edit_record.php
changeset 82 c255196bc447
parent 80 48b5f7021aaa
child 119 f74e4f88b680
equal deleted inserted replaced
81:c72d6d51f3d3 82:c255196bc447
    18  *  You should have received a copy of the GNU General Public License
    18  *  You should have received a copy of the GNU General Public License
    19  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
    19  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
    20  */
    20  */
    21 
    21 
    22 require_once("inc/toolkit.inc.php");
    22 require_once("inc/toolkit.inc.php");
       
    23 include_once("inc/header.inc.php");
    23 
    24 
    24 if (isset($_GET["delid"]) && isset($_GET['delid']) && isset($_GET['id'])) {
    25 if (verify_permission(zone_content_view_others)) { $perm_view = "all" ; }
    25    delete_record_owner($_GET["domain"],$_GET["delid"],$_GET["id"]);
    26 elseif (verify_permission(zone_content_view_own)) { $perm_view = "own" ; }
       
    27 else { $perm_view = "none" ; }
       
    28 
       
    29 if (verify_permission(zone_content_edit_others)) { $perm_content_edit = "all" ; }
       
    30 elseif (verify_permission(zone_content_edit_own)) { $perm_content_edit = "own" ; }
       
    31 else { $perm_content_edit = "none" ; }
       
    32 
       
    33 if (verify_permission(zone_meta_edit_others)) { $perm_meta_edit = "all" ; }
       
    34 elseif (verify_permission(zone_meta_edit_own)) { $perm_meta_edit = "own" ; }
       
    35 else { $perm_meta_edit = "none" ; }
       
    36 
       
    37 $user_is_zone_owner = verify_user_is_owner_zoneid($_GET["domain"]);
       
    38 $zone_type = get_domain_type($_GET["domain"]);
       
    39 $zone_name = get_domain_name_from_id($_GET["domain"]);
       
    40 
       
    41 if ($_POST["commit"]) {
       
    42 	if ( $zone_type == "SLAVE" || $perm_content_edit == "none" || $perm_content_edit == "own" && $user_is_zone_owner == "0" ) {
       
    43 		error(ERR_PERM_EDIT_RECORD);
       
    44 	} else {
       
    45 		$ret_val = edit_record($_POST["recordid"], $_POST["domainid"], $_POST["name"], $_POST["type"], $_POST["content"], $_POST["ttl"], $_POST["prio"]);
       
    46 		if ( $ret_val == "1" ) {
       
    47 			success(SUC_RECORD_UPD);
       
    48 		} else {
       
    49 			echo "     <div class=\"error\">" . $ret_val . "</div>\n";  
       
    50 		}
       
    51 	}
    26 }
    52 }
    27 
    53 
    28 $xsid = (isset($_GET['id'])) ? $_GET['id'] : $_POST['recordid'];
    54 echo "    <h2>" . _('Edit record in zone') . " " .  $zone_name . "</h2>\n";
    29 
    55 
    30 if(!xs(recid_to_domid($xsid)))
    56 if ( $perm_view == "none" || $perm_view == "own" && $user_is_zone_owner == "0" ) {
    31 {
    57 	error(ERR_PERM_VIEW_RECORD);
    32     error(ERR_RECORD_ACCESS_DENIED);
    58 } else {
       
    59 	$record = get_record_from_id($_GET["id"]);
       
    60 	echo "     <form method=\"post\" action=\"edit_record.php?domain=" . $_GET["domain"] . "&id=" . $_GET["id"] . "\">\n";
       
    61 	echo "      <table>\n";
       
    62 	echo "       <tr>\n";
       
    63 	echo "        <th>" . _('Name') . "</td>\n";
       
    64 	echo "        <th>&nbsp;</td>\n";
       
    65 	echo "        <th>" . _('Type') . "</td>\n";
       
    66 	echo "        <th>" . _('Priority') . "</td>\n";
       
    67 	echo "        <th>" . _('Content') . "</td>\n";
       
    68 	echo "        <th>" . _('TTL') . "</td>\n";
       
    69 	echo "       </tr>\n";
       
    70 
       
    71 	if ( $zone_type == "SLAVE" || $perm_content_edit == "none" || $perm_content_edit == "own" && $user_is_zone_owner == "0" ) {
       
    72 		echo "      <tr>\n";
       
    73 		echo "       <td>" . $record["name"] . "</td>\n";
       
    74 		echo "       <td>IN</td>\n";
       
    75 		echo "       <td>" . $record["type"] . "</td>\n";
       
    76 		echo "       <td>" . $record["content"] . "</td>\n";
       
    77 		echo "       <td>" . $record["prio"] . "</td>\n";
       
    78 		echo "       <td>" . $record["ttl"] . "</td>\n";
       
    79 		echo "      </tr>\n";
       
    80 	} else {
       
    81 		echo "      <input type=\"hidden\" name=\"recordid\" value=\"" . $_GET["id"] . "\">\n";
       
    82 		echo "      <input type=\"hidden\" name=\"domainid\" value=\"" . $_GET["domain"] . "\">\n";
       
    83 		echo "      <tr>\n";
       
    84 		echo "       <td><input type=\"text\" name=\"name\" value=\"" . trim(str_replace($zone_name, '', $record["name"]), '.') . "\" class=\"input\">." . $zone_name . "</td>\n";
       
    85 		echo "       <td>IN</td>\n";
       
    86 		echo "       <td>\n";
       
    87 		echo "        <select name=\"type\">\n";
       
    88 		foreach (get_record_types() as $type_available) {
       
    89 			if ($type_available == $record["type"]) {
       
    90 				$add = " SELECTED";
       
    91 			} else {
       
    92 				$add = "";
       
    93 			}
       
    94 			echo "         <option" . $add . " value=\"" . $type_available . "\" >" . $type_available . "</option>\n";
       
    95 		}
       
    96 		echo "        </select>\n";
       
    97 		echo "       </td>\n";
       
    98 		echo "       <td><input type=\"text\" name=\"prio\" value=\"" .  $record["prio"] . "\" class=\"sinput\"></td>\n";
       
    99 		echo "       <td><input type=\"text\" name=\"content\" value=\"" .  $record["content"] . "\" class=\"input\"></td>\n";
       
   100 		echo "       <td><input type=\"text\" name=\"ttl\" value=\"" . $record["ttl"] . "\" class=\"sinput\"></td>\n";
       
   101 		echo "      </tr>\n";
       
   102 	}
       
   103 	echo "      </table>\n";
       
   104 	echo "      <p>\n";
       
   105 	echo "       <input type=\"submit\" name=\"commit\" value=\"" . _('Commit changes') . "\" class=\"button\">&nbsp;&nbsp;\n";
       
   106 	echo "      </p>\n";
       
   107 	echo "     </form>\n";
    33 }
   108 }
    34 
   109 
    35 if (isset($_GET['domain'])) {
       
    36 	$domain_name = get_domain_name_from_id($_GET['domain']);
       
    37 }
       
    38 if (isset($_POST["commit"]) && isset($_POST['recordid']) && isset($_POST['domainid']) && isset($_POST['name']) && isset($_POST['type']) && isset($_POST['content']) && isset($_POST['ttl']) && isset($_POST['prio']))
       
    39 {
       
    40         edit_record($_POST["recordid"], $_POST["domainid"], $_POST["name"], $_POST["type"], $_POST["content"], $_POST["ttl"], $_POST["prio"]);
       
    41         clean_page("edit.php?id=".$_POST["domainid"]);
       
    42 } elseif(isset($_SESSION['partial_'.$domain_name]) && ($_SESSION["partial_".$domain_name] == 1))
       
    43 {
       
    44 	$db->setLimit(1);
       
    45     $checkPartial = $db->queryOne("SELECT id FROM record_owners WHERE record_id=".$db->quote($_GET["id"])." AND user_id=".$db->quote($_SESSION["userid"]));
       
    46     if (empty($checkPartial)) {
       
    47         error(ERR_RECORD_ACCESS_DENIED);
       
    48     }
       
    49 }
       
    50 include_once("inc/header.inc.php");
       
    51 ?>
       
    52     <h2><?php echo _('Edit record in zone'); ?> "<?php echo  $domain_name ?>"</h2>
       
    53 <?php
       
    54 
   110 
    55 $x_result = $db->query("SELECT r.id,u.fullname FROM record_owners as r, users as u WHERE r.record_id=".$db->quote($_GET['id'])." AND u.id=r.user_id");
       
    56 if (level(10) && ($x_result->numRows() > 0)) 
       
    57 {
       
    58 ?>
       
    59     <div id="meta">
       
    60      <div id="meta-left">
       
    61       <table>
       
    62        <tr>
       
    63         <th><?php echo _('Sub-owners'); ?></td>
       
    64         <th>&nbsp;</td>
       
    65        </tr>
       
    66 <?php
       
    67 	while ($x_r = $x_result->fetchRow()) 
       
    68 	{
       
    69 ?>
       
    70         <tr>
       
    71 	 <td class="tdbg"><?php echo $x_r["fullname"]; ?></td>
       
    72 	 <td class="tdbg"><a href="<?php echo $_SERVER["PHP_SELF"]; ?>?id=<?php echo $_GET["id"]; ?>&amp;domain=<?php echo $_GET["domain"]; ?>&amp;delid=<?php echo $x_r["id"]; ?>"><img src="images/delete.gif" alt="trash"></a></td>
       
    73 	</tr>
       
    74 <?php
       
    75 	}
       
    76 ?>
       
    77        </table>
       
    78       </div>
       
    79      </div>
       
    80 <?php 
       
    81 }
       
    82 ?>
       
    83 	<div id="meta">&nbsp;</div>
       
    84 	<div>
       
    85     <form method="post" action="edit_record.php">
       
    86      <input type="hidden" name="recordid" value="<?php echo  $_GET["id"] ?>">
       
    87      <input type="hidden" name="domainid" value="<?php echo  $_GET["domain"] ?>">
       
    88      <table>
       
    89       <tr>
       
    90        <th><?php echo _('Name'); ?></td>
       
    91        <th>&nbsp;</td>
       
    92        <th><?php echo _('Type'); ?></td>
       
    93        <th><?php echo _('Priority'); ?></td>
       
    94        <th><?php echo _('Content'); ?></td>
       
    95        <th><?php echo _('TTL'); ?></td>
       
    96       </tr>
       
    97 <?php
       
    98 	$rec = get_record_from_id($_GET["id"]);
       
    99 ?>
       
   100        <tr>
       
   101         <td>
       
   102 <?php 
       
   103 if ($_SESSION[$_GET["domain"]."_ispartial"] == 1)  
       
   104 {
       
   105 ?>
       
   106          <input type="hidden" name="name" value="<?php echo  trim(str_replace($domain_name, '', $rec["name"]), '.')?>" class="input">
       
   107 
       
   108 <?php echo  trim(str_replace($domain_name, '', $rec["name"]), '.') ?>
       
   109 <?php 
       
   110 } 
       
   111 else 
       
   112 { 
       
   113 ?>
       
   114          <input type="text" name="name" value="<?php echo  trim(str_replace($domain_name, '', $rec["name"]), '.') ?>" class="input">
       
   115 <?php 
       
   116 } 
       
   117 ?>
       
   118 .<?php echo  $domain_name ?>
       
   119         </td>
       
   120 	<td class="n">IN</td>
       
   121 	<td>
       
   122 	 <select name="type">
       
   123 <?php
       
   124 foreach (get_record_types() as $c)
       
   125 {
       
   126 	if ($c == $rec["type"])
       
   127 	{
       
   128 		$add = " SELECTED";
       
   129 	}
       
   130 	else
       
   131 	{
       
   132 		$add = "";
       
   133 	}
       
   134 	?>
       
   135 	<option<?php echo  $add ?> value="<?php echo  $c ?>"><?php echo  $c ?></option><?php
       
   136 }
       
   137 
       
   138 ?>
       
   139          </select>
       
   140 	</td>
       
   141 	<td><input type="text" name="prio" value="<?php echo  $rec["prio"] ?>" class="sinput"></td>
       
   142 	<td><input type="text" name="content" value="<?php echo  $rec["content"] ?>" class="input"></td>
       
   143 	<td><input type="text" name="ttl" value="<?php echo  $rec["ttl"] ?>" class="sinput"></td>
       
   144        </tr>
       
   145       </table>
       
   146       <p>
       
   147        <input type="submit" name="commit" value="<?php echo _('Commit changes'); ?>" class="button">&nbsp;&nbsp;
       
   148        <input type="reset" name="reset" value="<?php echo _('Reset changes'); ?>" class="button">
       
   149       </p>
       
   150      </form>
       
   151 	</div>
       
   152 <?php
       
   153 include_once("inc/footer.inc.php");
   111 include_once("inc/footer.inc.php");
   154 ?>
   112 ?>
       
   113