v5.13 Release

.codespellignore

@@ -0,0 +1,2 @@
+ede
+EDE

.editorconfig

@@ -0,0 +1,28 @@
+# EditorConfig is awesome: https://editorconfig.org/
+
+# top-most EditorConfig file
+root = true
+
+# A newline ending every file
+[*]
+insert_final_newline = true
+indent_style = space
+indent_size = 4
+charset = utf-8
+trim_trailing_whitespace = true
+
+[*.css]
+indent_style = space
+indent_size = 2
+
+[scripts/**.js]
+indent_style = space
+indent_size = 2
+
+[package.json]
+indent_style = space
+indent_size = 2
+
+[*.yml]
+indent_style = space
+indent_size = 2

.github/dependabot.yml

@@ -21,3 +21,15 @@ updates:
     versions:
     - 10.2.3
     - 10.2.4
+  reviewers:
+    - "pi-hole/web-maintainers"
+- package-ecosystem: github-actions
+  directory: "/"
+  schedule:
+    interval: weekly
+    day: saturday
+    time: "10:00"
+  open-pull-requests-limit: 10
+  target-branch: devel
+  reviewers:
+    - "pi-hole/web-maintainers"

.github/workflows/codespell.yml

@@ -0,0 +1,20 @@
+name: Codespell
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened, ready_for_review]
+
+jobs:
+  spell-check:
+    if: github.event.pull_request.draft == false
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout repository
+        uses: actions/checkout@v3
+      -
+        name: Spell-Checking
+        uses: codespell-project/actions-codespell@master
+        with:
+          ignore_words_file: .codespellignore
+          skip: ./scripts/vendor,./style/vendor

.github/workflows/editorconfig-checker

@@ -0,0 +1,14 @@
+name: editorconfig-checker
+
+on:
+    pull_request:
+    push:
+
+jobs:
+    build:
+      name: editorconfig-checker
+      runs-on: ubuntu-20.04
+      steps:
+        - uses: actions/checkout@v3
+        - uses: editorconfig-checker/action-editorconfig-checker@main
+        - run: editorconfig-checker

.github/workflows/stale.yml

@@ -2,7 +2,7 @@ name: Mark stale issues
 
 on:
   schedule:
-  - cron: '0 * * * *'
+    - cron: '0 8 * * *'
   workflow_dispatch:
 
 jobs:
@@ -23,4 +23,4 @@ jobs:
         exempt-issue-labels: 'internal, Fixed In Next Release, Bug'
         exempt-all-issue-assignees: true
         operations-per-run: 300
-        stale-issue-reason: 'not_planned'
+        close-issue-reason: 'not_planned'

.github/workflows/test.yml

@@ -24,7 +24,7 @@ jobs:
       - name: Set up Node.js
         uses: actions/setup-node@v2
         with:
-          node-version: "14.x"
+          node-version: "16.x"
           cache: npm
 
       - name: Install npm dependencies

.stickler.yml

@@ -0,0 +1,9 @@
+---
+linters:
+  yamllint:
+    config: ./.yamllint.conf
+  remarklint:
+files:
+  ignore:
+    - 'scripts/vendor/*'
+    - 'style/vendor/*'

.yamllint.conf

@@ -0,0 +1,3 @@
+rules:
+  line-length: disable
+  document-start: disable

api_FTL.php

@@ -64,7 +64,7 @@
 }
 
 if (isset($_GET["getMaxlogage"]) && $auth) {
-    $return = callFTLAPI("stats");
+    $return = callFTLAPI("maxlogage");
     if (array_key_exists("FTLnotrunning", $return)) {
       $data = array("FTLnotrunning" => true);
     } else {
@@ -306,6 +306,9 @@
     if (array_key_exists("FTLnotrunning", $return)) {
       $data = array("FTLnotrunning" => true);
     } else {
+      // Set the header
+      header('Content-type: application/json');
+
       // Start the JSON string
       echo '{"data":[';
       $first = true;

api_db.php

@@ -64,7 +64,20 @@
 	{
 		$from = intval($_GET["from"]);
 		$until = intval($_GET["until"]);
-		$dbquery = "SELECT timestamp, type, domain, client, status, forward FROM queries WHERE timestamp >= :from AND timestamp <= :until ";
+
+		// Use table "query_storage"
+		//   - replace domain ID with domain
+		//   - replace client ID with client name
+		//   - replace forward ID with forward destination
+		$dbquery = "SELECT timestamp, type,";
+		$dbquery .= " CASE typeof(domain) WHEN 'integer' THEN (SELECT domain FROM domain_by_id d WHERE d.id = q.domain) ELSE domain END domain,";
+		$dbquery .= " CASE typeof(client) WHEN 'integer' THEN (";
+		$dbquery .= "   SELECT CASE TRIM(name) WHEN '' THEN c.ip ELSE c.name END name FROM client_by_id c WHERE c.id = q.client";
+		$dbquery .= " ) ELSE client END client,";
+		$dbquery .= " CASE typeof(forward) WHEN 'integer' THEN (SELECT forward FROM forward_by_id f WHERE f.id = q.forward) ELSE forward END forward,";
+		$dbquery .= " status, reply_type, reply_time, dnssec";
+		$dbquery .= " FROM query_storage q";
+		$dbquery .= " WHERE timestamp >= :from AND timestamp <= :until ";
 		if(isset($_GET["types"]))
 		{
 			$types = $_GET["types"];
@@ -93,22 +106,28 @@
 
 		if (!is_bool($results)) {
 			$first = true;
-			while ($row = $results->fetchArray()) {
+			while ($row = $results->fetchArray(SQLITE3_ASSOC)) {
 				// Insert a comma before the next record (except on the first one)
 				if (!$first) {
 					echo ",";
 				} else {
 					$first = false;
 				}
 
-				// Convert query type ID to name, encode domain, encode destination
-				$query_type = getQueryTypeStr($row[1]);
-				$domain = utf8_encode(str_replace("~"," ",$row[2]));
-				$destination = utf8_encode($row[5]);
+				// Format, encode, transform each field (if necessary).
+				$time = $row["timestamp"];
+				$query_type = getQueryTypeStr($row["type"]); // Convert query type ID to name
+				$domain = utf8_encode(str_replace("~"," ",$row["domain"]));
+				$client = $row["client"];
+				$status = $row["status"];
+				$destination = utf8_encode($row["forward"]);
+				$reply_type = $row["reply_type"];
+				$reply_time = $row["reply_time"];
+				$dnssec = $row["dnssec"];
+				$client_id = $row["client_id"];
 
 				// Insert into array and output it in JSON format
-				// array:         time     type         domain   client   status   upstream destination
-				echo json_encode([$row[0], $query_type, $domain, $row[3], $row[4], $destination]);
+				echo json_encode([$time, $query_type, $domain, $client, $status, $destination, $reply_type, $reply_time, $dnssec]);
 			}
 		}
 
@@ -139,7 +158,11 @@
 	{
 		$limit = "WHERE timestamp <= :until";
 	}
-	$stmt = $db->prepare('SELECT client,count(client) FROM queries '.$limit.' GROUP by client order by count(client) desc limit 20');
+    $dbquery = "SELECT CASE typeof(client) WHEN 'integer' THEN (";
+    $dbquery .= " SELECT CASE TRIM(name) WHEN '' THEN c.ip ELSE c.name END name FROM client_by_id c WHERE c.id = q.client)";
+    $dbquery .= " ELSE client END client, count(client) FROM query_storage q ".$limit." GROUP BY client ORDER BY count(client) DESC LIMIT 20";
+
+	$stmt = $db->prepare($dbquery);
 	$stmt->bindValue(":from", intval($_GET['from']), SQLITE3_INTEGER);
 	$stmt->bindValue(":until", intval($_GET['until']), SQLITE3_INTEGER);
 	$results = $stmt->execute();
@@ -384,7 +407,7 @@ function parseDBData($results, $interval, $from, $until) {
 	$data = array_merge($data, $result);
 }
 
-if (isset($_GET['status']))
+if (isset($_GET['status']) && $auth)
 {
 	$extra = ";";
 	if(isset($_GET["ignore"]) && $_GET["ignore"] === 'DNSMASQ_WARN')

cname_records.php

@@ -1,12 +1,13 @@
-<?php /*
+<?php
+/*
 *    Pi-hole: A black hole for Internet advertisements
 *    (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 *    Network-wide ad blocking via your own hardware.
 *
 *    This file is copyright under the latest version of the EUPL.
 *    Please see LICENSE file for your rights under this license. */
-    require "scripts/pi-hole/php/header.php";
 
+require "scripts/pi-hole/php/header.php";
 ?>
 
 <!-- Title -->
@@ -50,23 +51,6 @@
     </div>
 </div>
 
-<!-- Alerts -->
-<div id="alInfo" class="alert alert-info alert-dismissible fade in" role="alert" hidden>
-    <button type="button" class="close" data-hide="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
-    Updating CNAME records...
-</div>
-<div id="alSuccess" class="alert alert-success alert-dismissible fade in" role="alert" hidden>
-    <button type="button" class="close" data-hide="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
-    Success! The list will refresh.
-</div>
-<div id="alFailure" class="alert alert-danger alert-dismissible fade in" role="alert" hidden>
-    <button type="button" class="close" data-hide="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
-    Failure! Something went wrong, see output below:<br/><br/><pre><span id="err"></span></pre>
-</div>
-<div id="alWarning" class="alert alert-warning alert-dismissible fade in" role="alert" hidden>
-    <button type="button" class="close" data-hide="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
-    At least one domain was already present, see output below:<br/><br/><pre><span id="warn"></span></pre>
-</div>
 <div class="row">
     <div class="col-md-12">
         <div class="box" id="recent-queries">

db_queries.php

@@ -56,6 +56,7 @@
                 <div class="col-md-3">
                     <div><input type="checkbox" id="type_blacklist" checked><label for="type_blacklist">Blocked: exact blacklist</label><br></div>
                     <div><input type="checkbox" id="type_regex" checked><label for="type_regex">Blocked: regex blacklist</label></div>
+                    <div><input type="checkbox" id="type_special_domain" checked><label for="type_special_domain">Blocked: special domain</label></div>
                 </div>
                 <div class="col-md-3">
                     <div><input type="checkbox" id="type_gravity_CNAME" checked><label for="type_gravity_CNAME">Blocked: gravity (CNAME)</label><br></div>
@@ -179,6 +180,7 @@
                         <th>Domain</th>
                         <th>Client</th>
                         <th>Status</th>
+                        <th>Reply</th>
                         <th>Action</th>
                     </tr>
                 </thead>
@@ -189,6 +191,7 @@
                         <th>Domain</th>
                         <th>Client</th>
                         <th>Status</th>
+                        <th>Reply</th>
                         <th>Action</th>
                     </tr>
                 </tfoot>

debug.php

@@ -13,7 +13,7 @@
 </div>
 <div>
     <input type="checkbox" id="upload">
-    <label for="upload">Upload debug log and provide token once finished</label>
+    <label for="upload">Upload debug log and provide token (shown at the end of the report) once finished</label>
 </div>
 <p>Once you click this button a debug log will be generated and can automatically be uploaded if we detect a working internet connection.</p>
 <button type="button" id="debugBtn" class="btn btn-lg btn-primary btn-block">Generate debug log</button>

dns_records.php

@@ -1,12 +1,13 @@
-<?php /*
+<?php
+/*
 *    Pi-hole: A black hole for Internet advertisements
 *    (c) 2017 Pi-hole, LLC (https://pi-hole.net)
 *    Network-wide ad blocking via your own hardware.
 *
 *    This file is copyright under the latest version of the EUPL.
 *    Please see LICENSE file for your rights under this license. */
-    require "scripts/pi-hole/php/header.php";
 
+require "scripts/pi-hole/php/header.php";
 ?>
 
 <!-- Title -->
@@ -54,23 +55,6 @@
     </div>
 </div>
 
-<!-- Alerts -->
-<div id="alInfo" class="alert alert-info alert-dismissible fade in" role="alert" hidden>
-    <button type="button" class="close" data-hide="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
-    Updating the custom DNS entries...
-</div>
-<div id="alSuccess" class="alert alert-success alert-dismissible fade in" role="alert" hidden>
-    <button type="button" class="close" data-hide="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
-    Success! The list will refresh.
-</div>
-<div id="alFailure" class="alert alert-danger alert-dismissible fade in" role="alert" hidden>
-    <button type="button" class="close" data-hide="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
-    Failure! Something went wrong, see output below:<br/><br/><pre><span id="err"></span></pre>
-</div>
-<div id="alWarning" class="alert alert-warning alert-dismissible fade in" role="alert" hidden>
-    <button type="button" class="close" data-hide="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button>
-    At least one domain was already present, see output below:<br/><br/><pre><span id="warn"></span></pre>
-</div>
 <div class="row">
     <div class="col-md-12">
         <div class="box" id="recent-queries">

groups-adlists.php

@@ -63,6 +63,7 @@
                     <tr>
                         <th>ID</th>
                         <th></th>
+                        <th class="no-padding"></th>
                         <th>Address</th>
                         <th>Status</th>
                         <th>Comment</th>

groups-clients.php

@@ -70,6 +70,7 @@
                     <thead>
                     <tr>
                         <th>ID</th>
+                        <th></th>
                         <th title="Acceptable values are: IP address, subnet (CIDR notation), MAC address (AA:BB:CC:DD:EE:FF format) or host names.">Client</th>
                         <th>Comment</th>
                         <th>Group assignment</th>

groups-domains.php

@@ -48,7 +48,8 @@
                                 <div class="col-md-6">
                                     <div class="form-group">
                                         <label for="new_domain">Domain:</label>
-                                            <input id="new_domain" type="url" class="form-control active" placeholder="Domain to be added" autocomplete="off" spellcheck="false" autocapitalize="none" autocorrect="off">
+                                        <input id="new_domain" type="url" class="form-control active" placeholder="Domain to be added" autocomplete="off" spellcheck="false" autocapitalize="none" autocorrect="off">
+                                        <div id="suggest_domains" class="table-responsive no-border"></div>
                                     </div>
                                 </div>
                                 <div class="col-md-6 form-group">
@@ -88,6 +89,16 @@
                         </div>
                     </div>
                 </div>
+                <div>
+                    <p><strong>Note:</strong><br>
+                       The domain or regex filter will be automatically assigned to the Default Group.<br>
+                       Other groups can optionally be assigned
+                       <?php if ($type === "white" || $type === "black") { ?>
+                       within <a href="groups-domains.php">Group Management > Domains</a>.
+                       <?php } else {?>
+                       in the list below (using <b>Group assignment</b>).
+                       <?php } ?></p>
+                </div>
                 <div class="btn-toolbar pull-right" role="toolbar" aria-label="Toolbar with buttons">
                     <?php if ( $type !== "white" ) { ?>
                     <div class="btn-group" role="group" aria-label="Third group">
@@ -121,6 +132,7 @@
                     <thead>
                     <tr>
                         <th>ID</th>
+                        <th></th>
                         <th>Domain/RegEx</th>
                         <th>Type</th>
                         <th>Status</th>

groups.php

@@ -61,6 +61,7 @@
                     <thead>
                     <tr>
                         <th>ID</th>
+                        <th></th>
                         <th>Name</th>
                         <th>Status</th>
                         <th>Description</th>