/
api.php
115 lines (106 loc) · 3.88 KB
/
api.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
<?php
/* Pi-hole: A black hole for Internet advertisements
* (c) 2017 Pi-hole, LLC (https://pi-hole.net)
* Network-wide ad blocking via your own hardware.
*
* This file is copyright under the latest version of the EUPL.
* Please see LICENSE file for your rights under this license */
$api = true;
header('Content-type: application/json');
require("scripts/pi-hole/php/FTL.php");
require("scripts/pi-hole/php/password.php");
require("scripts/pi-hole/php/auth.php");
check_cors();
$FTL_IP = "127.0.0.1";
$data = array();
// Common API functions
if (isset($_GET['status'])) {
$pistatus = exec('sudo pihole status web');
if ($pistatus == "1") {
$data = array_merge($data, array("status" => "enabled"));
} else {
$data = array_merge($data, array("status" => "disabled"));
}
} elseif (isset($_GET['enable']) && $auth) {
if (isset($_GET["auth"])) {
if ($_GET["auth"] !== $pwhash) {
die("Not authorized!");
}
} else {
// Skip token validation if explicit auth string is given
check_csrf($_GET['token']);
}
exec('sudo pihole enable');
$data = array_merge($data, array("status" => "enabled"));
unlink("../custom_disable_timer");
} elseif (isset($_GET['disable']) && $auth) {
if (isset($_GET["auth"])) {
if ($_GET["auth"] !== $pwhash) {
die("Not authorized!");
}
} else {
// Skip token validation if explicit auth string is given
check_csrf($_GET['token']);
}
$disable = intval($_GET['disable']);
// intval returns the integer value on success, or 0 on failure
if ($disable > 0) {
$timestamp = time();
exec("sudo pihole disable " . $disable . "s");
file_put_contents("../custom_disable_timer", ($timestamp + $disable) * 1000);
} else {
exec('sudo pihole disable');
unlink("../custom_disable_timer");
}
$data = array_merge($data, array("status" => "disabled"));
} elseif (isset($_GET['versions'])) {
// Determine if updates are available for Pi-hole
// using the same script that we use for the footer
// on the dashboard (update notifications are
// suppressed if on development branches)
require "scripts/pi-hole/php/update_checker.php";
$updates = array("core_update" => $core_update,
"web_update" => $web_update,
"FTL_update" => $FTL_update);
$current = array("core_current" => $core_current,
"web_current" => $web_current,
"FTL_current" => $FTL_current);
$latest = array("core_latest" => $core_latest,
"web_latest" => $web_latest,
"FTL_latest" => $FTL_latest);
$branches = array("core_branch" => $core_branch,
"web_branch" => $web_branch,
"FTL_branch" => $FTL_branch);
$data = array_merge($data, $updates);
$data = array_merge($data, $current);
$data = array_merge($data, $latest);
$data = array_merge($data, $branches);
} elseif (isset($_GET['list'])) {
if (isset($_GET['add'])) {
if (!$auth) {
die("Not authorized!");
}
// Set POST parameters and invoke script to add domain to list
$_POST['domain'] = $_GET['add'];
$_POST['list'] = $_GET['list'];
require("scripts/pi-hole/php/add.php");
} elseif (isset($_GET['sub'])) {
if (!$auth) {
die("Not authorized!");
}
// Set POST parameters and invoke script to remove domain from list
$_POST['domain'] = $_GET['sub'];
$_POST['list'] = $_GET['list'];
require("scripts/pi-hole/php/sub.php");
} else {
require("scripts/pi-hole/php/get.php");
}
return;
}
// Other API functions
require("api_FTL.php");
if (isset($_GET["jsonForceObject"])) {
echo json_encode($data, JSON_FORCE_OBJECT);
} else {
echo json_encode($data);
}