} else { $perm_meta_edit = "none"; } $zid = get_zone_id_from_record_id($_GET['id']); $user_is_zone_owner = do_hook('verify_user_is_owner_zoneid', $zid); $zone_type = get_domain_type($zid); $zone_name = get_zone_name_from_id($zid); if (isset($_POST["commit"])) { if ($zone_type == "SLAVE" || $perm_content_edit == "none" || ($perm_content_edit == "own" || $perm_content_edit == "own_as_client") && $user_is_zone_owner == "0") { error(ERR_PERM_EDIT_RECORD); } else { $old_record_info = get_record_from_id($_POST["rid"]); $ret_val = edit_record($_POST); if ($ret_val == "1") { if ($_POST['type'] != "SOA") { update_soa_serial($zid); } success(SUC_RECORD_UPD); $new_record_info = get_record_from_id($_POST["rid"]); log_info(sprintf('client_ip:%s user:%s operation:edit_record' . ' old_record_type:%s old_record:%s old_content:%s old_ttl:%s old_priority:%s' . ' record_type:%s record:%s content:%s ttl:%s priority:%s', $_SERVER['REMOTE_ADDR'], $_SESSION["userlogin"], $old_record_info['type'], $old_record_info['name'], $old_record_info['content'], $old_record_info['ttl'], $old_record_info['prio'], $new_record_info['type'], $new_record_info['name'], $new_record_info['content'], $new_record_info['ttl'], $new_record_info['prio'])); if ($pdnssec_use) { if (dnssec_rectify_zone($zid)) { success(SUC_EXEC_PDNSSEC_RECTIFY_ZONE); } } } } } echo " <h2>" . _('Edit record in zone') . " \"<a href=\"edit.php?id=" . $zid . "\">" . $zone_name . "</a>\"</h2>\n"; if ($perm_view == "none" || $perm_view == "own" && $user_is_zone_owner == "0") { error(ERR_PERM_VIEW_RECORD);
} if (zone_id_exists($zone_id) == "0") { error(ERR_ZONE_NOT_EXIST); include_once "inc/footer.inc.php"; exit; } if (isset($_POST['sign_zone'])) { $zone_name = get_zone_name_from_id($zone_id); update_soa_serial($zone_id); dnssec_secure_zone($zone_name); dnssec_rectify_zone($zone_id); } if (isset($_POST['unsign_zone'])) { $zone_name = get_zone_name_from_id($zone_id); dnssec_unsecure_zone($zone_name); update_soa_serial($zone_id); } $domain_type = get_domain_type($zone_id); $record_count = count_zone_records($zone_id); $zone_templates = get_list_zone_templ($_SESSION['userid']); $zone_template_id = get_zone_template($zone_id); echo " <h2>" . _('Edit zone') . " \"" . get_zone_name_from_id($zone_id) . "\"</h2>\n"; echo " <div class=\"showmax\">\n"; show_pages($record_count, $iface_rowamount, $zone_id); echo " </div>\n"; $records = get_records_from_domain_id($zone_id, ROWSTART, $iface_rowamount, RECORD_SORT_BY); if ($records == "-1") { echo " <p>" . _("This zone does not have any records. Weird.") . "</p>\n"; } else { echo " <form method=\"post\" action=\"\">\n"; echo " <table>\n";
if (isset($_POST['record'])) { $rec = $_POST['record']; foreach ($rec as $idx => $val) { $rec[$idx] = trim(strip_tags($val)); } $record = array_merge($record, $rec); if ($record['ttl'] * 1 <= 0 || !is_numeric($record['ttl'])) { $error['ttl'] = trans('Wrong TTL'); } // call validate... after all checks if (!$error) { validate_dns_record($record, $error); } if (!$error) { if (strlen($record['name'])) { $record['name'] = trim($record['name'], '.') . '.'; } $record['name'] .= $record['domainname']; $DB->Execute('UPDATE records SET name = ?, type = ?, content = ?, ttl = ?, prio = ? WHERE id = ?', array($record['name'], $record['type'], $record['content'], $record['ttl'], $record['prio'], $record['id'])); update_soa_serial($record['domain_id']); $SESSION->redirect('?m=recordlist&d=' . $record['domain_id']); } $SMARTY->assign('error', $error); } else { parse_dns_record($record); } $layout['pagetitle'] = trans('DNS Record Edit'); $SESSION->save('backto', $_SERVER['QUERY_STRING']); $SMARTY->assign('record', $record); $SMARTY->display('recordedit.html');
/** Add a record * * This function validates it if correct it inserts it into the database. * * @param int $zone_id Zone ID * @param string $name Name part of record * @param string $type Type of record * @param string $content Content of record * @param int $ttl Time-To-Live of record * @param int $prio Priority of record * * @return boolean true if successful */ function add_record($zone_id, $name, $type, $content, $ttl, $prio) { global $db; global $pdnssec_use; if (do_hook('verify_permission', 'zone_content_edit_others')) { $perm_content_edit = "all"; } elseif (do_hook('verify_permission', 'zone_content_edit_own')) { $perm_content_edit = "own"; } elseif (do_hook('verify_permission', 'zone_content_edit_own_as_client')) { $perm_content_edit = "own_as_client"; } else { $perm_content_edit = "none"; } $user_is_zone_owner = do_hook('verify_user_is_owner_zoneid', $zone_id); $zone_type = get_domain_type($zone_id); if ($zone_type == "SLAVE" || $perm_content_edit == "none" || ($perm_content_edit == "own" || $perm_content_edit == "own_as_client") && $user_is_zone_owner == "0") { error(ERR_PERM_ADD_RECORD); return false; } else { $response = $db->beginTransaction(); if (validate_input(-1, $zone_id, $type, $content, $name, $prio, $ttl)) { $change = time(); $name = strtolower($name); // powerdns only searches for lower case records if ($type == "SPF" || $type == "TXT") { $content = $db->quote(stripslashes('\\"' . $content . '\\"'), 'text'); } else { $content = $db->quote($content, 'text'); } $query = "INSERT INTO records (domain_id, name, type, content, ttl, prio, change_date) VALUES (" . $db->quote($zone_id, 'integer') . "," . $db->quote($name, 'text') . "," . $db->quote($type, 'text') . "," . $content . "," . $db->quote($ttl, 'integer') . "," . $db->quote($prio, 'integer') . "," . $db->quote($change, 'integer') . ")"; $response = $db->exec($query); if (PEAR::isError($response)) { error($response->getMessage()); $response = $db->rollback(); return false; } else { $response = $db->commit(); if ($type != 'SOA') { update_soa_serial($zone_id); } if ($pdnssec_use) { dnssec_rectify_zone($zone_id); } return true; } } else { return false; } } }
function add_record($zoneid, $name, $type, $content, $ttl, $prio) { global $db; if (verify_permission('zone_content_edit_others')) { $perm_content_edit = "all"; } elseif (verify_permission('zone_content_edit_own')) { $perm_content_edit = "own"; } else { $perm_content_edit = "none"; } $user_is_zone_owner = verify_user_is_owner_zoneid($zoneid); $zone_type = get_domain_type($zoneid); if ($zone_type == "SLAVE" || $perm_content_edit == "none" || $perm_content_edit == "own" && $user_is_zone_owner == "0") { error(ERR_PERM_ADD_RECORD); return false; } else { if (validate_input(-1, $zoneid, $type, $content, $name, $prio, $ttl)) { $change = time(); if ($type == "SPF" || $type == "TXT") { $content = $db->quote(stripslashes('\\"' . $content . '\\"'), 'text'); } else { $content = $db->quote($content, 'text'); } $query = "INSERT INTO records (domain_id, name, type, content, ttl, prio, change_date) VALUES (" . $db->quote($zoneid, 'integer') . "," . $db->quote($name, 'text') . "," . $db->quote($type, 'text') . "," . $content . "," . $db->quote($ttl, 'integer') . "," . $db->quote($prio, 'integer') . "," . $db->quote($change, 'integer') . ")"; $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } else { if ($type != 'SOA') { update_soa_serial($zoneid); } return true; } } else { return false; } } }
<?php /* * LMS version 1.11-cvs * * (C) Copyright 2009 Webvisor Sp z o.o. * * Please, see the doc/AUTHORS for more information about authors! * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License Version 2 as * published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, * USA. */ $id = $_GET['id'] * 1; if ($id) { $domainid = $DB->GetRow('SELECT domain_id FROM records WHERE records.id = ?', array($id)); $DB->Execute('DELETE FROM records WHERE id = ?', array($id)); include LIB_DIR . '/dns.php'; update_soa_serial($domainid['domain_id']); } $SESSION->redirect('?m=recordlist');
include_once "inc/footer.inc.php"; exit; } if (isset($_POST['commit'])) { $error = false; if (isset($_POST['record'])) { foreach ($_POST['record'] as $record) { $edit_record = edit_record($record); if (false === $edit_record) { $error = true; } } } edit_zone_comment($_GET['id'], $_POST['comment']); if (false === $error) { update_soa_serial($_GET['id']); success(SUC_ZONE_UPD); } else { error(ERR_ZONE_UPD); } } if (isset($_POST['save_as'])) { if (zone_templ_name_exists($_POST['templ_name'])) { error(ERR_ZONE_TEMPL_EXIST); } elseif ($_POST['templ_name'] == '') { error(ERR_ZONE_TEMPL_IS_EMPTY); } else { success(SUC_ZONE_TEMPL_ADD); $records = get_records_from_domain_id($zone_id); add_zone_templ_save_as($_POST['templ_name'], $_POST['templ_descr'], $_SESSION['userid'], $records, get_zone_name_from_id($zone_id)); }
$ip = safe($given_ip); // Check its ok... if (!valid_ip_address($ip)) { return status_exit('dnserr'); } else { $type = valid_ip_address($ip); } if (!strlen($hostname)) { return status_exit('notfqdn'); } $user_query = "\n\tSELECT\n\t\tusers.id\n\tFROM\n\t\tusers, perm_templ, perm_templ_items, perm_items\n\tWHERE\n\t\tusers.username = '******'\n\t\tAND users.password = '******'\n\t\tAND users.active = 1\n\t\tAND perm_templ.id = users.perm_templ\n\t\tAND perm_templ_items.templ_id = perm_templ.id\n\t\tAND perm_items.id = perm_templ_items.perm_id\n\t\tAND (\n\t\t\t\tperm_items.name = 'zone_content_edit_own'\n\t\t\t\tOR perm_items.name = 'zone_content_edit_others'\n\t\t)\n"; $user = $db->queryRow($user_query); if (!$user) { return status_exit('badauth'); } $zones_query = "SELECT domain_id FROM zones WHERE owner='{$user["id"]}'"; $zones_result = $db->query($zones_query); $was_updated = false; while ($zone = $zones_result->fetchRow()) { $name_query = "SELECT name FROM records WHERE domain_id='{$zone["domain_id"]}' and type = '{$type}'"; $result = $db->query($name_query); while ($record = $result->fetchRow()) { if ($hostname == $record['name']) { $update_query = "UPDATE records SET content ='{$ip}' where name='{$record["name"]}' and type='{$type}'"; $update_result = $db->query($update_query); update_soa_serial($zone['domain_id']); $was_updated = true; } } } return $was_updated ? status_exit('good') : status_exit('!yours');