snap-dyndns-server/update.php

109 lines
3.4 KiB
PHP
Raw Permalink Normal View History

2016-04-27 22:48:27 +02:00
<?php
/***********************************************************************
* Copyright (C) 2016 Max Mehl <mail [at] mehl [dot] mx>
************************************************************************
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this program. If not, see
* <http://www.gnu.org/licenses/>.
*
************************************************************************
*
* This file receives the requests, sanitises them, forwards the input
* to update.sh and prints the results. It is also responsible for
* debug logs.
*
***********************************************************************/
?>
<?php
// check whether debuggging is activated (very unprofessional here, improvements welcome)
$config = file_get_contents('config.cfg');
$debug = preg_match("/DEBUG=true/", $config);
if($debug === 1) {
$debug = true;
}
else {
$debug = false;
}
// if GET request is empty, use POST automatically
if(empty($_GET)) {
$method = "post";
}
// if a parameter is empty, set variable to false
if($method === "post") {
$domain = isset($_POST['domain']) ? $_POST['domain'] : false;
$ip = isset($_POST['ip']) ? $_POST['ip'] : false;
$user = isset($_POST['user']) ? $_POST['user'] : false;
$pass = isset($_POST['pass']) ? $_POST['pass'] : false;
}
else {
$domain = isset($_GET['domain']) ? $_GET['domain'] : false;
$ip = isset($_GET['ip']) ? $_GET['ip'] : false;
$user = isset($_GET['user']) ? $_GET['user'] : false;
$pass = isset($_GET['pass']) ? $_GET['pass'] : false;
}
// if any variable is empty, throw an error, else proceed
if(empty($domain) || empty($ip) || empty($user) || empty($pass)) {
echo 'At least one variable is empty. You have to define domain, IP address, username and password';
}
else {
// sanitise variables so we can protect our shell script
$domain = escapeshellarg($domain);
$ip = escapeshellarg($ip);
$user = escapeshellarg($user);
$pass = escapeshellarg($pass);
// pass variables to update.sh and show output
$command = '/bin/bash update.sh ' . $domain . ' ' . $ip . ' ' . $user . ' ' . $pass;
$output = shell_exec($command);
echo "<pre>$output</pre>";
}
// DEBUGGING
if($debug === true) {
$date = date("Y-m-d H:i:s");
$browser = $_SERVER['HTTP_USER_AGENT'];
$postdata = print_r($_POST, TRUE);
$getdata = print_r($_GET, TRUE);
$debug =
// basic info
'$date: ' . $date . '<br />' .
'$browser: ' . $browser . '<br />' .
'$debug: ' . $debug . '<br />' .
'$method: ' . $method . '<br />' .
// Specific set variables
'$domain: ' . $domain . '<br />' .
'$ip: ' . $ip . '<br />' .
'$user: ' . $user . '<br />' .
'$pass: ' . $pass . '<br />' .
// all POST and GET
'$postdata: ' . $postdata . '<br />' .
'$getdata: ' . $getdata . '<br />'
;
echo "<h2>Debug information:</h2>";
print_r($debug); // Show debug in browser
$debug_log = str_replace('<br />', "\r\n", $debug); //
file_put_contents('debug.log', $debug_log, FILE_APPEND | LOCK_EX);
}
?>