[GitHub/Stricted/Domain-Control-Panel.git] / lib / page / RecordEditPage.class.php

<?php
namespace dns\page;
use dns\system\api\idna\idna_convert;
use dns\system\DNS;
use dns\system\User;

/**
 * @author      Jan Altensen (Stricted)
 * @license     GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
 * @copyright   2014-2016 Jan Altensen (Stricted)
 */
class RecordEditPage extends AbstractPage {
	public $activeMenuItem = 'index';
	
	public function prepare() {
		if (!isset($_GET['id']) || empty($_GET['id'])) {
			throw new \Exception('The link you are trying to reach is no longer available or invalid.', 404);
		}
		$idna = new idna_convert();
		
		$sql = "SELECT * FROM dns_rr WHERE id = ?";
		$res = DNS::getDB()->query($sql, array($_GET['id']));
		$rr = DNS::getDB()->fetch_array($res);
		
		$soaIDs = User::getAccessibleDomains();
		if (!in_array($rr['zone'], $soaIDs)) {
			throw new \Exception('Access denied. You\'re not authorized to view this page.', 403);
		}
				
		$sql = "SELECT * FROM dns_soa WHERE id = ?";
		$res = DNS::getDB()->query($sql, array($rr['zone']));
		$soa = DNS::getDB()->fetch_array($res);
		
		$soa['origin'] = $idna->decode($soa['origin']);
		
		DNS::getTPL()->assign(array("soa" => $soa, "rr" => $rr));
		
		$types = array('A', 'AAAA', 'CNAME', 'MX', 'PTR', 'SRV', 'TXT', 'TLSA', 'NS', 'DS');
		$error = array();
		if (isset($_POST['submit']) && !empty($_POST['submit'])) {
			if (isset($_POST['name']) && isset($_POST['ttl']) && !empty($_POST['ttl']) && isset($_POST['type']) && !empty($_POST['type']) && isset($_POST['data']) && !empty($_POST['data'])) {
				$type = trim($_POST['type']);
				
				if (!empty($_POST['name'])) {
					$name = $idna->encode(trim($_POST['name']));
				}
				else {
					$name = $idna->encode(trim($soa['origin']));
				}
				
				if (in_array($type, $types)) {
					$aux = 0;
					if (($type == "MX" || $type == "TLSA" || $type == "SRV" || $type == "DS") && isset($_POST['aux']) && !empty($_POST['aux'])) {
							$aux = trim($_POST['aux']);
					}
					
					$data = trim($_POST['data']);
					if ($type == "SRV" || $type == "DS") {
						if (isset($_POST['weight']) && !empty($_POST['weight']) && isset($_POST['port']) && !empty($_POST['port'])) {
							if ($type == "SRV") {
								$data = $idna->encode($data);
							}
							$data = trim($_POST['weight']).' '.trim($_POST['port']).' '.$data;
						}
						else {
							$error = array_merge($error, array('weight', 'port', 'data'));
						}
					}
					
					$ttl = $_POST['ttl'];
					if ($ttl < DNS_SOA_MINIMUM_TTL) {
						$ttl = DNS_SOA_MINIMUM_TTL;
					}
					
					if ($type == "TLSA") {
						if ($aux != 3) {
							// fallback
							$aux = 3;
						}
						
						if (isset($_POST['weight']) && isset($_POST['port'])) {
							if (!is_numeric($_POST['weight'])) {
								$error = array_merge($error, array('weight'));
							}
							else if (!is_numeric($_POST['port'])) {
								$error = array_merge($error, array('weight'));
							}
							else if (strlen($_POST['data']) != 64) {
								$error = array_merge($error, array('data'));
							}
							else {
								$data = trim($_POST['weight']).' '.trim($_POST['port']).' '.$data;
							}
						}
						else {
							$error = array_merge($error, array('weight', 'port', 'data'));
						}
					}
					
					if ($type == "A") {
						if (filter_var($data, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === false) {
							$error = array_merge($error, array('data'));
						}
					}
					else if ($type == "AAAA") {
						if (filter_var($data, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false) {
							$error = array_merge($error, array('data'));
						}
					}
				}
				else {
					$error = array_merge($error, array('type'));
				}				
			}
			else {
				$error = array_merge($error, array('name', 'ttl', 'data'));
			}
			
			$sql = 'SELECT * FROM dns_rr WHERE zone = ? AND name = ? AND type = ? AND data = ? AND id != ?';
			$res = DNS::getDB()->query($sql, array($rr['zone'], $name, $type, $data, $_GET['id']));
			$rr = DNS::getDB()->fetch_array($res);
			if (!empty($rr)) {
				$error = array_merge($error, array('type', 'data'));
			}
			
			if (empty($error)) {
				
				$sql = 'UPDATE dns_rr SET name = ?, type = ?, aux = ?, data = ?, ttl = ? WHERE id = ?';
				if ($type == "SRV" || $type == "DS" || $type == "TLSA") {
					DNS::getDB()->query($sql, array($name, $type, $aux, $data, $ttl, $_GET['id']));
				}
				else {
					DNS::getDB()->query($sql, array($name, $type, $aux, $idna->encode($data), $ttl, $_GET['id']));
				}
				
				$sql = "UPDATE dns_soa SET serial = ? WHERE id = ?";
				DNS::getDB()->query($sql, array($this->fixSerial($soa['serial']), $soa['id']));
				
				$sql = "SELECT * FROM dns_rr WHERE id = ?";
				$res = DNS::getDB()->query($sql, array($_GET['id']));
				$rr = DNS::getDB()->fetch_array($res);
				
				$weight = 0;
				$port = 0;
				$data = $rr['data'];
				$type = $rr['type'];
				$name = $idna->decode($rr['name']);
				$aux = $rr['aux'];
				$ttl = $rr['ttl'];
				if ($type == "SRV" || $type == "DS" || $type == "TLSA") {
					$datae = explode(" ", $data);
					$weight = $datae[0];
					$port = $datae[1];
					if ($type == "SRV") {
						$data = $idna->decode($datae[2]);
					}
					else {
						$data = $datae[2];
					}
				}
				else {
					$data = $idna->decode($data);
				}
				
				DNS::getTPL()->assign(array('name' => $name, 'type' => $type, 'weight' => $weight, 'port' => $port, 'data' => $data, 'aux' => $aux, 'ttl' => $ttl));
				DNS::getTPL()->assign(array('success' => true));
			}
			else {
				if ($type == "SRV" || $type == "DS" || $type == "TLSA") {
					DNS::getTPL()->assign(array('name' => $idna->decode($name), 'type' => $type, 'weight' => $_POST['weight'], 'port' => $_POST['port'], 'data' => $_POST['data'], 'aux' => $aux, 'ttl' => $ttl));
				}
				else {
					DNS::getTPL()->assign(array('name' => $idna->decode($name), 'type' => $type, 'data' => $idna->decode($data), 'aux' => $aux, 'ttl' => $ttl));
				}
			}
		}
		else {
			$weight = 0;
			$port = 0;
			$data = $rr['data'];
			$type = $rr['type'];
			$name = $idna->decode($rr['name']);
			$aux = $rr['aux'];
			$ttl = $rr['ttl'];
			if ($type == "SRV" || $type == "DS" || $type == "TLSA") {
				$datae = explode(" ", $data);
				$weight = $datae[0];
				$port = $datae[1];
				if ($type == "SRV") {
					$data = $idna->decode($datae[2]);
				}
				else {
					$data = $datae[2];
				}
			}
			else {
				$data = $idna->decode($data);
			}
			
			DNS::getTPL()->assign(array('name' => $name, 'type' => $type, 'weight' => $weight, 'port' => $port, 'data' => $data, 'aux' => $aux, 'ttl' => $ttl));
		}
		
		DNS::getTPL()->assign(array("error" => $error));
	}
	
	public function fixSerial ($old) {
		if (substr($old, 0, -2) == date("Ymd")) {
			$new = $old + 1;
		}
		else {
			$new = date("Ymd")."01";
		}
		
		return $new;
	}
}
Commit	Line	Data
6706658b S	1	<?php
6706658b S	2	namespace dns\page;
01c0ad42	3	use dns\system\api\idna\idna_convert;
6706658b S	4	use dns\system\DNS;
	5	use dns\system\User;
	6
	7	/**
	8	* @author Jan Altensen (Stricted)
	9	* @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
d4779364	10	* @copyright 2014-2016 Jan Altensen (Stricted)
6706658b S	11	*/
	12	class RecordEditPage extends AbstractPage {
	13	public $activeMenuItem = 'index';
	14
	15	public function prepare() {
	16	if (!isset($_GET['id']) \|\| empty($_GET['id'])) {
	17	throw new \Exception('The link you are trying to reach is no longer available or invalid.', 404);
	18	}
	19	$idna = new idna_convert();
	20
	21	$sql = "SELECT * FROM dns_rr WHERE id = ?";
	22	$res = DNS::getDB()->query($sql, array($_GET['id']));
	23	$rr = DNS::getDB()->fetch_array($res);
	24
	25	$soaIDs = User::getAccessibleDomains();
	26	if (!in_array($rr['zone'], $soaIDs)) {
580f0b08	27	throw new \Exception('Access denied. You\'re not authorized to view this page.', 403);
6706658b S	28	}
	29
	30	$sql = "SELECT * FROM dns_soa WHERE id = ?";
	31	$res = DNS::getDB()->query($sql, array($rr['zone']));
	32	$soa = DNS::getDB()->fetch_array($res);
	33
	34	$soa['origin'] = $idna->decode($soa['origin']);
	35
	36	DNS::getTPL()->assign(array("soa" => $soa, "rr" => $rr));
	37
	38	$types = array('A', 'AAAA', 'CNAME', 'MX', 'PTR', 'SRV', 'TXT', 'TLSA', 'NS', 'DS');
	39	$error = array();
	40	if (isset($_POST['submit']) && !empty($_POST['submit'])) {
	41	if (isset($_POST['name']) && isset($_POST['ttl']) && !empty($_POST['ttl']) && isset($_POST['type']) && !empty($_POST['type']) && isset($_POST['data']) && !empty($_POST['data'])) {
	42	$type = trim($_POST['type']);
	43
	44	if (!empty($_POST['name'])) {
	45	$name = $idna->encode(trim($_POST['name']));
	46	}
	47	else {
	48	$name = $idna->encode(trim($soa['origin']));
	49	}
	50
	51	if (in_array($type, $types)) {
	52	$aux = 0;
	53	if (($type == "MX" \|\| $type == "TLSA" \|\| $type == "SRV" \|\| $type == "DS") && isset($_POST['aux']) && !empty($_POST['aux'])) {
	54	$aux = trim($_POST['aux']);
	55	}
	56
	57	$data = trim($_POST['data']);
	58	if ($type == "SRV" \|\| $type == "DS") {
	59	if (isset($_POST['weight']) && !empty($_POST['weight']) && isset($_POST['port']) && !empty($_POST['port'])) {
	60	if ($type == "SRV") {
	61	$data = $idna->encode($data);
	62	}
	63	$data = trim($_POST['weight']).' '.trim($_POST['port']).' '.$data;
	64	}
	65	else {
	66	$error = array_merge($error, array('weight', 'port', 'data'));
	67	}
	68	}
	69
	70	$ttl = $_POST['ttl'];
	71	if ($ttl < DNS_SOA_MINIMUM_TTL) {
	72	$ttl = DNS_SOA_MINIMUM_TTL;
	73	}
	74
	75	if ($type == "TLSA") {
	76	if ($aux != 3) {
	77	// fallback
	78	$aux = 3;
	79	}
	80
	81	if (isset($_POST['weight']) && isset($_POST['port'])) {
	82	if (!is_numeric($_POST['weight'])) {
	83	$error = array_merge($error, array('weight'));
	84	}
	85	else if (!is_numeric($_POST['port'])) {
	86	$error = array_merge($error, array('weight'));
	87	}
	88	else if (strlen($_POST['data']) != 64) {
	89	$error = array_merge($error, array('data'));
	90	}
	91	else {
92	$data = trim($_POST['weight']).' '.trim($_POST['port']).' '.$data;
93	}
94	}
95	else {
96	$error = array_merge($error, array('weight', 'port', 'data'));
97	}
98	}
99
100	if ($type == "A") {
101	if (filter_var($data, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === false) {
102	$error = array_merge($error, array('data'));
103	}
104	}
105	else if ($type == "AAAA") {
106	if (filter_var($data, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false) {
107	$error = array_merge($error, array('data'));
108	}
109	}
110	}
111	else {
112	$error = array_merge($error, array('type'));
113	}
114	}
115	else {
116	$error = array_merge($error, array('name', 'ttl', 'data'));
117	}
118
119	$sql = 'SELECT * FROM dns_rr WHERE zone = ? AND name = ? AND type = ? AND data = ? AND id != ?';
120	$res = DNS::getDB()->query($sql, array($rr['zone'], $name, $type, $data, $_GET['id']));
121	$rr = DNS::getDB()->fetch_array($res);
122	if (!empty($rr)) {
123	$error = array_merge($error, array('type', 'data'));
124	}
125
126	if (empty($error)) {
127
128	$sql = 'UPDATE dns_rr SET name = ?, type = ?, aux = ?, data = ?, ttl = ? WHERE id = ?';
129	if ($type == "SRV" \|\| $type == "DS" \|\| $type == "TLSA") {
130	DNS::getDB()->query($sql, array($name, $type, $aux, $data, $ttl, $_GET['id']));
131	}
132	else {
133	DNS::getDB()->query($sql, array($name, $type, $aux, $idna->encode($data), $ttl, $_GET['id']));
134	}
135
136	$sql = "UPDATE dns_soa SET serial = ? WHERE id = ?";
137	DNS::getDB()->query($sql, array($this->fixSerial($soa['serial']), $soa['id']));
138
139	$sql = "SELECT * FROM dns_rr WHERE id = ?";
140	$res = DNS::getDB()->query($sql, array($_GET['id']));
141	$rr = DNS::getDB()->fetch_array($res);
142
143	$weight = 0;
144	$port = 0;
145	$data = $rr['data'];
146	$type = $rr['type'];
147	$name = $idna->decode($rr['name']);
148	$aux = $rr['aux'];
149	$ttl = $rr['ttl'];
150	if ($type == "SRV" \|\| $type == "DS" \|\| $type == "TLSA") {
151	$datae = explode(" ", $data);
152	$weight = $datae[0];
153	$port = $datae[1];
154	if ($type == "SRV") {
155	$data = $idna->decode($datae[2]);
156	}
157	else {
158	$data = $datae[2];
159	}
160	}
161	else {
162	$data = $idna->decode($data);
163	}
164
165	DNS::getTPL()->assign(array('name' => $name, 'type' => $type, 'weight' => $weight, 'port' => $port, 'data' => $data, 'aux' => $aux, 'ttl' => $ttl));
166	DNS::getTPL()->assign(array('success' => true));
167	}
168	else {
169	if ($type == "SRV" \|\| $type == "DS" \|\| $type == "TLSA") {
170	DNS::getTPL()->assign(array('name' => $idna->decode($name), 'type' => $type, 'weight' => $_POST['weight'], 'port' => $_POST['port'], 'data' => $_POST['data'], 'aux' => $aux, 'ttl' => $ttl));
171	}
172	else {
173	DNS::getTPL()->assign(array('name' => $idna->decode($name), 'type' => $type, 'data' => $idna->decode($data), 'aux' => $aux, 'ttl' => $ttl));
174	}
175	}
176	}
177	else {
178	$weight = 0;
179	$port = 0;
180	$data = $rr['data'];
181	$type = $rr['type'];
182	$name = $idna->decode($rr['name']);
183	$aux = $rr['aux'];
184	$ttl = $rr['ttl'];
185	if ($type == "SRV" \|\| $type == "DS" \|\| $type == "TLSA") {
186	$datae = explode(" ", $data);
187	$weight = $datae[0];
188	$port = $datae[1];
189	if ($type == "SRV") {
190	$data = $idna->decode($datae[2]);
191	}
192	else {
193	$data = $datae[2];
194	}
195	}
196	else {
197	$data = $idna->decode($data);
198	}
199
200	DNS::getTPL()->assign(array('name' => $name, 'type' => $type, 'weight' => $weight, 'port' => $port, 'data' => $data, 'aux' => $aux, 'ttl' => $ttl));
201	}
202
203	DNS::getTPL()->assign(array("error" => $error));
204	}
205
206	public function fixSerial ($old) {
207	if (substr($old, 0, -2) == date("Ymd")) {
208	$new = $old + 1;
209	}
210	else {
211	$new = date("Ymd")."01";
212	}
213
214	return $new;
215	}
216	}