Merge pull request pi-hole#1666 from pi-hole/release/v5.2.2

Pi-hole web v5.2.2
innotronic · Dec 24, 2020 · 780dff0 · 780dff0
2 parents 8ac95be + a3656d0
commit 780dff0
Show file tree

Hide file tree

Showing 30 changed files with 513 additions and 9,935 deletions.
diff --git a/api_FTL.php b/api_FTL.php
@@ -323,7 +323,7 @@
 		{
 			$tmp = explode(" ",$line);
 			// UTF-8 encode domain
-			$tmp[2] = utf8_encode($tmp[2]);
+			$tmp[2] = utf8_encode(str_replace("~"," ",$tmp[2]));
 			// UTF-8 encode client host name
 			$tmp[3] = utf8_encode($tmp[3]);
 			array_push($allQueries,$tmp);
@@ -333,7 +333,7 @@
 		$data = array_merge($data, $result);
 	}
 
-	if(isset($_GET["recentBlocked"]))
+	if(isset($_GET["recentBlocked"]) && $auth)
 	{
 		sendRequestFTL("recentBlocked");
 		die(utf8_encode(getResponseFTL()[0]));

diff --git a/api_db.php b/api_db.php
@@ -154,7 +154,7 @@ function resolveHostname($clientip, $printIP)
 						break;
 				}
 				// array:        time     type         domain                client           status   upstream destination
-				$allQueries[] = [$row[0], $query_type, utf8_encode($row[2]), utf8_encode($c), $row[4], utf8_encode($row[5])];
+				$allQueries[] = [$row[0], $query_type, utf8_encode(str_replace("~"," ",$row[2])), utf8_encode($c), $row[4], utf8_encode($row[5])];
 			}
 	}
 	$result = array('data' => $allQueries);

diff --git a/cname_records.php b/cname_records.php
@@ -39,6 +39,11 @@
                 </div>
             </div>
             <div class="box-footer clearfix">
+              <strong>Note:</strong>
+              <p>The target of a <code>CNAME</code> must be a domain that the Pi-hole already has in its cache or is authoritative for. This is an universal limitation of <code>CNAME</code> records.</p>
+              <p>The reason for this is that Pi-hole will not send additional queries upstream when serving <code>CNAME</code> replies. As consequence, if you set a target that isn't already known, the reply to the client may be incomplete. Pi-hole just returns the information it knows at the time of the query. This results in certain limitations for <code>CNAME</code> targets,
+                for instance, only <i>active</i> DHCP leases work as targets - mere DHCP <i>leases</i> aren't sufficient as they aren't (yet) valid DNS records.</p>
+                <p>Additionally, you can't <code>CNAME</code> external domains (<code>bing.com</code> to <code>google.com</code>) successfully as this could result in invalid SSL certificate errors when the target server does not serve content for the requested domain.</p>
                 <button type="button" id="btnAdd" class="btn btn-primary pull-right">Add</button>
             </div>
         </div>

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -23,17 +23,16 @@
     "test": "npm run prettier:check && npm run xo"
   },
   "devDependencies": {
-    "autoprefixer": "^9.8.6",
+    "autoprefixer": "^10.1.0",
     "eslint-plugin-compat": "^3.8.0",
-    "postcss-cli": "^7.1.2",
+    "postcss": "^8.2.1",
+    "postcss-cli": "^8.3.0",
     "prettier": "2.2.1",
-    "xo": "^0.35.0"
+    "xo": "^0.36.1"
   },
   "browserslist": [
     "defaults",
-    "Explorer >= 11",
-    "not ExplorerMobile <= 11",
-    "not Safari 5.1"
+    "Explorer >= 11"
   ],
   "prettier": {
     "arrowParens": "avoid",

diff --git a/scripts/pi-hole/js/db_queries.js b/scripts/pi-hole/js/db_queries.js
@@ -324,8 +324,8 @@ $(function () {
         }
       },
       { width: "10%" },
-      { width: "40%" },
-      { width: "20%", type: "ip-address" },
+      { width: "40%", render: $.fn.dataTable.render.text() },
+      { width: "20%", type: "ip-address", render: $.fn.dataTable.render.text() },
       { width: "10%" },
       { width: "5%" }
     ],

diff --git a/scripts/pi-hole/js/index.js b/scripts/pi-hole/js/index.js
@@ -12,8 +12,8 @@ var timeLineChart, clientsChart;
 var queryTypePieChart, forwardDestinationPieChart;
 
 var THEME_COLORS = [
-  "#3c8dbc",
   "#f56954",
+  "#3c8dbc",
   "#00a65a",
   "#00c0ef",
   "#f39c12",

diff --git a/scripts/pi-hole/js/queries.js b/scripts/pi-hole/js/queries.js
@@ -185,12 +185,12 @@ $(function () {
             '<button type="button" class="btn btn-default btn-sm text-green"><i class="fas fa-check"></i> Whitelist</button>';
           isCNAME = true;
           break;
-        case 12:
+        case "12":
           colorClass = "text-green";
           fieldtext = "Retried";
           buttontext = "";
           break;
-        case 13:
+        case "13":
           colorClass = "text-green";
           fieldtext = "Retried <br class='hidden-lg'>(ignored)";
           buttontext = "";
@@ -201,7 +201,7 @@ $(function () {
           buttontext = "";
       }
 
-      fieldtext += '<input type="hidden" name="id" value="' + data[4] + '">';
+      fieldtext += '<input type="hidden" name="id" value="' + parseInt(data[4], 10) + '">';
 
       if (colorClass !== false) {
         $(row).addClass(colorClass);

diff --git a/scripts/pi-hole/php/func.php b/scripts/pi-hole/php/func.php
@@ -302,6 +302,9 @@ function addCustomCNAMEEntry($domain="", $target="", $json=true)
         if (empty($target))
             return returnError("Target must be set", $json);
 
+        if (!is_valid_domain_name($target))
+            return returnError("Target must be valid", $json);
+
         // Check if each submitted domain is valid
         $domains = array_map('trim', explode(",", $domain));
         foreach ($domains as $d) {

diff --git a/scripts/pi-hole/php/groups.php b/scripts/pi-hole/php/groups.php
@@ -345,6 +345,8 @@ function JSON_error($message = null)
 } elseif ($_POST['action'] == 'edit_client') {
     // Edit client identified by ID
     try {
+        $db->query('BEGIN TRANSACTION;');
+
         $stmt = $db->prepare('UPDATE client SET comment=:comment WHERE id = :id');
         if (!$stmt) {
             throw new Exception('While preparing statement: ' . $db->lastErrorMsg());
@@ -380,7 +382,6 @@ function JSON_error($message = null)
             throw new Exception('While executing DELETE statement: ' . $db->lastErrorMsg());
         }
 
-        $db->query('BEGIN TRANSACTION;');
         foreach ($_POST['groups'] as $gid) {
             $stmt = $db->prepare('INSERT INTO client_by_group (client_id,group_id) VALUES(:id,:gid);');
             if (!$stmt) {
@@ -409,6 +410,8 @@ function JSON_error($message = null)
 } elseif ($_POST['action'] == 'delete_client') {
     // Delete client identified by ID
     try {
+        $db->query('BEGIN TRANSACTION;');
+
         $stmt = $db->prepare('DELETE FROM client_by_group WHERE client_id=:id');
         if (!$stmt) {
             throw new Exception('While preparing client_by_group statement: ' . $db->lastErrorMsg());
@@ -434,6 +437,7 @@ function JSON_error($message = null)
         if (!$stmt->execute()) {
             throw new Exception('While executing client statement: ' . $db->lastErrorMsg());
         }
+        $db->query('COMMIT;');
 
         $reload = true;
         JSON_success();
@@ -515,6 +519,8 @@ function JSON_error($message = null)
         $total = count($domains);
         $added = 0;
 
+        $db->query('BEGIN TRANSACTION;');
+
         // Prepare INSERT INTO statement
         $insert_stmt = $db->prepare('INSERT OR IGNORE INTO domainlist (domain,type) VALUES (:domain,:type)');
         if (!$insert_stmt) {
@@ -671,6 +677,8 @@ function JSON_error($message = null)
             $added++;
         }
 
+        $db->query('COMMIT;');
+
         $after = intval($db->querySingle("SELECT COUNT(*) FROM domainlist;"));
         $difference = $after - $before;
         if($total === 1) {
@@ -694,6 +702,8 @@ function JSON_error($message = null)
 } elseif ($_POST['action'] == 'edit_domain') {
     // Edit domain identified by ID
     try {
+        $db->query('BEGIN TRANSACTION;');
+
         $stmt = $db->prepare('UPDATE domainlist SET enabled=:enabled, comment=:comment, type=:type WHERE id = :id');
         if (!$stmt) {
             throw new Exception('While preparing statement: ' . $db->lastErrorMsg());
@@ -743,7 +753,6 @@ function JSON_error($message = null)
                 throw new Exception('While executing DELETE statement: ' . $db->lastErrorMsg());
             }
 
-            $db->query('BEGIN TRANSACTION;');
             foreach ($_POST['groups'] as $gid) {
                 $stmt = $db->prepare('INSERT INTO domainlist_by_group (domainlist_id,group_id) VALUES(:id,:gid);');
                 if (!$stmt) {
@@ -773,6 +782,8 @@ function JSON_error($message = null)
 } elseif ($_POST['action'] == 'delete_domain') {
     // Delete domain identified by ID
     try {
+        $db->query('BEGIN TRANSACTION;');
+
         $stmt = $db->prepare('DELETE FROM domainlist_by_group WHERE domainlist_id=:id');
         if (!$stmt) {
             throw new Exception('While preparing domainlist_by_group statement: ' . $db->lastErrorMsg());
@@ -799,6 +810,8 @@ function JSON_error($message = null)
             throw new Exception('While executing domainlist statement: ' . $db->lastErrorMsg());
         }
 
+        $db->query('COMMIT;');
+
         $reload = true;
         JSON_success();
     } catch (\Exception $ex) {
@@ -807,6 +820,8 @@ function JSON_error($message = null)
 }  elseif ($_POST['action'] == 'delete_domain_string') {
     // Delete domain identified by the domain string itself
     try {
+        $db->query('BEGIN TRANSACTION;');
+
         $stmt = $db->prepare('DELETE FROM domainlist_by_group WHERE domainlist_id=(SELECT id FROM domainlist WHERE domain=:domain AND type=:type);');
         if (!$stmt) {
             throw new Exception('While preparing domainlist_by_group statement: ' . $db->lastErrorMsg());
@@ -841,6 +856,8 @@ function JSON_error($message = null)
             throw new Exception('While executing domainlist statement: ' . $db->lastErrorMsg());
         }
 
+        $db->query('COMMIT;');
+
         $reload = true;
         JSON_success();
     } catch (\Exception $ex) {
@@ -877,6 +894,8 @@ function JSON_error($message = null)
 } elseif ($_POST['action'] == 'add_adlist') {
     // Add new adlist
     try {
+        $db->query('BEGIN TRANSACTION;');
+
         $addresses = explode(' ', html_entity_decode(trim($_POST['address'])));
         $total = count($addresses);
         $added = 0;
@@ -918,6 +937,8 @@ function JSON_error($message = null)
             $added++;
         }
 
+        $db->query('COMMIT;');
+
         $reload = true;
         JSON_success();
     } catch (\Exception $ex) {
@@ -926,6 +947,8 @@ function JSON_error($message = null)
 } elseif ($_POST['action'] == 'edit_adlist') {
     // Edit adlist identified by ID
     try {
+        $db->query('BEGIN TRANSACTION;');
+
         $stmt = $db->prepare('UPDATE adlist SET enabled=:enabled, comment=:comment WHERE id = :id');
         if (!$stmt) {
             throw new Exception('While preparing statement: ' . $db->lastErrorMsg());
@@ -970,7 +993,6 @@ function JSON_error($message = null)
             throw new Exception('While executing DELETE statement: ' . $db->lastErrorMsg());
         }
 
-        $db->query('BEGIN TRANSACTION;');
         foreach ($_POST['groups'] as $gid) {
             $stmt = $db->prepare('INSERT INTO adlist_by_group (adlist_id,group_id) VALUES(:id,:gid);');
             if (!$stmt) {
@@ -989,6 +1011,7 @@ function JSON_error($message = null)
                 throw new Exception('While executing INSERT INTO statement: ' . $db->lastErrorMsg());
             }
         }
+
         $db->query('COMMIT;');
 
         $reload = true;
@@ -999,6 +1022,8 @@ function JSON_error($message = null)
 } elseif ($_POST['action'] == 'delete_adlist') {
     // Delete adlist identified by ID
     try {
+        $db->query('BEGIN TRANSACTION;');
+
         $stmt = $db->prepare('DELETE FROM adlist_by_group WHERE adlist_id=:id');
         if (!$stmt) {
             throw new Exception('While preparing adlist_by_group statement: ' . $db->lastErrorMsg());
@@ -1025,6 +1050,8 @@ function JSON_error($message = null)
             throw new Exception('While executing adlist statement: ' . $db->lastErrorMsg());
         }
 
+        $db->query('COMMIT;');
+
         $reload = true;
         JSON_success();
     } catch (\Exception $ex) {
@@ -1037,6 +1064,9 @@ function JSON_error($message = null)
             $before = intval($db->querySingle("SELECT COUNT(*) FROM domain_audit;"));
             $total = count($domains);
             $added = 0;
+
+            $db->query('BEGIN TRANSACTION;');
+
             $stmt = $db->prepare('REPLACE INTO domain_audit (domain) VALUES (:domain)');
             if (!$stmt) {
                 throw new Exception('While preparing statement: ' . $db->lastErrorMsg());
@@ -1060,6 +1090,8 @@ function JSON_error($message = null)
                 $added++;
             }
 
+            $db->query('COMMIT;');
+
             $after = intval($db->querySingle("SELECT COUNT(*) FROM domain_audit;"));
             $difference = $after - $before;
             if($total === 1) {
@@ -1075,7 +1107,9 @@ function JSON_error($message = null)
                         $msg = "Added " . $total . " domains";
                 }
             }
-            $reload = true;
+
+            // Reloading isn't necessary for audit domains (no effect on blocking)
+            $reload = false;
             JSON_success($msg);
         } catch (\Exception $ex) {
             JSON_error($ex->getMessage());