[feladat @ 156]
Made a lot of small changes to allow PHP to run with error_reporting E_ALL without giving notices.
Most functions have been checked but some situations might give a notice.
--- a/add_record.php Mon Mar 03 20:32:33 2008 +0000
+++ b/add_record.php Mon Mar 10 19:15:59 2008 +0000
@@ -26,7 +26,7 @@
error(ERR_RECORD_ACCESS_DENIED);
}
-if ($_POST["commit"]) {
+if (isset($_POST["commit"]) && isset($_POST['zoneid']) && isset($_POST['name']) && isset($_POST['type']) && isset($_POST['content']) && isset($_POST['ttl']) && isset($_POST['prio']) ) {
$ret = add_record($_POST["zoneid"], $_POST["name"], $_POST["type"], $_POST["content"], $_POST["ttl"], $_POST["prio"]);
if ($ret != '1') {
die("$ret");
@@ -63,7 +63,7 @@
} elseif (strtoupper($c) == 'A') {
$add = " SELECTED";
} else {
- unset($add);
+ $add = '';
}
?><option<?php echo $add ?> value="<?php echo $c ?>"><?php echo $c ?></option><?php
}
--- a/add_supermaster.php Mon Mar 03 20:32:33 2008 +0000
+++ b/add_supermaster.php Mon Mar 10 19:15:59 2008 +0000
@@ -26,12 +26,12 @@
error(ERR_LEVEL_5);
}
-if($_POST["submit"])
+if(isset($_POST["submit"]))
{
- $master_ip = $_POST["master_ip"];
- $ns_name = $_POST["ns_name"];
- $account = $_POST["account"];
- if (!$error)
+ $master_ip = (isset($_POST['master_ip']) ? $_POST["master_ip"] : '');
+ $ns_name = (isset($_POST['ns_name']) ? $_POST["ns_name"] : '');
+ $account = (isset($_POST["account"]) ? $_POST['account'] : '');
+ if (!isset($error))
{
if (!is_valid_ip($master_ip) && !is_valid_ip6($master_ip))
{
@@ -57,11 +57,11 @@
include_once("inc/header.inc.php");
- if ($error != "")
+ if ((isset($error)) && ($error != ""))
{
?><div class="error"><?php echo _('Error'); ?>: <?php echo $error; ?></div><?php
}
- elseif ($success != "")
+ elseif ((isset($success)) && ($success != ""))
{
?><div class="success"><?php echo $success; ?></div><?php
}
@@ -73,19 +73,19 @@
<tr>
<td class="n"><?php echo _('IP address of supermaster'); ?>:</td>
<td class="n">
- <input type="text" class="input" name="master_ip" value="<?php if ($error) print $_POST["master_ip"]; ?>">
+ <input type="text" class="input" name="master_ip" value="<?php if (isset($error)) print $_POST["master_ip"]; ?>">
</td>
</tr>
<tr>
<td class="n"><?php echo _('Hostname in NS record'); ?>:</td>
<td class="n">
- <input type="text" class="input" name="ns_name" value="<?php if ($error) print $_POST["ns_name"]; ?>">
+ <input type="text" class="input" name="ns_name" value="<?php if (isset($error)) print $_POST["ns_name"]; ?>">
</td>
</tr>
<tr>
<td class="n"><?php echo _('Account'); ?>:</td>
<td class="n">
- <input type="text" class="input" name="account" value="<?php if ($error) print $_POST["account"]; ?>">
+ <input type="text" class="input" name="account" value="<?php if (isset($error)) print $_POST["account"]; ?>">
</td>
</tr>
<tr>
--- a/add_zone_master.php Mon Mar 03 20:32:33 2008 +0000
+++ b/add_zone_master.php Mon Mar 10 19:15:59 2008 +0000
@@ -27,14 +27,14 @@
}
-if ($_POST["submit"])
+if (isset($_POST["submit"]))
{
- $domain = trim($_POST["domain"]);
- $owner = $_POST["owner"];
- $webip = $_POST["webip"];
- $mailip = $_POST["mailip"];
- $empty = $_POST["empty"];
- $dom_type = isset($_POST["dom_type"]) ? $_POST["dom_type"] : "NATIVE";
+ $domain = (isset($_POST['domain']) ? trim($_POST["domain"]) : '');
+ $owner = (isset($_POST['owner']) ? $_POST["owner"] : 0 );
+ $webip = (isset($_POST["webip"]) ? $_POST['webip'] : '');
+ $mailip = (isset($_POST["mailip"]) ? $_POST['mailip'] : '');
+ $empty = (isset($_POST["empty"]) ? $_POST['empty'] : 0);
+ $dom_type = (isset($_POST["dom_type"]) ? $_POST["dom_type"] : "NATIVE");
if(!$empty)
{
$empty = 0;
@@ -43,7 +43,7 @@
$error = "Web or Mail ip is invalid!";
}
}
- if (!$error)
+ if (!isset($error))
{
if (!is_valid_domain($domain))
{
@@ -64,11 +64,11 @@
include_once("inc/header.inc.php");
- if ($error != "")
+ if ((isset($error)) && ($error != ""))
{
?><div class="error"><?php echo _('Error'); ?>: <?php echo $error; ?></div><?php
}
- elseif ($success != "")
+ elseif ((isset($success)) && ($success != ""))
{
?><div class="success"><?php echo $success; ?></div><?php
}
@@ -87,19 +87,19 @@
<tr>
<td class="n"><?php echo _('Zone name'); ?>:</td>
<td class="n">
- <input type="text" class="input" name="domain" value="<?php if ($error) print $_POST["domain"]; ?>">
+ <input type="text" class="input" name="domain" value="<?php if (isset($error)) print $_POST["domain"]; ?>">
</td>
</tr>
<tr>
<td class="n"><?php echo _('Web IP'); ?>:</td>
<td class="n">
- <input type="text" class="input" name="webip" value="<?php if ($error) print $_POST["webip"]; ?>">
+ <input type="text" class="input" name="webip" value="<?php if (isset($error)) print $_POST["webip"]; ?>">
</td>
</tr>
<tr>
<td class="n"><?php echo _('Mail IP'); ?>:</TD>
<td class="n">
- <input type="text" class="input" name="mailip" value="<?php if ($error) print $_POST["mailip"]; ?>">
+ <input type="text" class="input" name="mailip" value="<?php if (isset($error)) print $_POST["mailip"]; ?>">
</td>
</tr>
<tr>
--- a/add_zone_slave.php Mon Mar 03 20:32:33 2008 +0000
+++ b/add_zone_slave.php Mon Mar 10 19:15:59 2008 +0000
@@ -27,13 +27,13 @@
}
-if ($_POST["submit"])
+if (isset($_POST["submit"]))
{
$domain = trim($_POST["domain"]);
$owner = $_POST["owner"];
$slave_master = $_POST["slave_master"];
$dom_type = "SLAVE";
- if (!$error)
+ if (!isset($error))
{
if (!is_valid_domain($domain))
{
@@ -49,7 +49,7 @@
}
else
{
- if(add_domain($domain, $owner, $webip, $mailip, $empty, $dom_type, $slave_master))
+ if(add_domain($domain, $owner, '', '', 1, $dom_type, $slave_master))
{
$success = _('Successfully added slave zone.');
}
@@ -59,11 +59,11 @@
include_once("inc/header.inc.php");
- if ($error != "")
+ if ((isset($error)) && ($error != ""))
{
?><div class="error"><?php echo _('Error'); ?>: <?php echo $error; ?></div><?php
}
- elseif ($success != "")
+ elseif ((isset($success)) && ($success != ""))
{
?><div class="success"><?php echo $success; ?></div><?php
}
@@ -77,13 +77,13 @@
<tr>
<td class="n"><?php echo _('Zone name'); ?>:</td>
<td class="n">
- <input type="text" class="input" name="domain" value="<?php if ($error) print $_POST["domain"]; ?>">
+ <input type="text" class="input" name="domain" value="<?php if (isset($error)) print $_POST["domain"]; ?>">
</td>
</tr>
<tr>
<td class="n"><?php echo _('IP of master NS'); ?>:</td>
<td class="n">
- <input type="text" class="input" name="slave_master" value="<?php if ($error) print $_POST["slave_master"]; ?>">
+ <input type="text" class="input" name="slave_master" value="<?php if (isset($error)) print $_POST["slave_master"]; ?>">
</td>
</tr>
<tr>
--- a/change_password.php Mon Mar 03 20:32:33 2008 +0000
+++ b/change_password.php Mon Mar 10 19:15:59 2008 +0000
@@ -21,9 +21,9 @@
require_once("inc/toolkit.inc.php");
-if($_POST["submit"])
+if(isset($_POST["submit"]))
{
- if(strlen($_POST["newpass"]) < 8)
+ if((!isset($_POST['newpass'])) || (strlen($_POST["newpass"]) < 8))
{
error('Password length should be at least 8 characters.');
}
--- a/delete_domain.php Mon Mar 03 20:32:33 2008 +0000
+++ b/delete_domain.php Mon Mar 10 19:15:59 2008 +0000
@@ -27,10 +27,10 @@
}
-if ($_GET["id"]) {
- if ($_GET["confirm"] == '0') {
+if (isset($_GET["id"])) {
+ if ((isset($_GET["confirm"])) && ($_GET['confirm'] == '0')) {
clean_page("index.php");
- } elseif ($_GET["confirm"] == '1') {
+ } elseif ((isset($_GET["confirm"])) && ($_GET['confirm'] == '1')) {
delete_domain($_GET["id"]);
clean_page("index.php");
}
--- a/delete_supermaster.php Mon Mar 03 20:32:33 2008 +0000
+++ b/delete_supermaster.php Mon Mar 10 19:15:59 2008 +0000
@@ -27,10 +27,10 @@
}
-if ($_GET["master_ip"]) {
- if ($_GET["confirm"] == '0') {
+if (isset($_GET["master_ip"])) {
+ if ((isset($_GET['confirm'])) && ($_GET["confirm"] == '0')) {
clean_page("index.php");
- } elseif ($_GET["confirm"] == '1') {
+ } elseif ((isset($_GET["confirm"])) && ($_GET['confirm'] == '1')) {
delete_supermaster($_GET["master_ip"]);
clean_page("index.php");
}
--- a/edit.php Mon Mar 03 20:32:33 2008 +0000
+++ b/edit.php Mon Mar 10 19:15:59 2008 +0000
@@ -124,7 +124,7 @@
$users = show_users();
foreach ($users as $u)
{
- unset($add);
+ $add = '';
if ($u["id"] == $info["ownerid"])
{
$add = " SELECTED";
@@ -155,7 +155,7 @@
<?php
foreach($server_types as $s)
{
- unset($add);
+ $add = '';
if ($s == $domain_type)
{
$add = " SELECTED";
--- a/edit_record.php Mon Mar 03 20:32:33 2008 +0000
+++ b/edit_record.php Mon Mar 10 19:15:59 2008 +0000
@@ -21,7 +21,7 @@
require_once("inc/toolkit.inc.php");
-if (isset($_GET["delid"])) {
+if (isset($_GET["delid"]) && isset($_GET['delid']) && isset($_GET['id'])) {
delete_record_owner($_GET["domain"],$_GET["delid"],$_GET["id"]);
}
@@ -32,11 +32,14 @@
error(ERR_RECORD_ACCESS_DENIED);
}
-if ($_POST["commit"])
+if (isset($_GET['domain'])) {
+ $domain_name = get_domain_name_from_id($_GET['domain']);
+}
+if (isset($_POST["commit"]) && isset($_POST['recordid']) && isset($_POST['domainid']) && isset($_POST['name']) && isset($_POST['type']) && isset($_POST['content']) && isset($_POST['ttl']) && isset($_POST['prio']))
{
edit_record($_POST["recordid"], $_POST["domainid"], $_POST["name"], $_POST["type"], $_POST["content"], $_POST["ttl"], $_POST["prio"]);
clean_page("edit.php?id=".$_POST["domainid"]);
-} elseif($_SESSION["partial_".get_domain_name_from_id($_GET["domain"])] == 1)
+} elseif(isset($_SESSION['partial_'.$domain_name]) && ($_SESSION["partial_".$domain_name] == 1))
{
$db->setLimit(1);
$checkPartial = $db->queryOne("SELECT id FROM record_owners WHERE record_id=".$db->quote($_GET["id"])." AND user_id=".$db->quote($_SESSION["userid"]));
@@ -46,7 +49,7 @@
}
include_once("inc/header.inc.php");
?>
- <h2><?php echo _('Edit record in zone'); ?> "<?php echo get_domain_name_from_id($_GET["domain"]) ?>"</h2>
+ <h2><?php echo _('Edit record in zone'); ?> "<?php echo $domain_name ?>"</h2>
<?php
$x_result = $db->query("SELECT r.id,u.fullname FROM record_owners as r, users as u WHERE r.record_id=".$db->quote($_GET['id'])." AND u.id=r.user_id");
@@ -98,19 +101,19 @@
if ($_SESSION[$_GET["domain"]."_ispartial"] == 1)
{
?>
- <input type="hidden" name="name" value="<?php echo trim(str_replace(get_domain_name_from_id($_GET["domain"]), '', $rec["name"]), '.')?>" class="input">
+ <input type="hidden" name="name" value="<?php echo trim(str_replace($domain_name, '', $rec["name"]), '.')?>" class="input">
-<?php echo trim(str_replace(get_domain_name_from_id($_GET["domain"]), '', $rec["name"]), '.') ?>
+<?php echo trim(str_replace($domain_name, '', $rec["name"]), '.') ?>
<?php
}
else
{
?>
- <input type="text" name="name" value="<?php echo trim(str_replace(get_domain_name_from_id($_GET["domain"]), '', $rec["name"]), '.') ?>" class="input">
+ <input type="text" name="name" value="<?php echo trim(str_replace($domain_name, '', $rec["name"]), '.') ?>" class="input">
<?php
}
?>
-.<?php echo get_domain_name_from_id($_GET["domain"]) ?>
+.<?php echo $domain_name ?>
</td>
<td class="n">IN</td>
<td>
--- a/inc/auth.inc.php Mon Mar 03 20:32:33 2008 +0000
+++ b/inc/auth.inc.php Mon Mar 10 19:15:59 2008 +0000
@@ -19,7 +19,7 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-session_start();
+//session_start();
if (isset($_SERVER["QUERY_STRING"]) && $_SERVER["QUERY_STRING"] == "logout")
{
@@ -52,7 +52,7 @@
$_SESSION["userid"] = $rowObj["id"];
$_SESSION["name"] = $rowObj["fullname"];
$_SESSION["level"] = $rowObj["level"];
- if($_POST["authenticate"])
+ if(isset($_POST["authenticate"]))
{
//If a user has just authenticated, redirect him to index with timestamp, so post-data gets lost.
session_write_close();
@@ -117,6 +117,7 @@
function logout($msg="")
{
+ $type = '';
if ( $msg == "" ) {
$msg = _('You have logged out.');
$type = "success";
--- a/inc/dns.inc.php Mon Mar 03 20:32:33 2008 +0000
+++ b/inc/dns.inc.php Mon Mar 10 19:15:59 2008 +0000
@@ -75,6 +75,8 @@
if($name == '*')
{
$wildcard = true;
+ } else {
+ $wildcard = false;
}
if ($name=="0") {
--- a/inc/record.inc.php Mon Mar 03 20:32:33 2008 +0000
+++ b/inc/record.inc.php Mon Mar 10 19:15:59 2008 +0000
@@ -955,7 +955,7 @@
* if a user id is below 5 this function will only retrieve records for that user.
* return values: the array of domains or -1 if nothing is found.
*/
-function get_domains($userid=true,$letterstart=all,$rowstart=0,$rowamount=999999)
+function get_domains($userid=true,$letterstart='all',$rowstart=0,$rowamount=999999)
{
global $db;
global $sql_regexp;
@@ -976,7 +976,7 @@
LEFT JOIN zones ON domains.id=zones.domain_id
LEFT JOIN records ON records.domain_id=domains.id
WHERE 1=1 $add ";
- if ($letterstart!=all && $letterstart!=1) {
+ if ($letterstart!='all' && $letterstart!=1) {
$sqlq.=" AND substring(domains.name,1,1) ".$sql_regexp." ".$db->quote("^".$letterstart);
} elseif ($letterstart==1) {
$sqlq.=" AND substring(domains.name,1,1) ".$sql_regexp." '^[[:digit:]]'";
@@ -1008,7 +1008,7 @@
$andnot="";
}
- if ($letterstart!=all && $letterstart!=1) {
+ if ($letterstart!='all' && $letterstart!=1) {
$sqlq = "SELECT domains.id AS domain_id,
count(DISTINCT record_owners.record_id) AS aantal,
@@ -1056,7 +1056,7 @@
}
- if ($letterstart!=all && $letterstart!=1) {
+ if ($letterstart!='all' && $letterstart!=1) {
while($r = $result_extra->fetchRow())
{
@@ -1105,7 +1105,7 @@
* @return integer the number of zones
*/
-function zone_count($userid=true, $letterstart=all) {
+function zone_count($userid=true, $letterstart='all') {
global $db;
global $sql_regexp;
if((!level(5) || !$userid) && !level(10) && !level(5))
@@ -1130,7 +1130,7 @@
$add = "";
}
- if ($letterstart!=all && $letterstart!=1) {
+ if ($letterstart!='all' && $letterstart!=1) {
$add .=" AND domains.name LIKE ".$db->quote($letterstart."%")." ";
} elseif ($letterstart==1) {
$add .=" AND substring(domains.name,1,1) ".$sql_regexp." '^[[:digit:]]'";
@@ -1367,7 +1367,7 @@
function change_domain_type($type, $id)
{
global $db;
- unset($add);
+ $add = '';
if (is_numeric($id))
{
// It is not really neccesary to clear the master field if a
--- a/inc/toolkit.inc.php Mon Mar 03 20:32:33 2008 +0000
+++ b/inc/toolkit.inc.php Mon Mar 10 19:15:59 2008 +0000
@@ -41,21 +41,21 @@
/*************
* Constants *
*************/
-define(ROWAMOUNT, $ROWAMOUNT);
+define('ROWAMOUNT', $ROWAMOUNT);
if (isset($_GET["start"])) {
- define(ROWSTART, (($_GET["start"] - 1) * ROWAMOUNT));
+ define('ROWSTART', (($_GET["start"] - 1) * ROWAMOUNT));
} else {
- define(ROWSTART, 0);
+ define('ROWSTART', 0);
}
if (isset($_GET["letter"])) {
- define(LETTERSTART, $_GET["letter"]);
+ define('LETTERSTART', $_GET["letter"]);
$_SESSION["letter"] = $_GET["letter"];
} elseif(isset($_SESSION["letter"])) {
- define(LETTERSTART, $_SESSION["letter"]);
+ define('LETTERSTART', $_SESSION["letter"]);
} else {
- define(LETTERSTART, "a");
+ define('LETTERSTART', "a");
}
/* Database connection */
--- a/index.php Mon Mar 03 20:32:33 2008 +0000
+++ b/index.php Mon Mar 10 19:15:59 2008 +0000
@@ -19,7 +19,7 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-session_start();
+//session_start();
require_once("inc/toolkit.inc.php");
include_once("inc/header.inc.php");
?>
--- a/search.php Mon Mar 03 20:32:33 2008 +0000
+++ b/search.php Mon Mar 10 19:15:59 2008 +0000
@@ -25,6 +25,8 @@
{
$submitted=true;
$search_result=search_record($_POST['q']);
+} else {
+ $submitted = false;
}
// we will continue after the search form ...
@@ -48,6 +50,7 @@
<?php
// results
+
if ($submitted)
{
echo '<br><br>';
--- a/users.php Mon Mar 03 20:32:33 2008 +0000
+++ b/users.php Mon Mar 10 19:15:59 2008 +0000
@@ -21,12 +21,12 @@
require_once("inc/toolkit.inc.php");
-if($_POST["submit"]
-&& $_POST["username"] != ""
-&& $_POST["password"] != ""
-&& $_POST["fullname"] != ""
-&& $_POST["email"] != ""
-&& $_POST["level"] > 0)
+if(isset($_POST["submit"])
+&& isset($_POST['username']) && $_POST["username"] != ""
+&& isset($_POST['password']) && $_POST["password"] != ""
+&& isset($_POST['fullname']) && $_POST["fullname"] != ""
+&& isset($_POST['email']) && $_POST["email"] != ""
+&& isset($_POST['level']) && $_POST["level"] > 0)
{
if(substr_count($_POST["username"], " ") == 0)
{
@@ -45,13 +45,13 @@
$error = _('Usernames can\'t contain spaces');
}
}
-elseif($_POST["submit"])
+elseif(isset($_POST["submit"]))
{
$error = _('Please fill in all fields');
}
include_once("inc/header.inc.php");
-if ($error != "")
+if (isset($error) && $error != "")
{
?>
<div class="error"><?php echo $error ; ?></div>
@@ -120,19 +120,19 @@
<table>
<tr>
<td class="n"><?php echo _('User name'); ?>:</td>
- <td class="n"><input type="text" class="input" name="username" value="<?php if ($error) print $_POST["username"]; ?>"></td>
+ <td class="n"><input type="text" class="input" name="username" value="<?php if (isset($error)) print $_POST["username"]; ?>"></td>
</tr>
<tr>
<td class="n"><?php echo _('Full name'); ?>:</td>
- <td class="n"><input type="text" class="input" NAME="fullname" VALUE="<?php if ($error) print $_POST["fullname"]; ?>"></td>
+ <td class="n"><input type="text" class="input" NAME="fullname" VALUE="<?php if (isset($error)) print $_POST["fullname"]; ?>"></td>
</tr>
<tr>
<td class="n"><?php echo _('Password'); ?>:</td>
- <td class="n"><input type="password" class="input" NAME="password" VALUE="<?php if ($error) print $_POST["password"]; ?>"></td>
+ <td class="n"><input type="password" class="input" NAME="password" VALUE="<?php if (isset($error)) print $_POST["password"]; ?>"></td>
</tr>
<tr>
<td class="n"><?php echo _('E-mail'); ?>:</td>
- <td class="n"><input type="text" class="input" NAME="email" VALUE="<?php if ($error) print $_POST["email"]; ?>"></td>
+ <td class="n"><input type="text" class="input" NAME="email" VALUE="<?php if (isset($error)) print $_POST["email"]; ?>"></td>
</tr>
<tr>
<td class="n"><?php echo _('User level'); ?>:</td>
@@ -146,7 +146,7 @@
</tr>
<tr>
<td class="n"><?php echo _('Description'); ?>:</td>
- <td class="n"><textarea rows="6" cols="30" class="inputarea" name="description"><?php if ($error) print $_POST["description"]; ?></textarea></td>
+ <td class="n"><textarea rows="6" cols="30" class="inputarea" name="description"><?php if (isset($error)) print $_POST["description"]; ?></textarea></td>
</tr>
<tr>
<td class="n"><?php echo _('Active'); ?>:</td>