Undefined var & 404 -> 403
PSM_CRON_ALLOW was undefined. Added defined check. Changed 404 to 403 message. Added support for php5.pull/612/merge
parent
93b324f178
commit
fc84c06813
|
@ -30,11 +30,20 @@ require_once __DIR__ . '/../src/bootstrap.php';
|
|||
|
||||
if(!psm_is_cli()) {
|
||||
// check if it's an allowed host
|
||||
$allow = PSM_CRON_ALLOW;
|
||||
if(!in_array($_SERVER['REMOTE_ADDR'], $allow) && !in_array($_SERVER["HTTP_X_FORWARDED_FOR"], $allow)) {
|
||||
header('HTTP/1.0 404 Not Found');
|
||||
die('<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /cron/status.cron.php was not found on this server.</p></body></html>');
|
||||
if(!isset($_SERVER["HTTP_X_FORWARDED_FOR"])){
|
||||
$_SERVER["HTTP_X_FORWARDED_FOR"] = "";
|
||||
}
|
||||
|
||||
// define won't accept array before php 7.0.0
|
||||
// check if data is serialized (not needed when using php 7.0.0 and higher)
|
||||
$data = @unserialize(PSM_CRON_ALLOW);
|
||||
$allow = $data === false ? PSM_CRON_ALLOW : $data;
|
||||
|
||||
if(!in_array($_SERVER['REMOTE_ADDR'], $allow) && !in_array($_SERVER["HTTP_X_FORWARDED_FOR"], $allow)) {
|
||||
header('HTTP/1.0 403 Forbidden');
|
||||
die('<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>IP address not allowed. See the <a href="http://docs.phpservermonitor.org/en/latest/install.html#cronjob-over-web">documentation</a> for more info.</p></body></html>');
|
||||
}
|
||||
echo "OK";
|
||||
}
|
||||
|
||||
$cron_timeout = PSM_CRON_TIMEOUT;
|
||||
|
|
|
@ -122,7 +122,20 @@ If you're work with cPanel you can follow these steps:
|
|||
- Type `php /home2/<Type here your cPanel username>/public_html/phpservermon/cron/status.cron.php` in the command field
|
||||
|
||||
4. Submit
|
||||
|
||||
|
||||
Cronjob over web
|
||||
----------------
|
||||
To allow scheduled status updates over the web, the commandline check is extended with a check on allowed IP address(es).
|
||||
|
||||
In config.php add following line::
|
||||
|
||||
// PHP 7.0.0 and higher
|
||||
define('PSM_CRON_ALLOW', array("xxx.xxx.xxx.xxx", "yyy.yyy.yyy.yyy", "zzz.zzz.zzz.zzz"));
|
||||
// lower versions
|
||||
define('PSM_CRON_ALLOW', serialize(array("xxx.xxx.xxx.xxx", "yyy.yyy.yyy.yyy", "zzz.zzz.zzz.zzz")));
|
||||
|
||||
After that, you can hit the url http(s)://"yourmonitor.com"/cron/status.cron.php over the web from your allowed IP.
|
||||
|
||||
|
||||
Troubleshooting
|
||||
+++++++++++++++
|
||||
|
@ -130,4 +143,4 @@ Troubleshooting
|
|||
If you have problems setting up or accessing your monitor and do not know why, enable debug mode to turn on error reporting.
|
||||
To enable debug mode, add the following line to your config.php file::
|
||||
|
||||
define('PSM_DEBUG', true);
|
||||
define('PSM_DEBUG', true);
|
||||
|
|
|
@ -58,6 +58,12 @@ if(PSM_DEBUG) {
|
|||
ini_set('display_errors', 0);
|
||||
}
|
||||
|
||||
// check for a cron allowed ip array
|
||||
if(!defined('PSM_CRON_ALLOW')) {
|
||||
//serialize for php version lower than 7.0.0
|
||||
define('PSM_CRON_ALLOW', serialize(array()));
|
||||
}
|
||||
|
||||
$vendor_autoload = PSM_PATH_SRC . '..' . DIRECTORY_SEPARATOR . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php';
|
||||
if(!file_exists($vendor_autoload)) {
|
||||
die('No dependencies found in vendor dir. Did you install the dependencies? Please run "php composer.phar install".');
|
||||
|
|
Loading…
Reference in New Issue