API tools faq
paste
Advertisement
Guest User

Ns dingen

a guest
Jan 30th, 2018
98
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.00 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /* AUTH KC 30-01-14
  4. MOD CS 31-1-14 1.1 bug fixes
  5. MOD KC 31-1-14 1.2 array to yield right format plus header
  6. MOD KC 31-1-14 1.3 strip types from snmp returned values
  7. MOD KC 31-1-14 1.4 numerics from strings using floatval()
  8. MOD CS 31-1-14 1.5 corrected explode() syntax
  9. MOD KC 31-1-14 1.6 queryystrings, formats match spec, error return
  10. MOD CS 31-1-14 1.7 bug fix
  11. MOD KC 31-1-14 1.8 fine tune date format
  12. MOD PT 25-2-14 1.9 added chilli_query commands - login, logout and status. errorcodes: 100 - success; 101 - unexpected reply from chilli_query; 204 - failed; 205 - missing parameter
  13. MOD PT 25-2-14 1.91 fixed query_string selector. It was comparing everything AFTER the ? to the cases below. Should only check for the first value.
  14. MOD PT 25-2-14 1.92 fixed some permission related issues running chilli_query
  15. MOD CS 28-2-14 1.93 security fix using escaped_command
  16. MOD CS 04-2-14 1.94 Fixed calculations of GPS postions.
  17. Make sure VER increments with mods
  18. returns json structure with
  19. Time requested in RFC 2822
  20. Time script completes (near as) RFC 2822
  21. Lat and long or n logged on users depending on querystring
  22. Dependencies: modded snmpd.conf, chilli-count.sh or dnat.sh
  23. refers docs:
  24. ICD-9999800735-01-001-20140124-EN-User Request Webservice.docx
  25. */
  26.  
  27. header('Content-Type: application/json');
  28. $VER = '1.94';
  29. $REQUEST_TYPE = $_SERVER['QUERY_STRING'];
  30. #$REQUEST_TIME = date("Y-m-d \T H:i:s", time());
  31.  
  32. if (isset($_REQUEST['users'])) {
  33. /*
  34. * Number of users connected
  35. */
  36. $count = snmpget('localhost', 'nocqat', '.1.3.6.1.4.1.8072.1.3.2.4.1.2.12.99.104.105.108.108.105.45.99.111.117.110.116.1', 5000, 5);
  37. $parsecount = explode(':', $count);
  38. $count = floatval(ltrim($parsecount[1]));
  39. $output = array(
  40. 'version' => $VER,
  41. 'count' => $count,
  42. 'CreateDate' => date("Y-m-d\TH:i:s", time()),
  43. 'RegDate' => $REQUEST_TIME
  44. );
  45. echo json_encode($output);
  46. }
  47.  
  48.  
  49. else {
  50. /*
  51. * GPS position of train
  52. */
  53. if (isset($_REQUEST['position'])) {
  54. $lat = snmpget('localhost', 'nocqat', '.1.3.6.1.4.1.30036.1.1.1.2.4.0', 5000, 5);
  55. $long = snmpget('localhost', 'nocqat', '.1.3.6.1.4.1.30036.1.1.1.2.3.0', 5000, 5);
  56.  
  57. $parselat = explode(':', $lat);
  58. $parselong = explode(':', $long);
  59. $gpsLat = trim($parselat[1]);
  60. $lat = ($gpsLat * 90) / 2147483647;
  61. $gpsLong = trim($parselong[1]);
  62. $long = ($gpsLong * 180) / 2147483647;
  63. $output = array(
  64. 'version' => $VER,
  65. 'lat' => $lat,
  66. 'long' => $long,
  67. 'CreateDate' => date("Y-m-d\TH:i:s", time()),
  68. 'RegDate' => $REQUEST_TIME
  69. );
  70. echo json_encode($output);
  71. }
  72.  
  73.  
  74.  
  75.  
  76. else {
  77. /*
  78. * Login request
  79. */
  80. if (isset($_REQUEST['login'])) {
  81. $ip = $_SERVER['REMOTE_ADDR'];
  82. $username = '';
  83. $password = '';
  84.  
  85. // escapeshell to remove unwanted characters for security reasons
  86. $command = '/sbin/chilli_query login ip ' . $ip . ' username ' . $username . ' password ' . $password . ' 2>&1';
  87. echo $command;
  88. $escaped_command = escapeshellcmd($command);
  89. system($escaped_command);
  90. usleep(1000000); //wait to make sure the client is logged on
  91.  
  92. // escapeshell to remove unwanted characters for security reasons
  93. $command = '/sbin/chilli_query list ip ' . $ip;
  94. $escaped_command = escapeshellcmd($command);
  95. $status = shell_exec($escaped_command);
  96. $logged_on = explode(' ', $status);
  97. switch ($logged_on[4]) {
  98. case '1':
  99. $output = array(
  100. 'errorcode' => '100'
  101. );
  102. break;
  103. case '0':
  104. $output = array(
  105. 'errorcode' => '204'
  106. );
  107. break;
  108. default:
  109. $output = array(
  110. 'errorcode' => '101'
  111. );
  112. break;
  113. }
  114.  
  115. echo json_encode($output);
  116. }
  117. else {
  118. /*
  119. * Authorize request
  120. */
  121. if (isset($_REQUEST['release_ip'])) {
  122. $ip = $_REQUEST['release_ip'];
  123. $username = '';
  124. $password = '';
  125.  
  126.  
  127. // escapeshell to remove unwanted characters for security reasons
  128. $command = '/sbin/chilli_query authorize ip ' . $ip . ' username ' . $username . ' password ' . $password . ' 2>&1';
  129. echo $command;
  130. $escaped_command = escapeshellcmd($command);
  131. system($escaped_command);
  132. usleep(1000000); //wait to make sure the client is logged on
  133.  
  134. // escapeshell to remove unwanted characters for security reasons
  135. $command = '/sbin/chilli_query list ip ' . $ip;
  136. $escaped_command = escapeshellcmd($command);
  137. $status = shell_exec($escaped_command);
  138. $logged_on = explode(' ', $status);
  139. switch ($logged_on[4]) {
  140. case '1':
  141. $output = array(
  142. 'errorcode' => '100'
  143. );
  144. break;
  145. case '0':
  146. $output = array(
  147. 'errorcode' => '204'
  148. );
  149. break;
  150. default:
  151. $output = array(
  152. 'errorcode' => '101'
  153. );
  154. break;
  155. }
  156.  
  157. echo json_encode($output);
  158. }
  159.  
  160.  
  161.  
  162.  
  163. else {
  164. /*
  165. * Logout request
  166. */
  167. if (isset($_REQUEST['logout'])) {
  168. $ip = $_SERVER['REMOTE_ADDR'];
  169.  
  170. // escapeshell to remove unwanted characters for security reasons
  171. $command = '/sbin/chilli_query logout ip ' . $ip;
  172. $escaped_command = escapeshellcmd($command);
  173. system($escaped_command);
  174. usleep(500000); //wait to make sure the client is logged on
  175.  
  176. // escapeshell to remove unwanted characters for security reasons
  177. $command = '/sbin/chilli_query list ip ' . $ip;
  178. $escaped_command = escapeshellcmd($command);
  179. $status = shell_exec($escaped_command);
  180. $logged_on = explode(' ', $status);
  181. switch ($logged_on[4]) {
  182. case '0':
  183. $output = array(
  184. 'errorcode' => '100'
  185. );
  186. break;
  187. default:
  188. $output = array(
  189. 'errorcode' => '204'
  190. );
  191. break;
  192. }
  193.  
  194. echo json_encode($output);
  195. }
  196.  
  197. else {
  198. /*
  199. * Status request
  200. */
  201. if (isset($_REQUEST['status'])) {
  202. $target = $_SERVER['REMOTE_ADDR'];
  203.  
  204. if (!$output) {
  205. // either MAC or IP must be supplied - if not the $output would be set already containing the errorcode.
  206. // escapeshell to remove unwanted characters for security reasons
  207. $command = '/sbin/chilli_query list ip ' . $target . ' 2>&1';
  208. $escaped_command = escapeshellcmd($command);
  209. $status = shell_exec($escaped_command);
  210. // $status = shell_exec('/sbin/chilli_query list ip ' . $target.' 2>&1');
  211. $output = explode(' ', $status);
  212. $output['errorcode'] = '100';
  213. }
  214. echo json_encode($output);
  215. }
  216. else {
  217. $output = array(
  218. 'error' => 'bad data query'
  219. );
  220. echo json_encode($output);
  221. }
  222. }
  223. }
  224. }
  225. }
  226. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!