Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2026-05-17 06:10:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,900 Commits 25 Branches 114 Tags
12e0ce2f4c8aba2edb35f833ea54f96e68490d9a
Commit Graph

430 Commits

Author SHA1 Message Date
DL6ER 7d9206c2cd Merge pull request #975 from pi-hole/fix/settings-page-adlists 
Use the renamed adlist table when getting adlists
 2019-07-04 22:13:20 +02:00
Mcat12 8819825dc8 Upgrade the exporter/importer (teleporter) to use the gravity database 
Also fixed the content type of the tar.gz archive from zip to gzip.

Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
 2019-07-04 12:31:02 -07:00
Mcat12 86ba703ef5 Use the renamed adlist table when getting adlists 
This fixes an error shown on the settings page.

Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
 2019-07-04 11:28:01 -07:00
Mark Drobnak 4e1df1664c Merge pull request #951 from pi-hole/new/arp-flush 
Add button for pihole arpflush on Pi-hole settings page
 2019-07-04 14:10:29 -04:00
Mcat12 f7905167c0 Prevent command injection via admin email 
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
 2019-07-01 20:17:10 -07:00
DL6ER 43fa24fbea Glue needs to be the first argument of implode 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-05-30 22:11:13 +02:00
DL6ER 72abc5dad4 Add button for pihole arpflush on Pi-hole settings page 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-05-30 22:05:13 +02:00
DL6ER ced7174c37 Modify adlists subpage of the settings page to sources the lists from the gravity database. 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-04-28 20:42:50 +02:00
DL6ER 406a946b24 Add new file scripts/pi-hole/php/database.php 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-04-26 18:32:33 +02:00
DL6ER 8b0ee8f4fa Reduce code duplication 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-04-26 18:29:05 +02:00
DL6ER 506644b671 Rewrite web interface to allow interaction with database-based lists 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-04-25 15:02:39 +02:00
Mcat12 24a22bcb55 Fix security issue when using list functionality via api.php 
Remote code execution could have been triggered by activating some list
functionality (add and remove) via api.php.

Thanks to Kacper Szurek for finding this bug.

Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
 2019-03-02 13:51:29 -08:00
Mcat12 2ba8787261 Merge branch 'release/v4.2' into devel 
# Conflicts:
#	scripts/pi-hole/js/db_graph.js
 2019-02-03 11:24:19 -08:00
Mark Drobnak 991be959d3 Update scripts/pi-hole/php/savesettings.php 
Co-Authored-By: DL6ER <DL6ER@users.noreply.github.com>
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-01-19 22:35:12 +01:00
Michael Epstein 6447879562 Fix a PHP error generated by "Query Lists". 
Example:
2019/01/18 00:56:46 [error] 19780#19780: *20783 FastCGI sent in stderr: "PHP message: PHP Notice:  ob_end_flush(): failed to delete and flush buffer. No buffer to delete or flush in /var/www/html/admin/scripts/pi-hole/php/queryads.php on line 9" while reading response header from upstream, client: xxx.xxx.xx.xx, server: some.server.lan, request: "GET /admin/scripts/pi-hole/php/queryads.php?domain=windows& HTTP/1.1", upstream: "fastcgi://unix:/run/php/pihole.sock:", host: "some.server.lan", referrer: "https://some.server.lan/admin/queryads.php"

Signed-off-by: Michael Epstein <mepstein@mediabox.cl>
 2019-01-18 01:25:59 -03:00
Michael Epstein 84f6f3dae6 - Fix the delete of blacklist/whitelist records under NGINX + PHP-FPM 
- Fix multiple php warning/error messages when this scripts are executed from AJAX requests

Example errors/warnings:

2019/01/15 13:22:22 [error] 1408#1408: *2535 FastCGI sent in stderr: "PHP message: PHP Notice:  Undefined variable: api in /var/www/html/admin/scripts/pi-hole/php/sub.php on line 16
PHP message: PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/www/html/admin/scripts/pi-hole/php/sub.php:8) in /var/www/html/admin/scripts/pi-hole/php/auth.php on line 81
PHP message: PHP Warning:  session_start(): Cannot start session when headers already sent in /var/www/html/admin/scripts/pi-hole/php/auth.php on line 93

Signed-off-by: Michael Epstein <mepstein@mediabox.cl>
 2019-01-16 01:51:54 -03:00
DL6ER a10f23b79a Prevent multiple static DHCP entries for the same IP address to get added. Fixes #889 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-01-15 17:17:34 +01:00
Sylvia van Os 525901e552 Read DNS server list from file 
Signed-off-by: Sylvia van Os <sylvia@hackerchick.me>
 2019-01-13 19:49:49 +01:00
DL6ER 39d163d5b7 Only use class "fa" instead of using two classes "fa fas" 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-01-08 21:19:27 +01:00
DL6ER e44c635807 Properly align Paypal icon. Unfortunately, fas and fab use different alignments so we need to install a special CSS rule here. 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-01-07 18:59:29 +01:00
DL6ER d07eafc964 Review comments 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-01-07 18:56:56 +01:00
DL6ER 3305982c32 Merge branch 'devel' into new/network-details 2018-12-29 20:21:32 +01:00
DL6ER 78b4397a66 Update FontAwesome from version 4.5.0 to 5.6.3 to have a network icon for the new network details page. Added a navigation bar item for the new page. 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-12-28 19:43:27 +01:00
Dan Schaper 798486b7a3 Merge pull request #879 from pi-hole/hotfix/v4.1.1 
Merge hotfix v4.1.1 into dev
 2018-12-21 09:07:21 -08:00
Dan Schaper 0cf5585d2b Merge pull request #878 from pi-hole/fix/CF_ECS 
Cloudflare does not support ECS
 2018-12-19 09:41:14 -08:00
Dan Schaper a0961f9e21 Cloudflare does not support ECS 
>EDNS Client Subnet
1.1.1.1 is a privacy centric resolver so it does not send any client IP information and does not send the EDNS Client Subnet Header to authoritative servers.

https://developers.cloudflare.com/1.1.1.1/nitty-gritty-details/
 2018-12-18 18:16:58 -08:00
Mcat12 c382bb67e6 Keep a trailing newline in the regex list when deleting an item 
Fixes #874

Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
 2018-12-15 20:50:36 -05:00
Mark Drobnak 193e43c186 Merge pull request #865 from pi-hole/fix/script-outside-html 
Move script tags inside html tag body
 2018-12-10 16:48:00 -05:00
Mark Drobnak 9fa4cc62cb Merge pull request #872 from pi-hole/release/v4.1 
Update development with final v4.1 changes
 2018-12-09 22:14:30 -05:00
Mark Drobnak e8b0e97d31 Merge branch 'release/v4.1' into fix/duplicated_list_entries 2018-12-06 23:13:03 -05:00
Mark Drobnak 064e652344 Merge branch 'release/v4.1' into fix/admin-email-security 2018-12-06 12:18:39 -05:00
Mark Drobnak 1850f7e108 Merge branch 'release/v4.1' into fix/privacy_maximum_no_regex 2018-12-05 23:12:48 -05:00
DL6ER 99b0535f8e Remove empty line at beginning of output of add.php 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-11-29 18:41:30 +01:00
DL6ER 21ab29dedc Use shell_exec() instead of exec() to obtain the full script output (and not only the last line!) 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-11-29 18:39:23 +01:00
DL6ER 1709631949 Don't use --quiet flag for adding hosts to white- and blacklist 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-11-29 18:02:44 +01:00
DL6ER 18f9ed4532 Update savesettings.php 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-11-26 19:12:08 +01:00
Mark Drobnak 9d4e545593 Use simpler check for dash in is_valid_domain_name 
Signed-off-by: Mark Drobnak <mark.drobnak@gmail.com>
 2018-11-24 11:21:54 -05:00
Mcat12 e7f4ef8a09 Prevent domains sent to queryAds acting as command line options 
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
 2018-11-23 14:43:08 -05:00
Mcat12 13c29336b2 Prevent possible attacks via admin email setting 
The admin email is now treated as a single string (surrounded by single
quotes), and it is not allowed to contain its own single quotes.

Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
 2018-11-23 14:35:43 -05:00
Mcat12 79c7c893ac Move footer script back to footer 
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
 2018-11-10 13:55:37 -05:00
Mcat12 500b3b774c Move dependency scripts to header 
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
 2018-11-10 13:54:33 -05:00
DL6ER ba11c7b394 Disply that the privacy level wasn't changed when this is the case. 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-11-10 08:40:05 +01:00
DL6ER 8c08ec2a10 Automatically restart DNS resolver when privacy level is lowered 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-11-10 08:38:55 +01:00
Mark Drobnak f612e51f15 Merge pull request #852 from bitcynth/patch-1 
Error handling in savesettings.php
 2018-11-07 18:03:38 -05:00
Cynthia 34bbb9a70e Error handling in savesettings.php 
This is to address https://github.com/pi-hole/pi-hole/issues/2444

Signed-off-by: Cynthia Revstrom <me@cynthia.re>
 2018-10-03 02:28:27 +02:00
Mark Drobnak 02cc5fad15 Write newline after wildcard 
This makes the web interface add wildcards in the same way as the CLI.

Signed-off-by: Mark Drobnak <mark.drobnak@gmail.com>
 2018-09-01 19:34:25 -04:00
Mark Drobnak 4a63500d10 Merge pull request #834 from MikeSouza/new/list-api 
Add API support for list actions
 2018-09-01 19:29:01 -04:00
DL6ER 6441a675c5 Add Quad9 secondary IPv6 IP addresses. This was a feature request on Discourse. 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-08-31 12:48:25 +02:00
DL6ER 9a950147c4 Add explanation what ECS is as we shouldn't use acronyms without explaining them. Further, this information may be useful for less tech-savvy users. 
Add that (at least) Google, OpenDNS, and Cloudflare use ECS (according to http://www.afasterinternet.com/participants.htm). I found no reference for the other providers in the table.

Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-08-30 17:56:11 +02:00
DL6ER a2ade60cea Add more detailed selections for the services offered by Quad9 and improve responsive design 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-08-30 17:35:47 +02:00