} else {
$perm_meta_edit = "none";
}
$zid = get_zone_id_from_record_id($_GET['id']);
$user_is_zone_owner = do_hook('verify_user_is_owner_zoneid', $zid);
$zone_type = get_domain_type($zid);
$zone_name = get_zone_name_from_id($zid);
if (isset($_POST["commit"])) {
if ($zone_type == "SLAVE" || $perm_content_edit == "none" || ($perm_content_edit == "own" || $perm_content_edit == "own_as_client") && $user_is_zone_owner == "0") {
error(ERR_PERM_EDIT_RECORD);
} else {
$old_record_info = get_record_from_id($_POST["rid"]);
$ret_val = edit_record($_POST);
if ($ret_val == "1") {
if ($_POST['type'] != "SOA") {
update_soa_serial($zid);
}
success(SUC_RECORD_UPD);
$new_record_info = get_record_from_id($_POST["rid"]);
log_info(sprintf('client_ip:%s user:%s operation:edit_record' . ' old_record_type:%s old_record:%s old_content:%s old_ttl:%s old_priority:%s' . ' record_type:%s record:%s content:%s ttl:%s priority:%s', $_SERVER['REMOTE_ADDR'], $_SESSION["userlogin"], $old_record_info['type'], $old_record_info['name'], $old_record_info['content'], $old_record_info['ttl'], $old_record_info['prio'], $new_record_info['type'], $new_record_info['name'], $new_record_info['content'], $new_record_info['ttl'], $new_record_info['prio']));
if ($pdnssec_use) {
if (dnssec_rectify_zone($zid)) {
success(SUC_EXEC_PDNSSEC_RECTIFY_ZONE);
}
}
}
}
}
echo " <h2>" . _('Edit record in zone') . " \"<a href=\"edit.php?id=" . $zid . "\">" . $zone_name . "</a>\"</h2>\n";
if ($perm_view == "none" || $perm_view == "own" && $user_is_zone_owner == "0") {
error(ERR_PERM_VIEW_RECORD);
}
if (zone_id_exists($zone_id) == "0") {
error(ERR_ZONE_NOT_EXIST);
include_once "inc/footer.inc.php";
exit;
}
if (isset($_POST['sign_zone'])) {
$zone_name = get_zone_name_from_id($zone_id);
update_soa_serial($zone_id);
dnssec_secure_zone($zone_name);
dnssec_rectify_zone($zone_id);
}
if (isset($_POST['unsign_zone'])) {
$zone_name = get_zone_name_from_id($zone_id);
dnssec_unsecure_zone($zone_name);
update_soa_serial($zone_id);
}
$domain_type = get_domain_type($zone_id);
$record_count = count_zone_records($zone_id);
$zone_templates = get_list_zone_templ($_SESSION['userid']);
$zone_template_id = get_zone_template($zone_id);
echo " <h2>" . _('Edit zone') . " \"" . get_zone_name_from_id($zone_id) . "\"</h2>\n";
echo " <div class=\"showmax\">\n";
show_pages($record_count, $iface_rowamount, $zone_id);
echo " </div>\n";
$records = get_records_from_domain_id($zone_id, ROWSTART, $iface_rowamount, RECORD_SORT_BY);
if ($records == "-1") {
echo " <p>" . _("This zone does not have any records. Weird.") . "</p>\n";
} else {
echo " <form method=\"post\" action=\"\">\n";
echo " <table>\n";
if (isset($_POST['record'])) {
$rec = $_POST['record'];
foreach ($rec as $idx => $val) {
$rec[$idx] = trim(strip_tags($val));
}
$record = array_merge($record, $rec);
if ($record['ttl'] * 1 <= 0 || !is_numeric($record['ttl'])) {
$error['ttl'] = trans('Wrong TTL');
}
// call validate... after all checks
if (!$error) {
validate_dns_record($record, $error);
}
if (!$error) {
if (strlen($record['name'])) {
$record['name'] = trim($record['name'], '.') . '.';
}
$record['name'] .= $record['domainname'];
$DB->Execute('UPDATE records SET name = ?, type = ?, content = ?, ttl = ?, prio = ?
WHERE id = ?', array($record['name'], $record['type'], $record['content'], $record['ttl'], $record['prio'], $record['id']));
update_soa_serial($record['domain_id']);
$SESSION->redirect('?m=recordlist&d=' . $record['domain_id']);
}
$SMARTY->assign('error', $error);
} else {
parse_dns_record($record);
}
$layout['pagetitle'] = trans('DNS Record Edit');
$SESSION->save('backto', $_SERVER['QUERY_STRING']);
$SMARTY->assign('record', $record);
$SMARTY->display('recordedit.html');
/** Add a record
*
* This function validates it if correct it inserts it into the database.
*
* @param int $zone_id Zone ID
* @param string $name Name part of record
* @param string $type Type of record
* @param string $content Content of record
* @param int $ttl Time-To-Live of record
* @param int $prio Priority of record
*
* @return boolean true if successful
*/
function add_record($zone_id, $name, $type, $content, $ttl, $prio)
{
global $db;
global $pdnssec_use;
if (do_hook('verify_permission', 'zone_content_edit_others')) {
$perm_content_edit = "all";
} elseif (do_hook('verify_permission', 'zone_content_edit_own')) {
$perm_content_edit = "own";
} elseif (do_hook('verify_permission', 'zone_content_edit_own_as_client')) {
$perm_content_edit = "own_as_client";
} else {
$perm_content_edit = "none";
}
$user_is_zone_owner = do_hook('verify_user_is_owner_zoneid', $zone_id);
$zone_type = get_domain_type($zone_id);
if ($zone_type == "SLAVE" || $perm_content_edit == "none" || ($perm_content_edit == "own" || $perm_content_edit == "own_as_client") && $user_is_zone_owner == "0") {
error(ERR_PERM_ADD_RECORD);
return false;
} else {
$response = $db->beginTransaction();
if (validate_input(-1, $zone_id, $type, $content, $name, $prio, $ttl)) {
$change = time();
$name = strtolower($name);
// powerdns only searches for lower case records
if ($type == "SPF" || $type == "TXT") {
$content = $db->quote(stripslashes('\\"' . $content . '\\"'), 'text');
} else {
$content = $db->quote($content, 'text');
}
$query = "INSERT INTO records (domain_id, name, type, content, ttl, prio, change_date) VALUES (" . $db->quote($zone_id, 'integer') . "," . $db->quote($name, 'text') . "," . $db->quote($type, 'text') . "," . $content . "," . $db->quote($ttl, 'integer') . "," . $db->quote($prio, 'integer') . "," . $db->quote($change, 'integer') . ")";
$response = $db->exec($query);
if (PEAR::isError($response)) {
error($response->getMessage());
$response = $db->rollback();
return false;
} else {
$response = $db->commit();
if ($type != 'SOA') {
update_soa_serial($zone_id);
}
if ($pdnssec_use) {
dnssec_rectify_zone($zone_id);
}
return true;
}
} else {
return false;
}
}
}
function add_record($zoneid, $name, $type, $content, $ttl, $prio)
{
global $db;
if (verify_permission('zone_content_edit_others')) {
$perm_content_edit = "all";
} elseif (verify_permission('zone_content_edit_own')) {
$perm_content_edit = "own";
} else {
$perm_content_edit = "none";
}
$user_is_zone_owner = verify_user_is_owner_zoneid($zoneid);
$zone_type = get_domain_type($zoneid);
if ($zone_type == "SLAVE" || $perm_content_edit == "none" || $perm_content_edit == "own" && $user_is_zone_owner == "0") {
error(ERR_PERM_ADD_RECORD);
return false;
} else {
if (validate_input(-1, $zoneid, $type, $content, $name, $prio, $ttl)) {
$change = time();
if ($type == "SPF" || $type == "TXT") {
$content = $db->quote(stripslashes('\\"' . $content . '\\"'), 'text');
} else {
$content = $db->quote($content, 'text');
}
$query = "INSERT INTO records (domain_id, name, type, content, ttl, prio, change_date) VALUES (" . $db->quote($zoneid, 'integer') . "," . $db->quote($name, 'text') . "," . $db->quote($type, 'text') . "," . $content . "," . $db->quote($ttl, 'integer') . "," . $db->quote($prio, 'integer') . "," . $db->quote($change, 'integer') . ")";
$response = $db->query($query);
if (PEAR::isError($response)) {
error($response->getMessage());
return false;
} else {
if ($type != 'SOA') {
update_soa_serial($zoneid);
}
return true;
}
} else {
return false;
}
}
}
<?php
/*
* LMS version 1.11-cvs
*
* (C) Copyright 2009 Webvisor Sp z o.o.
*
* Please, see the doc/AUTHORS for more information about authors!
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License Version 2 as
* published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
$id = $_GET['id'] * 1;
if ($id) {
$domainid = $DB->GetRow('SELECT domain_id FROM records WHERE records.id = ?', array($id));
$DB->Execute('DELETE FROM records WHERE id = ?', array($id));
include LIB_DIR . '/dns.php';
update_soa_serial($domainid['domain_id']);
}
$SESSION->redirect('?m=recordlist');
include_once "inc/footer.inc.php";
exit;
}
if (isset($_POST['commit'])) {
$error = false;
if (isset($_POST['record'])) {
foreach ($_POST['record'] as $record) {
$edit_record = edit_record($record);
if (false === $edit_record) {
$error = true;
}
}
}
edit_zone_comment($_GET['id'], $_POST['comment']);
if (false === $error) {
update_soa_serial($_GET['id']);
success(SUC_ZONE_UPD);
} else {
error(ERR_ZONE_UPD);
}
}
if (isset($_POST['save_as'])) {
if (zone_templ_name_exists($_POST['templ_name'])) {
error(ERR_ZONE_TEMPL_EXIST);
} elseif ($_POST['templ_name'] == '') {
error(ERR_ZONE_TEMPL_IS_EMPTY);
} else {
success(SUC_ZONE_TEMPL_ADD);
$records = get_records_from_domain_id($zone_id);
add_zone_templ_save_as($_POST['templ_name'], $_POST['templ_descr'], $_SESSION['userid'], $records, get_zone_name_from_id($zone_id));
}
$ip = safe($given_ip);
// Check its ok...
if (!valid_ip_address($ip)) {
return status_exit('dnserr');
} else {
$type = valid_ip_address($ip);
}
if (!strlen($hostname)) {
return status_exit('notfqdn');
}
$user_query = "\n\tSELECT\n\t\tusers.id\n\tFROM\n\t\tusers, perm_templ, perm_templ_items, perm_items\n\tWHERE\n\t\tusers.username = '******'\n\t\tAND users.password = '******'\n\t\tAND users.active = 1\n\t\tAND perm_templ.id = users.perm_templ\n\t\tAND perm_templ_items.templ_id = perm_templ.id\n\t\tAND perm_items.id = perm_templ_items.perm_id\n\t\tAND (\n\t\t\t\tperm_items.name = 'zone_content_edit_own'\n\t\t\t\tOR perm_items.name = 'zone_content_edit_others'\n\t\t)\n";
$user = $db->queryRow($user_query);
if (!$user) {
return status_exit('badauth');
}
$zones_query = "SELECT domain_id FROM zones WHERE owner='{$user["id"]}'";
$zones_result = $db->query($zones_query);
$was_updated = false;
while ($zone = $zones_result->fetchRow()) {
$name_query = "SELECT name FROM records WHERE domain_id='{$zone["domain_id"]}' and type = '{$type}'";
$result = $db->query($name_query);
while ($record = $result->fetchRow()) {
if ($hostname == $record['name']) {
$update_query = "UPDATE records SET content ='{$ip}' where name='{$record["name"]}' and type='{$type}'";
$update_result = $db->query($update_query);
update_soa_serial($zone['domain_id']);
$was_updated = true;
}
}
}
return $was_updated ? status_exit('good') : status_exit('!yours');
