forked from abrz/TwiPN
/
twipnsms.php
79 lines (71 loc) · 2.31 KB
/
twipnsms.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
<?php
include ("common.php");
$mylogsrc = LOG_SRC_TWIPNSMS;
$mylogdst = LOG_DST_SYSLOG;
$confirm = SMS_CONFIRM_DEFAULT;
$field_delim = SMS_FIELD_DELIM;
if (!is_null($people[$_REQUEST['From']])) {
$name = $people[$_REQUEST['From']];
} else {
$name = NULL;
}
$txt = $_REQUEST['Body'];
// render TwiML
header("content-type: text/xml");
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
?>
<Response>
<?php
if ($name) {
$tmp = explode($field_delim, $txt, 5);
$command = strtoupper(ltrim($tmp[0], ' '));
$ipaddr = $tmp[1];
$port = $tmp[2];
$duration = $tmp[3];
if (count($tmp) == 5) {
$confirm = strtoupper($tmp[4]);
}
// sanity check arguments before use
if (ValidCommand($command) && ValidIpAddress($ipaddr) && ValidPort($port) && ValidDuration($duration)) {
switch ($command) {
case 'O':
$output = shell_exec("sudo /usr/local/bin/iptables_wrapper_script.sh -a $ipaddr $port $duration ");
$msg = "open $ipaddr:$port for $duration minutes";
LogAction($mylogsrc, $mylogdst, "$name requested to " . $msg);
break;
case 'C':
$output = shell_exec("sudo /usr/local/bin/iptables_wrapper_script.sh -d $ipaddr $port 0 ");
$msg = "close $ipaddr:$port";
LogAction($mylogsrc, $mylogdst, "$name requested to " . $msg);
break;
case 'M':
$output = shell_exec("sudo /usr/local/bin/iptables_wrapper_script.sh -m $ipaddr 0 60 ");
$msg = "allow access to the mpd stream and control port";
LogAction($mylogsrc, $mylogdst, "$name requested to " . $msg);
break;
default:
$msg = "!! bug in command validation function? !!";
LogAction($mylogsrc, $mylogdst, $msg);
break;
}
if ($confirm == 'C') { // send confirmation SMS ?>
<Sms>TwiPN SMS API: Completed request from <?php echo $name; ?> to <?php echo $msg; ?></Sms>
</Response>
<?php
} else { ?>
</Response>
<?php
}
} else {
LogAction($mylogsrc, $mylogdst, $name . " posted a request with wrong syntax, no command was executed"); ?>
<Sms>TwiPN SMS API: request from <?php echo $name; ?> had wrong TwiPN syntax, no command was executed</Sms>
</Response>
<?php
}
} else {
LogAction($mylogsrc, $mylogdst, "Unkown phone " . $_REQUEST['From'] . " posted a request, no command was executed"); ?>
<Sms>TwiPN SMS API: This phone number is not allowed to execute commands, you may want to update the whitelist</Sms>
</Response>
<?php
}
?>