speedtest/results/stats.php

<?php
session_start();
error_reporting(0);

require 'telemetry_settings.php';
require_once 'telemetry_db.php';

header('Content-Type: text/html; charset=utf-8');
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
?>
<!DOCTYPE html>
<html>
    <head>
        <title>LibreSpeed - Stats</title>
        <style type="text/css">
            html,body{
                margin:0;
                padding:0;
                border:none;
                width:100%; min-height:100%;
            }
            html{
                background-color: hsl(198,72%,35%);
                font-family: "Segoe UI","Roboto",sans-serif;
            }
            body{
                background-color:#FFFFFF;
                box-sizing:border-box;
                width:100%;
                max-width:70em;
                margin:4em auto;
                box-shadow:0 1em 6em #00000080;
                padding:1em 1em 4em 1em;
                border-radius:0.4em;
            }
            h1,h2,h3,h4,h5,h6{
                font-weight:300;
                margin-bottom: 0.1em;
            }
            h1{
                text-align:center;
            }
            table{
                margin:2em 0;
                width:100%;
            }
            table, tr, th, td {
                border: 1px solid #AAAAAA;
            }
            th {
                width: 6em;
            }
            td {
                word-break: break-all;
            }
            div {
                margin: 1em 0;
            }
        </style>
    </head>
    <body>
        <h1>LibreSpeed - Stats</h1>
        <?php
        if (!isset($stats_password) || $stats_password === 'PASSWORD') {
            ?>
                Please set $stats_password in telemetry_settings.php to enable access.
            <?php
        } elseif ($_SESSION['logged'] === true) {
            if ($_GET['op'] === 'logout') {
                $_SESSION['logged'] = false;
                ?><script type="text/javascript">window.location=location.protocol+"//"+location.host+location.pathname;</script><?php
            } else {
                ?>
                <form action="stats.php" method="GET"><input type="hidden" name="op" value="logout" /><input type="submit" value="Logout" /></form>
                <form action="stats.php" method="GET">
                    <h3>Search test results</h3>
                    <input type="hidden" name="op" value="id" />
                    <input type="text" name="id" id="id" placeholder="Test ID" value=""/>
                    <input type="submit" value="Find" />
                    <input type="submit" onclick="document.getElementById('id').value=''" value="Show last 100 tests" />
                </form>
                <?php
                if ($_GET['op'] === 'id' && !empty($_GET['id'])) {
                    $speedtest = getSpeedtestUserById($_GET['id']);
                    $speedtests = [];
                    if (false === $speedtest) {
                        echo '<div>There was an error trying to fetch the speedtest result for ID "'.htmlspecialchars($_GET['id'], ENT_HTML5, 'UTF-8').'".</div>';
                    } elseif (null === $speedtest) {
                        echo '<div>Could not find a speedtest result for ID "'.htmlspecialchars($_GET['id'], ENT_HTML5, 'UTF-8').'".</div>';
                    } else {
                        $speedtests = [$speedtest];
                    }
                } else {
                    $speedtests = getLatestSpeedtestUsers();
                    if (false === $speedtests) {
                        echo '<div>There was an error trying to fetch latest speedtest results.</div>';
                    } elseif (empty($speedtests)) {
                        echo '<div>Could not find any speedtest results in database.</div>';
                    }
                }
                foreach ($speedtests as $speedtest) {
                    ?>
                    <table>
                        <tr>
                            <th>Test ID</th>
                            <td><?= htmlspecialchars($speedtest['id_formatted'], ENT_HTML5, 'UTF-8') ?></td>
                        </tr>
                        <tr>
                            <th>Date and time</th>
                            <td><?= htmlspecialchars($speedtest['timestamp'], ENT_HTML5, 'UTF-8') ?></td>
                        </tr>
                        <tr>
                            <th>IP and ISP Info</th>
                            <td>
                                <?= htmlspecialchars($speedtest['ip'], ENT_HTML5, 'UTF-8') ?><br/>
                                <?= htmlspecialchars($speedtest['ispinfo'], ENT_HTML5, 'UTF-8') ?>
                            </td>
                        </tr>
                        <tr>
                            <th>User agent and locale</th>
                            <td><?= htmlspecialchars($speedtest['ua'], ENT_HTML5, 'UTF-8') ?><br/>
                                <?= htmlspecialchars($speedtest['lang'], ENT_HTML5, 'UTF-8') ?>
                            </td>
                        </tr>
                        <tr>
                            <th>Download speed</th>
                            <td><?= htmlspecialchars($speedtest['dl'], ENT_HTML5, 'UTF-8') ?></td>
                        </tr>
                        <tr>
                            <th>Upload speed</th>
                            <td><?= htmlspecialchars($speedtest['ul'], ENT_HTML5, 'UTF-8') ?></td>
                        </tr>
                        <tr>
                            <th>Ping</th>
                            <td><?= htmlspecialchars($speedtest['ping'], ENT_HTML5, 'UTF-8') ?></td>
                        </tr>
                        <tr>
                            <th>Jitter</th>
                            <td><?= htmlspecialchars($speedtest['jitter'], ENT_HTML5, 'UTF-8') ?></td>
                        </tr>
                        <tr>
                            <th>Log</th>
                            <td><?= htmlspecialchars($speedtest['log'], ENT_HTML5, 'UTF-8') ?></td>
                        </tr>
                        <tr>
                            <th>Extra info</th>
                            <td><?= htmlspecialchars($speedtest['extra'], ENT_HTML5, 'UTF-8') ?></td>
                        </tr>
                    </table>
                    <?php
                }
            }
        } elseif ($_GET['op'] === 'login' && $_POST['password'] === $stats_password) {
            $_SESSION['logged'] = true;
            ?><script type="text/javascript">window.location=location.protocol+"//"+location.host+location.pathname;</script><?php
        } else {
            ?>
            <form action="stats.php?op=login" method="POST">
                <h3>Login</h3>
                <input type="password" name="password" placeholder="Password" value=""/>
                <input type="submit" value="Login" />
            </form>
            <?php
        }
        ?>
    </body>
</html>
Added test result sharing; Added stats page; Improved project structure; Minor bug fixes 2018-08-06 16:15:32 +00:00			`<?php`
			`session_start();`
			`error_reporting(0);`
Refactor `results/` PHP code (#369) * put code to insert and query data from database into separate file * simplify obfuscation salt file handling * use new DB interaction functions in telemetry.php * use new DB interaction functions in stats.php and fix indentation levels * format telemetry settings file * use new function for interacting with DB in index.php * move drawing of the image into function and try to comment each section with what it does * reorder lines for parts of the image to align with the order they appear on the image * bugfix: display obfuscated and deobfuscated id in stats if id obfuscation is enabled * improve error handling * add missing PHPDocs to functions * imageftbbox returns an array on success and false on failure so to check if the font is usable, check if we got an array * fix dsn for postgres * fix limit sql statement for postgresql * remove obsolete require statement * use require instead of require_once since the settings file might need to be loaded multiple times because it just contains plain variables which will just get loaded into the current scope * move require statements to the top of the file * make sure files are readable before requiring them * add constant to refer to the telemetry settings file and check if it is readable before loading it * return null if no speedtest result was found for the given id and show according message to the user instead of just exiting * use existing constant instead of string for telemetry settings file name * uniformly use single quotes instead of double quotes as most code places already used single quotes * somehow some tabs sneaked in, replace them to uniformly use spaces * mysql now uses pdo, too, reflect that in the requirements documentation * pass username and password as constructor parameters instead of via DSN 2020-10-20 05:43:48 +00:00
			`require 'telemetry_settings.php';`
			`require_once 'telemetry_db.php';`

Added test result sharing; Added stats page; Improved project structure; Minor bug fixes 2018-08-06 16:15:32 +00:00			`header('Content-Type: text/html; charset=utf-8');`
Major project restructuring and unification with mpot branch 2019-06-30 05:03:06 +00:00			`header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0');`
			`header('Cache-Control: post-check=0, pre-check=0', false);`
			`header('Pragma: no-cache');`
Added test result sharing; Added stats page; Improved project structure; Minor bug fixes 2018-08-06 16:15:32 +00:00			`?>`
			`<!DOCTYPE html>`
			`<html>`
Refactor `results/` PHP code (#369) * put code to insert and query data from database into separate file * simplify obfuscation salt file handling * use new DB interaction functions in telemetry.php * use new DB interaction functions in stats.php and fix indentation levels * format telemetry settings file * use new function for interacting with DB in index.php * move drawing of the image into function and try to comment each section with what it does * reorder lines for parts of the image to align with the order they appear on the image * bugfix: display obfuscated and deobfuscated id in stats if id obfuscation is enabled * improve error handling * add missing PHPDocs to functions * imageftbbox returns an array on success and false on failure so to check if the font is usable, check if we got an array * fix dsn for postgres * fix limit sql statement for postgresql * remove obsolete require statement * use require instead of require_once since the settings file might need to be loaded multiple times because it just contains plain variables which will just get loaded into the current scope * move require statements to the top of the file * make sure files are readable before requiring them * add constant to refer to the telemetry settings file and check if it is readable before loading it * return null if no speedtest result was found for the given id and show according message to the user instead of just exiting * use existing constant instead of string for telemetry settings file name * uniformly use single quotes instead of double quotes as most code places already used single quotes * somehow some tabs sneaked in, replace them to uniformly use spaces * mysql now uses pdo, too, reflect that in the requirements documentation * pass username and password as constructor parameters instead of via DSN 2020-10-20 05:43:48 +00:00			`<head>`
			`<title>LibreSpeed - Stats</title>`
			`<style type="text/css">`
			`html,body{`
			`margin:0;`
			`padding:0;`
			`border:none;`
			`width:100%; min-height:100%;`
			`}`
			`html{`
			`background-color: hsl(198,72%,35%);`
			`font-family: "Segoe UI","Roboto",sans-serif;`
			`}`
			`body{`
			`background-color:#FFFFFF;`
			`box-sizing:border-box;`
			`width:100%;`
			`max-width:70em;`
			`margin:4em auto;`
			`box-shadow:0 1em 6em #00000080;`
			`padding:1em 1em 4em 1em;`
			`border-radius:0.4em;`
			`}`
			`h1,h2,h3,h4,h5,h6{`
			`font-weight:300;`
			`margin-bottom: 0.1em;`
			`}`
			`h1{`
			`text-align:center;`
			`}`
			`table{`
			`margin:2em 0;`
			`width:100%;`
			`}`
			`table, tr, th, td {`
			`border: 1px solid #AAAAAA;`
			`}`
			`th {`
			`width: 6em;`
			`}`
			`td {`
			`word-break: break-all;`
			`}`
			`div {`
			`margin: 1em 0;`
			`}`
			`</style>`
			`</head>`
			`<body>`
			`<h1>LibreSpeed - Stats</h1>`
			`<?php`
			`if (!isset($stats_password) \|\| $stats_password === 'PASSWORD') {`
			`?>`
			`Please set $stats_password in telemetry_settings.php to enable access.`
			`<?php`
			`} elseif ($_SESSION['logged'] === true) {`
			`if ($_GET['op'] === 'logout') {`
			`$_SESSION['logged'] = false;`
			`?><script type="text/javascript">window.location=location.protocol+"//"+location.host+location.pathname;</script><?php`
			`} else {`
			`?>`
			`<form action="stats.php" method="GET"><input type="hidden" name="op" value="logout" /><input type="submit" value="Logout" /></form>`
			`<form action="stats.php" method="GET">`
			`<h3>Search test results</h3>`
			`<input type="hidden" name="op" value="id" />`
			`<input type="text" name="id" id="id" placeholder="Test ID" value=""/>`
			`<input type="submit" value="Find" />`
			`<input type="submit" onclick="document.getElementById('id').value=''" value="Show last 100 tests" />`
			`</form>`
			`<?php`
			`if ($_GET['op'] === 'id' && !empty($_GET['id'])) {`
			`$speedtest = getSpeedtestUserById($_GET['id']);`
			`$speedtests = [];`
			`if (false === $speedtest) {`
Fixed minor vulnerability in stats.php 2022-01-03 15:30:39 +00:00			`echo '<div>There was an error trying to fetch the speedtest result for ID "'.htmlspecialchars($_GET['id'], ENT_HTML5, 'UTF-8').'".</div>';`
Refactor `results/` PHP code (#369) * put code to insert and query data from database into separate file * simplify obfuscation salt file handling * use new DB interaction functions in telemetry.php * use new DB interaction functions in stats.php and fix indentation levels * format telemetry settings file * use new function for interacting with DB in index.php * move drawing of the image into function and try to comment each section with what it does * reorder lines for parts of the image to align with the order they appear on the image * bugfix: display obfuscated and deobfuscated id in stats if id obfuscation is enabled * improve error handling * add missing PHPDocs to functions * imageftbbox returns an array on success and false on failure so to check if the font is usable, check if we got an array * fix dsn for postgres * fix limit sql statement for postgresql * remove obsolete require statement * use require instead of require_once since the settings file might need to be loaded multiple times because it just contains plain variables which will just get loaded into the current scope * move require statements to the top of the file * make sure files are readable before requiring them * add constant to refer to the telemetry settings file and check if it is readable before loading it * return null if no speedtest result was found for the given id and show according message to the user instead of just exiting * use existing constant instead of string for telemetry settings file name * uniformly use single quotes instead of double quotes as most code places already used single quotes * somehow some tabs sneaked in, replace them to uniformly use spaces * mysql now uses pdo, too, reflect that in the requirements documentation * pass username and password as constructor parameters instead of via DSN 2020-10-20 05:43:48 +00:00			`} elseif (null === $speedtest) {`
Fixed minor vulnerability in stats.php 2022-01-03 15:30:39 +00:00			`echo '<div>Could not find a speedtest result for ID "'.htmlspecialchars($_GET['id'], ENT_HTML5, 'UTF-8').'".</div>';`
Refactor `results/` PHP code (#369) * put code to insert and query data from database into separate file * simplify obfuscation salt file handling * use new DB interaction functions in telemetry.php * use new DB interaction functions in stats.php and fix indentation levels * format telemetry settings file * use new function for interacting with DB in index.php * move drawing of the image into function and try to comment each section with what it does * reorder lines for parts of the image to align with the order they appear on the image * bugfix: display obfuscated and deobfuscated id in stats if id obfuscation is enabled * improve error handling * add missing PHPDocs to functions * imageftbbox returns an array on success and false on failure so to check if the font is usable, check if we got an array * fix dsn for postgres * fix limit sql statement for postgresql * remove obsolete require statement * use require instead of require_once since the settings file might need to be loaded multiple times because it just contains plain variables which will just get loaded into the current scope * move require statements to the top of the file * make sure files are readable before requiring them * add constant to refer to the telemetry settings file and check if it is readable before loading it * return null if no speedtest result was found for the given id and show according message to the user instead of just exiting * use existing constant instead of string for telemetry settings file name * uniformly use single quotes instead of double quotes as most code places already used single quotes * somehow some tabs sneaked in, replace them to uniformly use spaces * mysql now uses pdo, too, reflect that in the requirements documentation * pass username and password as constructor parameters instead of via DSN 2020-10-20 05:43:48 +00:00			`} else {`
			`$speedtests = [$speedtest];`
			`}`
			`} else {`
			`$speedtests = getLatestSpeedtestUsers();`
			`if (false === $speedtests) {`
			`echo '<div>There was an error trying to fetch latest speedtest results.</div>';`
			`} elseif (empty($speedtests)) {`
			`echo '<div>Could not find any speedtest results in database.</div>';`
			`}`
			`}`
			`foreach ($speedtests as $speedtest) {`
			`?>`
			`<table>`
			`<tr>`
			`<th>Test ID</th>`
			`<td><?= htmlspecialchars($speedtest['id_formatted'], ENT_HTML5, 'UTF-8') ?></td>`
			`</tr>`
			`<tr>`
			`<th>Date and time</th>`
			`<td><?= htmlspecialchars($speedtest['timestamp'], ENT_HTML5, 'UTF-8') ?></td>`
			`</tr>`
			`<tr>`
			`<th>IP and ISP Info</th>`
			`<td>`
			`<?= htmlspecialchars($speedtest['ip'], ENT_HTML5, 'UTF-8') ?><br/>`
			`<?= htmlspecialchars($speedtest['ispinfo'], ENT_HTML5, 'UTF-8') ?>`
			`</td>`
			`</tr>`
			`<tr>`
			`<th>User agent and locale</th>`
			`<td><?= htmlspecialchars($speedtest['ua'], ENT_HTML5, 'UTF-8') ?><br/>`
			`<?= htmlspecialchars($speedtest['lang'], ENT_HTML5, 'UTF-8') ?>`
			`</td>`
			`</tr>`
			`<tr>`
			`<th>Download speed</th>`
			`<td><?= htmlspecialchars($speedtest['dl'], ENT_HTML5, 'UTF-8') ?></td>`
			`</tr>`
			`<tr>`
			`<th>Upload speed</th>`
			`<td><?= htmlspecialchars($speedtest['ul'], ENT_HTML5, 'UTF-8') ?></td>`
			`</tr>`
			`<tr>`
			`<th>Ping</th>`
			`<td><?= htmlspecialchars($speedtest['ping'], ENT_HTML5, 'UTF-8') ?></td>`
			`</tr>`
			`<tr>`
			`<th>Jitter</th>`
			`<td><?= htmlspecialchars($speedtest['jitter'], ENT_HTML5, 'UTF-8') ?></td>`
			`</tr>`
			`<tr>`
			`<th>Log</th>`
			`<td><?= htmlspecialchars($speedtest['log'], ENT_HTML5, 'UTF-8') ?></td>`
			`</tr>`
			`<tr>`
			`<th>Extra info</th>`
			`<td><?= htmlspecialchars($speedtest['extra'], ENT_HTML5, 'UTF-8') ?></td>`
			`</tr>`
			`</table>`
			`<?php`
			`}`
			`}`
			`} elseif ($_GET['op'] === 'login' && $_POST['password'] === $stats_password) {`
			`$_SESSION['logged'] = true;`
			`?><script type="text/javascript">window.location=location.protocol+"//"+location.host+location.pathname;</script><?php`
			`} else {`
			`?>`
			`<form action="stats.php?op=login" method="POST">`
			`<h3>Login</h3>`
			`<input type="password" name="password" placeholder="Password" value=""/>`
			`<input type="submit" value="Login" />`
			`</form>`
			`<?php`
			`}`
			`?>`
			`</body>`
Added test result sharing; Added stats page; Improved project structure; Minor bug fixes 2018-08-06 16:15:32 +00:00			`</html>`