Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /* AUTH KC 30-01-14
- MOD CS 31-1-14 1.1 bug fixes
- MOD KC 31-1-14 1.2 array to yield right format plus header
- MOD KC 31-1-14 1.3 strip types from snmp returned values
- MOD KC 31-1-14 1.4 numerics from strings using floatval()
- MOD CS 31-1-14 1.5 corrected explode() syntax
- MOD KC 31-1-14 1.6 queryystrings, formats match spec, error return
- MOD CS 31-1-14 1.7 bug fix
- MOD KC 31-1-14 1.8 fine tune date format
- MOD PT 25-2-14 1.9 added chilli_query commands - login, logout and status. errorcodes: 100 - success; 101 - unexpected reply from chilli_query; 204 - failed; 205 - missing parameter
- MOD PT 25-2-14 1.91 fixed query_string selector. It was comparing everything AFTER the ? to the cases below. Should only check for the first value.
- MOD PT 25-2-14 1.92 fixed some permission related issues running chilli_query
- MOD CS 28-2-14 1.93 security fix using escaped_command
- MOD CS 04-2-14 1.94 Fixed calculations of GPS postions.
- Make sure VER increments with mods
- returns json structure with
- Time requested in RFC 2822
- Time script completes (near as) RFC 2822
- Lat and long or n logged on users depending on querystring
- Dependencies: modded snmpd.conf, chilli-count.sh or dnat.sh
- refers docs:
- ICD-9999800735-01-001-20140124-EN-User Request Webservice.docx
- */
- header('Content-Type: application/json');
- $VER = '1.94';
- $REQUEST_TYPE = $_SERVER['QUERY_STRING'];
- #$REQUEST_TIME = date("Y-m-d \T H:i:s", time());
- if (isset($_REQUEST['users'])) {
- /*
- * Number of users connected
- */
- $count = snmpget('localhost', 'nocqat', '.1.3.6.1.4.1.8072.1.3.2.4.1.2.12.99.104.105.108.108.105.45.99.111.117.110.116.1', 5000, 5);
- $parsecount = explode(':', $count);
- $count = floatval(ltrim($parsecount[1]));
- $output = array(
- 'version' => $VER,
- 'count' => $count,
- 'CreateDate' => date("Y-m-d\TH:i:s", time()),
- 'RegDate' => $REQUEST_TIME
- );
- echo json_encode($output);
- }
- else {
- /*
- * GPS position of train
- */
- if (isset($_REQUEST['position'])) {
- $lat = snmpget('localhost', 'nocqat', '.1.3.6.1.4.1.30036.1.1.1.2.4.0', 5000, 5);
- $long = snmpget('localhost', 'nocqat', '.1.3.6.1.4.1.30036.1.1.1.2.3.0', 5000, 5);
- $parselat = explode(':', $lat);
- $parselong = explode(':', $long);
- $gpsLat = trim($parselat[1]);
- $lat = ($gpsLat * 90) / 2147483647;
- $gpsLong = trim($parselong[1]);
- $long = ($gpsLong * 180) / 2147483647;
- $output = array(
- 'version' => $VER,
- 'lat' => $lat,
- 'long' => $long,
- 'CreateDate' => date("Y-m-d\TH:i:s", time()),
- 'RegDate' => $REQUEST_TIME
- );
- echo json_encode($output);
- }
- else {
- /*
- * Login request
- */
- if (isset($_REQUEST['login'])) {
- $ip = $_SERVER['REMOTE_ADDR'];
- $username = '';
- $password = '';
- // escapeshell to remove unwanted characters for security reasons
- $command = '/sbin/chilli_query login ip ' . $ip . ' username ' . $username . ' password ' . $password . ' 2>&1';
- echo $command;
- $escaped_command = escapeshellcmd($command);
- system($escaped_command);
- usleep(1000000); //wait to make sure the client is logged on
- // escapeshell to remove unwanted characters for security reasons
- $command = '/sbin/chilli_query list ip ' . $ip;
- $escaped_command = escapeshellcmd($command);
- $status = shell_exec($escaped_command);
- $logged_on = explode(' ', $status);
- switch ($logged_on[4]) {
- case '1':
- $output = array(
- 'errorcode' => '100'
- );
- break;
- case '0':
- $output = array(
- 'errorcode' => '204'
- );
- break;
- default:
- $output = array(
- 'errorcode' => '101'
- );
- break;
- }
- echo json_encode($output);
- }
- else {
- /*
- * Authorize request
- */
- if (isset($_REQUEST['release_ip'])) {
- $ip = $_REQUEST['release_ip'];
- $username = '';
- $password = '';
- // escapeshell to remove unwanted characters for security reasons
- $command = '/sbin/chilli_query authorize ip ' . $ip . ' username ' . $username . ' password ' . $password . ' 2>&1';
- echo $command;
- $escaped_command = escapeshellcmd($command);
- system($escaped_command);
- usleep(1000000); //wait to make sure the client is logged on
- // escapeshell to remove unwanted characters for security reasons
- $command = '/sbin/chilli_query list ip ' . $ip;
- $escaped_command = escapeshellcmd($command);
- $status = shell_exec($escaped_command);
- $logged_on = explode(' ', $status);
- switch ($logged_on[4]) {
- case '1':
- $output = array(
- 'errorcode' => '100'
- );
- break;
- case '0':
- $output = array(
- 'errorcode' => '204'
- );
- break;
- default:
- $output = array(
- 'errorcode' => '101'
- );
- break;
- }
- echo json_encode($output);
- }
- else {
- /*
- * Logout request
- */
- if (isset($_REQUEST['logout'])) {
- $ip = $_SERVER['REMOTE_ADDR'];
- // escapeshell to remove unwanted characters for security reasons
- $command = '/sbin/chilli_query logout ip ' . $ip;
- $escaped_command = escapeshellcmd($command);
- system($escaped_command);
- usleep(500000); //wait to make sure the client is logged on
- // escapeshell to remove unwanted characters for security reasons
- $command = '/sbin/chilli_query list ip ' . $ip;
- $escaped_command = escapeshellcmd($command);
- $status = shell_exec($escaped_command);
- $logged_on = explode(' ', $status);
- switch ($logged_on[4]) {
- case '0':
- $output = array(
- 'errorcode' => '100'
- );
- break;
- default:
- $output = array(
- 'errorcode' => '204'
- );
- break;
- }
- echo json_encode($output);
- }
- else {
- /*
- * Status request
- */
- if (isset($_REQUEST['status'])) {
- $target = $_SERVER['REMOTE_ADDR'];
- if (!$output) {
- // either MAC or IP must be supplied - if not the $output would be set already containing the errorcode.
- // escapeshell to remove unwanted characters for security reasons
- $command = '/sbin/chilli_query list ip ' . $target . ' 2>&1';
- $escaped_command = escapeshellcmd($command);
- $status = shell_exec($escaped_command);
- // $status = shell_exec('/sbin/chilli_query list ip ' . $target.' 2>&1');
- $output = explode(' ', $status);
- $output['errorcode'] = '100';
- }
- echo json_encode($output);
- }
- else {
- $output = array(
- 'error' => 'bad data query'
- );
- echo json_encode($output);
- }
- }
- }
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement