server: clean up scripts, require POST for non-idempotent requests
This commit is contained in:
parent
c7f08a80e9
commit
096c7ac168
4 changed files with 52 additions and 39 deletions
20
server/ping-get.php
Normal file → Executable file
20
server/ping-get.php
Normal file → Executable file
|
@ -1,16 +1,22 @@
|
||||||
<?php
|
<?php
|
||||||
require_once('config.inc.php');
|
|
||||||
|
|
||||||
|
require_once('config.inc.php');
|
||||||
$apikeys = $config['ping-get'];
|
$apikeys = $config['ping-get'];
|
||||||
|
|
||||||
header('Content-type: text/plain');
|
header('Content-type: text/plain');
|
||||||
if(isset($_GET['apikey']) && in_array($_GET['apikey'], $apikeys, true)) {
|
|
||||||
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
||||||
|
echo "Must use POST request method\n";
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!isset($_GET['apikey']) || !in_array($_GET['apikey'], $apikeys, true)) {
|
||||||
|
echo "Invalid API key\n";
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
$str=file_get_contents('pinged.txt');
|
$str=file_get_contents('pinged.txt');
|
||||||
echo $str;
|
echo $str;
|
||||||
file_put_contents('pinged.txt', 'false');
|
file_put_contents('pinged.txt', 'false');
|
||||||
} else {
|
|
||||||
$str=file_get_contents('pinged.txt');
|
|
||||||
echo "API Key Missing!\n";
|
|
||||||
echo $str;
|
|
||||||
}
|
|
||||||
?>
|
?>
|
||||||
|
|
23
server/ping.php
Normal file → Executable file
23
server/ping.php
Normal file → Executable file
|
@ -1,17 +1,20 @@
|
||||||
<?php
|
<?php
|
||||||
require_once('config.inc.php');
|
|
||||||
|
|
||||||
|
require_once('config.inc.php');
|
||||||
$apikeys = $config['ping'];
|
$apikeys = $config['ping'];
|
||||||
|
|
||||||
header('Content-type: text/plain');
|
header('Content-type: text/plain');
|
||||||
if ($_SERVER['REQUEST_METHOD'] == 'POST' &&
|
|
||||||
isset($_GET['apikey']) && in_array($_GET['apikey'], $apikeys, true))
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
||||||
{
|
echo "Must use POST request method\n";
|
||||||
file_put_contents ( 'pinged.txt' , 'true' );
|
return;
|
||||||
echo $str;
|
|
||||||
} else {
|
|
||||||
$str=file_get_contents('pinged.txt');
|
|
||||||
echo "API Key Missing (must be POST method)!\n";
|
|
||||||
echo $str;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!isset($_GET['apikey']) || !in_array($_GET['apikey'], $apikeys, true)) {
|
||||||
|
echo "Invalid API key\n";
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
file_put_contents('pinged.txt', 'true');
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
0
server/status.txt
Executable file → Normal file
0
server/status.txt
Executable file → Normal file
|
@ -1,30 +1,34 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
require_once('config.inc.php');
|
require_once('config.inc.php');
|
||||||
|
|
||||||
$apikeys = $config['update'];
|
$apikeys = $config['update'];
|
||||||
|
|
||||||
header('Content-type: text/plain');
|
header('Content-type: text/plain');
|
||||||
if( isset($_GET['apikey']) && in_array($_GET['apikey'], $apikeys, true) ) {
|
|
||||||
if(isset($_GET['open']) && $_GET['open']=='true')
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
||||||
{
|
echo "Must use POST request method\n";
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!isset($_GET['apikey']) || !in_array($_GET['apikey'], $apikeys, true)) {
|
||||||
|
echo "Invalid API key\n";
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!isset($_GET['open'])) {
|
||||||
|
echo "Missing 'open' request parameter\n";
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($_GET['open'] === 'true') {
|
||||||
file_put_contents('status.txt', 'true,'.time());
|
file_put_contents('status.txt', 'true,'.time());
|
||||||
exec("./open.sh");
|
|
||||||
echo "true";
|
echo "true";
|
||||||
} else if(isset($_GET['open']) && $_GET['open'] =='false') {
|
} else if ($_GET['open'] === 'false') {
|
||||||
file_put_contents('status.txt', 'false,'.time());
|
file_put_contents('status.txt', 'false,'.time());
|
||||||
exec("./close.sh");
|
|
||||||
echo "false";
|
echo "false";
|
||||||
} else {
|
} else {
|
||||||
echo "you are too stupid to use the api!\n";
|
echo "Invalid 'open' parameter value\n";
|
||||||
}
|
return;
|
||||||
} else {
|
|
||||||
$str=file_get_contents('status.txt');
|
|
||||||
$arr=explode(',',$str);
|
|
||||||
$open=$arr[0];
|
|
||||||
$date=$arr[1]; //lastchange: upadate via file see explode/implode
|
|
||||||
echo "API Key Missing!\n";
|
|
||||||
echo $open;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
Reference in a new issue