2016-12-04 21:17:08 +00:00
|
|
|
<?php
|
Update index.php
* An "About Pi-hole" link on the block page provides an ELI5 explanation to those not familiar with Pi-hole
* An email contact link on the block page provides users of your Pi-hole with a means to easily get in touch with you
* Browsing to your Pi-hole's address will show a simple "landing page", which can be replaced by adding "landing.php" within "/var/www/html"
* Users manually browsing to file/image based content (i.e: non HTML based content) on blocked sites will be greeted with a small "Blocked by Pi-hole" image
* Sites that are manually blacklisted will display a notice of this on the block page
* Sites that aren't directly blocked, but have a CNAME record, will show a notification on the block page (e.g: If raw.githubusercontent.com is not blocked, but github.map.fastly.net is)
* On the block page, "Back to Safety" now directs the user to "about:home" if Javascript is disabled
* Whitelisting is disabled for installs without a password, or if a client does not have Javascript
* Known issues:
* Admin Console needs a text field under "Web User Interface" where the admin can enter a preferred contact email when a site needs to be whitelisted, to be saved to setupVars.conf with the key "ADMIN_EMAIL"
* Admin Console needs a text field under "Networking" where the admin can enter their Pi-hole's externally contactable FQDN, allowing access to their landing page when browsing to mypi.duckdns.org, to be saved to setupVars.conf with the key "FQDN"
* I am not aware of expected output of `$_SERVER["VIRTUAL_HOST"]`, so I have assumed it should be filtered as if it's a domain
2017-05-02 07:06:31 +00:00
|
|
|
/* Pi-hole: A black hole for Internet advertisements
|
|
|
|
* (c) 2017 Pi-hole, LLC (https://pi-hole.net)
|
|
|
|
* Network-wide ad blocking via your own hardware.
|
|
|
|
*
|
|
|
|
* This file is copyright under the latest version of the EUPL.
|
|
|
|
* Please see LICENSE file for your rights under this license. */
|
|
|
|
|
2020-03-10 18:31:05 +00:00
|
|
|
// Sanitize SERVER_NAME output
|
|
|
|
$serverName = htmlspecialchars($_SERVER["SERVER_NAME"]);
|
2018-08-22 07:12:15 +00:00
|
|
|
// Remove external ipv6 brackets if any
|
2018-08-22 07:11:55 +00:00
|
|
|
$serverName = preg_replace('/^\[(.*)\]$/', '${1}', $serverName);
|
Update index.php
* An "About Pi-hole" link on the block page provides an ELI5 explanation to those not familiar with Pi-hole
* An email contact link on the block page provides users of your Pi-hole with a means to easily get in touch with you
* Browsing to your Pi-hole's address will show a simple "landing page", which can be replaced by adding "landing.php" within "/var/www/html"
* Users manually browsing to file/image based content (i.e: non HTML based content) on blocked sites will be greeted with a small "Blocked by Pi-hole" image
* Sites that are manually blacklisted will display a notice of this on the block page
* Sites that aren't directly blocked, but have a CNAME record, will show a notification on the block page (e.g: If raw.githubusercontent.com is not blocked, but github.map.fastly.net is)
* On the block page, "Back to Safety" now directs the user to "about:home" if Javascript is disabled
* Whitelisting is disabled for installs without a password, or if a client does not have Javascript
* Known issues:
* Admin Console needs a text field under "Web User Interface" where the admin can enter a preferred contact email when a site needs to be whitelisted, to be saved to setupVars.conf with the key "ADMIN_EMAIL"
* Admin Console needs a text field under "Networking" where the admin can enter their Pi-hole's externally contactable FQDN, allowing access to their landing page when browsing to mypi.duckdns.org, to be saved to setupVars.conf with the key "FQDN"
* I am not aware of expected output of `$_SERVER["VIRTUAL_HOST"]`, so I have assumed it should be filtered as if it's a domain
2017-05-02 07:06:31 +00:00
|
|
|
|
2017-07-18 14:15:59 +00:00
|
|
|
// Set landing page location, found within /var/www/html/
|
2017-05-03 05:33:50 +00:00
|
|
|
$landPage = "../landing.php";
|
Update index.php
* An "About Pi-hole" link on the block page provides an ELI5 explanation to those not familiar with Pi-hole
* An email contact link on the block page provides users of your Pi-hole with a means to easily get in touch with you
* Browsing to your Pi-hole's address will show a simple "landing page", which can be replaced by adding "landing.php" within "/var/www/html"
* Users manually browsing to file/image based content (i.e: non HTML based content) on blocked sites will be greeted with a small "Blocked by Pi-hole" image
* Sites that are manually blacklisted will display a notice of this on the block page
* Sites that aren't directly blocked, but have a CNAME record, will show a notification on the block page (e.g: If raw.githubusercontent.com is not blocked, but github.map.fastly.net is)
* On the block page, "Back to Safety" now directs the user to "about:home" if Javascript is disabled
* Whitelisting is disabled for installs without a password, or if a client does not have Javascript
* Known issues:
* Admin Console needs a text field under "Web User Interface" where the admin can enter a preferred contact email when a site needs to be whitelisted, to be saved to setupVars.conf with the key "ADMIN_EMAIL"
* Admin Console needs a text field under "Networking" where the admin can enter their Pi-hole's externally contactable FQDN, allowing access to their landing page when browsing to mypi.duckdns.org, to be saved to setupVars.conf with the key "FQDN"
* I am not aware of expected output of `$_SERVER["VIRTUAL_HOST"]`, so I have assumed it should be filtered as if it's a domain
2017-05-02 07:06:31 +00:00
|
|
|
|
2017-10-03 13:46:51 +00:00
|
|
|
// Define array for hostnames to be accepted as self address for splash page
|
2020-09-06 11:53:03 +00:00
|
|
|
$authorizedHosts = [ "localhost" ];
|
2017-10-03 13:46:51 +00:00
|
|
|
if (!empty($_SERVER["FQDN"])) {
|
|
|
|
// If setenv.add-environment = ("fqdn" => "true") is configured in lighttpd,
|
|
|
|
// append $serverName to $authorizedHosts
|
|
|
|
array_push($authorizedHosts, $serverName);
|
|
|
|
} else if (!empty($_SERVER["VIRTUAL_HOST"])) {
|
|
|
|
// Append virtual hostname to $authorizedHosts
|
2017-07-18 14:15:59 +00:00
|
|
|
array_push($authorizedHosts, $_SERVER["VIRTUAL_HOST"]);
|
2017-03-05 05:58:21 +00:00
|
|
|
}
|
|
|
|
|
2017-10-03 13:46:51 +00:00
|
|
|
// Determine block page type
|
2020-03-10 18:31:05 +00:00
|
|
|
if ($serverName === "pi.hole"
|
|
|
|
|| (!empty($_SERVER["VIRTUAL_HOST"]) && $serverName === $_SERVER["VIRTUAL_HOST"])) {
|
2017-10-03 13:46:51 +00:00
|
|
|
// Redirect to Web Interface
|
Update index.php
* An "About Pi-hole" link on the block page provides an ELI5 explanation to those not familiar with Pi-hole
* An email contact link on the block page provides users of your Pi-hole with a means to easily get in touch with you
* Browsing to your Pi-hole's address will show a simple "landing page", which can be replaced by adding "landing.php" within "/var/www/html"
* Users manually browsing to file/image based content (i.e: non HTML based content) on blocked sites will be greeted with a small "Blocked by Pi-hole" image
* Sites that are manually blacklisted will display a notice of this on the block page
* Sites that aren't directly blocked, but have a CNAME record, will show a notification on the block page (e.g: If raw.githubusercontent.com is not blocked, but github.map.fastly.net is)
* On the block page, "Back to Safety" now directs the user to "about:home" if Javascript is disabled
* Whitelisting is disabled for installs without a password, or if a client does not have Javascript
* Known issues:
* Admin Console needs a text field under "Web User Interface" where the admin can enter a preferred contact email when a site needs to be whitelisted, to be saved to setupVars.conf with the key "ADMIN_EMAIL"
* Admin Console needs a text field under "Networking" where the admin can enter their Pi-hole's externally contactable FQDN, allowing access to their landing page when browsing to mypi.duckdns.org, to be saved to setupVars.conf with the key "FQDN"
* I am not aware of expected output of `$_SERVER["VIRTUAL_HOST"]`, so I have assumed it should be filtered as if it's a domain
2017-05-02 07:06:31 +00:00
|
|
|
exit(header("Location: /admin"));
|
|
|
|
} elseif (filter_var($serverName, FILTER_VALIDATE_IP) || in_array($serverName, $authorizedHosts)) {
|
2020-08-16 16:43:15 +00:00
|
|
|
// When directly browsing via IP or authorized hostname
|
|
|
|
// Render splash/landing page based off presence of $landPage file
|
2020-10-28 18:29:22 +00:00
|
|
|
// Unset variables so as to not be included in $landPage or $splashPage
|
2021-03-26 19:24:38 +00:00
|
|
|
unset($svPasswd, $svEmail, $authorizedHosts, $validExtTypes, $currentUrlExt);
|
2020-08-16 16:43:15 +00:00
|
|
|
// If $landPage file is present
|
|
|
|
if (is_file(getcwd()."/$landPage")) {
|
2021-03-26 19:24:38 +00:00
|
|
|
unset($serverName, $viewPort); // unset extra variables not to be included in $landpage
|
2020-08-16 16:43:15 +00:00
|
|
|
include $landPage;
|
|
|
|
exit();
|
|
|
|
}
|
|
|
|
// If $landPage file was not present, Set Splash Page output
|
2021-03-26 19:24:38 +00:00
|
|
|
$splashPage = <<<EOT
|
2020-05-22 12:28:32 +00:00
|
|
|
<!doctype html>
|
|
|
|
<html lang='en'>
|
|
|
|
<head>
|
|
|
|
<meta charset='utf-8'>
|
2021-10-05 14:42:06 +00:00
|
|
|
<meta name='viewport' content='width=device-width, initial-scale=1'>
|
2020-05-22 12:28:32 +00:00
|
|
|
<title>● $serverName</title>
|
2022-07-27 10:15:44 +00:00
|
|
|
<link rel='shortcut icon' href='/admin/img/favicons/favicon.ico' type='image/x-icon'>
|
2021-10-05 14:42:06 +00:00
|
|
|
<style>
|
2022-07-27 12:31:48 +00:00
|
|
|
html, body { height: 100% }
|
|
|
|
body { font: 13pt "Source Sans Pro", "Helvetica Neue", Helvetica, Arial, sans-serif; }
|
|
|
|
body { margin: 0; }
|
|
|
|
p { margin: 0; }
|
|
|
|
a { color: #3c8dbc; text-decoration: none; }
|
|
|
|
a:hover { color: #72afda; text-decoration: underline; }
|
|
|
|
#splashpage { background: #222; color: rgba(255, 255, 255, 0.7); text-align: center; display: flex; align-items: center; justify-content: center; }
|
|
|
|
#splashpage img { margin: 5px; width: 256px; }
|
|
|
|
#splashpage b { color: inherit; }
|
2021-10-05 14:42:06 +00:00
|
|
|
</style>
|
2020-05-22 12:28:32 +00:00
|
|
|
</head>
|
|
|
|
<body id='splashpage'>
|
2022-07-27 12:31:48 +00:00
|
|
|
<div>
|
2022-07-27 10:15:44 +00:00
|
|
|
<img src='/admin/img/logo.svg' alt='Pi-hole logo' width='256' height='377'>
|
2021-10-05 14:42:06 +00:00
|
|
|
<br>
|
|
|
|
<p>Pi-<strong>hole</strong>: Your black hole for Internet advertisements</p>
|
|
|
|
<a href='/admin'>Did you mean to go to the admin panel?</a>
|
2022-07-27 12:31:48 +00:00
|
|
|
</div>
|
2020-05-22 12:28:32 +00:00
|
|
|
</body>
|
2020-03-10 18:31:05 +00:00
|
|
|
</html>
|
2021-03-26 19:24:38 +00:00
|
|
|
EOT;
|
2020-08-16 16:43:15 +00:00
|
|
|
exit($splashPage);
|
2016-12-04 21:17:08 +00:00
|
|
|
}
|
Update index.php
* An "About Pi-hole" link on the block page provides an ELI5 explanation to those not familiar with Pi-hole
* An email contact link on the block page provides users of your Pi-hole with a means to easily get in touch with you
* Browsing to your Pi-hole's address will show a simple "landing page", which can be replaced by adding "landing.php" within "/var/www/html"
* Users manually browsing to file/image based content (i.e: non HTML based content) on blocked sites will be greeted with a small "Blocked by Pi-hole" image
* Sites that are manually blacklisted will display a notice of this on the block page
* Sites that aren't directly blocked, but have a CNAME record, will show a notification on the block page (e.g: If raw.githubusercontent.com is not blocked, but github.map.fastly.net is)
* On the block page, "Back to Safety" now directs the user to "about:home" if Javascript is disabled
* Whitelisting is disabled for installs without a password, or if a client does not have Javascript
* Known issues:
* Admin Console needs a text field under "Web User Interface" where the admin can enter a preferred contact email when a site needs to be whitelisted, to be saved to setupVars.conf with the key "ADMIN_EMAIL"
* Admin Console needs a text field under "Networking" where the admin can enter their Pi-hole's externally contactable FQDN, allowing access to their landing page when browsing to mypi.duckdns.org, to be saved to setupVars.conf with the key "FQDN"
* I am not aware of expected output of `$_SERVER["VIRTUAL_HOST"]`, so I have assumed it should be filtered as if it's a domain
2017-05-02 07:06:31 +00:00
|
|
|
|
2021-10-05 14:42:06 +00:00
|
|
|
exit(header("HTTP/1.1 404 Not Found"));
|
2022-03-21 21:47:42 +00:00
|
|
|
|
2016-12-04 21:17:08 +00:00
|
|
|
?>
|