gpstools/endpoint.php

<?php

require_once("config.php");

if (!$endpoint) {
 die("Endpoint not enabled in config. You should do something about that.");
}

if (isset($_GET["lat"]) && preg_match("/^-?\d+\.\d+$/", $_GET["lat"]) && isset($_GET["lon"]) && preg_match("/^-?\d+\.\d+$/", $_GET["lon"]) && isset($_GET["device"]) ) {

    $conn = new mysqli($servername, $username, $password, $dbname);

    if ($conn->connect_error) {
        die("Connection failed: " . $conn->connect_error);
    }

    $sql = "INSERT INTO tracker (device, lat, lon) VALUES ('" . mysqli_real_escape_string($conn, $_GET['device']) . "', " . mysqli_real_escape_string($conn, $_GET['lat']) . ", " . mysqli_real_escape_string($conn, $_GET['lon']) . ");";

    if (!mysqli_query($conn, $sql)) {
        die('Error: ' . mysqli_error($conn));
    }

    mysqli_close($conn);

    echo "OK";

} elseif (isset($_GET["tracker"])) {

    echo "OK";

} else {

    header('HTTP/1.0 400 Bad Request');
    echo 'This is an endpoint for compatible GPS trackers only.';

}
Inital stuff 2016-01-15 07:11:36 +00:00			`<?php`

			`require_once("config.php");`

Added vars to enable/disable endpoint.php and newly added (now blank) location.php to config(.dist).php 2016-08-14 21:58:17 +00:00			`if (!$endpoint) {`
Fixed syntax error in endpoint.php 2016-08-14 22:53:18 +00:00			`die("Endpoint not enabled in config. You should do something about that.");`
Added vars to enable/disable endpoint.php and newly added (now blank) location.php to config(.dist).php 2016-08-14 21:58:17 +00:00			`}`

Require device ID to be passed 2016-08-03 17:37:08 +00:00			`if (isset($_GET["lat"]) && preg_match("/^-?\d+\.\d+$/", $_GET["lat"]) && isset($_GET["lon"]) && preg_match("/^-?\d+\.\d+$/", $_GET["lon"]) && isset($_GET["device"]) ) {`
Inital stuff 2016-01-15 07:11:36 +00:00
			`$conn = new mysqli($servername, $username, $password, $dbname);`

			`if ($conn->connect_error) {`
			`die("Connection failed: " . $conn->connect_error);`
			`}`

Add missing quotes... 2016-08-05 18:26:10 +00:00			`$sql = "INSERT INTO tracker (device, lat, lon) VALUES ('" . mysqli_real_escape_string($conn, $_GET['device']) . "', " . mysqli_real_escape_string($conn, $_GET['lat']) . ", " . mysqli_real_escape_string($conn, $_GET['lon']) . ");";`
Inital stuff 2016-01-15 07:11:36 +00:00
			`if (!mysqli_query($conn, $sql)) {`
			`die('Error: ' . mysqli_error($conn));`
			`}`

			`mysqli_close($conn);`

			`echo "OK";`

			`} elseif (isset($_GET["tracker"])) {`

			`echo "OK";`

			`} else {`

			`header('HTTP/1.0 400 Bad Request');`
Make error message more general 2016-02-07 21:29:56 +00:00			`echo 'This is an endpoint for compatible GPS trackers only.';`
Inital stuff 2016-01-15 07:11:36 +00:00
			`}`