1
|
1 |
<? |
|
2 |
|
|
3 |
// +--------------------------------------------------------------------+ |
|
4 |
// | PowerAdmin | |
|
5 |
// +--------------------------------------------------------------------+ |
|
6 |
// | Copyright (c) 1997-2002 The PowerAdmin Team | |
|
7 |
// +--------------------------------------------------------------------+ |
|
8 |
// | This source file is subject to the license carried by the overal | |
|
9 |
// | program PowerAdmin as found on http://poweradmin.sf.net | |
|
10 |
// | The PowerAdmin program falls under the QPL License: | |
|
11 |
// | http://www.trolltech.com/developer/licensing/qpl.html | |
|
12 |
// +--------------------------------------------------------------------+ |
|
13 |
// | Authors: Roeland Nieuwenhuis <trancer <AT> trancer <DOT> nl> | |
|
14 |
// | Sjeemz <sjeemz <AT> sjeemz <DOT> nl> | |
|
15 |
// +--------------------------------------------------------------------+ |
|
16 |
|
|
17 |
// Filename: record.inc.php |
|
18 |
// Startdate: 26-10-2002 |
|
19 |
// This file is ought to edit the records in the database. |
|
20 |
// Records are domains aswell, they also belong here. |
|
21 |
// All database functions are associative. |
|
22 |
// use nextID first to get a new id. Then insert it into the database. |
|
23 |
// do not rely on auto_increment (see above). |
|
24 |
// use dns.inc.php for validation functions. |
|
25 |
// |
|
26 |
// $Id: record.inc.php,v 1.21 2003/05/10 20:21:01 azurazu Exp $ |
|
27 |
// |
|
28 |
|
|
29 |
|
|
30 |
function update_soa_serial($domain_id) |
|
31 |
{ |
|
32 |
global $db; |
|
33 |
/* |
|
34 |
* THIS CODE ISNT TESTED THROUGH MUCH YET! |
|
35 |
* !!!!!!! BETACODE !!!!!!!!!! |
|
36 |
* Code committed by DeViCeD, Thanks a lot! |
|
37 |
* Heavily hax0red by Trancer/azurazu |
|
38 |
* |
|
39 |
* First we have to check, wheather current searial number |
|
40 |
* was already updated on the other nameservers. |
|
41 |
* If field 'notified_serial' is NULL, then I guess domain is |
|
42 |
* NATIVE and we don't have any secondary nameservers for this domain. |
|
43 |
* NOTICE: Serial number *will* be RFC1912 compilant after update |
|
44 |
* NOTICE: This function will allow only 100 DNS zone transfers ;-) |
|
45 |
* YYYYMMDDnn |
|
46 |
*/ |
|
47 |
|
|
48 |
$sqlq = "SELECT `notified_serial` FROM `domains` WHERE `id` = '".$domain_id."'"; |
|
49 |
$notified_serial = $db->getOne($sqlq); |
|
50 |
|
|
51 |
$sqlq = "SELECT `content` FROM `records` WHERE `type` = 'SOA' AND `domain_id` = '".$domain_id."'"; |
|
52 |
$content = $db->getOne($sqlq); |
|
53 |
$need_to_update = false; |
|
54 |
|
|
55 |
// Getting the serial field. |
|
56 |
$soa = explode(" ", $content); |
|
57 |
|
|
58 |
if(empty($notified_serial)) |
|
59 |
{ |
|
60 |
// Ok native replication, so we have to update. |
|
61 |
$need_to_update = true; |
|
62 |
} |
|
63 |
elseif($notified_serial >= $soa[2]) |
|
64 |
{ |
|
65 |
$need_to_update = true; |
|
66 |
} |
|
67 |
elseif(strlen($soa[2]) != 10) |
|
68 |
{ |
|
69 |
$need_to_update = true; |
|
70 |
} |
|
71 |
else |
|
72 |
{ |
|
73 |
$need_to_update = false; |
|
74 |
} |
|
75 |
if($need_to_update) |
|
76 |
{ |
|
77 |
// Ok so we have to update it seems. |
|
78 |
$current_serial = $soa[2]; |
|
79 |
|
|
80 |
/* |
|
81 |
* What we need here (for RFC1912) is YEAR, MONTH and DAY |
|
82 |
* so let's get it ... |
|
83 |
*/ |
|
84 |
$new_serial = date('Ymd'); // we will add revision number later |
|
85 |
|
|
86 |
if(strncmp($new_serial, $current_serial, 8) === 0) |
|
87 |
{ |
|
88 |
/* |
|
89 |
* Ok, so we already made updates tonight |
|
90 |
* let's just increase the revision number |
|
91 |
*/ |
|
92 |
$revision_number = (int) substr($current_serial, -2); |
|
93 |
if ($revision_number == 99) return false; // ok, we cannot update anymore tonight |
|
94 |
++$revision_number; |
|
95 |
// here it is ... same date, new revision |
|
96 |
$new_serial .= str_pad($revision_number, 2, "0", STR_PAD_LEFT); |
|
97 |
} |
|
98 |
else |
|
99 |
{ |
|
100 |
/* |
|
101 |
* Current serial is not RFC1912 compilant, so let's make a new one |
|
102 |
*/ |
|
103 |
$new_serial .= '00'; |
|
104 |
} |
|
105 |
$soa[2] = $new_serial; // change serial in SOA array |
|
106 |
$new_soa = ""; |
|
107 |
// build new soa and update SQL after that |
|
108 |
for ($i = 0; $i < count($soa); $i++) |
|
109 |
{ |
|
110 |
$new_soa .= $soa[$i] . " "; |
|
111 |
} |
|
112 |
$sqlq = "UPDATE `records` SET `content` = '".$new_soa."' WHERE `domain_id` = '".$domain_id."' AND `type` = 'SOA' LIMIT 1"; |
|
113 |
$db->Query($sqlq); |
|
114 |
return true; |
|
115 |
} |
|
116 |
} |
|
117 |
|
|
118 |
/* |
|
119 |
* Edit a record. |
|
120 |
* This function validates it if correct it inserts it into the database. |
|
121 |
* return values: true if succesful. |
|
122 |
*/ |
|
123 |
function edit_record($recordid, $zoneid, $name, $type, $content, $ttl, $prio) |
|
124 |
{ |
|
125 |
global $db; |
|
126 |
if($content == "") |
|
127 |
{ |
|
128 |
error(ERR_RECORD_EMPTY_CONTENT); |
|
129 |
} |
|
130 |
// Edits the given record (validates specific stuff first) |
|
131 |
if (!xs(recid_to_domid($recordid))) |
|
132 |
{ |
|
133 |
error(ERR_RECORD_ACCESS_DENIED); |
|
134 |
} |
|
135 |
if (is_numeric($zoneid)) |
|
136 |
{ |
|
137 |
validate_input($recordid, $zoneid, $type, $content, $name, $prio, $ttl); |
|
138 |
$change = time(); |
|
139 |
$db->query("UPDATE records set name='$name', type='$type', content='$content', ttl='$ttl', prio='$prio', change_date='$change' WHERE id=$recordid"); |
|
140 |
|
|
141 |
/* |
|
142 |
* Added by DeViCeD - Update SOA Serial number |
|
143 |
* There should be more checks |
|
144 |
*/ |
|
145 |
if ($type != 'SOA') |
|
146 |
{ |
|
147 |
update_soa_serial($zoneid); |
|
148 |
} |
|
149 |
return true; |
|
150 |
} |
|
151 |
else |
|
152 |
{ |
|
153 |
error(sprintf(ERR_INV_ARGC, "edit_record", "no zoneid given")); |
|
154 |
} |
|
155 |
|
|
156 |
} |
|
157 |
|
|
158 |
|
|
159 |
/* |
|
160 |
* Adds a record. |
|
161 |
* This function validates it if correct it inserts it into the database. |
|
162 |
* return values: true if succesful. |
|
163 |
*/ |
|
164 |
function add_record($zoneid, $name, $type, $content, $ttl, $prio) |
|
165 |
{ |
|
166 |
|
|
167 |
global $db; |
|
168 |
if (!xs($zoneid)) |
|
169 |
{ |
|
170 |
error(ERR_RECORD_ACCESS_DENIED); |
|
171 |
} |
|
172 |
if (is_numeric($zoneid)) |
|
173 |
{ |
|
174 |
|
|
175 |
// Get the Insert ID, we can not rely on auto_increment |
|
176 |
$idrecords = $db->nextID('records'); |
|
177 |
|
|
178 |
// Check the user input. |
|
179 |
validate_input($idrecords, $zoneid, $type, $content, $name, $prio, $ttl); |
|
180 |
|
|
181 |
// Generate new timestamp for the Daemon |
|
182 |
$change = time(); |
|
183 |
// Execute query. |
|
184 |
$db->query("INSERT INTO records (id, domain_id, name, type, content, ttl, prio, change_date) VALUES ($idrecords, $zoneid, '$name', '$type', '$content', $ttl, '$prio', $change)"); |
|
185 |
if ($type != 'SOA') |
|
186 |
{ |
|
187 |
update_soa_serial($zoneid); |
|
188 |
} |
|
189 |
return true; |
|
190 |
} |
|
191 |
else |
|
192 |
{ |
|
193 |
error(sprintf(ERR_INV_ARG, "add_record")); |
|
194 |
} |
|
195 |
} |
|
196 |
|
|
197 |
|
|
198 |
/* |
|
199 |
* Delete a record by a given id. |
|
200 |
* return values: true, this function is always succesful. |
|
201 |
*/ |
|
202 |
function delete_record($id) |
|
203 |
{ |
|
204 |
global $db; |
|
205 |
|
|
206 |
// Check if the user has access. |
|
207 |
if (!xs(recid_to_domid($id))) |
|
208 |
{ |
|
209 |
error(ERR_RECORD_ACCESS_DENIED); |
|
210 |
} |
|
211 |
|
|
212 |
// Retrieve the type of record to see if we can actually remove it. |
|
213 |
$recordtype = get_recordtype_from_id($id); |
|
214 |
|
|
215 |
// If the record type is NS and the user tries to delete it while ALLOW_NS_EDIT is set to 0 |
|
216 |
// OR |
|
217 |
// check if the name of the record isnt the domain name (if so it should delete all records) |
|
218 |
// OR |
|
219 |
// check if we are dealing with a SOA field (same story as NS) |
|
220 |
if (($recordtype == "NS" && $GLOBALS["ALLOW_NS_EDIT"] != 1 && (get_name_from_record_id($id) == get_domain_name_from_id(recid_to_domid($id)))) || ($recordtype == "SOA" && $GLOBALS["ALLOW_SOA_EDIT"] != 1)) |
|
221 |
{ |
|
222 |
error(sprintf(ERR_RECORD_DELETE_TYPE_DENIED, $recordtype)); |
|
223 |
|
|
224 |
} |
|
225 |
if (is_numeric($id)) |
|
226 |
{ |
|
227 |
$did = recid_to_domid($id); |
|
228 |
$db->query('DELETE FROM records WHERE id=' . $id . ' LIMIT 1'); |
|
229 |
if ($type != 'SOA') |
|
230 |
{ |
|
231 |
update_soa_serial($did); |
|
232 |
} |
|
233 |
// $id doesnt exist in database anymore so its deleted or just not there which means "true" |
|
234 |
return true; |
|
235 |
} |
|
236 |
else |
|
237 |
{ |
|
238 |
error(sprintf(ERR_INV_ARG, "delete_record")); |
|
239 |
} |
|
240 |
} |
|
241 |
|
|
242 |
|
|
243 |
/* |
|
244 |
* Add a domain to the database. |
|
245 |
* A domain is name obligatory, so is an owner. |
|
246 |
* return values: true when succesful. |
|
247 |
* Empty means templates dont have to be applied. |
|
248 |
* -------------------------------------------------------------------------- |
|
249 |
* This functions eats a template and by that it inserts various records. |
|
250 |
* first we start checking if something in an arpa record |
|
251 |
* remember to request nextID's from the database to be able to insert record. |
|
252 |
* if anything is invalid the function will error |
|
253 |
*/ |
|
254 |
function add_domain($domain, $owner, $webip, $mailip, $empty, $type) |
|
255 |
{ |
|
256 |
|
|
257 |
global $db; |
|
258 |
|
|
259 |
if (!level(5)) |
|
260 |
{ |
|
261 |
error(ERR_LEVEL_5); |
|
262 |
} |
|
263 |
|
|
264 |
// If domain, owner and mailip are given |
|
265 |
// OR |
|
266 |
// empty is given and owner and domain |
|
267 |
// OR |
|
268 |
// the domain is an arpa record and owner is given |
|
269 |
// THAN |
|
270 |
// Continue this function |
|
271 |
if (($domain && $owner && $webip && $mailip) || ($empty && $owner && $domain) || (eregi('in-addr.arpa', $domain) && $owner)) |
|
272 |
{ |
|
273 |
// Retrieve next zones id. |
|
274 |
$idzones = $db->nextID('zones'); |
|
275 |
$iddomains = $db->nextID('domains'); |
|
276 |
|
|
277 |
$db->query("INSERT INTO zones (id, domain_id, owner) VALUES ('$idzones', '$iddomains', $owner)"); |
|
278 |
|
|
279 |
/* |
|
280 |
* TODO : NATIVE OPERATION ONLY FOR NOW |
|
281 |
*/ |
|
282 |
|
|
283 |
$db->query("INSERT INTO domains (id, name, type) VALUES ('$iddomains', '$domain', '$type')"); |
|
284 |
|
|
285 |
// Generate new timestamp. We need this one anyhow. |
|
286 |
$now = time(); |
|
287 |
|
|
288 |
if ($empty && $iddomains) |
|
289 |
{ |
|
290 |
// If we come into this if statement we dont want to apply templates. |
|
291 |
// Retrieve configuration settings. |
|
292 |
$ns1 = $GLOBALS["NS1"]; |
|
293 |
$hm = $GLOBALS["HOSTMASTER"]; |
|
294 |
$ttl = $GLOBALS["DEFAULT_TTL"]; |
|
295 |
|
|
296 |
// Retrieve next records id |
|
297 |
$idrecords = $db->nextID('records'); |
|
298 |
|
|
299 |
// Build and execute query |
|
300 |
$sql = "INSERT INTO records (id, domain_id, name, content, type, ttl, prio, change_date) VALUES ('$idrecords', '$iddomains', '$domain', '$ns1 $hm 1', 'SOA', $ttl, '', '$now')"; |
|
301 |
$db->query($sql); |
|
302 |
|
|
303 |
// Done |
|
304 |
return true; |
|
305 |
} |
|
306 |
elseif ($iddomains) |
|
307 |
{ |
|
308 |
// If we are here we want to apply templates. |
|
309 |
global $template; |
|
310 |
|
|
311 |
// Iterate over the template and apply it for each field. |
|
312 |
foreach ($template as $r) |
|
313 |
{ |
|
314 |
// Same type of if statement as previous. |
|
315 |
if ((eregi('in-addr.arpa', $domain) && ($r["type"] == "NS" || $r["type"] == "SOA")) || (!eregi('in-addr.arpa', $domain))) |
|
316 |
{ |
|
317 |
// Parse the template. |
|
318 |
$name = parse_template_value($r["name"], $domain, $webip, $mailip); |
|
319 |
$type = $r["type"]; |
|
320 |
$content = parse_template_value($r["content"], $domain, $webip, $mailip); |
|
321 |
$ttl = $r["ttl"]; |
|
322 |
$prio = $r["prio"]; |
|
323 |
|
|
324 |
// If no ttl is given, use the default. |
|
325 |
if (!$ttl) |
|
326 |
{ |
|
327 |
$ttl = $GLOBALS["DEFAULT_TTL"]; |
|
328 |
} |
|
329 |
|
|
330 |
// Retrieve new record id; |
|
331 |
$idrecords = $db->nextID('records'); |
|
332 |
$sql = "INSERT INTO records (id, domain_id, name, content, type, ttl, prio, change_date) VALUES ('$idrecords', '$iddomains', '$name','$content','$type','$ttl','$prio','$now')"; |
|
333 |
$db->query($sql); |
|
334 |
} |
|
335 |
} |
|
336 |
// All done. |
|
337 |
return true; |
|
338 |
} |
|
339 |
else |
|
340 |
{ |
|
341 |
error(sprintf(ERR_INV_ARGC, "add_domain", "could not create zone")); |
|
342 |
} |
|
343 |
} |
|
344 |
else |
|
345 |
{ |
|
346 |
error(sprintf(ERR_INV_ARG, "add_domain")); |
|
347 |
} |
|
348 |
} |
|
349 |
|
|
350 |
|
|
351 |
/* |
|
352 |
* Deletes a domain by a given id. |
|
353 |
* Function always succeeds. If the field is not found in the database, thats what we want anyway. |
|
354 |
*/ |
|
355 |
function delete_domain($id) |
|
356 |
{ |
|
357 |
global $db; |
|
358 |
|
|
359 |
if (!level(5)) |
|
360 |
{ |
|
361 |
error(ERR_LEVEL_5); |
|
362 |
} |
|
363 |
|
|
364 |
// See if the ID is numeric. |
|
365 |
if (is_numeric($id)) |
|
366 |
{ |
|
367 |
$db->query("DELETE FROM zones WHERE domain_id=$id"); |
|
368 |
$db->query("DELETE FROM domains WHERE id=$id"); |
|
369 |
$db->query("DELETE FROM records WHERE domain_id=$id"); |
|
370 |
// Nothing in the database. If the delete deleted 0 records it means the id is just not there. |
|
371 |
// therefore the is no need to check the affectedRows values. |
|
372 |
return true; |
|
373 |
} |
|
374 |
else |
|
375 |
{ |
|
376 |
error(sprintf(ERR_INV_ARGC, "delete_domain", "id must be a number")); |
|
377 |
} |
|
378 |
} |
|
379 |
|
|
380 |
|
|
381 |
/* |
|
382 |
* Gets the id of the domain by a given record id. |
|
383 |
* return values: the domain id that was requested. |
|
384 |
*/ |
|
385 |
function recid_to_domid($id) |
|
386 |
{ |
|
387 |
global $db; |
|
388 |
if (is_numeric($id)) |
|
389 |
{ |
|
390 |
$result = $db->query("SELECT domain_id FROM records WHERE id=$id"); |
|
391 |
$r = $result->fetchRow(); |
|
392 |
return $r["domain_id"]; |
|
393 |
} |
|
394 |
else |
|
395 |
{ |
|
396 |
error(sprintf(ERR_INV_ARGC, "recid_to_domid", "id must be a number")); |
|
397 |
} |
|
398 |
} |
|
399 |
|
|
400 |
|
|
401 |
/* |
|
402 |
* Sorts a zone by records. |
|
403 |
* return values: the sorted zone. |
|
404 |
*/ |
|
405 |
function sort_zone($records) |
|
406 |
{ |
|
407 |
$ar_so = array(); |
|
408 |
$ar_ns = array(); |
|
409 |
$ar_mx = array(); |
|
410 |
$ar_mb = array(); |
|
411 |
$ar_ur = array(); |
|
412 |
$ar_ov = array(); |
|
413 |
foreach ($records as $c) |
|
414 |
{ |
|
415 |
switch(strtoupper($c['type'])) |
|
416 |
{ |
|
417 |
case "SOA": |
|
418 |
$ar_so[] = $c; |
|
419 |
break; |
|
420 |
case "NS": |
|
421 |
$ar_ns[] = $c; |
|
422 |
break; |
|
423 |
case "MX": |
|
424 |
$ar_mx[] = $c; |
|
425 |
break; |
|
426 |
case "MBOXFW": |
|
427 |
$ar_mb[] = $c; |
|
428 |
break; |
|
429 |
case "URL": |
|
430 |
$ar_ur[] = $c; |
|
431 |
break; |
|
432 |
default: |
|
433 |
$ar_ov[] = $c; |
|
434 |
break; |
|
435 |
} |
|
436 |
} |
|
437 |
|
|
438 |
$res = array_merge($ar_so, $ar_ns, $ar_mx, $ar_mb, $ar_ur, $ar_ov); |
|
439 |
|
|
440 |
if (count($records) == count($res)) |
|
441 |
{ |
|
442 |
$records = $res; |
|
443 |
} |
|
444 |
else |
|
445 |
{ |
|
446 |
error(sprintf(ERR_INV_ARGC, "sort_zone", "records sorting failed!")); |
|
447 |
} |
|
448 |
return $records; |
|
449 |
} |
|
450 |
|
|
451 |
|
|
452 |
/* |
|
453 |
* Change owner of a domain. |
|
454 |
* Function should actually be in users.inc.php. But its more of a record modification than a user modification |
|
455 |
* return values: true when succesful. |
|
456 |
*/ |
|
457 |
function add_owner($domain, $newowner) |
|
458 |
{ |
|
459 |
global $db; |
|
460 |
|
|
461 |
if (!level(5)) |
|
462 |
{ |
|
463 |
error(ERR_LEVEL_5); |
|
464 |
} |
|
465 |
|
|
466 |
if (is_numeric($domain) && is_numeric($newowner) && is_valid_user($newowner)) |
|
467 |
{ |
|
468 |
$iid = $db->nextID('zones'); |
|
469 |
if($db->getOne("SELECT COUNT(id) FROM zones WHERE owner=$newowner AND domain_id=$domain") == 0) |
|
470 |
{ |
|
471 |
$db->query("INSERT INTO zones(id, domain_id, owner) VALUES($iid, $domain, $newowner)"); |
|
472 |
} |
|
473 |
return true; |
|
474 |
} |
|
475 |
else |
|
476 |
{ |
|
477 |
error(sprintf(ERR_INV_ARGC, "change_owner", "$domain / $newowner")); |
|
478 |
} |
|
479 |
} |
|
480 |
|
|
481 |
|
|
482 |
function delete_owner($domain, $owner) |
|
483 |
{ |
|
484 |
global $db; |
|
485 |
if($db->getOne("SELECT COUNT(id) FROM zones WHERE owner=$owner AND domain_id=$domain") != 0) |
|
486 |
{ |
|
487 |
$db->query("DELETE FROM zones WHERE owner=$owner AND domain_id=$domain"); |
|
488 |
} |
|
489 |
return true; |
|
490 |
} |
|
491 |
|
|
492 |
/* |
|
493 |
* Retrieves all supported dns record types |
|
494 |
* This function might be deprecated. |
|
495 |
* return values: array of types in string form. |
|
496 |
*/ |
|
497 |
function get_record_types() |
|
498 |
{ |
|
499 |
global $rtypes; |
|
500 |
return $rtypes; |
|
501 |
} |
|
502 |
|
|
503 |
|
|
504 |
/* |
|
505 |
* Retrieve all records by a given type and domain id. |
|
506 |
* Example: get all records that are of type A from domain id 1 |
|
507 |
* return values: a DB class result object |
|
508 |
*/ |
|
509 |
function get_records_by_type_from_domid($type, $recid) |
|
510 |
{ |
|
511 |
global $rtypes; |
|
512 |
global $db; |
|
513 |
|
|
514 |
// Does this type exist? |
|
515 |
if(!in_array(strtoupper($type), $rtypes)) |
|
516 |
{ |
|
517 |
error(sprintf(ERR_INV_ARGC, "get_records_from_type", "this is not a supported record")); |
|
518 |
} |
|
519 |
|
|
520 |
// Get the domain id. |
|
521 |
$domid = recid_to_domid($recid); |
|
522 |
|
|
523 |
$result = $db->query("select id, type from records where domain_id=$recid and type='$type'"); |
|
524 |
return $result; |
|
525 |
} |
|
526 |
|
|
527 |
|
|
528 |
/* |
|
529 |
* Retrieves the type of a record from a given id. |
|
530 |
* return values: the type of the record (one of the records types in $rtypes assumable). |
|
531 |
*/ |
|
532 |
function get_recordtype_from_id($id) |
|
533 |
{ |
|
534 |
global $db; |
|
535 |
if (is_numeric($id)) |
|
536 |
{ |
|
537 |
$result = $db->query("SELECT type FROM records WHERE id=$id"); |
|
538 |
$r = $result->fetchRow(); |
|
539 |
return $r["type"]; |
|
540 |
} |
|
541 |
else |
|
542 |
{ |
|
543 |
error(sprintf(ERR_INV_ARG, "get_recordtype_from_id")); |
|
544 |
} |
|
545 |
} |
|
546 |
|
|
547 |
|
|
548 |
/* |
|
549 |
* Retrieves the name (e.g. bla.test.com) of a record by a given id. |
|
550 |
* return values: the name associated with the id. |
|
551 |
*/ |
|
552 |
function get_name_from_record_id($id) |
|
553 |
{ |
|
554 |
global $db; |
|
555 |
if (is_numeric($id)) |
|
556 |
{ |
|
557 |
$result = $db->query("SELECT name FROM records WHERE id=$id"); |
|
558 |
$r = $result->fetchRow(); |
|
559 |
return $r["name"]; |
|
560 |
} |
|
561 |
else |
|
562 |
{ |
|
563 |
error(sprintf(ERR_INV_ARG, "get_name_from_record_id")); |
|
564 |
} |
|
565 |
} |
|
566 |
|
|
567 |
|
|
568 |
/* |
|
569 |
* Get all the domains from a database of which the user is the owner. |
|
570 |
* return values: an array with the id of the domain and its name. |
|
571 |
*/ |
|
572 |
function get_domains_from_userid($id) |
|
573 |
{ |
|
574 |
global $db; |
|
575 |
if (is_numeric($id)) |
|
576 |
{ |
|
577 |
$result = $db->query("SELECT domains.id AS domain_id, domains.name AS name FROM domains LEFT JOIN zones ON domains.id=zones.domain_id WHERE owner=$id"); |
|
578 |
|
|
579 |
$ret = array(); |
|
580 |
|
|
581 |
// Put all the information in a big array. |
|
582 |
while ($r = $result->fetchRow()) |
|
583 |
{ |
|
584 |
$ret[] = array( |
|
585 |
"id" => $r["domain_id"], |
|
586 |
"name" => $r["name"] |
|
587 |
); |
|
588 |
} |
|
589 |
return $ret; |
|
590 |
} |
|
591 |
else |
|
592 |
{ |
|
593 |
error(sprintf(ERR_INV_ARGC, "get_domains_from_userid", "This is not a valid userid: $id")); |
|
594 |
} |
|
595 |
} |
|
596 |
|
|
597 |
|
|
598 |
/* |
|
599 |
* Get domain name from a given id |
|
600 |
* return values: the name of the domain associated with the id. |
|
601 |
*/ |
|
602 |
function get_domain_name_from_id($id) |
|
603 |
{ |
|
604 |
global $db; |
|
605 |
if (!xs($id)) |
|
606 |
{ |
|
607 |
error(ERR_RECORD_ACCESS_DENIED); |
|
608 |
} |
|
609 |
if (is_numeric($id)) |
|
610 |
{ |
|
611 |
$result = $db->query("SELECT name FROM domains WHERE id=$id"); |
|
612 |
if ($result->numRows() == 1) |
|
613 |
{ |
|
614 |
$r = $result->fetchRow(); |
|
615 |
return $r["name"]; |
|
616 |
} |
|
617 |
else |
|
618 |
{ |
|
619 |
error(sprintf(ERR_INV_ARGC, "get_domain_name_from_id", "more than one domain found?! whaaa! BAD! BAD! Contact admin!")); |
|
620 |
} |
|
621 |
} |
|
622 |
else |
|
623 |
{ |
|
624 |
error(sprintf(ERR_INV_ARGC, "get_domain_name_from_id", "Not a valid domainid: $id")); |
|
625 |
} |
|
626 |
} |
|
627 |
|
|
628 |
|
|
629 |
/* |
|
630 |
* Get information about a domain name from a given domain id. |
|
631 |
* the function looks up the domainname, the owner of the domain and the number of records in it. |
|
632 |
* return values: an array containing the information. |
|
633 |
*/ |
|
634 |
function get_domain_info_from_id($id) |
|
635 |
{ |
|
636 |
global $db; |
|
637 |
if (!xs($id)) |
|
638 |
{ |
|
639 |
error(ERR_RECORD_ACCESS_DENIED); |
|
640 |
} |
|
641 |
if (is_numeric($id)) |
|
642 |
{ |
|
643 |
|
|
644 |
if ($_SESSION[$id."_ispartial"] == 1) { |
|
645 |
|
|
646 |
$sqlq = "SELECT domains.name AS name, |
|
647 |
users.fullname AS owner, |
|
648 |
count(record_owners.id) AS aantal |
|
649 |
FROM domains, users, record_owners, records |
|
650 |
|
|
651 |
WHERE record_owners.user_id = ".$_SESSION["userid"]." |
|
652 |
AND record_owners.record_id = records.id |
|
653 |
AND records.domain_id = ".$id." |
|
654 |
|
|
655 |
GROUP BY name, owner, users.fullname |
|
656 |
ORDER BY name"; |
|
657 |
|
|
658 |
$result = $db->getRow($sqlq); |
|
659 |
|
|
660 |
$ret = array( |
|
661 |
"name" => $result["name"], |
|
662 |
"ownerid" => $_SESSION["userid"], |
|
663 |
"owner" => $result["owner"], |
|
664 |
"numrec" => $result["aantal"] |
|
665 |
); |
|
666 |
|
|
667 |
return $ret; |
|
668 |
|
|
669 |
} else{ |
|
670 |
|
|
671 |
// Query that retrieves the information we need. |
|
672 |
$sqlq = "SELECT domains.name AS name, |
|
673 |
min(zones.owner) AS ownerid, |
|
674 |
users.fullname AS owner, |
|
675 |
count(records.domain_id) AS aantal |
|
676 |
FROM domains |
|
677 |
LEFT JOIN records ON domains.id=records.domain_id |
|
678 |
LEFT JOIN zones ON domains.id=zones.domain_id |
|
679 |
LEFT JOIN users ON zones.owner=users.id |
|
680 |
WHERE domains.id=$id |
|
681 |
GROUP BY name, owner, users.fullname |
|
682 |
ORDER BY zones.id"; |
|
683 |
|
|
684 |
// Put the first occurence in an array and return it. |
|
685 |
$result = $db->getRow($sqlq); |
|
686 |
|
|
687 |
//$result["ownerid"] = ($result["ownerid"] == NULL) ? $db->getOne("select min(id) from users where users.level=10") : $result["ownerid"]; |
|
688 |
|
|
689 |
$ret = array( |
|
690 |
"name" => $result["name"], |
|
691 |
"ownerid" => $result["ownerid"], |
|
692 |
"owner" => $result["owner"], |
|
693 |
"numrec" => $result["aantal"] |
|
694 |
); |
|
695 |
return $ret; |
|
696 |
} |
|
697 |
|
|
698 |
} |
|
699 |
else |
|
700 |
{ |
|
701 |
error(sprintf(ERR_INV_ARGC, "get_domain_num_records_from_id", "This is not a valid domainid: $id")); |
|
702 |
} |
|
703 |
} |
|
704 |
|
|
705 |
|
|
706 |
/* |
|
707 |
* Check if a domain is already existing. |
|
708 |
* return values: true if existing, false if it doesnt exist. |
|
709 |
*/ |
|
710 |
function domain_exists($domain) |
|
711 |
{ |
|
712 |
global $db; |
|
713 |
|
|
714 |
if (!level(5)) |
|
715 |
{ |
|
716 |
error(ERR_LEVEL_5); |
|
717 |
} |
|
718 |
if (is_valid_domain($domain)) |
|
719 |
{ |
|
720 |
$result = $db->query("SELECT id FROM domains WHERE name='$domain'"); |
|
721 |
if ($result->numRows() == 0) |
|
722 |
{ |
|
723 |
return false; |
|
724 |
} |
|
725 |
elseif ($result->numRows() >= 1) |
|
726 |
{ |
|
727 |
return true; |
|
728 |
} |
|
729 |
} |
|
730 |
else |
|
731 |
{ |
|
732 |
error(ERR_DOMAIN_INVALID); |
|
733 |
} |
|
734 |
} |
|
735 |
|
|
736 |
|
|
737 |
/* |
|
738 |
* Get all domains from the database. |
|
739 |
* This function gets all the domains from the database unless a user id is below 5. |
|
740 |
* if a user id is below 5 this function will only retrieve records for that user. |
|
741 |
* return values: the array of domains or -1 if nothing is found. |
|
742 |
*/ |
|
743 |
function get_domains($userid=true,$letterstart=all,$rowstart=0,$rowamount=999999) |
|
744 |
{ |
|
745 |
global $db; |
|
746 |
if((!level(5) || !$userid) && !level(10) && !level(5)) |
|
747 |
{ |
|
748 |
$add = " AND zones.owner=".$_SESSION["userid"]; |
|
749 |
} |
|
750 |
else |
|
751 |
{ |
|
752 |
$add = ""; |
|
753 |
} |
|
754 |
|
|
755 |
$sqlq = "SELECT domains.id AS domain_id, |
|
756 |
min(zones.owner) AS owner, |
|
757 |
count(DISTINCT records.id) AS aantal, |
|
758 |
domains.name AS domainname |
|
759 |
FROM domains |
|
760 |
LEFT JOIN zones ON domains.id=zones.domain_id |
|
761 |
LEFT JOIN records ON records.domain_id=domains.id |
|
762 |
WHERE 1 $add "; |
|
763 |
if ($letterstart!=all && $letterstart!=1) { |
|
764 |
$sqlq.=" AND domains.name LIKE '".$letterstart."%' "; |
|
765 |
} elseif ($letterstart==1) { |
|
766 |
$sqlq.=" AND "; |
|
767 |
for ($i=0;$i<=9;$i++) { |
|
768 |
$sqlq.="domains.name LIKE '".$i."%'"; |
|
769 |
if ($i!=9) $sqlq.=" OR "; |
|
770 |
} |
|
771 |
} |
|
772 |
$sqlq.=" GROUP BY domainname, domain_id |
|
773 |
ORDER BY domainname |
|
774 |
LIMIT $rowstart,$rowamount"; |
|
775 |
|
|
776 |
$result = $db->query($sqlq); |
|
777 |
$result2 = $db->query($sqlq); |
|
778 |
|
|
779 |
$andnot=""; |
|
780 |
while($r = $result2->fetchRow()) { |
|
781 |
$andnot.=" AND domains.id!= '".$r["domain_id"]."' "; |
|
782 |
} |
|
783 |
|
|
784 |
if ($letterstart!=all && $letterstart!=1) { |
|
785 |
|
|
786 |
$sqlq = "SELECT domains.id AS domain_id, |
|
787 |
count(DISTINCT record_owners.record_id) AS aantal, |
|
788 |
domains.name AS domainname |
|
789 |
FROM domains, record_owners,records, zones |
|
790 |
WHERE record_owners.user_id = '".$_SESSION["userid"]."' |
|
791 |
AND (records.id = record_owners.record_id |
|
792 |
AND domains.id = records.domain_id) |
|
793 |
$andnot |
|
794 |
AND domains.name LIKE '".$letterstart."%' |
|
795 |
AND (zones.domain_id != records.domain_id AND zones.owner!='".$_SESSION["userid"]."') |
|
796 |
GROUP BY domainname, domain_id |
|
797 |
ORDER BY domainname"; |
|
798 |
|
|
799 |
$result_extra = $db->query($sqlq); |
|
800 |
|
|
801 |
} else { |
|
802 |
|
|
803 |
for ($i=0;$i<=9;$i++) { |
|
804 |
$sqlq = "SELECT domains.id AS domain_id, |
|
805 |
count(DISTINCT record_owners.record_id) AS aantal, |
|
806 |
domains.name AS domainname |
|
807 |
FROM domains, record_owners,records, zones |
|
808 |
WHERE record_owners.user_id = '".$_SESSION["userid"]."' |
|
809 |
AND (records.id = record_owners.record_id |
|
810 |
AND domains.id = records.domain_id) |
|
811 |
$andnot |
|
812 |
AND domains.name LIKE '".$i."%' |
|
813 |
AND (zones.domain_id != records.domain_id AND zones.owner!='".$_SESSION["userid"]."') |
|
814 |
GROUP BY domainname, domain_id |
|
815 |
ORDER BY domainname"; |
|
816 |
|
|
817 |
$result_extra[$i] = $db->query($sqlq); |
|
818 |
} |
|
819 |
|
|
820 |
} |
|
821 |
|
|
822 |
/* |
|
823 |
if ($result->numRows() == 0) |
|
824 |
{ |
|
825 |
// Nothing found. |
|
826 |
return -1; |
|
827 |
} |
|
828 |
*/ |
|
829 |
|
|
830 |
while($r = $result->fetchRow()) |
|
831 |
{ |
|
832 |
$r["owner"] = ($r["owner"] == NULL) ? $db->getOne("select min(id) from users where users.level=10") : $r["owner"]; |
|
833 |
$ret[$r["domainname"]] = array( |
|
834 |
"name" => $r["domainname"], |
|
835 |
"id" => $r["domain_id"], |
|
836 |
"owner" => $r["owner"], |
|
837 |
"numrec" => $r["aantal"] |
|
838 |
); |
|
839 |
} |
|
840 |
|
|
841 |
|
|
842 |
if ($letterstart!=all && $letterstart!=1) { |
|
843 |
|
|
844 |
while($r = $result_extra->fetchRow()) |
|
845 |
{ |
|
846 |
$ret[$r["domainname"]] = array( |
|
847 |
"name" => $r["domainname"]."*", |
|
848 |
"id" => $r["domain_id"], |
|
849 |
"owner" => $_SESSION["userid"], |
|
850 |
"numrec" => $r["aantal"] |
|
851 |
); |
|
852 |
$_SESSION["partial_".$r["domainname"]] = 1; |
|
853 |
} |
|
854 |
|
|
855 |
} else { |
|
856 |
|
|
857 |
foreach ($result_extra as $result_e) { |
|
858 |
while($r = $result_e->fetchRow()) |
|
859 |
{ |
|
860 |
$ret[$r["domainname"]] = array( |
|
861 |
"name" => $r["domainname"]."*", |
|
862 |
"id" => $r["domain_id"], |
|
863 |
"owner" => $_SESSION["userid"], |
|
864 |
"numrec" => $r["aantal"] |
|
865 |
); |
|
866 |
$_SESSION["partial_".$r["domainname"]] = 1; |
|
867 |
} |
|
868 |
} |
|
869 |
|
|
870 |
} |
|
871 |
|
|
872 |
if (empty($ret)) { |
|
873 |
return -1; |
|
874 |
} else { |
|
875 |
sort($ret); |
|
876 |
return $ret; |
|
877 |
} |
|
878 |
|
|
879 |
} |
|
880 |
|
|
881 |
|
|
882 |
/* |
|
883 |
* Get a record from an id. |
|
884 |
* Retrieve all fields of the record and send it back to the function caller. |
|
885 |
* return values: the array with information, or -1 is nothing is found. |
|
886 |
*/ |
|
887 |
function get_record_from_id($id) |
|
888 |
{ |
|
889 |
global $db; |
|
890 |
if (is_numeric($id)) |
|
891 |
{ |
|
892 |
$result = $db->query("SELECT id, domain_id, name, type, content, ttl, prio, change_date FROM records WHERE id=$id"); |
|
893 |
if($result->numRows() == 0) |
|
894 |
{ |
|
895 |
return -1; |
|
896 |
} |
|
897 |
elseif ($result->numRows() == 1) |
|
898 |
{ |
|
899 |
$r = $result->fetchRow(); |
|
900 |
$ret = array( |
|
901 |
"id" => $r["id"], |
|
902 |
"domain_id" => $r["domain_id"], |
|
903 |
"name" => $r["name"], |
|
904 |
"type" => $r["type"], |
|
905 |
"content" => $r["content"], |
|
906 |
"ttl" => $r["ttl"], |
|
907 |
"prio" => $r["prio"], |
|
908 |
"change_date" => $r["change_date"] |
|
909 |
); |
|
910 |
return $ret; |
|
911 |
} |
|
912 |
else |
|
913 |
{ |
|
914 |
error(sprintf(ERR_INV_ARGC, "get_record_from_id", "More than one row returned! This is bad!")); |
|
915 |
} |
|
916 |
} |
|
917 |
else |
|
918 |
{ |
|
919 |
error(sprintf(ERR_INV_ARG, "get_record_from_id")); |
|
920 |
} |
|
921 |
} |
|
922 |
|
|
923 |
|
|
924 |
/* |
|
925 |
* Get all records from a domain id. |
|
926 |
* Retrieve all fields of the records and send it back to the function caller. |
|
927 |
* return values: the array with information, or -1 is nothing is found. |
|
928 |
*/ |
|
929 |
function get_records_from_domain_id($id,$rowstart=0,$rowamount=999999) |
|
930 |
{ |
|
931 |
global $db; |
|
932 |
if (is_numeric($id)) |
|
933 |
{ |
|
934 |
if ($_SESSION[$id."_ispartial"] == 1) { |
|
935 |
|
|
936 |
$result = $db->query("SELECT record_owners.record_id as id |
|
937 |
FROM record_owners,domains,records |
|
938 |
WHERE record_owners.user_id = ".$_SESSION["userid"]." |
|
939 |
AND record_owners.record_id = records.id |
|
940 |
AND records.domain_id = ".$id." |
|
941 |
GROUP bY record_owners.record_id |
|
942 |
LIMIT $rowstart,$rowamount"); |
|
943 |
|
|
944 |
$ret = array(); |
|
945 |
if($result->numRows() == 0) |
|
946 |
{ |
|
947 |
return -1; |
|
948 |
} |
|
949 |
else |
|
950 |
{ |
|
951 |
$ret[] = array(); |
|
952 |
$retcount = 0; |
|
953 |
while($r = $result->fetchRow()) |
|
954 |
{ |
|
955 |
// Call get_record_from_id for each row. |
|
956 |
$ret[$retcount] = get_record_from_id($r["id"]); |
|
957 |
$retcount++; |
|
958 |
} |
|
959 |
return $ret; |
|
960 |
} |
|
961 |
|
|
962 |
} else { |
|
963 |
|
|
964 |
$result = $db->query("SELECT id FROM records WHERE domain_id=$id LIMIT $rowstart,$rowamount"); |
|
965 |
$ret = array(); |
|
966 |
if($result->numRows() == 0) |
|
967 |
{ |
|
968 |
return -1; |
|
969 |
} |
|
970 |
else |
|
971 |
{ |
|
972 |
$ret[] = array(); |
|
973 |
$retcount = 0; |
|
974 |
while($r = $result->fetchRow()) |
|
975 |
{ |
|
976 |
// Call get_record_from_id for each row. |
|
977 |
$ret[$retcount] = get_record_from_id($r["id"]); |
|
978 |
$retcount++; |
|
979 |
} |
|
980 |
return $ret; |
|
981 |
} |
|
982 |
|
|
983 |
} |
|
984 |
} |
|
985 |
else |
|
986 |
{ |
|
987 |
error(sprintf(ERR_INV_ARG, "get_records_from_domain_id")); |
|
988 |
} |
|
989 |
} |
|
990 |
|
|
991 |
|
|
992 |
function get_users_from_domain_id($id) |
|
993 |
{ |
|
994 |
global $db; |
|
995 |
$result = $db->getCol("SELECT owner FROM zones WHERE domain_id=$id"); |
|
996 |
$ret = array(); |
|
997 |
foreach($result as $uid) |
|
998 |
{ |
|
999 |
$fullname = $db->getOne("SELECT fullname FROM users WHERE id=$uid"); |
|
1000 |
$ret[] = array( |
|
1001 |
"id" => $uid, |
|
1002 |
"fullname" => $fullname |
|
1003 |
); |
|
1004 |
} |
|
1005 |
return $ret; |
|
1006 |
} |
|
1007 |
|
|
1008 |
function search_record($question) |
|
1009 |
{ |
|
1010 |
global $db; |
|
1011 |
$question = trim($question); |
|
1012 |
if (empty($question)) |
|
1013 |
{ |
|
1014 |
$S_INPUT_TYPE = -1; |
|
1015 |
} |
|
1016 |
|
|
1017 |
/* now for some input-type searching */ |
|
1018 |
if (is_valid_ip($question) || is_valid_ip6($question)) |
|
1019 |
{ |
|
1020 |
$S_INPUT_TYPE = 0; |
|
1021 |
} |
|
1022 |
elseif(is_valid_domain($question) || |
|
1023 |
is_valid_hostname($question) || |
|
1024 |
is_valid_mboxfw($question)) // I guess this one can appear in records table too (content?!) |
|
1025 |
{ |
|
1026 |
$S_INPUT_TYPE = 1; |
|
1027 |
} |
|
1028 |
else |
|
1029 |
{ |
|
1030 |
$S_INPUT_TYPE = -1; |
|
1031 |
} |
|
1032 |
switch($S_INPUT_TYPE) |
|
1033 |
{ |
|
1034 |
case '0': |
|
1035 |
$sqlq = "SELECT * FROM `records` WHERE `content` = '".$question."' ORDER BY `type` DESC"; |
|
1036 |
$result = $db->query($sqlq); |
|
1037 |
$ret_r = array(); |
|
1038 |
while ($r = $result->fetchRow()) |
|
1039 |
{ |
|
1040 |
if(xs($r['domain_id'])) |
|
1041 |
{ |
|
1042 |
$ret_r[] = array( |
|
1043 |
'id' => $r['id'], |
|
1044 |
'domain_id' => $r['domain_id'], |
|
1045 |
'name' => $r['name'], |
|
1046 |
'type' => $r['type'], |
|
1047 |
'content' => $r['content'], |
|
1048 |
'ttl' => $r['ttl'], |
|
1049 |
'prio' => $r['prio'], |
|
1050 |
'change_date' => $r['change_date'] |
|
1051 |
); |
|
1052 |
} |
|
1053 |
} |
|
1054 |
break; |
|
1055 |
|
|
1056 |
case '1' : |
|
1057 |
$sqlq = "SELECT `domains`.*, count(`records`.`id`) AS `numrec`, `zones`.`owner` |
|
1058 |
FROM `domains`, `records`, `zones` |
|
1059 |
WHERE `domains`.`id` = `records`.`domain_id` |
|
1060 |
AND `zones`.`domain_id` = `domains`.`id` |
|
1061 |
AND `domains`.`name` = '".$question."' |
|
1062 |
GROUP BY (`domains`.`id`)"; |
|
1063 |
|
|
1064 |
$result = $db->query($sqlq); |
|
1065 |
$ret_d = array(); |
|
1066 |
while ($r = $result->fetchRow()) |
|
1067 |
{ |
|
1068 |
if(xs($r['domain_id'])) |
|
1069 |
{ |
|
1070 |
$ret_d[] = array( |
|
1071 |
'id' => $r['id'], |
|
1072 |
'name' => $r['name'], |
|
1073 |
'numrec' => $r['numrec'], |
|
1074 |
'owner' => $r['owner'] |
|
1075 |
); |
|
1076 |
} |
|
1077 |
} |
|
1078 |
|
|
1079 |
$sqlq = "SELECT * FROM `records` WHERE `name` = '".$question."' OR `content` = '".$question."' ORDER BY `type` DESC"; |
|
1080 |
$result = $db->query($sqlq); |
|
1081 |
while ($r = $result->fetchRow()) |
|
1082 |
{ |
|
1083 |
if(xs($r['domain_id'])) |
|
1084 |
{ |
|
1085 |
$ret_r[] = array( |
|
1086 |
'id' => $r['id'], |
|
1087 |
'domain_id' => $r['domain_id'], |
|
1088 |
'name' => $r['name'], |
|
1089 |
'type' => $r['type'], |
|
1090 |
'content' => $r['content'], |
|
1091 |
'ttl' => $r['ttl'], |
|
1092 |
'prio' => $r['prio'], |
|
1093 |
); |
|
1094 |
} |
|
1095 |
} |
|
1096 |
break; |
|
1097 |
} |
|
1098 |
if($S_INPUT_TYPE == 1) |
|
1099 |
{ |
|
1100 |
return array('domains' => $ret_d, 'records' => $ret_r); |
|
1101 |
} |
|
1102 |
return array('records' => $ret_r); |
|
1103 |
} |
|
1104 |
|
|
1105 |
function get_domain_type($id) |
|
1106 |
{ |
|
1107 |
global $db; |
|
1108 |
$type = $db->getOne("SELECT `type` FROM `domains` WHERE `id` = '".$id."'"); |
|
1109 |
if($type == "") |
|
1110 |
{ |
|
1111 |
$type = "NATIVE"; |
|
1112 |
} |
|
1113 |
return $type; |
|
1114 |
|
|
1115 |
} |
|
1116 |
|
|
1117 |
function change_domain_type($type, $id) |
|
1118 |
{ |
|
1119 |
global $db; |
|
1120 |
$result = $db->query("UPDATE `domains` SET `type` = '" .$type. "' WHERE `id` = '".$id."'"); |
|
1121 |
} |
|
1122 |
?> |