From 869ba131ef093cdc105239bd1cfb57511e48ea76 Mon Sep 17 00:00:00 2001
From: Lukas Metzger <developer@lukas-metzger.com>
Date: Sat, 26 Mar 2016 13:11:02 +0100
Subject: [PATCH] Added getIp action to remote.php

---
 api/remote.php | 73 +++++++++++++++++++++++++++-----------------------
 1 file changed, 39 insertions(+), 34 deletions(-)

diff --git a/api/remote.php b/api/remote.php
index 9bf34db..bb9db0c 100644
--- a/api/remote.php
+++ b/api/remote.php
@@ -21,43 +21,48 @@ require_once '../lib/database.php';
 require_once '../lib/update-serial.php';
 
 if(filter_input(INPUT_SERVER, "REQUEST_METHOD") == "GET") {
-    $input_domain = filter_input(INPUT_GET, "domain");
-    $input_id = filter_input(INPUT_GET, "id");
-    $input_password = filter_input(INPUT_GET, "password");
-    $input_content = filter_input(INPUT_GET, "content");
-    
-    $stmt = $db->prepare("SELECT security,record FROM remote WHERE type='password' AND id=?");
-    $stmt->bind_param("i", $input_id);
-    $stmt->execute();
-    $stmt->bind_result($passwordHash, $record);
-    $stmt->fetch();
-    $stmt->close();
-    
-    if(!password_verify($input_password, $passwordHash)) {
-        $return['status'] = "error";
-        $return['error'] = "Permission denied";
+    if(filter_input(INPUT_GET, "action") == "updateRecord") {
+        $input_domain = filter_input(INPUT_GET, "domain");
+        $input_id = filter_input(INPUT_GET, "id");
+        $input_password = filter_input(INPUT_GET, "password");
+        $input_content = filter_input(INPUT_GET, "content");
+
+        $stmt = $db->prepare("SELECT security,record FROM remote WHERE type='password' AND id=?");
+        $stmt->bind_param("i", $input_id);
+        $stmt->execute();
+        $stmt->bind_result($passwordHash, $record);
+        $stmt->fetch();
+        $stmt->close();
+
+        if(!password_verify($input_password, $passwordHash)) {
+            $return['status'] = "error";
+            $return['error'] = "Permission denied";
+            echo json_encode($return);
+            exit();
+        }
+
+        $stmt = $db->prepare("UPDATE records SET content=? WHERE name=? AND id=?");
+        $stmt->bind_param("ssi", $input_content, $input_domain, $record);
+        $stmt->execute();
+        $stmt->close();
+
+        $stmt = $db->prepare("SELECT domain_id FROM records WHERE id=?");
+        $stmt->bind_param("i",$record);
+        $stmt->execute();
+        $stmt->bind_result($domain_id);
+        $stmt->fetch();
+        $stmt->close();
+
+        update_serial($db, $domain_id);
+
+        $return['status'] = "success";
+        echo json_encode($return);
+        exit();
+    } else if(filter_input(INPUT_GET, "action") == "getIp") {
+        $return['ip'] = filter_input(INPUT_SERVER, "REMOTE_ADDR");
         echo json_encode($return);
         exit();
     }
-    
-    $stmt = $db->prepare("UPDATE records SET content=? WHERE name=? AND id=?");
-    $stmt->bind_param("ssi", $input_content, $input_domain, $record);
-    $stmt->execute();
-    $stmt->close();
-    
-    $stmt = $db->prepare("SELECT domain_id FROM records WHERE id=?");
-    $stmt->bind_param("i",$record);
-    $stmt->execute();
-    $stmt->bind_result($domain_id);
-    $stmt->fetch();
-    $stmt->close();
-    
-    update_serial($db, $domain_id);
-    
-    $return['status'] = "success";
-    echo json_encode($return);
-    exit();
-    
 } else if(filter_input(INPUT_SERVER, "REQUEST_METHOD") == "POST") {
     $input = json_decode(file_get_contents('php://input'));