Currently we have some license issues. We are working on it.

Verified Commit e62dd79c authored by noplanman's avatar noplanman
Browse files

Prefer single quotes instead of double quotes for strings.

parent 48db15c5
<?php
//Copyright (c) 2011, David Morley. This file is licensed under the Affero General Public License version 3 or later. See the COPYRIGHT file.
if ($_GET['key'] != "4r45tg") {die;}
if ($_GET['key'] != '4r45tg') {die;}
require_once __DIR__ . '/config.php';
$dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
if (!$dbh) {
die("Error in connection: " . pg_last_error());
die('Error in connection: ' . pg_last_error());
}
if ($_GET['format'] == "georss") {
if ($_GET['format'] == 'georss') {
echo <<<EOF
<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom"
......@@ -21,15 +21,15 @@ EOF;
$sql = "SELECT * FROM pods WHERE hidden <> 'yes'";
$result = pg_query($dbh, $sql);
if (!$result) {
die("Error in SQL query: " . pg_last_error());
die('Error in SQL query: ' . pg_last_error());
}
$numrows = pg_num_rows($result);
while ($row = pg_fetch_array($result)) {
$pod_name = htmlentities($row["name"], ENT_QUOTES);
$tip="";
$tip.="\n This pod {$pod_name} has been watched for {$row["monthsmonitored"]} months and its average ping time is {$row["responsetimelast7"]} with uptime of {$row["uptimelast7"]}% this month and was last checked on {$row["dateupdated"]}. ";
$tip.="On a score of 100 this pod is a {$row["score"]} right now";
if ($row["secure"] == "true") {$method = "https://";} else {$method = "http://";}
$pod_name = htmlentities($row['name'], ENT_QUOTES);
$tip= '';
$tip.="\n This pod {$pod_name} has been watched for {$row['monthsmonitored']} months and its average ping time is {$row['responsetimelast7']} with uptime of {$row['uptimelast7']}% this month and was last checked on {$row['dateupdated']}. ";
$tip.="On a score of 100 this pod is a {$row['score']} right now";
if ($row['secure'] == 'true') {$method = 'https://';} else {$method = 'http://';}
echo <<<EOF
<entry>
<title>{$method}{$row['domain']}</title>
......@@ -43,13 +43,13 @@ EOF;
EOF;
}
echo "</feed>";
echo '</feed>';
}
elseif ($_GET['format'] == "json") {
$sql = "SELECT id,domain,status,secure,score,userrating,adminrating,city,state,country,lat,long,ip,ipv6,pingdomurl,monthsmonitored,uptimelast7,responsetimelast7,local_posts,comment_counts,dateCreated,dateUpdated,dateLaststats,hidden FROM pods";
elseif ($_GET['format'] == 'json') {
$sql = 'SELECT id,domain,status,secure,score,userrating,adminrating,city,state,country,lat,long,ip,ipv6,pingdomurl,monthsmonitored,uptimelast7,responsetimelast7,local_posts,comment_counts,dateCreated,dateUpdated,dateLaststats,hidden FROM pods';
$result = pg_query($dbh, $sql);
if (!$result) {
die("Error in SQL query: " . pg_last_error());
die('Error in SQL query: ' . pg_last_error());
}
$numrows = pg_num_rows($result);
//json output, thx Vipul A M for fixing this
......@@ -57,7 +57,7 @@ elseif ($_GET['format'] == "json") {
$rows=array_values(pg_fetch_all($result));
$obj->podcount = $numrows;
$obj->pods = $rows;
if ($_GET['method'] == "jsonp") {
if ($_GET['method'] == 'jsonp') {
print $_GET['callback'] . '(' . json_encode($obj) . ')';
} else {
print json_encode($obj);
......@@ -68,15 +68,15 @@ elseif ($_GET['format'] == "json") {
$sql = "SELECT * FROM pods WHERE hidden <> 'yes' ORDER BY uptimelast7 DESC";
$result = pg_query($dbh, $sql);
if (!$result) {
die("Error in SQL query: " . pg_last_error());
die('Error in SQL query: ' . pg_last_error());
}
$numrows = pg_num_rows($result);
while ($row = pg_fetch_array($result)) {
if ($row["status"] == "up"){$status="Online";} else {$status="Offline";}
if ($row["secure"] == "true") {$method = "https://";$class="green";} else {$method = "http://";$class="red";}
echo $row["domain"] ." Up ".$row["uptimelast7"]."% This Month - Located in: ".$row["country"];
if ($row['status'] == 'up'){$status = 'Online';} else {$status = 'Offline';}
if ($row['secure'] == 'true') {$method = 'https://';$class = 'green';} else {$method = 'http://';$class = 'red';}
echo $row['domain'] . ' Up ' . $row['uptimelast7'] . '% This Month - Located in: ' . $row['country'];
if ($i < ($numrows -1)) {
echo ",";
echo ',';
}
$i++;
......
......@@ -4,12 +4,12 @@ require_once __DIR__ . '/config.php';
$dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
if (!$dbh) {
die("Error in connection: " . pg_last_error());
die('Error in connection: ' . pg_last_error());
}
$sql = "SELECT * FROM pods WHERE hidden <> 'no' AND score < 50 ORDER BY weightedscore";
$result = pg_query($dbh, $sql);
if (!$result) {
die("Error in SQL query: " . pg_last_error());
die('Error in SQL query: ' . pg_last_error());
}
$numrows = pg_num_rows($result);
echo "<meta property='og:title' content='";
......@@ -25,7 +25,7 @@ echo $numrows;
<tr>
<th>Pod<a class="tipsy" title="A pod is a site for you to set up your account.">?</a></th>
<th>Version<a class="tipsy" title="Version of Diaspora this pod runs">?</a></th>
<th>Uptime<a class="tipsy" title="Percent of the time the pod is online for <?php echo date("F") ?>.">?</a></th>
<th>Uptime<a class="tipsy" title="Percent of the time the pod is online for <?php echo date('F') ?>.">?</a></th>
<th>ms</th>
<th>Signups</th>
<th>Total<a class="tipsy" title="Number of total users on this pod.">?</a></th>
......@@ -43,54 +43,55 @@ echo $numrows;
<?php
while ($row = pg_fetch_array($result)) {
$tt=$tt+1;
if ($row["secure"] == "true") {
$method = "https://";
$class="green";
$tip="This pod uses SSL encryption for traffic.";}
if ($row['secure'] == 'true') {
$method = 'https://';
$class= 'green';
$tip= 'This pod uses SSL encryption for traffic.';}
else {
$method = "http://";
$class="red";
$tip="This pod does not offer SSL";
$method = 'http://';
$class= 'red';
$tip= 'This pod does not offer SSL';
}
$verdiff = str_replace(".", "", $row["masterversion"]) - str_replace('.', '', $row["shortversion"]);
$verdiff = str_replace('.', '', $row['masterversion']) - str_replace('.', '', $row['shortversion']);
$pod_name = htmlentities($row["name"], ENT_QUOTES);
$tip.="\n This pod {$pod_name} has been watched for {$row["monthsmonitored"]} months and its average ping time is {$row["responsetimelast7"]} with uptime of {$row["uptimelast7"]}% this month and was last checked on {$row["dateupdated"]}. ";
$tip.="On a score of -20 to +20 this pod is a {$row["score"]} right now";
$pod_name = htmlentities($row['name'], ENT_QUOTES);
$tip.="\n This pod {$pod_name} has been watched for {$row['monthsmonitored']} months and its average ping time is {$row['responsetimelast7']} with uptime of {$row['uptimelast7']}% this month and was last checked on {$row['dateupdated']}. ";
$tip.="On a score of -20 to +20 this pod is a {$row['score']} right now";
echo "<tr><td><a class='$class' target='new' href='". $method . $row["domain"] ."'>" . $row["domain"] . " <div title='$tip' class='tipsy' style='display: inline-block'>?</div></a></td>";
"</div></td>";
echo "<tr><td><a class='$class' target='new' href='". $method . $row['domain'] . "'>" . $row['domain'] . " <div title='$tip' class='tipsy' style='display: inline-block'>?</div></a></td>";
'</div></td>';
if (stristr($row["shortversion"],'head'))
{$version=".dev";$pre = "This pod runs pre release
development code";} elseif (!$row["shortversion"])
{$version="0";$pre = "This pod runs
unknown code";}
if (stristr($row['shortversion'],'head'))
{$version = '.dev';$pre = 'This pod runs pre release
development code';} elseif (!$row['shortversion'])
{$version = '0';$pre = 'This pod runs
unknown code';}
else
{$version=$row["shortversion"];$pre="This pod runs production code";}
if ($row["shortversion"] == $row["masterversion"] && $row["shortversion"] != "") {$classver = "green";} elseif ($verdiff > 6) {$classver = "red";} else {$classver = "black";}
echo "<td class='$classver'><div title='{$pre} codename: {$row["longversion"]} master version is: {$row["masterversion"]}' class='tipsy'>{$version}</div></td>";
echo "<td>" . $row["uptimelast7"] . "</td>";
echo "<td>" . $row["responsetimelast7"] . "</td>";
if ($row["signup"] == 1) {$signup="Open";} else {$signup="Closed";}
echo "<td>" . $signup . "</td>";
echo "<td>" . $row["total_users"] . "</td>";
echo "<td>" . $row["active_users_halfyear"] . "</td>";
echo "<td>" . $row["active_users_monthly"] . "</td>";
echo "<td>" . $row["local_posts"] . "</td>";
echo "<td>" . $row["comment_counts"] . "</td>";
if (strpos($row["pingdomurl"], "pingdom.com")) {$moreurl = $row["pingdomurl"];} else {$moreurl = "http://api.uptimerobot.com/getMonitors?format=json&customUptimeRatio=7-30-60-90&apiKey=".$row["pingdomurl"];}
echo "<td><div title='Last Check ".$row["dateupdated"]."' class='tipsy'><a target='new' href='".$moreurl."'>" . $row["monthsmonitored"] . "</a></div></td>";
echo "<td>" . $row["score"] . "</td>\n";
echo "<td><div class='tipsy' title='".$row["sslvalid"]."'>con info </td>\n";
{$version =$row['shortversion'];$pre = 'This pod runs production code';}
if ($row['shortversion'] == $row['masterversion'] && $row['shortversion'] != '') {$classver = 'green';} elseif ($verdiff > 6) {$classver = 'red';} else {$classver = 'black';}
echo "<td class='$classver'><div title='{$pre} codename: {$row['longversion']} master version is: {$row['masterversion']}' class='tipsy'>{$version}</div></td>";
echo '<td>' . $row['uptimelast7'] . '</td>';
echo '<td>' . $row['responsetimelast7'] . '</td>';
if ($row['signup'] == 1) {$signup = 'Open';} else {$signup = 'Closed';}
echo '<td>' . $signup . '</td>';
echo '<td>' . $row['total_users'] . '</td>';
echo '<td>' . $row['active_users_halfyear'] . '</td>';
echo '<td>' . $row['active_users_monthly'] . '</td>';
echo '<td>' . $row['local_posts'] . '</td>';
echo '<td>' . $row['comment_counts'] . '</td>';
if (strpos($row['pingdomurl'],
'pingdom.com')) {$moreurl = $row['pingdomurl'];} else {$moreurl = 'http://api.uptimerobot.com/getMonitors?format=json&customUptimeRatio=7-30-60-90&apiKey=' . $row['pingdomurl'];}
echo "<td><div title='Last Check ".$row['dateupdated'] . "' class='tipsy'><a target='new' href='" . $moreurl . "'>" . $row['monthsmonitored'] . '</a></div></td>';
echo '<td>' . $row['score'] . "</td>\n";
echo "<td><div class='tipsy' title='".$row['sslvalid'] . "'>con info </td>\n";
?>
<td>
<form method="post" action="db/kill.php" target="_blank">
<input name="comments" value="<?php echo $row["sslvalid"] ?>" size=10>
<input name="domain" value="<?php echo $row["domain"] ?>" type="hidden">
<input name="adminkey" value="<?php echo $_COOKIE["adminkey"] ?>" type="hidden">
<input name="comments" value="<?php echo $row['sslvalid'] ?>" size=10>
<input name="domain" value="<?php echo $row['domain'] ?>" type="hidden">
<input name="adminkey" value="<?php echo $_COOKIE['adminkey'] ?>" type="hidden">
<input name="action" type="radio" value="warn">warn
<input name="action" type="radio" value="delete">delete
<input type="submit" value="Process">
......
......@@ -4,53 +4,53 @@ $valid=0;
require_once __DIR__ . '/../logging.php';
$log = new Logging();
$log->lfile($log_dir."/add.php.log");
$log->lfile($log_dir . '/add.php.log');
if (!$_POST['url']){
$log->lwrite('no url given '.$_POST['domain']);
die("no url given");
die('no url given');
}
if (!$_POST['email']){
$log->lwrite('no email given '.$_POST['domain']);
die("no email given");
die('no email given');
}
if (!$_POST['domain']){
$log->lwrite('no domain given '.$_POST['domain']);
die("no pod domain given");
die('no pod domain given');
}
if (!$_POST['url']){
$log->lwrite('no api given '.$_POST['domain']);
die("no API key for your stats");
die('no API key for your stats');
}
if (strlen($_POST['url']) < 14){
$log->lwrite('api key too short '.$_POST['domain']);
die("API key bad needs to be like m58978-80abdb799f6ccf15e3e3787ee");
die('API key bad needs to be like m58978-80abdb799f6ccf15e3e3787ee');
}
require_once __DIR__ . '/../config.php';
$dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
if (!$dbh) {
die("Error in connection: " . pg_last_error());
die('Error in connection: ' . pg_last_error());
}
$sql = "SELECT domain,pingdomurl FROM pods";
$sql = 'SELECT domain,pingdomurl FROM pods';
$result = pg_query($dbh, $sql);
if (!$result) {
die("Error in SQL query: " . pg_last_error());
die('Error in SQL query: ' . pg_last_error());
}
while ($row = pg_fetch_array($result)) {
if ($row["domain"] == $_POST['domain']) {
if ($row['domain'] == $_POST['domain']) {
$log->lwrite('domain already exists '.$_POST['domain']);
die("domain already exists");
die('domain already exists');
}
if ($row["pingdomurl"] == $_POST['url']) {
if ($row['pingdomurl'] == $_POST['url']) {
$log->lwrite('API key already exists '.$_POST['domain']);
die("API key already exists");
die('API key already exists');
}
}
//curl the header of pod with and without https
$chss = curl_init();
curl_setopt($chss, CURLOPT_URL, "https://".$_POST['domain']."/nodeinfo/1.0");
curl_setopt($chss, CURLOPT_URL, 'https://' . $_POST['domain'] . '/nodeinfo/1.0');
curl_setopt($chss, CURLOPT_POST, 0);
curl_setopt($chss, CURLOPT_HEADER, 0);
curl_setopt($chss, CURLOPT_CONNECTTIMEOUT, 5);
......@@ -60,7 +60,7 @@ $outputssl = curl_exec($chss);
curl_close($chss);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://".$_POST['domain']."/nodeinfo/1.0");
curl_setopt($ch, CURLOPT_URL, 'http://' . $_POST['domain'] . '/nodeinfo/1.0');
curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
......@@ -71,29 +71,29 @@ curl_close($ch);
if (stristr($outputssl, 'nodeName')) {
$log->lwrite('Your pod has ssl and is valid '.$_POST['domain']);
echo "Your pod has ssl and is valid<br>";
echo 'Your pod has ssl and is valid<br>';
$valid=1;
}
if (stristr($output, 'nodeName')) {
$log->lwrite('Your pod does not have ssl but is a valid pod '.$_POST['domain']);
echo "Your pod does not have ssl but is a valid pod<br>";
echo 'Your pod does not have ssl but is a valid pod<br>';
$valid=1;
}
if ($valid=="1") {
if ($valid == '1') {
$sql = "INSERT INTO pods (domain, pingdomurl, email) VALUES($1, $2, $3)";
$result = pg_query_params($dbh, $sql, array($_POST['domain'], $_POST['url'], $_POST['email']));
if (!$result) {
die("Error in SQL query: " . pg_last_error());
die('Error in SQL query: ' . pg_last_error());
}
$to = $adminemail;
$cc = $_POST["email"];
$subject = "New pod added to podupti.me ";
$message.= "https://podupti.me\n\n Stats Url: https://api.uptimerobot.com/getMonitors?format=json&customUptimeRatio=7-30-60-90&apiKey=" . $_POST["url"] . "\n\n Pod: https://podupti.me/db/pull.php?debug=1&domain=" . $_POST["domain"] . "\n\n";
$message.= "Your pod will not show right away, needs to pass a few checks, Give it a few hours!";
$headers = "From: ".$_POST["email"]."\r\nReply-To: ".$_POST["email"]."\r\nCc: " . $_POST["email"] . "\r\n";
$cc = $_POST['email'];
$subject = 'New pod added to podupti.me ';
$message.= "https://podupti.me\n\n Stats Url: https://api.uptimerobot.com/getMonitors?format=json&customUptimeRatio=7-30-60-90&apiKey=" . $_POST['url'] . "\n\n Pod: https://podupti.me/db/pull.php?debug=1&domain=" . $_POST['domain'] . "\n\n";
$message.= 'Your pod will not show right away, needs to pass a few checks, Give it a few hours!';
$headers = 'From: ' . $_POST['email'] . "\r\nReply-To: " . $_POST['email'] . "\r\nCc: " . $_POST['email'] . "\r\n";
@mail( $to, $subject, $message, $headers );
echo "Data successfully inserted! Your pod will be reviewed and live on the list in a few hours!";
echo 'Data successfully inserted! Your pod will be reviewed and live on the list in a few hours!';
pg_free_result($result);
......
......@@ -5,26 +5,26 @@ require_once __DIR__ . '/../config.php';
$dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
if (!$dbh) {
die("Error in connection: " . pg_last_error());
die('Error in connection: ' . pg_last_error());
}
$sql = "SELECT id,domain,status,secure,score,userrating,adminrating,city,state,country,lat,long,ip,ipv6,pingdomurl,monthsmonitored,uptimelast7,responsetimelast7,local_posts,comment_counts,dateCreated,dateUpdated,dateLaststats,hidden FROM pods WHERE domain = $1";
$result = pg_query_params($dbh, $sql, array($_GET['url']));
if (!$result) {
die("Error in SQL query: " . pg_last_error());
die('Error in SQL query: ' . pg_last_error());
}
while ($row = pg_fetch_array($result)) {
if ($_GET['format'] == "json") {
if ($_GET['format'] == 'json') {
echo json_encode($row);
} else {
echo "Status: " . $row["status"] . "<br>";
echo "Last Git Pull: " . $row["hgitdate"] . "<br>";
echo "Uptime This Month " . $row["uptimelast7"] . "<br>";
echo "Months Monitored: " . $row["monthsmonitored"] . "<br>";
echo "Response Time: " . $row["responsetimelast7"] . "<br>";
echo "User Rating: ". $row["userrating"] . "<br>";
echo "Server Location: ". $row["country"] . "<br>";
echo "Latitude: ". $row["lat"] . "<br>";
echo "Longitude: ". $row["long"] . "<br>";
echo 'Status: ' . $row['status'] . '<br>';
echo 'Last Git Pull: ' . $row['hgitdate'] . '<br>';
echo 'Uptime This Month ' . $row['uptimelast7'] . '<br>';
echo 'Months Monitored: ' . $row['monthsmonitored'] . '<br>';
echo 'Response Time: ' . $row['responsetimelast7'] . '<br>';
echo 'User Rating: ' . $row['userrating'] . '<br>';
echo 'Server Location: ' . $row['country'] . '<br>';
echo 'Latitude: ' . $row['lat'] . '<br>';
echo 'Longitude: ' . $row['long'] . '<br>';
}
}
pg_free_result($result);
......
......@@ -2,17 +2,17 @@
require_once __DIR__ . '/../config.php';
$keep = (60 * 60 * 6) * 1;
$dump_date = date("Ymd_Hs");
$file_name = $backup_dir . "/dump_" . $dump_date . ".sql";
$dump_date = date('Ymd_Hs');
$file_name = $backup_dir . '/dump_' . $dump_date . '.sql';
system("export PGPASSWORD=$pgpass && $pg_dump_dir/pg_dump --username=$pguser $pgdb >> $file_name");
echo "pg backup of $pgdb made";
$dirh = dir($backup_dir);
while($entry = $dirh->read()) {
$old_file_time = (date("U") - $keep);
$old_file_time = (date('U') - $keep);
$file_created = filectime("$backup_dir/$entry");
if ($file_created < $old_file_time && !is_dir($entry)) {
if(unlink("$backup_dir/$entry")) {
echo "Cleaned up old backups";
echo 'Cleaned up old backups';
}
}
}
<?php
if (!$_GET['domain']){
die("no pod domain given");
die('no pod domain given');
}
if (!$_GET['token']){
die("no token given");
die('no token given');
}
if (strlen($_GET['token']) < 6){
die("bad token");
die('bad token');
}
$domain = $_GET['domain'];
......@@ -14,58 +14,58 @@ require_once __DIR__ . '/../config.php';
$dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
if (!$dbh) {
die("Error in connection: " . pg_last_error());
die('Error in connection: ' . pg_last_error());
}
$sql = "SELECT domain,email,token,tokenexpire,pingdomurl,weight FROM pods WHERE domain = '$domain'";
$result = pg_query($dbh, $sql);
if (!$result) {
die("Error in SQL query: " . pg_last_error());
die('Error in SQL query: ' . pg_last_error());
}
while ($row = pg_fetch_array($result)) {
if ($row["token"] <> $_GET['token']) {
die("token not a match");
if ($row['token'] <> $_GET['token']) {
die('token not a match');
}
if ($row["tokenexpire"] < date("Y-m-d H:i:s", time())) {
die("token expired");
if ($row['tokenexpire'] < date('Y-m-d H:i:s', time())) {
die('token expired');
}
//delete pod
if ($_GET['delete'] == $row["token"]){
if ($_GET['delete'] == $row['token']){
$sql = "DELETE FROM pods WHERE domain = $1";
$result = pg_query_params($dbh, $sql, array($_GET['domain']));
if (!$result) {
die("Error in SQL query: " . pg_last_error());
die('Error in SQL query: ' . pg_last_error());
} else {
echo "pod removed from DB";
echo 'pod removed from DB';
}
}
//save and exit
if ($_GET['save'] == $row["token"]){
if ($_GET['save'] == $row['token']){
if ($_GET['weight'] > 10) {
die("10 is max weight");
die('10 is max weight');
}
$sql = "UPDATE pods SET email=$1, pingdomurl=$2, weight=$3 WHERE domain = $4";
$result = pg_query_params($dbh, $sql, array($_GET['email'],$_GET['pingdomurl'],$_GET['weight'],$_GET['domain']));
if (!$result) {
die("Error in SQL query: " . pg_last_error());
die('Error in SQL query: ' . pg_last_error());
}
$to = $_GET["email"];
$subject = "Edit notice from poduptime ";
$message = "Data for " . $_GET["domain"] . " Updated. If it was not you reply and let me know! \n\n";
$to = $_GET['email'];
$subject = 'Edit notice from poduptime ';
$message = 'Data for ' . $_GET['domain'] . " Updated. If it was not you reply and let me know! \n\n";
$headers = "From: support@diasp.org\r\nCc:support@diasp.org,". $_GET['oldemail'] ."\r\n";
@mail( $to, $subject, $message, $headers );
pg_free_result($result);
pg_close($dbh);
die("Data saved. Will go into effect on next hourly change");
die('Data saved. Will go into effect on next hourly change');
}
//form
echo "Authorized to edit <b>" . $domain . "</b> until " .$row["tokenexpire"] . "<br>";
echo "<form action='' method='get'><input type=hidden name=oldemail value=" . $row["email"] . "><input type=hidden name=save value=" . $_GET['token'] . "><input type=hidden name=token value=" . $_GET['token'] . "><input type=hidden name=domain value=" . $_GET['domain'] . ">";
echo "Stats Key <input type=text size=50 name=pingdomurl value=" .$row["pingdomurl"] . ">Uptimerobot API key for this monitor<br>";
echo "Email <input type=text size=20 name=email value=" .$row["email"] . "><br>";
echo "Weight <input type=text size=2 name=weight value=" .$row["weight"] . "> This lets you weight your pod lower on the list if you have too much trafic coming in, 10 is the norm use lower to move down the list.<br>";
echo "<input type=submit name=submit><br><br><br>";
echo 'Authorized to edit <b>' . $domain . '</b> until ' . $row['tokenexpire'] . '<br>';
echo "<form action='' method='get'><input type=hidden name=oldemail value=" . $row['email'] . '><input type=hidden name=save value=' . $_GET['token'] . '><input type=hidden name=token value=' . $_GET['token'] . '><input type=hidden name=domain value=' . $_GET['domain'] . '>';
echo 'Stats Key <input type=text size=50 name=pingdomurl value=' . $row['pingdomurl'] . '>Uptimerobot API key for this monitor<br>';
echo 'Email <input type=text size=20 name=email value=' . $row['email'] . '><br>';
echo 'Weight <input type=text size=2 name=weight value=' . $row['weight'] . '> This lets you weight your pod lower on the list if you have too much trafic coming in, 10 is the norm use lower to move down the list.<br>';
echo '<input type=submit name=submit><br><br><br>';
echo "<form action='' method='get'><input type=hidden name=delete value=" . $_GET['token'] . "><input type=hidden name=token value=" . $_GET['token'] . "><input type=hidden name=domain value=" . $_GET['domain'] . ">";
echo "WARNING: This can not be undone, you will need to add your pod again if you want back on list: <input type=submit name=submit value=delete><br><br><br>";
echo "<form action='' method='get'><input type=hidden name=delete value=" . $_GET['token'] . '><input type=hidden name=token value=' . $_GET['token'] . '><input type=hidden name=domain value=' . $_GET['domain'] . '>';
echo 'WARNING: This can not be undone, you will need to add your pod again if you want back on list: <input type=submit name=submit value=delete><br><br><br>';
}
<?php
$systemTimeZone = system('date +%Z');
if (!$_POST['domain']){
die("no pod domain given");
die('no pod domain given');
}
$domain = $_POST['domain'];
......@@ -9,49 +9,49 @@ require_once __DIR__ . '/../config.php';
$dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
if (!$dbh) {
die("Error in connection: " . pg_last_error());
die('Error in connection: ' . pg_last_error());
}
$sql = "SELECT email FROM pods WHERE domain = '$domain'";
$result = pg_query($dbh, $sql);
if (!$result) {
die("Error in SQL query: " . pg_last_error());
die('Error in SQL query: ' . pg_last_error());
}
$rows = pg_num_rows($result);
if ($rows <= 0) {
die("domain not found");
die('domain not found');
}
while ($row = pg_fetch_array($result)) {
if ($_POST['email']){
if ($row["email"] <> $_POST['email']) {
die("email not a match");
if ($row['email'] <> $_POST['email']) {
die('email not a match');
}
$uuid = md5(uniqid($domain, true));
$expire = date("Y-m-d H:i:s", time() + 2700);
$expire = date('Y-m-d H:i:s', time() + 2700);
$sql = "UPDATE pods SET token=$1, tokenexpire=$2 WHERE domain = '$domain'";
$result = pg_query_params($dbh, $sql, array($uuid,$expire));
if (!$result) {
die("Error in SQL query: " . pg_last_error());
die('Error in SQL query: ' . pg_last_error());
}
$to = $_POST["email"];
$subject = "Temporary edit key for podupti.me";
$message = "Link: https://podupti.me/db/edit.php?domain=" . $_POST["domain"] . "&token=" . $uuid . " Expires: " . $expire . " " . $systemTimeZone ."\n\n";
$to = $_POST['email'];
$subject = 'Temporary edit key for podupti.me';
$message = 'Link: https://podupti.me/db/edit.php?domain=' . $_POST['domain'] . '&token=' . $uuid . ' Expires: ' . $expire . ' ' . $systemTimeZone . "\n\n";
$headers = "From: support@diasp.org\r\nBcc: support@diasp.org\r\n";
@mail( $to, $subject, $message, $headers );
echo "Link sent to your email";
echo 'Link sent to your email';
} elseif (!$_POST['email']){
$uuid = md5(uniqid($domain, true));
$expire = date("Y-m-d H:i:s", time() + 9700);
$expire = date('Y-m-d H:i:s', time() + 9700);
$sql = "UPDATE pods SET token=$1, tokenexpire=$2 WHERE domain = '$domain'";
$result = pg_query_params($dbh, $sql, array($uuid,$expire));
if (!$result) {
die("Error in SQL query: " . pg_last_error());
die('Error in SQL query: ' . pg_last_error());
}
$to = "support@diasp.org";
$subject = "FORWARD REQUEST: Temporary edit key for podupti.me";
$message = "User trying to edit pod without email address. Email found: " . $row["email"] . " Link: https://podupti.me/db/edit.php?domain=" . $_POST["domain"] . "&token=" . $uuid . " Expires: " . $expire . " " . $systemTimeZone ."\n\n";
$to = 'support@diasp.org';
$subject = 'FORWARD REQUEST: Temporary edit key for podupti.me';
$message = 'User trying to edit pod without email address. Email found: ' . $row['email'] . ' Link: https://podupti.me/db/edit.php?domain=' . $_POST['domain'] . '&token=' . $uuid . ' Expires: ' . $expire . ' ' . $systemTimeZone . "\n\n";
$headers = "From: support@diasp.org\r\nBcc: support@diasp.org\r\n";
@mail( $to, $subject, $message, $headers );
echo "Link sent to administrator to review and verify, if approved they will forward the edit key to you.";
echo 'Link sent to administrator to review and verify, if approved they will forward the edit key to you.';
}
pg_free_result($result);
pg_close($dbh);
......
<?php
if (!$_POST['domain']){
die("no pod domain given");
die('no pod domain given');
}
if (!$_POST['adminkey']){
die("no token given");
die('no token given');
}
if (!$_POST['action']){
die("no action selected");
die('no action selected');
}
$domain = $_POST['domain'];
......@@ -14,39 +14,39 @@ require_once __DIR__ . '/../config.php';
$dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");