/** Make sql query safe
*
* @param mixed $value Unsafe Value
*
* @return mixed $value Safe Value
*/
function safe($value)
{
global $db, $db_type;
if ($db_type == 'mysql') {
$value = $db->quote($value, 'text');
$value = substr($value, 1, -1);
// remove quotes
} else {
return status_exit('baddbtype');
}
return $value;
}
if (!preg_match('/^((?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/i', $ip)) {
return status_exit('dnserr');
}
if (!strlen($hostname)) {
return status_exit('notfqdn');
}
// Don't allow super user to be used for update
if ($username == 'admin') {
return status_exit('badauth');
}
$query = "SELECT * FROM users WHERE username='******' and password='******'";
$userdetails = $db->queryRow($query);
$query2 = "SELECT domain_id FROM zones WHERE owner='{$userdetails["id"]}'";
$querydomains = $db->query($query2);
$domainunauth = $querydomains->numRows();
while ($row = $querydomains->fetchRow()) {
$query3 = "SELECT name FROM records WHERE domain_id='{$row["domain_id"]}' and type = 'A'";
$result = $db->query($query3);
while ($row2 = $result->fetchRow()) {
if ($hostname == $row2['name']) {
$updatequery = "UPDATE records SET content ='{$ip}' where domain_id='{$row["domain_id"]}' and type='A'";
$query = $db->query($updatequery);
$domainunauth = "-1";
}
}
}
if ($domainunauth < 0) {
return status_exit('good');
}
return status_exit('!yours');
