Allow remote boxes to execute stuff, eventhough they don't really login

includes/config.inc.php-dist

@@ -13,6 +13,11 @@ $apisid  = '';      # PowerDNS's :server_id
 #$wefactapiurl = 'https://yourdomain/Pro/apiv2/api.php';
 #$wefactapikey = 'xyz';
 
+# If you want external scripts to be able to execute stuff here, add the
+# remote-ip to $adminapiips and create a $adminapikey
+#$adminapiips = array();
+#$adminapikey = 'thisshouldbequitealongstring,youknow';
+
 $authdb  = "../etc/pdns.users.sqlite3";
 
 $templates = array();

includes/session.inc.php

@@ -10,6 +10,19 @@ function is_logged_in() {
     if (isset($_SESSION['logged_in']) && $_SESSION['logged_in'] == "true") {
         return TRUE;
     } else {
+        global $adminapikey;
+        global $adminapiips;
+
+        if (isset($adminapikey) && isset($allowedips)) {
+            if (array_search($_SERVER['REMOTE_ADDR'], $adminapiips) !== FALSE) {
+                if ($_POST['adminapikey'] == $adminapikey) {
+                    # Allow this request, fake that we're logged in.
+                    set_logged_in('admin');
+                    set_is_adminuser();
+                    return TRUE;
+                }
+            }
+        }
         return FALSE;
     }
 }