Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2025-12-27 05:56:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,829 Commits 19 Branches 112 Tags
8b0ee8f4fa35491e69f2b48bb7cacaa5f53a85eb
Commit Graph

771 Commits

Author SHA1 Message Date
DL6ER
8b0ee8f4fa Reduce code duplication 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-04-26 18:29:05 +02:00
DL6ER
cedc59ba78 Show date added 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-04-25 16:06:24 +02:00
DL6ER
d8613aa53b Show comments when available 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-04-25 15:48:26 +02:00
DL6ER
506644b671 Rewrite web interface to allow interaction with database-based lists 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-04-25 15:02:39 +02:00
Mcat12
24a22bcb55 Fix security issue when using list functionality via api.php 
Remote code execution could have been triggered by activating some list
functionality (add and remove) via api.php.

Thanks to Kacper Szurek for finding this bug.

Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
 2019-03-02 13:51:29 -08:00
Mark Drobnak
16d06d6948 Merge pull request #918 from pi-hole/new/fine_grained_externally_blocked_status 
Long-term queries: Request all externally blocked variants when the checkbox is enabled
 2019-02-22 21:53:24 -05:00
DL6ER
e0947d69ab Long-term queries: Request all externally blocked variants when the checkbox is enabled 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-02-22 21:26:36 +01:00
Mark Drobnak
e4d80b5e24 Merge pull request #909 from pi-hole/new/fine_grained_externally_blocked_status 
Implement finer grained external blocking displaying
 2019-02-17 14:14:49 -05:00
DL6ER
f728fd980d DNSSEC UNKNOWN is not an error, it is also shown for queries that are imported from the database 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-02-17 18:40:57 +01:00
DL6ER
635bdfb717 Undo removal of slice operations 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-02-17 11:52:14 +01:00
DL6ER
e433e90308 Remove dead code from scripts/pi-hole/js/index.js 
Removed:
- updateForwardedOverTime();
- updateQueryTypesOverTime();
- slicing on overTime data

Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-02-11 00:52:24 +01:00
DL6ER
8796583818 Implement finer grained external blocking displaying 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-02-04 17:45:30 +01:00
Mcat12
2ba8787261 Merge branch 'release/v4.2' into devel 
# Conflicts:
#	scripts/pi-hole/js/db_graph.js
 2019-02-03 11:24:19 -08:00
DL6ER
adf44443b7 Merge branch 'release/v4.2' into fix/long-term-stats-datetime 2019-01-28 18:48:11 +01:00
Mcat12
f19a538e7f Clarify wording of DNSSEC Unknown status 
Previously, unknown DNSSEC status was marked with a question mark. FTL
loads queries from the database and sets the DNSSEC status to unknown,
because that information is not stored in the database:
https://github.com/pi-hole/FTL/pull/461

Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
 2019-01-26 13:11:08 -08:00
DL6ER
a975576616 Long-term data: Show date range only after user chose a valid range. Fixes #897 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-01-22 23:30:36 +01:00
DL6ER
8ae36a0dcb Fill daterange field with initialization (now-6d -> now) 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-01-20 11:36:39 +01:00
Mark Drobnak
991be959d3 Update scripts/pi-hole/php/savesettings.php 
Co-Authored-By: DL6ER <DL6ER@users.noreply.github.com>
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-01-19 22:35:12 +01:00
Michael Epstein
6447879562 Fix a PHP error generated by "Query Lists". 
Example:
2019/01/18 00:56:46 [error] 19780#19780: *20783 FastCGI sent in stderr: "PHP message: PHP Notice:  ob_end_flush(): failed to delete and flush buffer. No buffer to delete or flush in /var/www/html/admin/scripts/pi-hole/php/queryads.php on line 9" while reading response header from upstream, client: xxx.xxx.xx.xx, server: some.server.lan, request: "GET /admin/scripts/pi-hole/php/queryads.php?domain=windows& HTTP/1.1", upstream: "fastcgi://unix:/run/php/pihole.sock:", host: "some.server.lan", referrer: "https://some.server.lan/admin/queryads.php"

Signed-off-by: Michael Epstein <mepstein@mediabox.cl>
 2019-01-18 01:25:59 -03:00
Michael Epstein
84f6f3dae6 - Fix the delete of blacklist/whitelist records under NGINX + PHP-FPM 
- Fix multiple php warning/error messages when this scripts are executed from AJAX requests

Example errors/warnings:

2019/01/15 13:22:22 [error] 1408#1408: *2535 FastCGI sent in stderr: "PHP message: PHP Notice:  Undefined variable: api in /var/www/html/admin/scripts/pi-hole/php/sub.php on line 16
PHP message: PHP Warning:  Cannot modify header information - headers already sent by (output started at /var/www/html/admin/scripts/pi-hole/php/sub.php:8) in /var/www/html/admin/scripts/pi-hole/php/auth.php on line 81
PHP message: PHP Warning:  session_start(): Cannot start session when headers already sent in /var/www/html/admin/scripts/pi-hole/php/auth.php on line 93

Signed-off-by: Michael Epstein <mepstein@mediabox.cl>
 2019-01-16 01:51:54 -03:00
DL6ER
a10f23b79a Prevent multiple static DHCP entries for the same IP address to get added. Fixes #889 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-01-15 17:17:34 +01:00
Sylvia van Os
525901e552 Read DNS server list from file 
Signed-off-by: Sylvia van Os <sylvia@hackerchick.me>
 2019-01-13 19:49:49 +01:00
DL6ER
39d163d5b7 Only use class "fa" instead of using two classes "fa fas" 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-01-08 21:19:27 +01:00
DL6ER
e44c635807 Properly align Paypal icon. Unfortunately, fas and fab use different alignments so we need to install a special CSS rule here. 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-01-07 18:59:29 +01:00
DL6ER
d07eafc964 Review comments 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-01-07 18:56:56 +01:00
DL6ER
496af21131 Javascript optimizations 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2019-01-06 20:56:06 +01:00
DL6ER
93b4513980 Display vendor information for devices where available 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-12-31 00:23:09 +01:00
DL6ER
cfc3cba10c Make the client column clickable and send the user to the correspondignly filtered Query Log page on click 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-12-29 20:48:07 +01:00
DL6ER
3305982c32 Merge branch 'devel' into new/network-details 2018-12-29 20:21:32 +01:00
DL6ER
78b4397a66 Update FontAwesome from version 4.5.0 to 5.6.3 to have a network icon for the new network details page. Added a navigation bar item for the new page. 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-12-28 19:43:27 +01:00
DL6ER
67b67de4a9 Add "uses Pi-hole" column 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-12-28 12:15:16 +01:00
DL6ER
7030a33d26 Use localized integers for numbers 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-12-27 15:14:45 +01:00
DL6ER
aa38b98ebc Add network details page 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-12-27 15:07:59 +01:00
Dan Schaper
798486b7a3 Merge pull request #879 from pi-hole/hotfix/v4.1.1 
Merge hotfix v4.1.1 into dev
 2018-12-21 09:07:21 -08:00
Dan Schaper
0cf5585d2b Merge pull request #878 from pi-hole/fix/CF_ECS 
Cloudflare does not support ECS
 2018-12-19 09:41:14 -08:00
Dan Schaper
a0961f9e21 Cloudflare does not support ECS 
>EDNS Client Subnet
1.1.1.1 is a privacy centric resolver so it does not send any client IP information and does not send the EDNS Client Subnet Header to authoritative servers.

https://developers.cloudflare.com/1.1.1.1/nitty-gritty-details/
 2018-12-18 18:16:58 -08:00
Mcat12
c382bb67e6 Keep a trailing newline in the regex list when deleting an item 
Fixes #874

Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
 2018-12-15 20:50:36 -05:00
Mark Drobnak
193e43c186 Merge pull request #865 from pi-hole/fix/script-outside-html 
Move script tags inside html tag body
 2018-12-10 16:48:00 -05:00
Mark Drobnak
9fa4cc62cb Merge pull request #872 from pi-hole/release/v4.1 
Update development with final v4.1 changes
 2018-12-09 22:14:30 -05:00
Mark Drobnak
e8b0e97d31 Merge branch 'release/v4.1' into fix/duplicated_list_entries 2018-12-06 23:13:03 -05:00
Mark Drobnak
064e652344 Merge branch 'release/v4.1' into fix/admin-email-security 2018-12-06 12:18:39 -05:00
Mark Drobnak
1850f7e108 Merge branch 'release/v4.1' into fix/privacy_maximum_no_regex 2018-12-05 23:12:48 -05:00
DL6ER
bd84160d4f Show different warning in the case that at least one of the domains to be added were already present 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-11-29 19:47:57 +01:00
DL6ER
99b0535f8e Remove empty line at beginning of output of add.php 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-11-29 18:41:30 +01:00
DL6ER
21ab29dedc Use shell_exec() instead of exec() to obtain the full script output (and not only the last line!) 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-11-29 18:39:23 +01:00
DL6ER
1709631949 Don't use --quiet flag for adding hosts to white- and blacklist 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-11-29 18:02:44 +01:00
DL6ER
18f9ed4532 Update savesettings.php 
Signed-off-by: DL6ER <dl6er@dl6er.de>
 2018-11-26 19:12:08 +01:00
Mark Drobnak
9d4e545593 Use simpler check for dash in is_valid_domain_name 
Signed-off-by: Mark Drobnak <mark.drobnak@gmail.com>
 2018-11-24 11:21:54 -05:00
Mcat12
e7f4ef8a09 Prevent domains sent to queryAds acting as command line options 
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
 2018-11-23 14:43:08 -05:00
Mcat12
13c29336b2 Prevent possible attacks via admin email setting 
The admin email is now treated as a single string (surrounded by single
quotes), and it is not allowed to contain its own single quotes.

Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
 2018-11-23 14:35:43 -05:00