rolling back
This commit is contained in:
93
push.php
93
push.php
@@ -1,93 +0,0 @@
|
||||
<?php
|
||||
/**
|
||||
* portspoof_concentrator – HTTP push trigger
|
||||
*
|
||||
* Reads the frequent IPs list and pushes each IP to the external blacklist API.
|
||||
* Complements trigger.php (fetch) and purge.php (purge) as the third HTTP action endpoint.
|
||||
*
|
||||
* Authentication (any one of):
|
||||
* - Active web session (logged-in browser)
|
||||
* - Authorization: Bearer <TRIGGER_TOKEN>
|
||||
* - ?token=<TRIGGER_TOKEN>
|
||||
*
|
||||
* Usage:
|
||||
* GET/POST /push.php
|
||||
* GET/POST /push.php?token=<secret>
|
||||
* GET/POST /push.php (with header: Authorization: Bearer <secret>)
|
||||
*
|
||||
* Always returns JSON.
|
||||
*/
|
||||
|
||||
require_once __DIR__ . '/includes/auth.php';
|
||||
require_once __DIR__ . '/includes/functions.php';
|
||||
|
||||
header('Content-Type: application/json');
|
||||
|
||||
// ── Auth ──────────────────────────────────────────────────────────────────────
|
||||
|
||||
$session_ok = false;
|
||||
if (auth_enabled()) {
|
||||
if (session_status() === PHP_SESSION_NONE) {
|
||||
session_start();
|
||||
}
|
||||
$session_ok = !empty($_SESSION['authenticated']);
|
||||
}
|
||||
|
||||
$token_ok = false;
|
||||
if (TRIGGER_TOKEN !== '') {
|
||||
$provided = '';
|
||||
$auth_header = $_SERVER['HTTP_AUTHORIZATION'] ?? '';
|
||||
if (str_starts_with($auth_header, 'Bearer ')) {
|
||||
$provided = substr($auth_header, 7);
|
||||
}
|
||||
if ($provided === '' && isset($_REQUEST['token'])) {
|
||||
$provided = $_REQUEST['token'];
|
||||
}
|
||||
$token_ok = $provided !== '' && hash_equals(TRIGGER_TOKEN, $provided);
|
||||
}
|
||||
|
||||
if (!$session_ok && !$token_ok) {
|
||||
http_response_code(401);
|
||||
echo json_encode(['error' => 'Unauthorized']);
|
||||
exit;
|
||||
}
|
||||
|
||||
// ── Run push ──────────────────────────────────────────────────────────────────
|
||||
|
||||
$started_at = microtime(true);
|
||||
$threshold = (int)get_setting('frequent_ip_threshold', '5');
|
||||
$rows = frequent_ips($threshold);
|
||||
$results = [];
|
||||
|
||||
$expire_date = date('ymdHis', strtotime('+6 months'));
|
||||
|
||||
foreach ($rows as $row) {
|
||||
$ip = $row['src_ip'];
|
||||
$url = 'https://www.daprogs.com/api/ipban199/blacklist.php'
|
||||
. '?a=add&type=2&date=' . $expire_date . '&reason=portspoof&ip=' . urlencode($ip);
|
||||
|
||||
$ch = curl_init($url);
|
||||
curl_setopt_array($ch, [
|
||||
CURLOPT_RETURNTRANSFER => true,
|
||||
CURLOPT_TIMEOUT => 10,
|
||||
]);
|
||||
curl_exec($ch);
|
||||
$http_code = (int)curl_getinfo($ch, CURLINFO_HTTP_CODE);
|
||||
curl_close($ch);
|
||||
|
||||
$results[] = [
|
||||
'ip' => $ip,
|
||||
'http_code' => $http_code,
|
||||
'ok' => ($http_code >= 200 && $http_code < 300),
|
||||
];
|
||||
}
|
||||
|
||||
$elapsed_ms = (int)round((microtime(true) - $started_at) * 1000);
|
||||
|
||||
echo json_encode([
|
||||
'ok' => true,
|
||||
'elapsed_ms' => $elapsed_ms,
|
||||
'threshold' => $threshold,
|
||||
'pushed' => count($results),
|
||||
'results' => $results,
|
||||
], JSON_PRETTY_PRINT);
|
||||
Reference in New Issue
Block a user