Commit fbb8b63d authored by David Morley's avatar David Morley Committed by GitHub

Develop (#108)

* Nicely import $_GET and $_POST parameters, PHP7 style! Fix all SQL queries, to make sure they use pg_query_params for parameter injection. Simplify various `if` conditionals to 1-liners. * use adminemail from config.php file properly * fix my bad changes * remove get * use adminemail from config.php file properly * fix one more * bump bootstrap to a 6 * fix using the whois column for random location data * put n/a if location data is missing * Revert "bump bootstrap to a 6" * move n/a to view * Make pretty * sql cleanup * more tables * reorder the pull, put domain first to make future changes easier * add sql updates * cleanup a bit * terms manual for podmin. add click and checks rough * missed a few and was a bad kid on formating already * few more back to === * remove domain hardcode * sql cleanup * more tables * reorder the pull, put domain first to make future changes easier * add sql updates * cleanup a bit * terms manual for podmin. add click and checks rough * missed a few and was a bad kid on formating already * few more back to === * few bugs and cleanup api to be consistant * cleanup my SELECT statements * more fix * hrm fix my messup * Fixes (#69) * fix geo data and ratings show * fix the month check and date on view * remove testing item * changes * remove http and pingdom * few oopses * fixes * yup * cleanup * WordPress! * Fix forgotten date_updated column. (#71) Rename date column to date_created in rating_comments. * Some simplifications (#72) * Simplify arithmetics for $score. Use PHP7 random_int method for improved random int generation. * Simplify uptimerobot API calls by removing JSON callback. * Simplify user and admin ratings. * Smaller fixes and command simplifications. * Remove unnecessary pg_free_result and pg_close calls. (#76) ah, never knew you did not Have to have them! * Unify parameters (#77) * Use `stats_apikey` instead of `url` for stats API key. * Use `domain` instead of `url` for go.php. * Fix error messages for adminkey. * Better forms and email sending (#73) * Improve HTML form output. Better email message sending. Various code fixes and simplifications. * Make email sending more logical. Fix wrong email field. * Move email headers up. Better email formatting when a new rating has been added. * Populate sslexpire, dnssec.. (#74) * merge * merge * populate the new db cols * clean * cleanup * Add missing </a> tags. (#78) Remove alt properties from div. * add icon and sslexpire * ping! * Fixpullnbackup (#79) * fixes for issue 63 * example * add install note * quotes * Fixpullnbackup fixes (#81) * Fix a few warnings and correct data type for boolean variables. * Boolean data type for $dnssec, $signup and $ipv6. Use only $signup instead of also $registrations_open. Use only $outputssl instead of also $outputresults. * Weird PSQL requires boolean to be passed as int, else it gives an error: `invalid input syntax for type boolean: ""` * Remove unnecessary unsets. * Remove unnecessary foreach loop. * Fix alignment (visual only). [skip ci] * To determine if the request was successful, check for a valid JSON to parse instead of searching the response for a string. * Rename query result variables to prevent breaking the main loop. * Add a small debug function to make debug output cleaner and easier to use. * Add debug flag. Browser: `pull.php?debug`, CLI: `pull.php debug` * Remove old code that prevents markers from overlapping each other, as mapbox nicely separates them. * fix the IP issue and pretty map spiral * fix some pull issues * updates * without 'false' * fix boolean and more * fixes again * deal with cname and try less flaky dns * gather enough stats on our own for longterm use * cleanup * remove trim * php7 not php4 duh * old debug info from using pingdom, clean * fix map * Fix debug output for software versions. * Fix the regex to get the A value of a DNS entry. * Ownstats (#88) * rebase * features and work * Make software version pull easier to understand and extend. (#91) * Combine related conditions. (#90) * Add helper function for chart display. (#89) Simplify chart data generation. * PR updates * WIP - Nicer domain checks (#92) * Explicitly check passed domain name. * Make domain lowercase. * Use native PHP instead of system exec calls to get IPs. * remove key * few misses * need to call it redmatrix to stay consistant, idk what proper name is * some more * back to old ip lookup, use delv for both. * tr * bad copy n paste * Moarfix (#94) * fix bad pods getting other pods data * maybe easier to read this way * changes * xmpp * v1 api back to legacy (#95) * Terms (#96) * change terms to podmin_statement * use grep more david * fix labeling * some responsiveness cleanup & few features (#98) * some responsiveness cleanup * few sql ones * basic email ping on bad pod * cleanup * fix facebox * fix my mistakes * few issues on dev that needed working out * less zeros is more I think * make this more logical and work for pods * latent * bool and ca pull * dum * Add list groups for nav menus. * Use bootstrap alpha 6. * Update nav bar. * Update sidebar nav menus. * Update sidebar nav css. * Update main column and padding. * Make menu generation more dynamic. * Fix main home link location. * Add horizontal ruler to separate sidebar navigations. * Set z-index for sidebar and sort CSS properties. * Fluid layout for stats page. * Revamp podmin add form. * Revamp podmin edit form. * Only use responsive table container with actual tables. Use CSS class for tablesorter component. * Add complete col- classes. * More cleanup (#105) * dash * language tag * do better when no podname given. make tooltip cleaner. * kill ad, shorten tip, clean language * users/sign_up is a ruby path, we support all now * more time to try, go back to weightedscore (#106) * more time to try, go back to weightedscore * forgot one * damn bool
parent f4fdf9b0
......@@ -4,12 +4,13 @@ Poduptime is software to get live stats and data on listed Diaspora Pods.
Dependencies:
```
php7.0 php7.0-curl php7.0-pgsql php-geoip php7.0-cli php7.0-common php7.0-json php7.0-readline
php7.0 php7.0-curl php7.0-pgsql php-geoip php7.0-cli php7.0-common php7.0-json php7.0-readline php-cgi
git
curl
postgresql postgresql-contrib
wget
dnsutils
bind9
npm
nodejs nodejs-legacy
```
......@@ -42,10 +43,11 @@ psql -u podupuser podupdb < db/tables.sql
Edit `config.php` to add your DB and file settings.
touch add.log in location you configured in config.php
run db/pull.sh manually or with cron to update your data
============================
Source for https://podupti.me
Source for Diaspora Pod Uptime
Poduptime is software to get live stats and data on listed Diaspora Pods.
Copyright (C) 2011 David Morley
......
db/api-more.php
\ No newline at end of file
<?php
//Copyright (c) 2011, David Morley. This file is licensed under the Affero General Public License version 3 or later. See the COPYRIGHT file.
$_GET['key'] === '4r45tg' || die;
($_GET['key'] ?? null) === '4r45tg' || die;
// Other parameters.
$_format = $_GET['format'] ?? '';
$_method = $_GET['method'] ?? '';
$_callback = $_GET['callback'] ?? '';
require_once __DIR__ . '/config.php';
$dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
$dbh || die('Error in connection: ' . pg_last_error());
if ($_GET['format'] === 'georss') {
if ($_format === 'georss') {
echo <<<EOF
<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom" xmlns:georss="http://www.georss.org/georss">
<title>Diaspora Pods</title>
<subtitle>IP Locations of Diaspora pods on podupti.me</subtitle>
<link href="https://podupti.me/"/>
<subtitle>IP Locations of Diaspora pods on {$_SERVER['HTTP_HOST']}</subtitle>
<link href="https://{$_SERVER['HTTP_HOST']}/"/>
EOF;
$sql = "SELECT * FROM pods WHERE hidden <> 'yes'";
$sql = "SELECT name,monthsmonitored,responsetimelast7,uptimelast7,dateupdated,score,domain,country,lat,long FROM pods_apiv1";
$result = pg_query($dbh, $sql);
$result || die('Error in SQL query: ' . pg_last_error());
......@@ -32,10 +37,9 @@ EOF;
$row['dateupdated'],
$row['score']
);
$scheme = $row['secure'] === 'true' ? 'https://' : 'http://';
echo <<<EOF
<entry>
<title>{$scheme}{$row['domain']}</title>
<title>https://{$row['domain']}</title>
<link href="{$scheme}{$row['domain']}"/>
<id>urn:{$row['domain']}</id>
<summary>Pod Location is: {$row['country']}
......@@ -48,8 +52,8 @@ EOF;
EOF;
}
echo '</feed>';
} elseif ($_GET['format'] === 'json') {
$sql = 'SELECT id,domain,status,secure,score,userrating,adminrating,city,state,country,lat,long,ip,ipv6,pingdomurl,monthsmonitored,uptimelast7,responsetimelast7,local_posts,comment_counts,dateCreated,dateUpdated,dateLaststats,hidden FROM pods';
} elseif ($_format === 'json') {
$sql = 'SELECT id,domain,status,secure,score,userrating,adminrating,city,state,country,lat,long,ip,ipv6,pingdomurl,monthsmonitored,uptimelast7,responsetimelast7,local_posts,comment_counts,dateCreated,dateUpdated,dateLaststats,hidden FROM pods_apiv1';
$result = pg_query($dbh, $sql);
$result || die('Error in SQL query: ' . pg_last_error());
......@@ -62,22 +66,19 @@ EOF;
'podcount' => $numrows,
'pods' => $rows,
];
if ($_GET['method'] === 'jsonp') {
print $_GET['callback'] . '(' . json_encode($obj) . ')';
if ($_method === 'jsonp') {
print $_callback . '(' . json_encode($obj) . ')';
} else {
print json_encode($obj);
}
} else {
$i = 0;
$sql = "SELECT * FROM pods WHERE hidden <> 'yes' ORDER BY uptimelast7 DESC";
$sql = "SELECT domain,uptimelast7,country FROM pods_apiv1";
$result = pg_query($dbh, $sql);
$result || die('Error in SQL query: ' . pg_last_error());
$numrows = pg_num_rows($result);
while ($row = pg_fetch_array($result)) {
// $status = $row['status'] === 'up' ? 'Online' : 'Offline';
// $scheme = $row['secure'] === 'true' ? 'https://' : 'http://';
// $class = $row['secure'] === 'true' ? 'green' : 'red';
$i++ > 0 && print ',';
printf(
......@@ -87,7 +88,4 @@ EOF;
$row['country']
);
}
pg_free_result($result);
pg_close($dbh);
}
......@@ -19,11 +19,12 @@
"tests"
],
"dependencies": {
"bootstrap": "v4.0.0-alpha.5",
"bootstrap": "v4.0.0-alpha.6",
"jquery-ui": "^1.12.1",
"tablesorter": "jquery.tablesorter#^2.28.3",
"leaflet": "^1.0.2",
"leaflet.markercluster": "^1.0.0",
"facebox": "*"
"facebox": "*",
"chart.js": "^2.4.0"
}
}
......@@ -4,17 +4,17 @@ require_once __DIR__ . '/config.php';
$dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
$dbh || die('Error in connection: ' . pg_last_error());
$sql = "SELECT * FROM pods WHERE hidden <> 'no' AND score < 50 ORDER BY weightedscore";
$sql = "SELECT domain,masterversion,shortversion,softwarename,monthsmonitored,score,signup,secure,name,country,city,state,lat,long,uptime_alltime,active_users_halfyear,active_users_monthly,service_facebook,service_twitter,service_tumblr,service_wordpress,service_xmpp,latency,date_updated,ipv6,total_users,local_posts,comment_counts,stats_apikey,userrating,sslvalid FROM pods WHERE score < 50 ORDER BY weightedscore";
$result = pg_query($dbh, $sql);
$result || die('Error in SQL query: ' . pg_last_error());
$numrows = pg_num_rows($result);
?>
<meta property="og:title" content="<?php echo $numrows; ?> #Diaspora Pods listed, Come see the privacy aware social network."/><?php echo $numrows; ?> pods that are open for signup now.
<meta charset="utf-8">
<!-- /* Copyright (c) 2011, David Morley. This file is licensed under the Affero General Public License version 3 or later. See the COPYRIGHT file. */ -->
<table id="myTable" class="table table-striped table-sm tablesorter table-hover tfont">
<div class="table-responsive">
<table class="table table-striped table-sm tablesorter table-hover tfont">
<thead>
<tr>
<th>Pod<a class="tipsy" title="A pod is a site for you to set up your account.">?</a></th>
......@@ -27,9 +27,8 @@ $numrows = pg_num_rows($result);
<th>Active 1<a class="tipsy" title="Number of users active last 1 month on this pod.">?</a></th>
<th>Posts<a class="tipsy" title="Number of total posts on this pod.">?</a></th>
<th>Comm<a class="tipsy" title="Number of total comments on this pod.">?</a></th>
<th>Month<a class="tipsy" title="How many months has this pod been online? Click number for more history.">?</a>
</th>
<th>Sc<a class="tipsy" title="System Score on a 100 scale">?</a></th>
<th>Month<a class="tipsy" title="How many months has this pod been online? Click number for more history.">?</a></th>
<th>Sc<a class="tipsy" title="System Score on a 100 scale.">?</a></th>
<th>conn<a class="tipsy" title="">?</a></th>
<th>Delete?<a class="tipsy" title="Delete this pod from DB?">?</a></th>
</tr>
......@@ -39,29 +38,20 @@ $numrows = pg_num_rows($result);
$tt = 0;
while ($row = pg_fetch_array($result)) {
$tt++;
if ($row['secure'] === 'true') {
$scheme = 'https://';
$class = 'green';
$tip = 'This pod uses SSL encryption for traffic.';
} else {
$scheme = 'http://';
$class = 'red';
$tip = 'This pod does not offer SSL';
}
$verdiff = str_replace('.', '', $row['masterversion']) - str_replace('.', '', $row['shortversion']);
$pod_name = htmlentities($row['name'], ENT_QUOTES);
$tip .= sprintf(
"\n" . 'This pod %1$s has been watched for %2$s months and its average ping time is %3$s with uptime of %4$s%% this month and was last checked on %5$s. On a score of -20 to +20 this pod is a %6$s right now',
$tip = sprintf(
'This pod %1$s has been watched for %2$s months and its average ping time is %3$s with uptime of %4$s%% this month and was last checked on %5$s. On a score of -20 to +20 this pod is a %6$s right now',
$pod_name,
$row['monthsmonitored'],
$row['responsetimelast7'],
$row['uptimelast7'],
$row['dateupdated'],
$row['latency'],
$row['uptime_alltime'],
$row['date_updated'],
$row['score']
);
echo '<tr><td><a class="' . $class . '" target="_self" href="' . $scheme . $row['domain'] . '">' . $row['domain'] . '<div title="' . $tip . '" class="tipsy" style="display: inline-block">?</div></a></td>';
echo '<tr><td><a class="text-success" target="_self" href="https://' . $row['domain'] . '">' . $row['domain'] . '<div title="' . $tip . '" class="tipsy" style="display: inline-block">?</div></a></td>';
if (stristr($row['shortversion'], 'head')) {
$version = '.dev';
......@@ -74,45 +64,40 @@ $numrows = pg_num_rows($result);
$pre = 'This pod runs production code';
}
if ($row['shortversion'] === $row['masterversion'] && $row['shortversion'] !== '') {
$classver = 'green';
$classver = 'text-success';
} elseif ($verdiff > 6) {
$classver = 'red';
$classver = 'text-warning';
} else {
$classver = 'black';
}
echo '<td class="' . $classver . '"><div title="' . $pre . ' codename: ' . $row['shortversion'] . ' master version is: ' . $row['masterversion'] . '" class="tipsy">' . $version . '</div></td>';
echo '<td>' . $row['uptimelast7'] . '</td>';
echo '<td>' . $row['responsetimelast7'] . '</td>';
echo '<td>' . ($row['signup'] === '1' ? 'Open' : 'Closed') . '</td>';
echo '<td>' . $row['uptime_alltime'] . '</td>';
echo '<td>' . $row['latency'] . '</td>';
echo '<td>' . ($row['signup'] === 't' ? 'Open' : 'Closed') . '</td>';
echo '<td>' . $row['total_users'] . '</td>';
echo '<td>' . $row['active_users_halfyear'] . '</td>';
echo '<td>' . $row['active_users_monthly'] . '</td>';
echo '<td>' . $row['local_posts'] . '</td>';
echo '<td>' . $row['comment_counts'] . '</td>';
if (strpos($row['pingdomurl'], 'pingdom.com')) {
$moreurl = $row['pingdomurl'];
} else {
$moreurl = 'https://api.uptimerobot.com/getMonitors?format=json&customUptimeRatio=7-30-60-90&apiKey=' . $row['pingdomurl'];
}
echo '<td><div title="Last Check ' . $row['dateupdated'] . '" class="tipsy"><a target="_self" href="' . $moreurl . '">' . $row['monthsmonitored'] . '</a></div></td>';
$moreurl = 'https://api.uptimerobot.com/getMonitors?format=json&noJsonCallback=1&customUptimeRatio=7-30-60-90&apiKey=' . $row['stats_apikey'];
echo '<td><div title="Last Check ' . $row['date_updated'] . '" class="tipsy"><a target="_self" href="' . $moreurl . '">' . $row['monthsmonitored'] . '</a></div></td>';
echo '<td>' . $row['score'] . '</td>';
echo '<td><div class="tipsy" title="' . $row['sslvalid'] . '">con info </td>';
echo '<td><div class="tipsy" title="' . $row['sslvalid'] . '">con info</td>';
?>
<td>
<form method="post" action="db/kill.php" target="_blank">
<input name="comments" value="<?php echo $row['sslvalid']; ?>" size=10>
<input name="domain" value="<?php echo $row['domain']; ?>" type="hidden">
<input name="adminkey" value="<?php echo $_COOKIE['adminkey']; ?>" type="hidden">
<input name="action" type="radio" value="warn">warn
<input name="action" type="radio" value="delete">delete
<input type="hidden" name="domain" value="<?php echo $row['domain']; ?>">
<input type="hidden" name="adminkey" value="<?php echo $_COOKIE['adminkey']; ?>">
<label>Comments<input name="comments" value="<?php echo $row['sslvalid']; ?>" size="10"></label>
<label><input type="radio" name="action" value="warn">warn</label>
<label><input type="radio" name="action" value="delete">delete</label>
<input type="submit" value="Process">
</form>
</td>
<?php
echo '</td></tr>';
echo '</tr>';
}
pg_free_result($result);
pg_close($dbh);
?>
</tbody>
</table>
</div>
......@@ -16,5 +16,7 @@ $pgdb = '';
$adminemail = '';
//admin key for deleting pods, set this as a cookie on your own
$adminkey = '';
//apikey for public api calls
$apikey = '';
//DNS server for dnssec testing
$dnsserver = '';
//CA for curl to use - suggest wget http://curl.haxx.se/ca/cacert.pem as they pull from mozilla if you use a system CA then certs like wosign and startssl will be valid but users will be unable to connect to them
$cafullpath = '';
......@@ -2,9 +2,9 @@
* Base structure
*/
/* Move down content because we have a fixed navbar that is 50px tall */
/* Move down content because we have a fixed navbar that is 54px tall */
body {
padding-top: 50px;
padding-top: 54px;
}
......@@ -13,59 +13,32 @@ body {
*/
.sub-header {
padding-bottom: 10px;
border-bottom: 1px solid #eee;
}
/*
* Top navigation
* Hide default border to remove 1px line.
*/
.navbar-fixed-top {
border: 0;
padding-bottom: 10px;
}
/*
* Sidebar
*/
/* Hide for mobile, show later */
.sidebar {
display: none;
background-color: #f5f5f5;
border-right: 1px solid #eee;
bottom: 0;
display: block;
overflow-x: hidden;
overflow-y: auto; /* Scrollable contents if viewport is shorter than content. */
padding: 10px;
position: fixed;
top: 54px;
z-index: 1000;
}
@media (min-width: 768px) {
.sidebar {
position: fixed;
top: 51px;
bottom: 0;
left: 0;
z-index: 1000;
display: block;
padding: 20px;
overflow-x: hidden;
overflow-y: auto; /* Scrollable contents if viewport is shorter than content. */
background-color: #f5f5f5;
border-right: 1px solid #eee;
}
}
/* Sidebar navigation */
.nav-sidebar {
margin-right: -21px; /* 20px padding + 1px border */
.sidebar .nav {
margin-bottom: 20px;
margin-left: -20px;
}
.nav-sidebar > li > a {
padding-right: 20px;
padding-left: 20px;
.sidebar .nav .nav-link {
padding: .3em .7em;
}
.nav-sidebar > .active > a,
.nav-sidebar > .active > a:hover,
.nav-sidebar > .active > a:focus {
color: #fff;
background-color: #696969;
}
/*
* Main content
......@@ -74,13 +47,6 @@ body {
.main {
padding: 20px;
}
@media (min-width: 768px) {
.main {
padding-right: 40px;
padding-left: 40px;
}
}
/*
* Placeholder dashboard ideas
......@@ -97,7 +63,6 @@ body {
margin-bottom: 20px;
}
.placeholder img {
display: inline-block;
border-radius: 50%;
display: inline-block;
}
.db-wrapper {
vertical-align: top;
}
.rating {
font-size:9px;
}
.content {
margin-left: 2px !important;
width: 99%;
}
.tfont {
font-size:12px;
}
#results {
width: 750px;
}
.smlogo {
width: 16px;
height: 16px;
......@@ -39,10 +29,6 @@ background: none;
.smlogo-xmpp img {
vertical-align: unset;
}
.morehover {
display: inline-block;
vertical-align: super;
}
#map { height: 580px; }
.mycluster {
width: 35px;
......@@ -56,4 +42,12 @@ background-size: 25px 37px;
.icon {
color: red;
}
table {
empty-cells: show;
}
#facebox {
z-index: 1000 !important;
}
#facebox .content {
width: 800px !important;
}
<!-- /* Copyright (c) 2011, David Morley. This file is licensed under the Affero General Public License version 3 or later. See the COPYRIGHT file. */ -->
<?php
$valid = 0;
require_once __DIR__ . '/../logging.php';
require_once __DIR__ . '/../config.php';
$log = new Logging();
$log->lfile(__DIR__ . $log_dir . '/add.log');
if (!$_POST['url']) {
$log->lwrite('no url given ' . $_POST['domain']);
die('no url given');
}
if (!$_POST['email']) {
$log->lwrite('no email given ' . $_POST['domain']);
die('no email given');
}
if (!$_POST['domain']) {
$log->lwrite('no domain given ' . $_POST['domain']);
$log->lfile(__DIR__ . '/../' . $log_dir . '/add.log');
if (!($_domain = $_GET['domain'] ?? null)) {
$log->lwrite('no domain given');
die('no pod domain given');
}
if (!$_POST['url']) {
$log->lwrite('no api given ' . $_POST['domain']);
die('no API key for your stats');
}
if (strlen($_POST['url']) < 14) {
$log->lwrite('api key too short ' . $_POST['domain']);
die('API key bad needs to be like m58978-80abdb799f6ccf15e3e3787ee');
}
require_once __DIR__ . '/../config.php';
$_email = $_GET['email'] ?? '';
$_podmin_statement = $_GET['podmin_statement'] ?? '';
$_podmin_notify = $_GET['podmin_notify'] ?? 0;
$_domain = strtolower($_domain);
if (!filter_var(gethostbyname($_domain), FILTER_VALIDATE_IP)) {
die('Could not validate the domain name, be sure to enter it as "domain.com" (no caps, no slashes, no extras)');
}
$dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
$dbh || die('Error in connection: ' . pg_last_error());
$sql = 'SELECT domain,pingdomurl FROM pods';
$sql = 'SELECT domain, stats_apikey, publickey, email FROM pods';
$result = pg_query($dbh, $sql);
$result || die('Error in SQL query: ' . pg_last_error());
while ($row = pg_fetch_array($result)) {
if ($row['domain'] == $_POST['domain']) {
$log->lwrite('domain already exists ' . $_POST['domain']);
die('domain already exists');
}
if ($row['pingdomurl'] == $_POST['url']) {
$log->lwrite('API key already exists ' . $_POST['domain']);
die('API key already exists');
if ($row['domain'] === $_domain ) {
if ($row['email']) {
$log->lwrite('domain already exists and is registered to an owner' . $_domain);
die('domain already exists and is registered to an owner, use the edit function to modify');
}
$digtxt = exec(escapeshellcmd('dig ' . $_domain . ' TXT +short'));
if (strpos($digtxt, $row['publickey']) !== false) {
echo 'domain validated, you can now add details ';
$uuid = md5(uniqid($_domain, true));
$expire = time() + 2700;
$sql = 'UPDATE pods SET token = $1, tokenexpire = $2 WHERE domain = $3';
$result = pg_query_params($dbh, $sql, [$uuid, date('Y-m-d H:i:s', $expire), $_domain]);
$result || die('Error in SQL query: ' . pg_last_error());
echo <<<EOF
<form action="edit.php" method="get">
<input type="hidden" name="domain" value="{$_domain}">
<input type="hidden" name="token" value="{$uuid}">
<label>Email <input type="text" size="20" name="email"></label><br>
<label>Podmin Statement (You can include links to your terms and policies and information about your pod you wish to share with users.) <br><textarea cols="100" rows="7" name="podmin_statement"></textarea></label><br>
<label>Weight <input type="text" size="2" name="weight"> This lets you weight your pod lower on the list if you have too much traffic coming in, 10 is the norm use lower to move down the list.</label><br>
<input type="submit" name="action" value="save">
</form>
EOF;
die;
} else {
$log->lwrite('domain already exists and can be registered' . $_domain);
die('domain already exists, you can claim the domain by adding a DNS TXT record that states<br><b> ' . $_domain . ' IN TXT "' . $row['publickey'] . '"</b>');
}
}
}
//curl the header of pod with and without https
$chss = curl_init();
curl_setopt($chss, CURLOPT_URL, 'https://' . $_POST['domain'] . '/nodeinfo/1.0');
curl_setopt($chss, CURLOPT_URL, 'https://' . $_domain . '/nodeinfo/1.0');
curl_setopt($chss, CURLOPT_POST, 0);
curl_setopt($chss, CURLOPT_HEADER, 0);
curl_setopt($chss, CURLOPT_CONNECTTIMEOUT, 5);
......@@ -57,51 +70,35 @@ curl_setopt($chss, CURLOPT_NOBODY, 0);
$outputssl = curl_exec($chss);
curl_close($chss);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://' . $_POST['domain'] . '/nodeinfo/1.0');
curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_NOBODY, 0);
$output = curl_exec($ch);
curl_close($ch);
if (stristr($outputssl, 'nodeName')) {
$log->lwrite('Your pod has ssl and is valid ' . $_POST['domain']);
if (stristr($outputssl, 'openRegistrations')) {
$log->lwrite('Your pod has ssl and is valid ' . $_domain);
echo 'Your pod has ssl and is valid<br>';
$valid = 1;
}
if (stristr($output, 'nodeName')) {
$log->lwrite('Your pod does not have ssl but is a valid pod ' . $_POST['domain']);
echo 'Your pod does not have ssl but is a valid pod<br>';
$valid = 1;
}
if ($valid == '1') {
$sql = "INSERT INTO pods (domain, pingdomurl, email) VALUES($1, $2, $3)";
$result = pg_query_params($dbh, $sql, [$_POST['domain'], $_POST['url'], $_POST['email']]);
$publickey = md5(uniqid($domain, true));
$sql = 'INSERT INTO pods (domain, email, podmin_statement, podmin_notify, publickey) VALUES ($1, $2, $3, $4, $5)';
$result = pg_query_params($dbh, $sql, [$_domain, $_email, $_podmin_statement, $_podmin_notify, $publickey]);
$result || die('Error in SQL query: ' . pg_last_error());
$to = $adminemail;
$cc = $_POST['email'];
$subject = 'New pod added to podupti.me ';
$message = sprintf(
"%1\$s\n\nStats Url: %2\$s\n\nPod: %3\$s\n\n",
'https://podupti.me',
'https://api.uptimerobot.com/getMonitors?format=json&customUptimeRatio=7-30-60-90&apiKey=' . $_POST['url'],
'https://podupti.me/db/pull.php?debug=1&domain=' . $_POST['domain']
);
$message .= 'Your pod will not show right away, needs to pass a few checks, Give it a few hours!';
$headers = 'From: ' . $_POST['email'] . "\r\nReply-To: " . $_POST['email'] . "\r\nCc: " . $_POST['email'] . "\r\n";
@mail($to, $subject, $message, $headers);
if ($_email) {
$to = $adminemail;
$subject = 'New pod added to ' . $_SERVER['HTTP_HOST'];
$headers = ['From: ' . $_email, 'Reply-To: ' . $_email, 'Cc: ' . $_email];
echo 'Data successfully inserted! Your pod will be reviewed and live on the list in a few hours!';
$message_lines = [
'https://' . $_SERVER['HTTP_HOST'],
'Pod: https://' . $_SERVER['HTTP_HOST'] . '/db/pull.php?debug=1&domain=' . $_domain,
'',
'Your pod will not show up right away, as it needs to pass a few checks first.',
'Give it a few hours!',
];
pg_free_result($result);
@mail($to, $subject, implode("\r\n", $message_lines), implode("\r\n", $headers));
}
echo 'Data successfully inserted! Your pod will be reviewed and live on the list in a few hours!';
pg_close($dbh);
} else {
$log->lwrite('Could not validate your pod on http or https, check your setup! ' . $_POST['domain']);
echo 'Could not validate your pod on http or https, check your setup!<br>Take a look at <a href="https://' . $_POST['domain'] . '/nodeinfo/1.0">your /nodeinfo</a>';
$log->lwrite('Could not validate your pod, check your setup! ' . $_domain);
echo 'Could not validate your pod, check your setup!<br>Take a look at <a href="https://' . $_domain . '/nodeinfo/1.0">your /nodeinfo</a>';
}
$log->lclose();
<?php
//Copyright (c) 2011, David Morley. This file is licensed under the Affero General Public License version 3 or later. See the COPYRIGHT file.
//this is just a single api for a pod for the android app to get data
// Required parameters.
($_domain = $_GET['domain'] ?? null) || die('no domain given');
// Other parameters.
$_format = $_GET['format'] ?? '';
require_once __DIR__ . '/../config.php';
$dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
$dbh || die('Error in connection: ' . pg_last_error());
$sql = "SELECT id,domain,status,secure,score,userrating,adminrating,city,state,country,lat,long,ip,ipv6,pingdomurl,monthsmonitored,uptimelast7,responsetimelast7,local_posts,comment_counts,dateCreated,dateUpdated,dateLaststats,hidden FROM pods WHERE domain = $1";
$result = pg_query_params($dbh, $sql, [$_GET['url']]);
$sql = 'SELECT hgitdate,id,domain,status,secure,score,userrating,adminrating,city,state,country,lat,long,ip,ipv6,pingdomurl,monthsmonitored,uptimelast7,responsetimelast7,local_posts,comment_counts,dateCreated,dateUpdated,dateLaststats,hidden FROM pods_apiv1 WHERE domain = $1';
$result = pg_query_params($dbh, $sql, [$_domain]);
$result || die('Error in SQL query: ' . pg_last_error());
while ($row = pg_fetch_array($result)) {
if ($_GET['format'] === 'json') {
if ($_format === 'json') {
echo json_encode($row);
} else {
echo 'Status: ' . $row['status'] . '<br>';
......@@ -25,5 +32,3 @@ while ($row = pg_fetch_array($result)) {
echo 'Longitude: ' . $row['long'] . '<br>';
}
}
pg_free_result($result);
pg_close($dbh);
<?php
$_GET['domain'] || die('no pod domain given');
$_GET['token'] || die('no token given');
strlen($_GET['token']) > 6 || die('bad token');
// Required parameters.
($_domain = $_GET['domain'] ?? null) || die('no pod domain given');
($_token = $_GET['token'] ?? null) || die('no token given');
strlen($_token) > 6 || die('bad token');
$domain = $_GET['domain'];
// Other parameters.
$_action = $_GET['action'] ?? '';
$_weight = $_GET['weight'] ?? 10;
$_email = $_GET['email'] ?? '';
$_podmin_statement = $_GET['podmin_statement'] ?? '';
$_podmin_notify = $_GET['podmin_notify'] ?? 0;
require_once __DIR__ . '/../config.php';
$dbh = pg_connect("dbname=$pgdb user=$pguser password=$pgpass");
$dbh || die('Error in connection: ' . pg_last_error());
$sql = "SELECT domain,email,token,tokenexpire,pingdomurl,weight FROM pods WHERE domain = '$domain'";
$result = pg_query($dbh, $sql);
$sql = 'SELECT domain,email,token,tokenexpire,weight,podmin_statement,podmin_notify FROM pods WHERE domain = $1';
$result = pg_query_params($dbh, $sql, [$_domain]);
$result || die('Error in SQL query: ' . pg_last_error());
while ($row = pg_fetch_array($result)) {
if ($row['token'] <> $_GET['token']) {
die('token not a match');
}
if ($row['tokenexpire'] < date('Y-m-d H:i:s', time())) {
die('token expired');
}
//delete pod
if ($_GET['delete'] == $row['token']) {
$sql = "DELETE FROM pods WHERE domain = $1";
$result = pg_query_params($dbh, $sql, [$_GET['domain']]);
if (!$result) {
die('Error in SQL query: ' . pg_last_error());
} else {
echo 'pod removed from DB';
}
$row['token'] === $_token || die('token mismatch');
$row['tokenexpire'] >= date('Y-m-d H:i:s') || die('token expired');
// Delete and exit.
if ('delete' === $_action) {
$sql = 'DELETE FROM pods WHERE domain = $1';
$result = pg_query_params($dbh, $sql, [$_domain]);
$result || die('Error in SQL query: ' . pg_last_error());
die('pod removed from DB');
}
//save and exit
if ($_GET['save'] == $row['token']) {
if ($_GET['weight'] > 10) {
die('10 is max weight');
}
$sql = "UPDATE pods SET email=$1, pingdomurl=$2, weight=$3 WHERE domain = $4";
$result = pg_query_params($dbh, $sql, [$_GET['email'], $_GET['pingdomurl'], $_GET['weight'], $_GET['domain']]);
if (!$result) {
die('Error in SQL query: ' . pg_last_error());
}
$to = $_GET['email'];
$subject = 'Edit notice from poduptime ';
$message = 'Data for ' . $_GET['domain'] . " Updated. If it was not you reply and let me know! \n\n";
$headers = "From: support@diasp.org\r\nCc:support@diasp.org," . $_GET['oldemail'] . "\r\n";
@mail($to, $subject, $message, $headers);
pg_free_result($result);
pg_close($dbh);
// Save and exit
if ('save' === $_action) {
$_weight <= 10 || die('10 is max weight');