[feladat @ 223]
Bugfix. No domain id was provided when entering 'edit record' page from a search query. Changed code so 'edit record' does not rely on domain id provided by user but determines it from the record id that is about to be changed. This closes ticket:31.
<?php/* Poweradmin, a friendly web-based admin tool for PowerDNS. * See <https://rejo.zenger.nl/poweradmin> for more details. * * Copyright 2007, 2008 Rejo Zenger <rejo@zenger.nl> * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */functionget_zone_id_from_record_id($rid){global$db;$query="SELECT domain_id FROM records WHERE id = ".$db->quote($rid);$zid=$db->queryOne($query);return$zid;}functioncount_zone_records($zone_id){global$db;$sqlq="SELECT COUNT(id) FROM records WHERE domain_id = ".$db->quote($zone_id);$record_count=$db->queryOne($sqlq);return$record_count;}functionupdate_soa_serial($domain_id){global$db;$sqlq="SELECT notified_serial FROM domains WHERE id = ".$db->quote($domain_id);$notified_serial=$db->queryOne($sqlq);$sqlq="SELECT content FROM records WHERE type = 'SOA' AND domain_id = ".$db->quote($domain_id);$content=$db->queryOne($sqlq);$need_to_update=false;// Getting the serial field.$soa=explode(" ",$content);if(empty($notified_serial)){// Ok native replication, so we have to update.$need_to_update=true;}elseif($notified_serial>=$soa[2]){$need_to_update=true;}elseif(strlen($soa[2])!=10){$need_to_update=true;}else{$need_to_update=false;}if($need_to_update){// Ok so we have to update it seems.$current_serial=$soa[2];$new_serial=date('Ymd');// we will add revision number laterif(strncmp($new_serial,$current_serial,8)===0){$revision_number=(int)substr($current_serial,-2);if($revision_number==99)returnfalse;// ok, we cannot update anymore tonight++$revision_number;// here it is ... same date, new revision$new_serial.=str_pad($revision_number,2,"0",STR_PAD_LEFT);}else{/* * Current serial is not RFC1912 compilant, so let's make a new one */$new_serial.='00';}$soa[2]=$new_serial;// change serial in SOA array$new_soa="";// build new soa and update SQL after thatfor($i=0;$i<count($soa);$i++){$new_soa.=$soa[$i]." ";}$sqlq="UPDATE records SET content = ".$db->quote($new_soa)." WHERE domain_id = ".$db->quote($domain_id)." AND type = 'SOA'";$db->Query($sqlq);returntrue;}}/* * Edit a record. * This function validates it if correct it inserts it into the database. * return values: true if succesful. */functionedit_record($record){if(verify_permission(zone_content_edit_others)){$perm_content_edit="all";}elseif(verify_permission(zone_content_edit_own)){$perm_content_edit="own";}else{$perm_content_edit="none";}$user_is_zone_owner=verify_user_is_owner_zoneid($record['zid']);$zone_type=get_domain_type($record['zid']);if($zone_type=="SLAVE"||$perm_content_edit=="none"||$perm_content_edit=="own"&&$user_is_zone_owner=="0"){error(ERR_PERM_EDIT_RECORD);returnfalse;}else{if($record['content']==""){error(ERR_DNS_CONTENT);returnfalse;}global$db;// TODO: no need to check for numeric-ness of zone id if we check with validate_input as well?if(is_numeric($record['zid'])){validate_input($record['zid'],$record['type'],$record['content'],$record['name'],$record['prio'],$record['ttl']);$query="UPDATE records SET name=".$db->quote($record['name']).", type=".$db->quote($record['type']).", content=".$db->quote($record['content']).", ttl=".$db->quote($record['ttl']).", prio=".$db->quote($record['prio']).", change_date=".$db->quote(time())." WHERE id=".$db->quote($record['rid']);$result=$db->Query($query);if(PEAR::isError($result)){error($result->getMessage());returnfalse;}elseif($record['type']!='SOA'){update_soa_serial($record['zid']);}returntrue;}else{// TODO change to error style as above (returning directly)error(sprintf(ERR_INV_ARGC,"edit_record","no zoneid given"));}}returntrue;}/* * Adds a record. * This function validates it if correct it inserts it into the database. * return values: true if succesful. */functionadd_record($zoneid,$name,$type,$content,$ttl,$prio){global$db;if(verify_permission(zone_content_edit_others)){$perm_content_edit="all";}elseif(verify_permission(zone_content_edit_own)){$perm_content_edit="own";}else{$perm_content_edit="none";}$user_is_zone_owner=verify_user_is_owner_zoneid($zoneid);$zone_type=get_domain_type($zoneid);if($zone_type=="SLAVE"||$perm_content_edit=="none"||$perm_content_edit=="own"&&$user_is_zone_owner=="0"){error(ERR_PERM_ADD_RECORD);returnfalse;}else{if(validate_input($zoneid,$type,$content,$name,$prio,$ttl)){$change=time();$query="INSERT INTO records (domain_id, name, type, content, ttl, prio, change_date) VALUES (".$db->quote($zoneid).",".$db->quote($name).",".$db->quote($type).",".$db->quote($content).",".$db->quote($ttl).",".$db->quote($prio).",".$db->quote($change).")";$response=$db->query($query);if(PEAR::isError($response)){error($response->getMessage());returnfalse;}else{if($type!='SOA'){update_soa_serial($zoneid);}returntrue;}}else{returnfalse;}returntrue;}}functionadd_supermaster($master_ip,$ns_name,$account){global$db;if(!is_valid_ip($master_ip)&&!is_valid_ip6($master_ip)){error(ERR_DNS_IP);returnfalse;}if(!is_valid_hostname($ns_name)){error(ERR_DNS_HOSTNAME);returnfalse;}if(!validate_account($account)){error(sprintf(ERR_INV_ARGC,"add_supermaster","given account name is invalid (alpha chars only)"));returnfalse;}if(supermaster_exists($master_ip)){error(ERR_SM_EXISTS);returnfalse;}else{$db->query("INSERT INTO supermasters VALUES (".$db->quote($master_ip).", ".$db->quote($ns_name).", ".$db->quote($account).")");returntrue;}}functiondelete_supermaster($master_ip){global$db;if(is_valid_ip($master_ip)||is_valid_ip6($master_ip)){$db->query("DELETE FROM supermasters WHERE ip = ".$db->quote($master_ip));returntrue;}else{error(sprintf(ERR_INV_ARGC,"delete_supermaster","No or no valid ipv4 or ipv6 address given."));}}functionget_supermaster_info_from_ip($master_ip){global$db;if(is_valid_ip($master_ip)||is_valid_ip6($master_ip)){$result=$db->queryRow("SELECT ip,nameserver,account FROM supermasters WHERE ip = ".$db->quote($master_ip));$ret=array("master_ip"=>$result["ip"],"ns_name"=>$result["nameserver"],"account"=>$result["account"]);return$ret;}else{error(sprintf(ERR_INV_ARGC,"get_supermaster_info_from_ip","No or no valid ipv4 or ipv6 address given."));}}functionget_record_details_from_record_id($rid){global$db;$query="SELECT id AS rid, domain_id AS zid, name, type, content, ttl, prio, change_date FROM records WHERE id = ".$db->quote($rid);$response=$db->query($query);if(PEAR::isError($response)){error($response->getMessage());returnfalse;}$return=$response->fetchRow();return$return;}/* * Delete a record by a given id. * return values: true, this function is always succesful. */functiondelete_record($rid){global$db;if(verify_permission(zone_content_edit_others)){$perm_content_edit="all";}elseif(verify_permission(zone_content_edit_own)){$perm_content_edit="own";}else{$perm_content_edit="none";}// Determine ID of zone first.$record=get_record_details_from_record_id($rid);$user_is_zone_owner=verify_user_is_owner_zoneid($record['zid']);if($perm_content_edit=="all"||($perm_content_edit=="own"&&$user_is_zone_owner=="0")){if($record['type']=="SOA"){error(_('You are trying to delete the SOA record. If are not allowed to remove it, unless you remove the entire zone.'));}else{$query="DELETE FROM records WHERE id = ".$db->quote($rid);$response=$db->query($query);if(PEAR::isError($response)){error($response->getMessage());returnfalse;}returntrue;}}else{error(ERR_PERM_DEL_RECORD);returnfalse;}}/* * Add a domain to the database. * A domain is name obligatory, so is an owner. * return values: true when succesful. * Empty means templates dont have to be applied. * -------------------------------------------------------------------------- * This functions eats a template and by that it inserts various records. * first we start checking if something in an arpa record * remember to request nextID's from the database to be able to insert record. * if anything is invalid the function will error */functionadd_domain($domain,$owner,$webip,$mailip,$empty,$type,$slave_master){if(verify_permission(zone_master_add)){$zone_master_add="1";};if(verify_permission(zone_slave_add)){$zone_slave_add="1";};// TODO: make sure only one is possible if only one is enabledif($zone_master_add=="1"||$zone_slave_add=="1"){global$db;if(($domain&&$owner&&$webip&&$mailip)||($empty&&$owner&&$domain)||(eregi('in-addr.arpa',$domain)&&$owner)||$type=="SLAVE"&&$domain&&$owner&&$slave_master){$response=$db->query("INSERT INTO domains (name, type) VALUES (".$db->quote($domain).", ".$db->quote($type).")");if(PEAR::isError($response)){error($response->getMessage());returnfalse;}$domain_id=$db->lastInsertId('domains','id');if(PEAR::isError($domain_id)){error($id->getMessage());returnfalse;}$response=$db->query("INSERT INTO zones (domain_id, owner) VALUES (".$db->quote($domain_id).", ".$db->quote($owner).")");if(PEAR::isError($response)){error($response->getMessage());returnfalse;}if($type=="SLAVE"){$response=$db->query("UPDATE domains SET master = ".$db->quote($slave_master)." WHERE id = ".$db->quote($domain_id));if(PEAR::isError($response)){error($response->getMessage());returnfalse;}returntrue;}else{$now=time();if($empty&&$domain_id){$ns1=$GLOBALS['NS1'];$hm=$GLOBALS['HOSTMASTER'];$ttl=$GLOBALS['DEFAULT_TTL'];$query="INSERT INTO records (domain_id, name, content, type, ttl, prio, change_date) VALUES (".$db->quote($domain_id).",".$db->quote($domain).",".$db->quote('SOA').",".$db->quote($ns1.' '.$hm.' 1').",".$db->quote($ttl).", 0, ".$db->quote($now).")";$response=$db->query($query);if(PEAR::isError($response)){error($response->getMessage());returnfalse;}}elseif($domain_id){global$template;foreach($templateas$r){if((eregi('in-addr.arpa',$domain)&&($r["type"]=="NS"||$r["type"]=="SOA"))||(!eregi('in-addr.arpa',$domain))){$name=parse_template_value($r["name"],$domain,$webip,$mailip);$type=$r["type"];$content=parse_template_value($r["content"],$domain,$webip,$mailip);$ttl=$r["ttl"];$prio=intval($r["prio"]);if(!$ttl){$ttl=$GLOBALS["DEFAULT_TTL"];}$query="INSERT INTO records (domain_id, name, type, content, ttl, prio, change_date) VALUES (".$db->quote($domain_id).",".$db->quote($name).",".$db->quote($type).",".$db->quote($content).",".$db->quote($ttl).",".$db->quote($prio).",".$db->quote($now).")";$response=$db->query($query);if(PEAR::isError($response)){error($response->getMessage());returnfalse;}}}returntrue;}else{error(sprintf(ERR_INV_ARGC,"add_domain","could not create zone"));}}}else{error(sprintf(ERR_INV_ARG,"add_domain"));}}else{error(ERR_PERM_ADD_ZONE_MASTER);returnfalse;}}/* * Deletes a domain by a given id. * Function always succeeds. If the field is not found in the database, thats what we want anyway. */functiondelete_domain($id){global$db;if(verify_permission(zone_content_edit_others)){$perm_edit="all";}elseif(verify_permission(zone_content_edit_own)){$perm_edit="own";}else{$perm_edit="none";}$user_is_zone_owner=verify_user_is_owner_zoneid($id);if($perm_edit=="all"||($perm_edit=="own"&&$user_is_zone_owner=="1")){if(is_numeric($id)){$db->query("DELETE FROM zones WHERE domain_id=".$db->quote($id));$db->query("DELETE FROM domains WHERE id=".$db->quote($id));$db->query("DELETE FROM records WHERE domain_id=".$db->quote($id));returntrue;}else{error(sprintf(ERR_INV_ARGC,"delete_domain","id must be a number"));returnfalse;}}else{error(ERR_PERM_DEL_ZONE);}}/* * Gets the id of the domain by a given record id. * return values: the domain id that was requested. */functionrecid_to_domid($id){global$db;if(is_numeric($id)){$result=$db->query("SELECT domain_id FROM records WHERE id=".$db->quote($id));$r=$result->fetchRow();return$r["domain_id"];}else{error(sprintf(ERR_INV_ARGC,"recid_to_domid","id must be a number"));}}/* * Change owner of a domain. * return values: true when succesful. */functionadd_owner_to_zone($zone_id,$user_id){global$db;if((verify_permission(zone_meta_edit_others))||(verify_permission(zone_meta_edit_own))&&verify_user_is_owner_zoneid($_GET["id"])){// User is allowed to make change to meta data of this zone.if(is_numeric($zone_id)&&is_numeric($user_id)&&is_valid_user($user_id)){if($db->queryOne("SELECT COUNT(id) FROM zones WHERE owner=".$db->quote($user_id)." AND domain_id=".$db->quote($zone_id))==0){$db->query("INSERT INTO zones (domain_id, owner) VALUES(".$db->quote($zone_id).", ".$db->quote($user_id).")");}returntrue;}else{error(sprintf(ERR_INV_ARGC,"add_owner_to_zone","$zone_id / $user_id"));}}else{returnfalse;}}functiondelete_owner_from_zone($zone_id,$user_id){global$db;if((verify_permission(zone_meta_edit_others))||(verify_permission(zone_meta_edit_own))&&verify_user_is_owner_zoneid($_GET["id"])){// User is allowed to make change to meta data of this zone.if(is_numeric($zone_id)&&is_numeric($user_id)&&is_valid_user($user_id)){// TODO: Next if() required, why not just execute DELETE query?if($db->queryOne("SELECT COUNT(id) FROM zones WHERE owner=".$db->quote($user_id)." AND domain_id=".$db->quote($zone_id))!=0){$db->query("DELETE FROM zones WHERE owner=".$db->quote($user_id)." AND domain_id=".$db->quote($zone_id));}returntrue;}else{error(sprintf(ERR_INV_ARGC,"delete_owner_from_zone","$zone_id / $user_id"));}}else{returnfalse;}}/* * Retrieves all supported dns record types * This function might be deprecated. * return values: array of types in string form. */functionget_record_types(){global$rtypes;return$rtypes;}/* * Retrieve all records by a given type and domain id. * Example: get all records that are of type A from domain id 1 * return values: a DB class result object */functionget_records_by_type_from_domid($type,$recid){global$rtypes;global$db;// Does this type exist?if(!in_array(strtoupper($type),$rtypes)){error(sprintf(ERR_INV_ARGC,"get_records_from_type","this is not a supported record"));}// Get the domain id.$domid=recid_to_domid($recid);$result=$db->query("select id, type from records where domain_id=".$db->quote($recid)." and type=".$db->quote($type));return$result;}/* * Retrieves the type of a record from a given id. * return values: the type of the record (one of the records types in $rtypes assumable). */functionget_recordtype_from_id($id){global$db;if(is_numeric($id)){$result=$db->query("SELECT type FROM records WHERE id=".$db->quote($id));$r=$result->fetchRow();return$r["type"];}else{error(sprintf(ERR_INV_ARG,"get_recordtype_from_id"));}}/* * Retrieves the name (e.g. bla.test.com) of a record by a given id. * return values: the name associated with the id. */functionget_name_from_record_id($id){global$db;if(is_numeric($id)){$result=$db->query("SELECT name FROM records WHERE id=".$db->quote($id));$r=$result->fetchRow();return$r["name"];}else{error(sprintf(ERR_INV_ARG,"get_name_from_record_id"));}}/* * Get domain name from a given id * return values: the name of the domain associated with the id. */functionget_domain_name_from_id($id){global$db;if(is_numeric($id)){$result=$db->query("SELECT name FROM domains WHERE id=".$db->quote($id));$rows=$result->numRows();if($rows==1){$r=$result->fetchRow();return$r["name"];}elseif($rows=="0"){error(sprintf("Zone does not exist."));returnfalse;}else{error(sprintf(ERR_INV_ARGC,"get_domain_name_from_id","more than one domain found?! whaaa! BAD! BAD! Contact admin!"));returnfalse;}}else{error(sprintf(ERR_INV_ARGC,"get_domain_name_from_id","Not a valid domainid: $id"));}}functionget_zone_info_from_id($zone_id){if(verify_permission(zone_content_view_others)){$perm_view="all";}elseif(verify_permission(zone_content_view_own)){$perm_view="own";}else{$perm_view="none";}if($perm_view=="none"){error(ERR_PERM_VIEW_ZONE);}else{global$db;$query="SELECT domains.type AS type, domains.name AS name, domains.master AS master_ip, count(records.domain_id) AS record_count FROM domains, records WHERE domains.id = ".$db->quote($zone_id)." AND domains.id = records.domain_id GROUP BY domains.id";$result=$db->query($query);if(PEAR::isError($result)){error($result->getMessage());returnfalse;}if($result->numRows()!=1){error(_('Function returned an error (multiple zones matching this zone ID).'));returnfalse;}else{$r=$result->fetchRow();$return=array("name"=>$r['name'],"type"=>$r['type'],"master_ip"=>$r['master_ip'],"record_count"=>$r['record_count']);}return$return;}}/* * Check if a domain is already existing. * return values: true if existing, false if it doesnt exist. */functiondomain_exists($domain){global$db;if(is_valid_domain($domain)){$result=$db->query("SELECT id FROM domains WHERE name=".$db->quote($domain));if($result->numRows()==0){returnfalse;}elseif($result->numRows()>=1){returntrue;}}else{error(ERR_DOMAIN_INVALID);}}functionget_supermasters(){global$db;$result=$db->query("SELECT ip, nameserver, account FROM supermasters");if(PEAR::isError($response)){error($response->getMessage());returnfalse;}$ret=array();if($result->numRows()==0){return-1;}else{while($r=$result->fetchRow()){$ret[]=array("master_ip"=>$r["ip"],"ns_name"=>$r["nameserver"],"account"=>$r["account"],);}return$ret;}}functionsupermaster_exists($master_ip){global$db;if(is_valid_ip($master_ip)||is_valid_ip6($master_ip)){$result=$db->query("SELECT ip FROM supermasters WHERE ip = ".$db->quote($master_ip));if($result->numRows()==0){returnfalse;}elseif($result->numRows()>=1){returntrue;}}else{error(sprintf(ERR_INV_ARGC,"supermaster_exists","No or no valid IPv4 or IPv6 address given."));}}functionget_zones($perm,$userid=0,$letterstart=all,$rowstart=0,$rowamount=999999){global$db;global$sql_regexp;if($perm!="own"&&$perm!="all"){error(ERR_PERM_VIEW_ZONE);returnfalse;}else{if($perm=="own"){$sql_add=" AND zones.domain_id = domains.id AND zones.owner = ".$db->quote($userid);}if($letterstart!=all&&$letterstart!=1){$sql_add.=" AND domains.name LIKE ".$db->quote($letterstart."%")." ";}elseif($letterstart==1){$sql_add.=" AND substring(domains.name,1,1) ".$sql_regexp." '^[[:digit:]]'";}}$sqlq="SELECT domains.id, domains.name, domains.type, COUNT(DISTINCT records.id) AS count_records FROM domains LEFT JOIN zones ON domains.id=zones.domain_id LEFT JOIN records ON records.domain_id=domains.id WHERE 1=1".$sql_add." GROUP BY domains.name, domains.id, domains.type ORDER BY domains.name";$db->setLimit($rowamount,$rowstart);$result=$db->query($sqlq);while($r=$result->fetchRow()){$ret[$r["name"]]=array("id"=>$r["id"],"name"=>$r["name"],"type"=>$r["type"],"count_records"=>$r["count_records"]);}return$ret;}// TODO: letterstart limitation and userid permission limitiation should be applied at the same time?functionzone_count_ng($perm,$letterstart=all){global$db;global$sql_regexp;$fromTable='domains';if($perm!="own"&&$perm!="all"){$zone_count="0";}else{if($perm=="own"){$sql_add=" AND zones.domain_id = domains.id AND zones.owner = ".$db->quote($_SESSION['userid']);$fromTable.=',zones';}if($letterstart!=all&&$letterstart!=1){$sql_add.=" AND domains.name LIKE ".$db->quote($letterstart."%")." ";}elseif($letterstart==1){$sql_add.=" AND substring(domains.name,1,1) ".$sql_regexp." '^[[:digit:]]'";}$sqlq="SELECT COUNT(distinct domains.id) AS count_zones FROM ".$fromTable." WHERE 1=1 ".$sql_add.";";$zone_count=$db->queryOne($sqlq);}return$zone_count;}functionzone_count_for_uid($uid){global$db;$query="SELECT COUNT(domain_id) FROM zones WHERE owner = ".$db->quote($uid)." ORDER BY domain_id";$zone_count=$db->queryOne($query);return$zone_count;}/* * Get a record from an id. * Retrieve all fields of the record and send it back to the function caller. * return values: the array with information, or -1 is nothing is found. */functionget_record_from_id($id){global$db;if(is_numeric($id)){$result=$db->query("SELECT id, domain_id, name, type, content, ttl, prio, change_date FROM records WHERE id=".$db->quote($id));if($result->numRows()==0){return-1;}elseif($result->numRows()==1){$r=$result->fetchRow();$ret=array("id"=>$r["id"],"domain_id"=>$r["domain_id"],"name"=>$r["name"],"type"=>$r["type"],"content"=>$r["content"],"ttl"=>$r["ttl"],"prio"=>$r["prio"],"change_date"=>$r["change_date"]);return$ret;}else{error(sprintf(ERR_INV_ARGC,"get_record_from_id","More than one row returned! This is bad!"));}}else{error(sprintf(ERR_INV_ARG,"get_record_from_id"));}}/* * Get all records from a domain id. * Retrieve all fields of the records and send it back to the function caller. * return values: the array with information, or -1 is nothing is found. */functionget_records_from_domain_id($id,$rowstart=0,$rowamount=999999){global$db;if(is_numeric($id)){if($_SESSION[$id."_ispartial"]==1){$db->setLimit($rowamount,$rowstart);$result=$db->query("SELECT record_owners.record_id as id FROM record_owners,domains,records WHERE record_owners.user_id = ".$db->quote($_SESSION["userid"])." AND record_owners.record_id = records.id AND records.domain_id = ".$db->quote($id)." GROUP BY record_owners.record_id");$ret=array();if($result->numRows()==0){return-1;}else{$ret[]=array();$retcount=0;while($r=$result->fetchRow()){// Call get_record_from_id for each row.$ret[$retcount]=get_record_from_id($r["id"]);$retcount++;}return$ret;}}else{$db->setLimit($rowamount,$rowstart);$result=$db->query("SELECT id FROM records WHERE domain_id=".$db->quote($id));$ret=array();if($result->numRows()==0){return-1;}else{$ret[]=array();$retcount=0;while($r=$result->fetchRow()){// Call get_record_from_id for each row.$ret[$retcount]=get_record_from_id($r["id"]);$retcount++;}return$ret;}}}else{error(sprintf(ERR_INV_ARG,"get_records_from_domain_id"));}}functionget_users_from_domain_id($id){global$db;$sqlq="SELECT owner FROM zones WHERE domain_id =".$db->quote($id);$id_owners=$db->query($sqlq);if($id_owners->numRows()==0){return-1;}else{while($r=$id_owners->fetchRow()){$fullname=$db->queryOne("SELECT fullname FROM users WHERE id=".$r['owner']);$owners[]=array("id"=>$r['owner'],"fullname"=>$fullname);}}return$owners;}functionsearch_zone_and_record($holy_grail,$perm){global$db;$holy_grail=trim($holy_grail);if(verify_permission(zone_content_view_others)){$perm_view="all";}elseif(verify_permission(zone_content_view_own)){$perm_view="own";}else{$perm_view="none";}if(verify_permission(zone_content_edit_others)){$perm_content_edit="all";}elseif(verify_permission(zone_content_edit_own)){$perm_content_edit="own";}else{$perm_content_edit="none";}// Search for matching domainsif($perm=="own"){$sql_add_from=", zones ";$sql_add_where=" AND zones.domain_id = domains.id AND zones.owner = ".$db->quote($userid);}$query="SELECT domains.id AS zid, domains.name AS name, domains.type AS type, domains.master AS master FROM domains".$sql_add_from." WHERE domains.name LIKE ".$db->quote($holy_grail).$sql_add_where;$response=$db->query($query);if(PEAR::isError($response)){error($response->getMessage());returnfalse;}while($r=$response->fetchRow()){$return_zones[]=array("zid"=>$r['zid'],"name"=>$r['name'],"type"=>$r['type'],"master"=>$r['master']);}// Search for matching recordsif($perm=="own"){$sql_add_from=", zones ";$sql_add_where=" AND zones.domain_id = record.id AND zones.owner = ".$db->quote($userid);}$query="SELECT records.id AS rid, records.name AS name, records.type AS type, records.content AS content, records.ttl AS ttl, records.prio AS prio, records.domain_id AS zid FROM records".$sql_add_from." WHERE (records.name LIKE ".$db->quote($holy_grail)." OR records.content LIKE ".$db->quote($holy_grail).")".$sql_add_where;$response=$db->query($query);if(PEAR::isError($response)){error($response->getMessage());returnfalse;}while($r=$response->fetchRow()){$return_records[]=array("rid"=>$r['rid'],"name"=>$r['name'],"type"=>$r['type'],"content"=>$r['content'],"ttl"=>$r['ttl'],"zid"=>$r['zid'],"prio"=>$r['prio']);}returnarray('zones'=>$return_zones,'records'=>$return_records);}functionget_domain_type($id){global$db;if(is_numeric($id)){$type=$db->queryOne("SELECT type FROM domains WHERE id = ".$db->quote($id));if($type==""){$type="NATIVE";}return$type;}else{error(sprintf(ERR_INV_ARG,"get_record_from_id","no or no valid zoneid given"));}}functionget_domain_slave_master($id){global$db;if(is_numeric($id)){$slave_master=$db->queryOne("SELECT master FROM domains WHERE type = 'SLAVE' and id = ".$db->quote($id));return$slave_master;}else{error(sprintf(ERR_INV_ARG,"get_domain_slave_master","no or no valid zoneid given"));}}functionchange_zone_type($type,$id){global$db;$add='';if(is_numeric($id)){// It is not really neccesary to clear the field that contains the IP address // of the master if the type changes from slave to something else. PowerDNS will// ignore the field if the type isn't something else then slave. But then again,// it's much clearer this way.if($type!="SLAVE"){$add=", master=''";}$result=$db->query("UPDATE domains SET type = ".$db->quote($type).$add." WHERE id = ".$db->quote($id));}else{error(sprintf(ERR_INV_ARG,"change_domain_type","no or no valid zoneid given"));}}functionchange_zone_slave_master($zone_id,$ip_slave_master){global$db;if(is_numeric($zone_id)){if(is_valid_ip($ip_slave_master)||is_valid_ip6($ip_slave_master)){$result=$db->query("UPDATE domains SET master = ".$db->quote($ip_slave_master)." WHERE id = ".$db->quote($zone_id));}else{error(sprintf(ERR_INV_ARGC,"change_domain_ip_slave_master","This is not a valid IPv4 or IPv6 address: $ip_slave_master"));}}else{error(sprintf(ERR_INV_ARG,"change_domain_type","no or no valid zoneid given"));}}functionvalidate_account($account){if(preg_match("/^[A-Z0-9._-]+$/i",$account)){returntrue;}else{returnfalse;}}?>