2603.0 - First effort...

whitelist.php

@@ -0,0 +1,142 @@
+<?php
+// http://www.daprogs.com/api/ipban/whitelist.php?a=add&ip=192.168.2.0/24&type=1&date=20191025120000&reason=Hello%20There2
+// http://www.daprogs.com/api/ipban/whitelist.php?a=rem&ip=192.168.2.0/24
+
+	include('conn.php');
+/*
+	if ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443) {	
+		//return true; 
+		$ht=true;
+	}
+	else {
+		echo "Service only available via https!";
+		die();
+	}
+*/	
+	$SQL2 ="SELECT info.last FROM info WHERE info.list = 1";
+	$result2 = mysqli_query($con,$SQL2);
+	$UpdateDate2 = mysqli_fetch_array($result2);
+	$UpdateDate = $UpdateDate2['last'];
+	
+	$dStamp = date_create_from_format ( 'YmdHis' , $UpdateDate );
+	$fStamp = $dStamp->format('D, d M Y H:i:s T');
+
+	$lMod = "Last-Modified: " . $fStamp;
+	header($lMod);
+	if($_SERVER['REQUEST_METHOD']=='HEAD') {
+		$con->close();
+		echo("Something to make php quit and return head..");
+	}
+	
+	$dPart = date("YmdHis");
+
+	if(!isset($_GET["a"]))
+	{
+		$action = "display";
+	}
+	if(isset($_GET["a"]))
+	{
+		$action = strtolower($_GET["a"]);
+	}
+
+	if ($action == "display") {
+
+		$SQL ="SELECT whitelist.ip, whitelist.reason FROM whitelist WHERE whitelist.adddate < ".$dPart." AND whitelist.enddate > ".$dPart." ORDER BY whitelist.ip ASC";
+		$result = mysqli_query($con,$SQL);
+
+		$num_rows = mysqli_num_rows($result);
+
+//		$SQL2 ="SELECT info.last FROM info WHERE info.list = 1";
+//		$result2 = mysqli_query($con,$SQL2);
+//		$UpdateDate2 = mysqli_fetch_array($result2);
+//		$UpdateDate = $UpdateDate2['last'];
+
+		header("Content-Type: text/plain");
+
+		echo "; https://www.daprogs.com/ipbansw/whitelist.php";
+		echo "\n";
+
+//		echo "; DAProgs WhiteList ".date("Y/m/d")." - (c) 2019 DAProgs.com";
+		echo "; DAProgs WhiteList - (c) 2019 DAProgs.com";
+		echo "\n";
+
+		echo "; Last-Modified: ".$fStamp;
+//		echo "; Last-Modified: ".substr($UpdateDate,0,4)."/".substr($UpdateDate,4,2)."/".substr($UpdateDate,6,2)." ".substr($UpdateDate,8,2).":".substr($UpdateDate,10,2).":".substr($UpdateDate,12,2)." EST.";
+		echo "\n";
+
+		echo "; WhiteList contains ".$num_rows." elements.";
+		//echo "\n";
+
+		while($row = mysqli_fetch_array($result))
+		{
+			echo "\n";
+			echo $row['ip']." ; ".$row['reason'];
+		}
+		mysqli_close($con);
+
+		//echo "";
+		//echo "\r\n";	
+	}
+	elseif ($action == "add") {
+		if(!isset($_GET["ip"]))
+		{
+			die("Missing parameters 1.");
+		}
+		$ip = strtolower($_GET["ip"]);
+
+		if(!isset($_GET["type"]))
+		{
+			die("Missing parameters 2.");
+		}
+		$type = $_GET["type"];
+
+		if(!isset($_GET["date"]))
+		{
+			die("Missing parameters 3.");
+		}
+		$enddate = $_GET["date"];
+
+		if(!isset($_GET["reason"]))
+		{
+			die("Missing parameters 4.");
+		}
+		$reason = urldecode($_GET["reason"]);
+
+		$SQL ="INSERT INTO whitelist (ip, type, adddate, enddate, reason) VALUES ('".$ip."', ".$type.", ".$dPart.", ".$enddate.", '".$reason."');";
+
+		if ($con->query($SQL) === TRUE) {
+			$SQL = "UPDATE info SET last=".$dPart." WHERE list=1;";
+			$con->query($SQL);
+			echo "SUCCESS";
+		} else {
+			$SQL = "UPDATE whitelist SET enddate=".$enddate.", type=".$type.", reason='".$reason."' WHERE ip='".$ip."';";
+			if ($con->query($SQL) === TRUE) {
+			$SQL = "UPDATE info SET last=".$dPart." WHERE list=1;";
+			$con->query($SQL);
+				echo "SUCCESS UPDATE";
+			} else {
+				echo "Error: " . $SQL . "<br>" . $con->error;
+			}
+		}
+		$con->close();	
+	}
+	elseif ($action == "rem") {
+		if(!isset($_GET["ip"]))
+		{
+			die("Missing parameters 1.");
+		}
+		$ip = strtolower($_GET["ip"]);
+
+		$SQL ="DELETE FROM whitelist WHERE whitelist.ip = '".$ip."';";
+
+		if ($con->query($SQL) === TRUE) {
+			$SQL = "UPDATE info SET last=".$dPart." WHERE list=1;";
+			$con->query($SQL);
+			echo "SUCCESS";
+		} else {
+			echo "Error: " . $SQL . "<br>" . $con->error;
+		}
+		$con->close();	
+	}
+?>
+