add.php 4.35 KB
Newer Older
1
<!-- /* Copyright (c) 2011, David Morley. This file is licensed under the Affero General Public License version 3 or later. See the COPYRIGHT file. */ -->
David Morley's avatar
David Morley committed
2
<?php
3
require_once __DIR__ . '/../logging.php';
dmorley's avatar
dmorley committed
4
require_once __DIR__ . '/../config.php';
dmorley's avatar
dmorley committed
5
$log = new Logging();
dmorley's avatar
dmorley committed
6
$log->lfile(__DIR__ . '/../' . $log_dir . '/add.log');
David Morley's avatar
David Morley committed
7
if (!($_domain = $_GET['domain'] ?? null)) {
8 9 10
  $log->lwrite('no domain given');
  die('no pod domain given');
}
David Morley's avatar
David Morley committed
11 12 13 14

$_domain = strtolower($_domain);
if (!filter_var(gethostbyname($_domain), FILTER_VALIDATE_IP)) {
  die('Could not validate the domain name, be sure to enter it as "domain.com" (no caps, no slashes, no extras)');
15
}
16

dmorley's avatar
cleanup  
dmorley committed
17
$dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
18 19
$dbh || die('Error in connection: ' . pg_last_error());

David Morley's avatar
David Morley committed
20
$sql    = 'SELECT domain, stats_apikey, publickey, email FROM pods';
dmorley's avatar
cleanup  
dmorley committed
21
$result = pg_query($dbh, $sql);
22 23
$result || die('Error in SQL query: ' . pg_last_error());

dmorley's avatar
cleanup  
dmorley committed
24
while ($row = pg_fetch_array($result)) {
David Morley's avatar
David Morley committed
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55
  if ($row['domain'] === $_domain ) {
    if ($row['email']) {
      $log->lwrite('domain already exists and is registered to an owner' . $_domain);
      die('domain already exists and is registered to an owner, use the edit function to modify');
    }

    $digtxt = exec(escapeshellcmd('dig ' . $_domain . ' TXT +short'));
    if (strpos($digtxt, $row['publickey']) !== false) {
      echo 'domain validated, you can now add details '; 
      $uuid     = md5(uniqid($_domain, true));
      $expire   = time() + 2700;
      $sql      = 'UPDATE pods SET token = $1, tokenexpire = $2 WHERE domain = $3';
      $result   = pg_query_params($dbh, $sql, [$uuid, date('Y-m-d H:i:s', $expire), $_domain]);
      $result   || die('Error in SQL query: ' . pg_last_error());
      
      echo <<<EOF
      <form action="edit.php" method="get">
      <input type="hidden" name="domain" value="{$_domain}">
      <input type="hidden" name="token" value="{$uuid}">
      <label>Email <input type="text" size="20" name="email"></label><br>
      <label>Terms Link <input type="text" size="20" name="terms"></label><br>
      <label>Weight <input type="text" size="2" name="weight"> This lets you weight your pod lower on the list if you have too much traffic coming in, 10 is the norm use lower to move down the list.</label><br>
      <input type="submit" name="action" value="save">
      </form>
EOF;
      
      die;
    } else {
      $log->lwrite('domain already exists and can be registered' . $_domain);
      die('domain already exists, you can claim the domain by adding a DNS TXT record that states<br><b> ' . $_domain . ' IN TXT "' . $row['publickey'] . '"</b>');
    }
dmorley's avatar
cleanup  
dmorley committed
56
  }
57 58
}

dmorley's avatar
cleanup  
dmorley committed
59
$chss = curl_init();
60
curl_setopt($chss, CURLOPT_URL, 'https://' . $_domain . '/nodeinfo/1.0');
dmorley's avatar
cleanup  
dmorley committed
61 62 63 64 65 66 67
curl_setopt($chss, CURLOPT_POST, 0);
curl_setopt($chss, CURLOPT_HEADER, 0);
curl_setopt($chss, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($chss, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($chss, CURLOPT_NOBODY, 0);
$outputssl = curl_exec($chss);
curl_close($chss);
68

dmorley's avatar
dmorley committed
69
if (stristr($outputssl, 'openRegistrations')) {
70
  $log->lwrite('Your pod has ssl and is valid ' . $_domain);
71
  echo 'Your pod has ssl and is valid<br>';
dmorley's avatar
fixes  
dmorley committed
72

David Morley's avatar
David Morley committed
73 74 75
  $publickey = md5(uniqid($domain, true));
  $sql    = 'INSERT INTO pods (domain, email, terms, publickey) VALUES ($1, $2, $3, $4, $5)';
  $result = pg_query_params($dbh, $sql, [$_domain, $_email, $_terms, $publickey]);
76 77
  $result || die('Error in SQL query: ' . pg_last_error());

78
  $to      = $adminemail;
79 80 81 82
  $subject = 'New pod added to ' . $_SERVER['HTTP_HOST'];
  $headers = ['From: ' . $_email, 'Reply-To: ' . $_email, 'Cc: ' . $_email];

  $message_lines = [
dmorley's avatar
dmorley committed
83
    'https://' . $_SERVER['HTTP_HOST'],
84 85 86 87 88 89 90 91
    'Stats Url: https://api.uptimerobot.com/getMonitors?format=json&noJsonCallback=1&customUptimeRatio=7-30-60-90&apiKey=' . $_stats_apikey,
    'Pod: https://' . $_SERVER['HTTP_HOST'] . '/db/pull.php?debug=1&domain=' . $_domain,
    '',
    'Your pod will not show up right away, as it needs to pass a few checks first.',
    'Give it a few hours!',
  ];

  @mail($to, $subject, implode("\r\n", $message_lines), implode("\r\n", $headers));
92

93
  echo 'Data successfully inserted! Your pod will be reviewed and live on the list in a few hours!';
94

95
} else {
dmorley's avatar
dmorley committed
96 97
  $log->lwrite('Could not validate your pod, check your setup! ' . $_domain);
  echo 'Could not validate your pod, check your setup!<br>Take a look at <a href="https://' . $_domain . '/nodeinfo/1.0">your /nodeinfo</a>';
98
}
dmorley's avatar
dmorley committed
99
$log->lclose();