]>
Commit | Line | Data |
---|---|---|
7df5e532 IB |
1 | <?php |
2 | ||
3 | require(getenv("SECRETS_FILE")); | |
4 | ||
5 | $response = array( | |
6 | "status" => "ok", | |
7 | ); | |
8 | $mysqli = new mysqli($dbhost, $dbuser, $dbpass, $dbname, $dbport); | |
9 | ||
10 | function error_die($text, $number) { | |
11 | http_response_code("500"); | |
12 | $message = array( | |
13 | "status" => "error", | |
14 | "message" => $text, | |
15 | "code" => $number | |
16 | ); | |
17 | ||
18 | die(json_encode($message)); | |
19 | } | |
20 | ||
9c08c3bc IB |
21 | $anonymous = isset($_GET['anonymous']) && $_GET['anonymous']; |
22 | function maybe_anonymize($string, $long = false) { | |
23 | global $anonymous_key; | |
24 | global $anonymous; | |
25 | if ($anonymous) { | |
26 | if ($long) { | |
27 | return md5($anonymous_key . ":" . $string); | |
28 | } else { | |
29 | return substr(md5($anonymous_key . ":" . $string), 0, 6); | |
30 | } | |
31 | } else { | |
32 | return $string; | |
33 | } | |
34 | } | |
35 | ||
36 | if (!$anonymous && (!isset($_SERVER['HTTP_AUTHORIZATION']) || $_SERVER['HTTP_AUTHORIZATION'] === "")) { | |
37 | header('WWW-Authenticate: Basic realm="Immae"'); | |
38 | header('HTTP/1.0 401 Unauthorized'); | |
39 | echo "You need to be authenticated to access private information"; | |
40 | exit; | |
41 | } | |
42 | ||
7df5e532 IB |
43 | if ($mysqli->connect_errno) { |
44 | error_die($mysqli->connect_error, $mysqli->connect_errno); | |
45 | } | |
46 | ||
47 | if (!isset($_GET['serial'])) { | |
48 | $response["domains"] = array(); | |
49 | $query = $mysqli->query("SELECT DISTINCT domain FROM `report` ORDER BY domain"); | |
50 | if ($mysqli->error) { error_die($mysqli->error, $mysqli->errno); } | |
51 | while($row = $query->fetch_assoc()) { | |
9c08c3bc | 52 | $response["domains"][] = maybe_anonymize($row['domain']); |
7df5e532 IB |
53 | } |
54 | ||
55 | $response["orgs"] = array(); | |
56 | $query = $mysqli->query("SELECT DISTINCT org FROM `report` ORDER BY org"); | |
57 | if ($mysqli->error) { error_die($mysqli->error, $mysqli->errno); } | |
58 | while($row = $query->fetch_assoc()) { | |
9c08c3bc | 59 | $response["orgs"][] = maybe_anonymize($row['org']); |
7df5e532 IB |
60 | } |
61 | ||
62 | $response["dates"] = array(); | |
63 | $query = $mysqli->query("SELECT DISTINCT DISTINCT year(mindate) as year, month(mindate) as month FROM `report` ORDER BY year DESC,month DESC"); | |
64 | if ($mysqli->error) { error_die($mysqli->error, $mysqli->errno); } | |
65 | while($row = $query->fetch_assoc()) { | |
66 | $response["dates"][] = sprintf( "%'.04d-%'.02d", $row['year'], $row['month'] ); | |
67 | } | |
68 | ||
69 | $response["summaries"] = array(); | |
70 | if (isset($_GET['errors_only'])) { | |
71 | $where = " WHERE (spfresult != 'pass' or dkimresult != 'pass')"; | |
72 | } else { | |
73 | $where = ""; | |
74 | } | |
75 | ||
76 | $sql = "SELECT report.* , sum(rptrecord.rcount) AS rcount, MIN(rptrecord.dkimresult) AS dkimresult, MIN(rptrecord.spfresult) AS spfresult FROM report LEFT JOIN (SELECT rcount, COALESCE(dkimresult, 'neutral') AS dkimresult, COALESCE(spfresult, 'neutral') AS spfresult, serial FROM rptrecord) AS rptrecord ON report.serial = rptrecord.serial$where GROUP BY serial ORDER BY mindate ASC, maxdate ASC, org"; | |
77 | $query = $mysqli->query($sql); | |
78 | if ($mysqli->error) { error_die($mysqli->error, $mysqli->errno); } | |
79 | while($row = $query->fetch_assoc()) { | |
9c08c3bc IB |
80 | $wanted_keys = array( |
81 | 'domain', 'org', 'reportid', 'mindate', 'maxdate', 'rcount', 'serial', 'policy_adkim', 'policy_aspf', 'policy_none', 'policy_sp', 'policy_pct', 'spfresult', 'dkimresult' | |
82 | ); | |
83 | $row = array_intersect_key($row, array_fill_keys($wanted_keys, '1')); | |
84 | $row["domain"] = maybe_anonymize($row["domain"]); | |
85 | $row["org"] = maybe_anonymize($row["org"]); | |
86 | $row["reportid"] = maybe_anonymize($row["reportid"], true); | |
7df5e532 IB |
87 | $response["summaries"][] = $row; |
88 | } | |
89 | } else { | |
90 | $response["rptrecord"] = []; | |
91 | $sql = $mysqli->prepare("SELECT * FROM rptrecord where serial = ?"); | |
92 | $sql->bind_param("s", $_GET["serial"]); | |
93 | $sql->execute(); | |
94 | $query = $sql->get_result(); | |
95 | if ($mysqli->error) { error_die($mysqli->error, $mysqli->errno); } | |
96 | while($row = $query->fetch_assoc()) { | |
97 | if ($row['ip']) { | |
98 | $ip = long2ip($row['ip']); | |
99 | $host = gethostbyaddr($ip); | |
100 | } elseif ( $row['ip6'] ) { | |
101 | $ip = inet_ntop($row['ip6']); | |
102 | $host = gethostbyaddr($ip); | |
103 | } else { | |
104 | $ip = "-"; | |
105 | $host = "-"; | |
106 | } | |
9c08c3bc IB |
107 | $wanted_keys = array( |
108 | 'ip', 'host', 'rcount', 'disposition', 'reason', 'dkimdomain', 'dkimresult', 'spfdomain', 'spfresult' | |
109 | ); | |
110 | $row = array_intersect_key($row, array_fill_keys($wanted_keys, '1')); | |
111 | $row['ip'] = maybe_anonymize($ip); | |
112 | $row['host'] = maybe_anonymize($host); | |
113 | $row['dkimdomain'] = maybe_anonymize($row['dkimdomain']); | |
114 | $row['spfdomain'] = maybe_anonymize($row['spfdomain']); | |
7df5e532 IB |
115 | $response["rptrecord"][] = $row; |
116 | } | |
117 | } | |
118 | ||
119 | echo json_encode($response, JSON_PRETTY_PRINT); | |
120 | ?> |