', $_POST['domain'], SQLITE3_TEXT)) {
throw new Exception('While binding domain to domainlist_by_group statement: ' . $db->lastErrorMsg());
}
if (!$stmt->bindValue(':type', intval($_POST['type']), SQLITE3_INTEGER)) {
throw new Exception('While binding type to domainlist_by_group statement: ' . $db->lastErrorMsg());
}
if (!$stmt->execute()) {
throw new Exception('While executing domainlist_by_group statement: ' . $db->lastErrorMsg());
}
$stmt = $db->prepare('DELETE FROM domainlist WHERE domain=:domain AND type=:type');
if (!$stmt) {
throw new Exception('While preparing domainlist statement: ' . $db->lastErrorMsg());
}
if (!$stmt->bindValue(':domain', $_POST['domain'], SQLITE3_TEXT)) {
throw new Exception('While binding domain to domainlist statement: ' . $db->lastErrorMsg());
}
if (!$stmt->bindValue(':type', intval($_POST['type']), SQLITE3_INTEGER)) {
throw new Exception('While binding type to domainlist statement: ' . $db->lastErrorMsg());
}
if (!$stmt->execute()) {
throw new Exception('While executing domainlist statement: ' . $db->lastErrorMsg());
}
$reload = true;
JSON_success();
} catch (\Exception $ex) {
@@ -696,7 +778,7 @@ if ($_POST['action'] == 'get_groups') {
array_push($data, $res);
}
header('Content-type: application/json');
echo json_encode(array('data' => $data));
} catch (\Exception $ex) {
JSON_error($ex->getMessage());
@@ -713,12 +795,17 @@ if ($_POST['action'] == 'get_groups') {
throw new Exception('While preparing statement: ' . $db->lastErrorMsg());
}
if (!$stmt->bindValue(':comment', $_POST['comment'], SQLITE3_TEXT)) {
$comment = $_POST['comment'];
if (strlen($comment) === 0) {
// Store NULL in database for empty comments
$comment = null;
}
if (!$stmt->bindValue(':comment', $comment, SQLITE3_TEXT)) {
throw new Exception('While binding comment: ' . $db->lastErrorMsg());
}
foreach ($addresses as $address) {
if(preg_match("/[^a-zA-Z0-9:\/?&%=~._()-]/", $address) !== 0) {
if(preg_match("/[^a-zA-Z0-9:\/?&%=~._()-;]/", $address) !== 0) {
throw new Exception('<strong>Invalid adlist URL ' . htmlentities($address) . '</strong><br>'.
'Added ' . $added . " out of ". $total . " adlists");
}
@@ -758,7 +845,7 @@ if ($_POST['action'] == 'get_groups') {
}
$comment = $_POST['comment'];
if (strlen($comment) == 0) {
if (strlen($comment) === 0) {
// Store NULL in database for empty comments
$comment = null;
}
@@ -853,5 +940,4 @@ if ($_POST['action'] == 'get_groups') {
// Reload lists in pihole-FTL after having added something
if ($reload) {
$output = pihole_execute('restartdns reload-lists');
echo implode("\n", $output);
}