WPSDK/v-wordpress-plugin-updater
2
0
Fork 0
mirror of https://github.com/djav1985/v-wordpress-plugin-updater.git synced 2025-08-17 18:11:17 +08:00
Code Issues Packages Activity Actions 1

GUI/API Update

Browse source 
Added accesslogs and some validations
This commit is contained in:
Nikolai X. Shadeauxs 2023-03-12 15:44:10 -04:00
parent 4fab155e50
commit 8dc42ac439
9 changed files with 117 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

1
update-api/HOSTS
View file

@ -1 +0,0 @@
vontainment.com 123

2
update-api/config.php
View file

@ -1,7 +1,7 @@
<?php
define('VALID_USERNAME', 'vontainment');
define('VALID_PASSWORD', 'password');
define('VALID_PASSWORD', 'Then2now85!');
define('HOSTS_ACL', '../HOSTS');
define('PLUGINS_DIR', '../plugins');

51
update-api/log-status.php Normal file
View file

@ -0,0 +1,51 @@
<?php
$log_file = '../accesslog.log'; // path to the log file
if (file_exists($log_file)) {
// read the log file into an array
$log_array = file($log_file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
// group the log entries by domain name
$log_by_domain = [];
foreach ($log_array as $entry) {
list($domain, $date, $status) = explode(' ', $entry);
$log_by_domain[$domain][] = ['date' => $date, 'status' => $status];
}
// sort the domains alphabetically
ksort($log_by_domain);
// display the log entries in five columns
$total_domains = count($log_by_domain);
$domains_per_column = $total_domains > 0 ? ceil($total_domains / 5) : 0;
$current_column = 1;
$current_domain = 1;
echo '<div class="log-columns">';
foreach ($log_by_domain as $domain => $entries) {
// display the domain name
echo '<div class="log-sub-box">';
echo '<h3>' . $domain . '</h3>';
// display the most recent entry for the domain
$last_entry = end($entries);
echo '<p class="log-entry">' . $last_entry['date'] . ' ' . $last_entry['status'] . '</p>';
echo '</div>';
// if this is the last domain in the column, close the column div and start a new one
if (($current_domain % $domains_per_column == 0) || ($current_column == 5 && $current_domain == $total_domains)) {
echo '</div><div class="log-columns">';
$current_column++;
$domains_left = $total_domains - $current_domain;
$domains_per_column = $domains_left > 0 ? ceil($domains_left / (5 - $current_column + 1)) : 0;
}
$current_domain++;
}
echo '</div>';
} else {
echo 'Log file not found.';
}

10
update-api/public/plugins-table.php → update-api/plugins-table.php
View file

@ -1,15 +1,7 @@
<?php
session_start();
// Check if user is logged in
if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) {
header("Location: login.php");
exit;
}
// Define plugins directory
$plugins_dir = "../plugins";
$plugins_dir = "./plugins";
// Check if delete plugin form was submitted
if (isset($_POST['delete_plugin'])) {

9
update-api/public/api.php
View file

@ -1,4 +1,5 @@
<?php
/**
* WP Plugin Update API
* Version: 1.1
@ -7,7 +8,7 @@
*/
// Include the config file
require_once ('../config.php');
require_once('../config.php');
// Get the domain name, key, plugin slug, and plugin version from the request
$domain = isset($_GET['domain']) ? $_GET['domain'] : '';
@ -33,6 +34,8 @@ if ($host_file = @fopen(HOSTS_ACL, 'r')) {
$zip_url = 'http://' . $_SERVER['HTTP_HOST'] . '/download.php?domain=' . $domain . '&key=' . $key . '&file=' . $filename;
header('Content-Type: application/json');
echo json_encode(['zip_url' => $zip_url]);
$log_message = $domain . ' ' . date('Y-m-d') . ' Successful';
file_put_contents('../accesslog.log', $log_message . PHP_EOL, LOCK_EX | FILE_APPEND);
exit();
}
}
@ -41,6 +44,8 @@ if ($host_file = @fopen(HOSTS_ACL, 'r')) {
http_response_code(204);
header('Content-Type: application/json');
header('Content-Length: 0');
$log_message = $domain . ' ' . date('Y-m-d,h:i:sa') . ' Successful';
file_put_contents('../accesslog.log', $log_message . PHP_EOL, LOCK_EX | FILE_APPEND);
exit();
}
}
@ -51,4 +56,6 @@ if ($host_file = @fopen(HOSTS_ACL, 'r')) {
header('HTTP/1.1 401 Unauthorized');
echo 'Unauthorized';
error_log('Unauthorized access: ' . $_SERVER['REMOTE_ADDR']);
$log_message = $domain . ' ' . date('Y-m-d') . ' Failed';
file_put_contents('../accesslog.log', $log_message . PHP_EOL, LOCK_EX | FILE_APPEND);
exit();

21
update-api/public/index.php
View file

@ -6,13 +6,6 @@ Author: Vontainment
Author URI: https://vontainment.com
*/
// Check if the user is logged in
session_start();
if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) {
header('Location: login.php');
exit();
}
// Display the content for logged in users
?>
@ -62,7 +55,7 @@ if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) {
$domain = $_POST['domain'];
$key = $_POST['key'];
$new_entry = $domain . ' ' . $key;
file_put_contents($hosts_file, "\n" . $new_entry, FILE_APPEND | LOCK_EX);
file_put_contents($hosts_file, $new_entry . "\n", FILE_APPEND | LOCK_EX);
}
// Display the table of entries
@ -165,7 +158,7 @@ if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) {
<div class="section">
<h2>Plugins</h2>
<div id="plugins_table">
<?php include('plugins-table.php'); ?>
<?php include('../plugins-table.php'); ?>
</div>
<div class="section">
@ -179,7 +172,7 @@ if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) {
<script>
function updatePluginsTable() {
$.ajax({
url: 'plugins-table.php',
url: '../plugins-table.php',
success: function(data) {
$('#plugins_table').html(data);
},
@ -237,7 +230,13 @@ if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) {
});
});
</script>
</div>
<div class="section">
<h2>Access Logs</h2>
<div class="log-box">
<?php include '../log-status.php'; ?>
</div>
</div>
</body>
</html>

2
update-api/public/php.ini
View file

@ -1,2 +0,0 @@
ini_set('display_errors', 1);
error_reporting(E_ALL);

66
update-api/public/static/css/index.css
View file

@ -1,15 +1,13 @@
/* Global styles */
body {
max-width: 100%;
overflow-x: hidden;
background-color: #f1f1f1;
background-image: url("../img/background.png");
background-repeat: repeat;
margin: 0 0 40px 0;
margin: 0;
font-size: 16px;
}
/* Header */
header {
display: flex;
align-items: center;
@ -38,7 +36,6 @@ header {
color: white;
}
/* Section */
.section {
background-color: #ffffff;
border: 2px solid #2ecc71;
@ -53,6 +50,42 @@ header {
max-width: 400px;
}
.log-box {
display: flex;
flex-direction: row;
flex-wrap: wrap;
}
.log-columns {
margin: 10px;
padding: 10px;
font-size: 18px;
min-width: 17.8%;
}
.log-sub-box {
display: flex;
flex-wrap: nowrap;
flex-direction: column;
border: 2px solid #2ecc71;
box-shadow: rgba(0, 0, 0, 0.15) 1.95px 1.95px 2.6px;
margin-bottom: 20px;
padding: 10px;
}
.log-entry {
font-size: 16px;
}
.row {
display: flex;
}
.column {
flex: 50%;
padding: 10px;
}
/* Form */
.form-group {
margin-bottom: 10px;
@ -87,16 +120,6 @@ input[type="submit"]:hover {
box-shadow: rgba(0, 0, 0, 0.07) 1.5px 1.5px 2.2px;
}
/* Grid */
.row {
display: flex;
}
.column {
flex: 50%;
padding: 10px;
}
/* Table */
table {
width: 100%;
@ -113,6 +136,7 @@ td {
th {
background-color: #f2f2f2;
}
/* For screens up to 767px wide */
/* Styles for smaller screens */
@ -123,16 +147,12 @@ th {
.section {
border: 2px solid #ffffff;
margin: 0px;
margin: 0 0 39px 0;
padding: 0 20px;
}
thead > tr th:nth-child(3) {
width: 80px;
}
#plugins-table-wrapper thead > tr th:nth-child(2) {
width: 80px;
.log-columns {
width: 100%;
}
.row {
@ -150,6 +170,10 @@ th {
margin: 10px 0 10px auto;
}
thead > tr th:nth-child(3) {
width: 80px;
}
input[type="submit"] {
margin-top: 5px;
margin-bottom: 5px;

2
update-api/public/upload-plugin.php → update-api/upload-plugin.php
View file

@ -16,7 +16,7 @@ if ($_FILES['plugin_file']['error'] !== UPLOAD_ERR_OK) {
} elseif (!in_array($file_extension, $allowed_extensions)) {
echo '<p class="error">Invalid file type. Only .zip files are allowed.</p>';
} else {
$plugin_path = '../plugins/' . $_FILES['plugin_file']['name'];
$plugin_path = './plugins/' . $_FILES['plugin_file']['name'];
if (file_exists($plugin_path)) {
echo '<p class="error">File already exists.</p>';
} else {