forked from telephone/LookingGlass
-
Notifications
You must be signed in to change notification settings - Fork 1
/
ajax.php
58 lines (51 loc) · 1.59 KB
/
ajax.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
<?php
/**
* LookingGlass - User friendly PHP Looking Glass
*
* @package LookingGlass
* @author Nick Adams <nick@iamtelephone.com>
* @copyright 2015 Nick Adams.
* @link http://iamtelephone.com
* @license http://opensource.org/licenses/MIT MIT License
* @version 1.3.0
*/
/**
* NOTE:
* Version 1 will continue to allow direct access to ajax.php (no CSRF protection).
* I recommend setting a reasonable rate-limit to overcome abuse
*/
/*
* Uncomment below to enable debug output
* --------------------------------------
// error_reporting(E_ALL);
// ini_set('display_errors', 'on');
*/
// check whether command and host are set
if (isset($_GET['cmd']) && isset($_GET['host'])) {
// define available commands
$cmds = array('host', 'mtr', 'mtr6', 'ping', 'ping6', 'traceroute', 'traceroute6');
// verify command
if (in_array($_GET['cmd'], $cmds)) {
// include required scripts
$required = array('LookingGlass.php', 'RateLimit.php', 'Config.php');
foreach ($required as $val) {
require 'LookingGlass/' . $val;
}
// lazy check
if (!isset($rateLimit)) {
$rateLimit = 0;
}
// instantiate LookingGlass & RateLimit
$lg = new Telephone\LookingGlass();
$limit = new Telephone\LookingGlass\RateLimit($rateLimit);
// check IP against database
$limit->rateLimit($rateLimit);
// execute command
$output = $lg->{$_GET['cmd']}($_GET['host']);
if ($output) {
exit();
}
}
}
// report error
exit('Unauthorized request');