diff options
Diffstat (limited to 'modules/private/websites/tools/tools/dmarc_reports/api.php')
-rw-r--r-- | modules/private/websites/tools/tools/dmarc_reports/api.php | 122 |
1 files changed, 0 insertions, 122 deletions
diff --git a/modules/private/websites/tools/tools/dmarc_reports/api.php b/modules/private/websites/tools/tools/dmarc_reports/api.php deleted file mode 100644 index 850f9ce..0000000 --- a/modules/private/websites/tools/tools/dmarc_reports/api.php +++ /dev/null | |||
@@ -1,122 +0,0 @@ | |||
1 | <?php | ||
2 | |||
3 | require(getenv("SECRETS_FILE")); | ||
4 | |||
5 | $response = array( | ||
6 | "status" => "ok", | ||
7 | ); | ||
8 | $mysqli = new mysqli($dbhost, $dbuser, $dbpass, $dbname, $dbport); | ||
9 | |||
10 | function error_die($text, $number) { | ||
11 | http_response_code("500"); | ||
12 | $message = array( | ||
13 | "status" => "error", | ||
14 | "message" => $text, | ||
15 | "code" => $number | ||
16 | ); | ||
17 | |||
18 | die(json_encode($message)); | ||
19 | } | ||
20 | |||
21 | $anonymous = isset($_GET['anonymous']) && $_GET['anonymous']; | ||
22 | function maybe_anonymize($string, $long = false) { | ||
23 | global $anonymous_key; | ||
24 | global $anonymous; | ||
25 | if ($anonymous) { | ||
26 | if ($long) { | ||
27 | return md5($anonymous_key . ":" . $string); | ||
28 | } else { | ||
29 | return substr(md5($anonymous_key . ":" . $string), 0, 6); | ||
30 | } | ||
31 | } else { | ||
32 | return $string; | ||
33 | } | ||
34 | } | ||
35 | |||
36 | if (!$anonymous && (!isset($_SERVER['HTTP_AUTHORIZATION']) || $_SERVER['HTTP_AUTHORIZATION'] === "")) { | ||
37 | header('WWW-Authenticate: Basic realm="Immae"'); | ||
38 | header('HTTP/1.0 401 Unauthorized'); | ||
39 | echo "You need to be authenticated to access private information"; | ||
40 | exit; | ||
41 | } | ||
42 | |||
43 | if ($mysqli->connect_errno) { | ||
44 | error_die($mysqli->connect_error, $mysqli->connect_errno); | ||
45 | } | ||
46 | |||
47 | if (!isset($_GET['serial'])) { | ||
48 | $response["domains"] = array(); | ||
49 | $query = $mysqli->query("SELECT DISTINCT domain FROM `report` ORDER BY domain"); | ||
50 | if ($mysqli->error) { error_die($mysqli->error, $mysqli->errno); } | ||
51 | while($row = $query->fetch_assoc()) { | ||
52 | $response["domains"][] = maybe_anonymize($row['domain']); | ||
53 | } | ||
54 | |||
55 | $response["orgs"] = array(); | ||
56 | $query = $mysqli->query("SELECT DISTINCT org FROM `report` ORDER BY org"); | ||
57 | if ($mysqli->error) { error_die($mysqli->error, $mysqli->errno); } | ||
58 | while($row = $query->fetch_assoc()) { | ||
59 | $response["orgs"][] = maybe_anonymize($row['org']); | ||
60 | } | ||
61 | |||
62 | $response["dates"] = array(); | ||
63 | $query = $mysqli->query("SELECT DISTINCT DISTINCT year(mindate) as year, month(mindate) as month FROM `report` ORDER BY year DESC,month DESC"); | ||
64 | if ($mysqli->error) { error_die($mysqli->error, $mysqli->errno); } | ||
65 | while($row = $query->fetch_assoc()) { | ||
66 | $response["dates"][] = sprintf( "%'.04d-%'.02d", $row['year'], $row['month'] ); | ||
67 | } | ||
68 | |||
69 | $response["summaries"] = array(); | ||
70 | if (isset($_GET['errors_only'])) { | ||
71 | $where = " WHERE (spfresult != 'pass' or dkimresult != 'pass')"; | ||
72 | } else { | ||
73 | $where = ""; | ||
74 | } | ||
75 | |||
76 | $sql = "SELECT report.* , sum(rptrecord.rcount) AS rcount, MIN(rptrecord.dkimresult) AS dkimresult, MIN(rptrecord.spfresult) AS spfresult FROM report LEFT JOIN (SELECT rcount, COALESCE(dkimresult, 'neutral') AS dkimresult, COALESCE(spfresult, 'neutral') AS spfresult, serial FROM rptrecord) AS rptrecord ON report.serial = rptrecord.serial$where GROUP BY serial ORDER BY mindate ASC, maxdate ASC, org"; | ||
77 | $query = $mysqli->query($sql); | ||
78 | if ($mysqli->error) { error_die($mysqli->error, $mysqli->errno); } | ||
79 | while($row = $query->fetch_assoc()) { | ||
80 | $wanted_keys = array( | ||
81 | 'domain', 'org', 'reportid', 'mindate', 'maxdate', 'rcount', 'serial', 'policy_adkim', 'policy_aspf', 'policy_none', 'policy_sp', 'policy_pct', 'spfresult', 'dkimresult' | ||
82 | ); | ||
83 | $row = array_intersect_key($row, array_fill_keys($wanted_keys, '1')); | ||
84 | $row["domain"] = maybe_anonymize($row["domain"]); | ||
85 | $row["org"] = maybe_anonymize($row["org"]); | ||
86 | $row["reportid"] = maybe_anonymize($row["reportid"], true); | ||
87 | $response["summaries"][] = $row; | ||
88 | } | ||
89 | } else { | ||
90 | $response["rptrecord"] = []; | ||
91 | $sql = $mysqli->prepare("SELECT * FROM rptrecord where serial = ?"); | ||
92 | $sql->bind_param("s", $_GET["serial"]); | ||
93 | $sql->execute(); | ||
94 | $query = $sql->get_result(); | ||
95 | if ($mysqli->error) { error_die($mysqli->error, $mysqli->errno); } | ||
96 | while($row = $query->fetch_assoc()) { | ||
97 | if ($row['ip']) { | ||
98 | $ip = long2ip($row['ip']); | ||
99 | $host = gethostbyaddr($ip); | ||
100 | } elseif ( $row['ip6'] ) { | ||
101 | $ip = inet_ntop($row['ip6']); | ||
102 | $host = gethostbyaddr($ip); | ||
103 | } else { | ||
104 | $ip = "-"; | ||
105 | $host = "-"; | ||
106 | } | ||
107 | $wanted_keys = array( | ||
108 | 'ip', 'host', 'rcount', 'disposition', 'reason', 'dkimdomain', 'dkimresult', 'spfdomain', 'spfresult' | ||
109 | ); | ||
110 | $row = array_intersect_key($row, array_fill_keys($wanted_keys, '1')); | ||
111 | $row['ip'] = maybe_anonymize($ip); | ||
112 | $row['host'] = maybe_anonymize($host); | ||
113 | $row['dkimdomain'] = maybe_anonymize($row['dkimdomain']); | ||
114 | $row['spfdomain'] = maybe_anonymize($row['spfdomain']); | ||
115 | $response["rptrecord"][] = $row; | ||
116 | } | ||
117 | } | ||
118 | |||
119 | header("Content-Type: application/json"); | ||
120 | |||
121 | echo json_encode($response, JSON_PRETTY_PRINT); | ||
122 | ?> | ||