inc/record.inc.php
changeset 1 58094faf794d
child 5 ebf8868e99f5
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/inc/record.inc.php	Tue Apr 10 22:40:43 2007 +0000
@@ -0,0 +1,1122 @@
+<?
+
+// +--------------------------------------------------------------------+
+// | PowerAdmin                                                         |
+// +--------------------------------------------------------------------+
+// | Copyright (c) 1997-2002 The PowerAdmin Team                        |
+// +--------------------------------------------------------------------+
+// | This source file is subject to the license carried by the overal   |
+// | program PowerAdmin as found on http://poweradmin.sf.net            |
+// | The PowerAdmin program falls under the QPL License:                |
+// | http://www.trolltech.com/developer/licensing/qpl.html              |
+// +--------------------------------------------------------------------+
+// | Authors: Roeland Nieuwenhuis <trancer <AT> trancer <DOT> nl>       |
+// |          Sjeemz <sjeemz <AT> sjeemz <DOT> nl>                      |
+// +--------------------------------------------------------------------+
+
+// Filename: record.inc.php
+// Startdate: 26-10-2002
+// This file is ought to edit the records in the database.
+// Records are domains aswell, they also belong here.
+// All database functions are associative.
+// use nextID first to get a new id. Then insert it into the database.
+// do not rely on auto_increment (see above).
+// use dns.inc.php for validation functions.
+//
+// $Id: record.inc.php,v 1.21 2003/05/10 20:21:01 azurazu Exp $
+//
+
+
+function update_soa_serial($domain_id)
+{
+    global $db;
+	/*
+	 * THIS CODE ISNT TESTED THROUGH MUCH YET!
+	 * !!!!!!! BETACODE !!!!!!!!!!
+	 * Code committed by DeViCeD, Thanks a lot!
+	 * Heavily hax0red by Trancer/azurazu
+	 *
+	 * First we have to check, wheather current searial number 
+	 * was already updated on the other nameservers.
+	 * If field 'notified_serial' is NULL, then I guess domain is
+	 * NATIVE and we don't have any secondary nameservers for this domain.
+	 * NOTICE: Serial number *will* be RFC1912 compilant after update 
+	 * NOTICE: This function will allow only 100 DNS zone transfers ;-)
+	 * YYYYMMDDnn
+	 */
+
+	$sqlq = "SELECT `notified_serial` FROM `domains` WHERE `id` = '".$domain_id."'";
+	$notified_serial = $db->getOne($sqlq);
+
+	$sqlq = "SELECT `content` FROM `records` WHERE `type` = 'SOA' AND `domain_id` = '".$domain_id."'";
+	$content = $db->getOne($sqlq);
+    $need_to_update = false;
+	
+	// Getting the serial field.
+	$soa = explode(" ", $content);
+	
+	if(empty($notified_serial))
+    {
+        // Ok native replication, so we have to update.
+        $need_to_update = true;
+    }
+    elseif($notified_serial >= $soa[2])
+    {
+        $need_to_update = true;
+    }
+    elseif(strlen($soa[2]) != 10)
+    {
+        $need_to_update = true;
+    }
+    else
+    {
+        $need_to_update = false;
+    }
+    if($need_to_update)
+    {
+        // Ok so we have to update it seems.
+        $current_serial = $soa[2];
+        
+		/*
+		 * What we need here (for RFC1912) is YEAR, MONTH and DAY
+		 * so let's get it ...
+		 */
+		$new_serial = date('Ymd'); // we will add revision number later
+
+		if(strncmp($new_serial, $current_serial, 8) === 0)
+		{
+            /*
+             * Ok, so we already made updates tonight
+             * let's just increase the revision number
+             */				
+            $revision_number = (int) substr($current_serial, -2);
+            if ($revision_number == 99) return false; // ok, we cannot update anymore tonight
+            ++$revision_number;
+            // here it is ... same date, new revision
+            $new_serial .= str_pad($revision_number, 2, "0", STR_PAD_LEFT);	
+		}
+ 		else
+		{
+            /*
+			 * Current serial is not RFC1912 compilant, so let's make a new one
+			 */
+ 			$new_serial .= '00';
+		}
+        $soa[2] = $new_serial; // change serial in SOA array
+		$new_soa = "";		
+		// build new soa and update SQL after that
+		for ($i = 0; $i < count($soa); $i++) 
+		{	
+			$new_soa .= $soa[$i] . " "; 
+		}
+		$sqlq = "UPDATE `records` SET `content` = '".$new_soa."' WHERE `domain_id` = '".$domain_id."' AND `type` = 'SOA' LIMIT 1";
+		$db->Query($sqlq);
+		return true;
+	}
+}  
+
+/*
+ * Edit a record.
+ * This function validates it if correct it inserts it into the database.
+ * return values: true if succesful.
+ */
+function edit_record($recordid, $zoneid, $name, $type, $content, $ttl, $prio)
+{
+	global $db;
+  	if($content == "")
+  	{
+  		error(ERR_RECORD_EMPTY_CONTENT);
+  	}
+  	// Edits the given record (validates specific stuff first)
+	if (!xs(recid_to_domid($recordid)))
+	{
+		error(ERR_RECORD_ACCESS_DENIED);
+	}
+	if (is_numeric($zoneid))
+	{
+		validate_input($recordid, $zoneid, $type, $content, $name, $prio, $ttl);
+                $change = time();
+                $db->query("UPDATE records set name='$name', type='$type', content='$content', ttl='$ttl', prio='$prio', change_date='$change' WHERE id=$recordid");
+		
+		/*
+		 * Added by DeViCeD - Update SOA Serial number
+		 * There should be more checks
+		 */
+		if ($type != 'SOA')
+		{
+			update_soa_serial($zoneid);
+		}
+		return true;
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARGC, "edit_record", "no zoneid given"));
+	}
+
+}
+
+
+/*
+ * Adds a record.
+ * This function validates it if correct it inserts it into the database.
+ * return values: true if succesful.
+ */
+function add_record($zoneid, $name, $type, $content, $ttl, $prio)
+{
+
+	global $db;
+	if (!xs($zoneid))
+	{
+		error(ERR_RECORD_ACCESS_DENIED);
+	}
+	if (is_numeric($zoneid))
+	{
+
+		// Get the Insert ID, we can not rely on auto_increment
+		$idrecords = $db->nextID('records');
+
+		// Check the user input.
+		validate_input($idrecords, $zoneid, $type, $content, $name, $prio, $ttl);
+
+		// Generate new timestamp for the Daemon
+		$change = time();
+		// Execute query.
+		$db->query("INSERT INTO records (id, domain_id, name, type, content, ttl, prio, change_date) VALUES ($idrecords, $zoneid, '$name', '$type', '$content', $ttl, '$prio', $change)");
+		if ($type != 'SOA')
+		{
+			update_soa_serial($zoneid);
+		}
+		return true;
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARG, "add_record"));
+	}
+}
+
+
+/*
+ * Delete a record by a given id.
+ * return values: true, this function is always succesful.
+ */
+function delete_record($id)
+{
+	global $db;
+
+	// Check if the user has access.
+	if (!xs(recid_to_domid($id)))
+	{
+		error(ERR_RECORD_ACCESS_DENIED);
+	}
+
+	// Retrieve the type of record to see if we can actually remove it.
+	$recordtype = get_recordtype_from_id($id);
+
+	// If the record type is NS and the user tries to delete it while ALLOW_NS_EDIT is set to 0
+	// OR
+	// check if the name of the record isnt the domain name (if so it should delete all records)
+	// OR
+	// check if we are dealing with a SOA field (same story as NS)
+	if (($recordtype == "NS" && $GLOBALS["ALLOW_NS_EDIT"] != 1 && (get_name_from_record_id($id) == get_domain_name_from_id(recid_to_domid($id)))) || ($recordtype == "SOA" && $GLOBALS["ALLOW_SOA_EDIT"] != 1))
+	{
+		error(sprintf(ERR_RECORD_DELETE_TYPE_DENIED, $recordtype));
+
+	}
+	if (is_numeric($id))
+	{
+	    $did = recid_to_domid($id);
+		$db->query('DELETE FROM records WHERE id=' . $id . ' LIMIT 1');
+		if ($type != 'SOA')
+		{
+			update_soa_serial($did);
+		}
+        // $id doesnt exist in database anymore so its deleted or just not there which means "true"	
+		return true;
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARG, "delete_record"));
+	}
+}
+
+
+/*
+ * Add a domain to the database.
+ * A domain is name obligatory, so is an owner.
+ * return values: true when succesful.
+ * Empty means templates dont have to be applied.
+ * --------------------------------------------------------------------------
+ * This functions eats a template and by that it inserts various records.
+ * first we start checking if something in an arpa record
+ * remember to request nextID's from the database to be able to insert record.
+ * if anything is invalid the function will error
+ */
+function add_domain($domain, $owner, $webip, $mailip, $empty, $type)
+{
+
+	global $db;
+
+	if (!level(5))
+	{
+		error(ERR_LEVEL_5);
+	}
+
+	// If domain, owner and mailip are given
+	// OR
+	// empty is given and owner and domain
+	// OR
+	// the domain is an arpa record and owner is given
+	// THAN
+	// Continue this function
+	if (($domain && $owner && $webip && $mailip) || ($empty && $owner && $domain) || (eregi('in-addr.arpa', $domain) && $owner))
+	{
+		// Retrieve next zones id.
+		$idzones = $db->nextID('zones');
+		$iddomains = $db->nextID('domains');
+
+		$db->query("INSERT INTO zones (id, domain_id, owner) VALUES ('$idzones', '$iddomains', $owner)");
+
+		/*
+		 * TODO : NATIVE OPERATION ONLY FOR NOW
+		 */
+
+		$db->query("INSERT INTO domains (id, name, type) VALUES ('$iddomains', '$domain', '$type')");
+
+		// Generate new timestamp. We need this one anyhow.
+		$now = time();
+
+		if ($empty && $iddomains)
+		{
+			// If we come into this if statement we dont want to apply templates.
+			// Retrieve configuration settings.
+			$ns1 = $GLOBALS["NS1"];
+			$hm  = $GLOBALS["HOSTMASTER"];
+			$ttl = $GLOBALS["DEFAULT_TTL"];
+
+			// Retrieve next records id
+			$idrecords = $db->nextID('records');
+
+			// Build and execute query
+			$sql = "INSERT INTO records (id, domain_id, name, content, type, ttl, prio, change_date) VALUES ('$idrecords', '$iddomains', '$domain', '$ns1 $hm 1', 'SOA', $ttl, '', '$now')";
+			$db->query($sql);
+
+			// Done
+			return true;
+		}
+		elseif ($iddomains)
+		{
+			// If we are here we want to apply templates.
+			global $template;
+
+			// Iterate over the template and apply it for each field.
+			foreach ($template as $r)
+			{
+				// Same type of if statement as previous.
+				if ((eregi('in-addr.arpa', $domain) && ($r["type"] == "NS" || $r["type"] == "SOA")) || (!eregi('in-addr.arpa', $domain)))
+				{
+					// Parse the template.
+					$name     = parse_template_value($r["name"], $domain, $webip, $mailip);
+					$type     = $r["type"];
+					$content  = parse_template_value($r["content"], $domain, $webip, $mailip);
+					$ttl      = $r["ttl"];
+					$prio     = $r["prio"];
+
+					// If no ttl is given, use the default.
+					if (!$ttl)
+					{
+						$ttl = $GLOBALS["DEFAULT_TTL"];
+					}
+
+					// Retrieve new record id;
+					$idrecords = $db->nextID('records');
+					$sql = "INSERT INTO records (id, domain_id, name, content, type, ttl, prio, change_date) VALUES ('$idrecords', '$iddomains', '$name','$content','$type','$ttl','$prio','$now')";
+					$db->query($sql);
+				}
+			}
+			// All done.
+			return true;
+                 }
+                 else
+                 {
+			error(sprintf(ERR_INV_ARGC, "add_domain", "could not create zone"));
+                 }
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARG, "add_domain"));
+	}
+}
+
+
+/*
+ * Deletes a domain by a given id.
+ * Function always succeeds. If the field is not found in the database, thats what we want anyway.
+ */
+function delete_domain($id)
+{
+	global $db;
+
+	if (!level(5))
+	{
+		error(ERR_LEVEL_5);
+	}
+
+	// See if the ID is numeric.
+	if (is_numeric($id))
+	{
+		$db->query("DELETE FROM zones WHERE domain_id=$id");
+		$db->query("DELETE FROM domains WHERE id=$id");
+		$db->query("DELETE FROM records WHERE domain_id=$id");
+		// Nothing in the database. If the delete deleted 0 records it means the id is just not there.
+		// therefore the is no need to check the affectedRows values.
+		return true;
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARGC, "delete_domain", "id must be a number"));
+	}
+}
+
+
+/*
+ * Gets the id of the domain by a given record id.
+ * return values: the domain id that was requested.
+ */
+function recid_to_domid($id)
+{
+	global $db;
+	if (is_numeric($id))
+	{
+		$result = $db->query("SELECT domain_id FROM records WHERE id=$id");
+		$r = $result->fetchRow();
+		return $r["domain_id"];
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARGC, "recid_to_domid", "id must be a number"));
+	}
+}
+
+
+/*
+ * Sorts a zone by records.
+ * return values: the sorted zone.
+ */
+function sort_zone($records)
+{
+	$ar_so = array();
+	$ar_ns = array();
+	$ar_mx = array();
+	$ar_mb = array();
+	$ar_ur = array();
+	$ar_ov = array();
+	foreach ($records as $c)
+	{
+		switch(strtoupper($c['type']))
+		{
+			case "SOA":
+				$ar_so[] = $c;
+				break;
+			case "NS":
+				$ar_ns[] = $c;
+				break;
+			case "MX":
+				$ar_mx[] = $c;
+				break;
+			case "MBOXFW":
+				$ar_mb[] = $c;
+				break;
+			case "URL":
+				$ar_ur[] = $c;
+				break;
+			default:
+				$ar_ov[] = $c;
+				break;
+		}
+	}
+
+	$res = array_merge($ar_so, $ar_ns, $ar_mx, $ar_mb, $ar_ur, $ar_ov);
+
+	if (count($records) == count($res))
+	{
+		$records = $res;
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARGC, "sort_zone", "records sorting failed!"));
+	}
+	return $records;
+}
+
+
+/*
+ * Change owner of a domain.
+ * Function should actually be in users.inc.php. But its more of a record modification than a user modification
+ * return values: true when succesful.
+ */
+function add_owner($domain, $newowner)
+{
+	global $db;
+
+	if (!level(5))
+	{
+		error(ERR_LEVEL_5);
+	}
+
+	if (is_numeric($domain) && is_numeric($newowner) && is_valid_user($newowner))
+	{
+		$iid = $db->nextID('zones');
+		if($db->getOne("SELECT COUNT(id) FROM zones WHERE owner=$newowner AND domain_id=$domain") == 0)
+		{
+			$db->query("INSERT INTO zones(id, domain_id, owner) VALUES($iid, $domain, $newowner)");
+		}
+		return true;
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARGC, "change_owner", "$domain / $newowner"));
+	}
+}
+
+
+function delete_owner($domain, $owner)
+{
+	global $db;
+	if($db->getOne("SELECT COUNT(id) FROM zones WHERE owner=$owner AND domain_id=$domain") != 0)
+	{
+		$db->query("DELETE FROM zones WHERE owner=$owner AND domain_id=$domain");
+	}
+	return true;
+}
+
+/*
+ * Retrieves all supported dns record types
+ * This function might be deprecated.
+ * return values: array of types in string form.
+ */
+function get_record_types()
+{
+	global $rtypes;
+	return $rtypes;
+}
+
+
+/*
+ * Retrieve all records by a given type and domain id.
+ * Example: get all records that are of type A from domain id 1
+ * return values: a DB class result object
+ */
+function get_records_by_type_from_domid($type, $recid)
+{
+	global $rtypes;
+	global $db;
+
+	// Does this type exist?
+	if(!in_array(strtoupper($type), $rtypes))
+	{
+		error(sprintf(ERR_INV_ARGC, "get_records_from_type", "this is not a supported record"));
+	}
+
+	// Get the domain id.
+	$domid = recid_to_domid($recid);
+
+	$result = $db->query("select id, type from records where domain_id=$recid and type='$type'");
+	return $result;
+}
+
+
+/*
+ * Retrieves the type of a record from a given id.
+ * return values: the type of the record (one of the records types in $rtypes assumable).
+ */
+function get_recordtype_from_id($id)
+{
+	global $db;
+	if (is_numeric($id))
+	{
+		$result = $db->query("SELECT type FROM records WHERE id=$id");
+		$r = $result->fetchRow();
+		return $r["type"];
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARG, "get_recordtype_from_id"));
+	}
+}
+
+
+/*
+ * Retrieves the name (e.g. bla.test.com) of a record by a given id.
+ * return values: the name associated with the id.
+ */
+function get_name_from_record_id($id)
+{
+	global $db;
+	if (is_numeric($id))
+	{
+		$result = $db->query("SELECT name FROM records WHERE id=$id");
+		$r = $result->fetchRow();
+		return $r["name"];
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARG, "get_name_from_record_id"));
+	}
+}
+
+
+/*
+ * Get all the domains from a database of which the user is the owner.
+ * return values: an array with the id of the domain and its name.
+ */
+function get_domains_from_userid($id)
+{
+	global $db;
+	if (is_numeric($id))
+	{
+		$result = $db->query("SELECT domains.id AS domain_id, domains.name AS name FROM domains LEFT JOIN zones ON domains.id=zones.domain_id WHERE owner=$id");
+
+		$ret = array();
+
+		// Put all the information in a big array.
+		while ($r = $result->fetchRow())
+		{
+			$ret[] = array(
+			"id"            =>              $r["domain_id"],
+			"name"          =>              $r["name"]
+			);
+		}
+		return $ret;
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARGC, "get_domains_from_userid", "This is not a valid userid: $id"));
+	}
+}
+
+
+/*
+ * Get domain name from a given id
+ * return values: the name of the domain associated with the id.
+ */
+function get_domain_name_from_id($id)
+{
+	global $db;
+	if (!xs($id))
+	{
+		error(ERR_RECORD_ACCESS_DENIED);
+	}
+	if (is_numeric($id))
+	{
+		$result = $db->query("SELECT name FROM domains WHERE id=$id");
+		if ($result->numRows() == 1)
+		{
+ 			$r = $result->fetchRow();
+ 			return $r["name"];
+		}
+		else
+		{
+	 		error(sprintf(ERR_INV_ARGC, "get_domain_name_from_id", "more than one domain found?! whaaa! BAD! BAD! Contact admin!"));
+		}
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARGC, "get_domain_name_from_id", "Not a valid domainid: $id"));
+	}
+}
+
+
+/*
+ * Get information about a domain name from a given domain id.
+ * the function looks up the domainname, the owner of the domain and the number of records in it.
+ * return values: an array containing the information.
+ */
+function get_domain_info_from_id($id)
+{
+	global $db;
+	if (!xs($id))
+	{
+		error(ERR_RECORD_ACCESS_DENIED);
+	}
+	if (is_numeric($id))
+	{
+
+	if ($_SESSION[$id."_ispartial"] == 1) {
+	
+	$sqlq = "SELECT domains.name AS name,
+	users.fullname AS owner,
+	count(record_owners.id) AS aantal
+	FROM domains, users, record_owners, records
+	
+        WHERE record_owners.user_id = ".$_SESSION["userid"]."
+        AND record_owners.record_id = records.id
+	AND records.domain_id = ".$id."
+
+	GROUP BY name, owner, users.fullname
+	ORDER BY name";
+	
+	$result = $db->getRow($sqlq);
+
+	$ret = array(
+	"name"          =>              $result["name"],
+	"ownerid"       =>              $_SESSION["userid"],
+	"owner"         =>              $result["owner"],
+	"numrec"        =>              $result["aantal"]
+	);
+
+	return $ret;
+
+	} else{
+	
+		// Query that retrieves the information we need.
+		$sqlq = "SELECT domains.name AS name,
+			min(zones.owner) AS ownerid,
+			users.fullname AS owner,
+			count(records.domain_id) AS aantal
+			FROM domains
+			LEFT JOIN records ON domains.id=records.domain_id
+			LEFT JOIN zones ON domains.id=zones.domain_id
+			LEFT JOIN users ON zones.owner=users.id
+			WHERE domains.id=$id
+			GROUP BY name, owner, users.fullname
+			ORDER BY zones.id";
+
+		// Put the first occurence in an array and return it.
+		$result = $db->getRow($sqlq);
+
+		//$result["ownerid"] = ($result["ownerid"] == NULL) ? $db->getOne("select min(id) from users where users.level=10") : $result["ownerid"];
+
+		$ret = array(
+		"name"          =>              $result["name"],
+		"ownerid"       =>              $result["ownerid"],
+		"owner"         =>              $result["owner"],
+		"numrec"        =>              $result["aantal"]
+		);
+		return $ret;
+	}
+
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARGC, "get_domain_num_records_from_id", "This is not a valid domainid: $id"));
+	}
+}
+
+
+/*
+ * Check if a domain is already existing.
+ * return values: true if existing, false if it doesnt exist.
+ */
+function domain_exists($domain)
+{
+	global $db;
+
+	if (!level(5))
+	{
+		error(ERR_LEVEL_5);
+	}
+	if (is_valid_domain($domain))
+	{
+		$result = $db->query("SELECT id FROM domains WHERE name='$domain'");
+		if ($result->numRows() == 0)
+		{
+			return false;
+		}
+		elseif ($result->numRows() >= 1)
+		{
+			return true;
+		}
+	}
+	else
+	{
+		error(ERR_DOMAIN_INVALID);
+	}
+}
+
+
+/*
+ * Get all domains from the database.
+ * This function gets all the domains from the database unless a user id is below 5.
+ * if a user id is below 5 this function will only retrieve records for that user.
+ * return values: the array of domains or -1 if nothing is found.
+ */
+function get_domains($userid=true,$letterstart=all,$rowstart=0,$rowamount=999999)
+{
+	global $db;
+	if((!level(5) || !$userid) && !level(10) && !level(5))
+	{
+		$add = " AND zones.owner=".$_SESSION["userid"];
+	}
+	else
+	{
+		$add = "";
+	}
+
+	$sqlq = "SELECT domains.id AS domain_id,
+	min(zones.owner) AS owner,
+	count(DISTINCT records.id) AS aantal,
+	domains.name AS domainname
+	FROM domains
+	LEFT JOIN zones ON domains.id=zones.domain_id 
+	LEFT JOIN records ON records.domain_id=domains.id
+	WHERE 1 $add ";
+	if ($letterstart!=all && $letterstart!=1) {
+	   $sqlq.=" AND domains.name LIKE '".$letterstart."%' ";
+	} elseif ($letterstart==1) {
+	      $sqlq.=" AND ";
+	   for ($i=0;$i<=9;$i++) {
+	      $sqlq.="domains.name LIKE '".$i."%'";
+	      if ($i!=9) $sqlq.=" OR ";
+	   }
+	}
+	$sqlq.=" GROUP BY domainname, domain_id
+	ORDER BY domainname
+	LIMIT $rowstart,$rowamount";
+
+	$result = $db->query($sqlq);
+	$result2 = $db->query($sqlq);
+
+	$andnot="";
+	while($r = $result2->fetchRow()) {
+	   $andnot.=" AND domains.id!= '".$r["domain_id"]."' ";
+	}
+
+if ($letterstart!=all && $letterstart!=1) {
+
+	$sqlq = "SELECT domains.id AS domain_id,
+	count(DISTINCT record_owners.record_id) AS aantal,
+	domains.name AS domainname
+	FROM domains, record_owners,records, zones
+	WHERE record_owners.user_id = '".$_SESSION["userid"]."'
+	AND (records.id = record_owners.record_id
+	AND domains.id = records.domain_id)
+	$andnot 
+	AND domains.name LIKE '".$letterstart."%' 
+	AND (zones.domain_id != records.domain_id AND zones.owner!='".$_SESSION["userid"]."')
+	GROUP BY domainname, domain_id
+	ORDER BY domainname";
+
+	$result_extra = $db->query($sqlq);
+
+} else {
+
+   for ($i=0;$i<=9;$i++) {
+        $sqlq = "SELECT domains.id AS domain_id,
+        count(DISTINCT record_owners.record_id) AS aantal,
+        domains.name AS domainname
+        FROM domains, record_owners,records, zones
+        WHERE record_owners.user_id = '".$_SESSION["userid"]."'
+        AND (records.id = record_owners.record_id
+        AND domains.id = records.domain_id)
+        $andnot 
+        AND domains.name LIKE '".$i."%' 
+        AND (zones.domain_id != records.domain_id AND zones.owner!='".$_SESSION["userid"]."')
+        GROUP BY domainname, domain_id
+        ORDER BY domainname";
+
+        $result_extra[$i] = $db->query($sqlq);
+   }
+
+}
+
+/*
+	if ($result->numRows() == 0)
+	{
+		// Nothing found.
+		return -1;
+	}
+*/
+
+	while($r = $result->fetchRow())
+	{
+		$r["owner"] = ($r["owner"] == NULL) ? $db->getOne("select min(id) from users where users.level=10") : $r["owner"];
+	     	$ret[$r["domainname"]] = array(
+		"name"          =>              $r["domainname"],
+		"id"            =>              $r["domain_id"],
+		"owner"         =>              $r["owner"],
+		"numrec"        =>              $r["aantal"]
+		);
+	}
+
+
+if ($letterstart!=all && $letterstart!=1) {
+
+	while($r = $result_extra->fetchRow())
+        {
+               $ret[$r["domainname"]] = array(
+	       "name"          =>              $r["domainname"]."*",
+               "id"            =>              $r["domain_id"],
+               "owner"         =>              $_SESSION["userid"],
+               "numrec"        =>              $r["aantal"]
+               );
+	       $_SESSION["partial_".$r["domainname"]] = 1;
+        }
+
+} else {
+
+	foreach ($result_extra as $result_e) {
+        while($r = $result_e->fetchRow())
+        {
+               $ret[$r["domainname"]] = array(
+               "name"          =>              $r["domainname"]."*",
+               "id"            =>              $r["domain_id"],
+               "owner"         =>              $_SESSION["userid"],
+               "numrec"        =>              $r["aantal"]
+               );
+	       $_SESSION["partial_".$r["domainname"]] = 1;
+        }
+	}
+
+}
+
+if (empty($ret)) {
+   return -1;
+} else {
+   sort($ret);
+   return $ret;
+}
+
+}
+
+
+/*
+ * Get a record from an id.
+ * Retrieve all fields of the record and send it back to the function caller.
+ * return values: the array with information, or -1 is nothing is found.
+ */
+function get_record_from_id($id)
+{
+	global $db;
+	if (is_numeric($id))
+	{
+		$result = $db->query("SELECT id, domain_id, name, type, content, ttl, prio, change_date FROM records WHERE id=$id");
+		if($result->numRows() == 0)
+		{
+			return -1;
+		}
+		elseif ($result->numRows() == 1)
+		{
+			$r = $result->fetchRow();
+			$ret = array(
+			"id"            =>      $r["id"],
+			"domain_id"     =>      $r["domain_id"],
+			"name"          =>      $r["name"],
+			"type"          =>      $r["type"],
+			"content"       =>      $r["content"],
+			"ttl"           =>      $r["ttl"],
+			"prio"          =>      $r["prio"],
+			"change_date"   =>      $r["change_date"]
+			);
+			return $ret;
+		}
+		else
+		{
+			error(sprintf(ERR_INV_ARGC, "get_record_from_id", "More than one row returned! This is bad!"));
+		}
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARG, "get_record_from_id"));
+	}
+}
+
+
+/*
+ * Get all records from a domain id.
+ * Retrieve all fields of the records and send it back to the function caller.
+ * return values: the array with information, or -1 is nothing is found.
+ */
+function get_records_from_domain_id($id,$rowstart=0,$rowamount=999999)
+{
+	global $db;
+	if (is_numeric($id))
+	{
+		if ($_SESSION[$id."_ispartial"] == 1) {
+
+		$result = $db->query("SELECT record_owners.record_id as id
+		FROM record_owners,domains,records
+		WHERE record_owners.user_id = ".$_SESSION["userid"]."
+		AND record_owners.record_id = records.id
+		AND records.domain_id = ".$id."
+		GROUP bY record_owners.record_id
+		LIMIT $rowstart,$rowamount");
+
+		$ret = array();
+		if($result->numRows() == 0)
+		{
+		return -1;
+		}
+		else
+		{
+		$ret[] = array();
+		$retcount = 0;
+		while($r = $result->fetchRow())
+		{
+		// Call get_record_from_id for each row.
+		$ret[$retcount] = get_record_from_id($r["id"]);
+		$retcount++;
+		}
+		return $ret;
+		}
+
+		} else {
+
+		$result = $db->query("SELECT id FROM records WHERE domain_id=$id LIMIT $rowstart,$rowamount");
+		$ret = array();
+		if($result->numRows() == 0)
+		{
+			return -1;
+		}
+		else
+		{
+			$ret[] = array();
+			$retcount = 0;
+			while($r = $result->fetchRow())
+			{
+				// Call get_record_from_id for each row.
+				$ret[$retcount] = get_record_from_id($r["id"]);
+				$retcount++;
+			}
+			return $ret;
+		}
+
+		}
+	}
+	else
+	{
+		error(sprintf(ERR_INV_ARG, "get_records_from_domain_id"));
+	}
+}
+
+
+function get_users_from_domain_id($id)
+{
+	global $db;
+	$result = $db->getCol("SELECT owner FROM zones WHERE domain_id=$id");
+	$ret = array();
+	foreach($result as $uid)
+	{
+		$fullname = $db->getOne("SELECT fullname FROM users WHERE id=$uid");
+		$ret[] = array(
+		"id" 		=> 	$uid,
+		"fullname"	=>	$fullname		
+		);		
+	}
+	return $ret;	
+}
+
+function search_record($question)
+{
+	global $db;
+	$question = trim($question);
+	if (empty($question)) 
+	{
+		$S_INPUT_TYPE = -1;
+	}
+
+	/* now for some input-type searching */
+	if (is_valid_ip($question) || is_valid_ip6($question))
+	{
+		$S_INPUT_TYPE = 0;
+	}
+	elseif(is_valid_domain($question) || 
+		is_valid_hostname($question) ||
+		is_valid_mboxfw($question)) // I guess this one can appear in records table too (content?!)
+	{
+		$S_INPUT_TYPE = 1;
+	}	  
+	else 
+	{
+		$S_INPUT_TYPE = -1;
+	}
+	switch($S_INPUT_TYPE)
+	{
+		case '0': 
+			$sqlq = "SELECT * FROM `records` WHERE `content` = '".$question."' ORDER BY `type` DESC";
+			$result = $db->query($sqlq);
+			$ret_r = array();
+			while ($r = $result->fetchRow())
+			{
+			    if(xs($r['domain_id']))
+			    {
+    				$ret_r[] = array(
+    				  'id'			=>	$r['id'],
+    				  'domain_id'		=>	$r['domain_id'],
+    				  'name'		=>	$r['name'],
+    				  'type'		=>	$r['type'],
+    				  'content'		=>	$r['content'],
+    				  'ttl'			=>	$r['ttl'],
+    				  'prio'		=>	$r['prio'],
+    				  'change_date'		=>	$r['change_date']
+    				);
+				}
+			}
+			break;
+	    
+		case '1' :
+			$sqlq = "SELECT `domains`.*, count(`records`.`id`) AS `numrec`, `zones`.`owner`  
+					FROM `domains`, `records`, `zones`  
+					WHERE `domains`.`id` = `records`.`domain_id` 
+					AND `zones`.`domain_id` = `domains`.`id` 
+					AND `domains`.`name` = '".$question."' 
+					GROUP BY (`domains`.`id`)";
+
+			$result = $db->query($sqlq);
+			$ret_d = array();
+			while ($r = $result->fetchRow())
+			{
+			    if(xs($r['domain_id']))
+			    {
+				    $ret_d[] = array(
+    					'id'			=>	$r['id'],
+    					'name'		=>	$r['name'],
+    					'numrec'		=>	$r['numrec'],
+    					'owner'		=>	$r['owner']
+    				);
+				}
+			}
+
+			$sqlq = "SELECT * FROM `records` WHERE `name` = '".$question."' OR `content` = '".$question."' ORDER BY `type` DESC";
+			$result = $db->query($sqlq);
+			while ($r = $result->fetchRow())
+			{
+			    if(xs($r['domain_id']))
+			    {
+    				$ret_r[] = array(
+    					'id'			=>	$r['id'],
+    					'domain_id'		=>	$r['domain_id'],
+    					'name'		=>	$r['name'],
+    					'type'		=>	$r['type'],
+    					'content'		=>	$r['content'],
+    					'ttl'			=>	$r['ttl'],
+    					'prio'		=>	$r['prio'],
+    				);
+    			}
+			}
+			break;
+	}
+	if($S_INPUT_TYPE == 1)
+	{
+		return array('domains' => $ret_d, 'records' => $ret_r);
+	}
+	return array('records' => $ret_r);
+}
+
+function get_domain_type($id)
+{
+	global $db;
+	$type = $db->getOne("SELECT `type` FROM `domains` WHERE `id` = '".$id."'");
+	if($type == "")
+	{
+		$type = "NATIVE";
+	}
+	return $type;
+    
+}
+
+function change_domain_type($type, $id)
+{
+    global $db;
+    $result = $db->query("UPDATE `domains` SET `type` = '" .$type. "' WHERE `id` = '".$id."'");
+}
+?>