$content .= '<tr><td><a href="' . $_SERVER["PHP_SELF"] . $link . '&zonename=' . $newzone->zonename . '&zonetype=' . $newzone->zonetype . '" class="linkcolor">' . $newzone->zonename . '</a> (' . $newzone->zonetype . ')</tr></td>
';
}
$content .= '
</table></div>
';
} else {
$content = $user->error;
}
} else {
// zonename is set ==> confirm & delete
$zone = new Zone($zonename, $zonetype);
if ($zone->error) {
$content = sprintf($html->string_error, $zone->error);
} else {
if (!$config->usergroups && $zone->RetrieveUser() != $user->userid || $config->usergroups && $zone->RetrieveUser() != $group->groupid) {
$content = sprintf($html->string_error, sprintf($l['str_you_can_not_manage_delete_zone_x_x'], $zone->zonename, $zone->zonetype));
} else {
if (isset($_REQUEST) && !isset($_REQUEST['confirm']) || !isset($_REQUEST) && !isset($confirm)) {
// ==> print confirm screen
$content = '
<div class="boxheader">' . $l['str_confirmation'] . '</div>';
if ($zone->zonetype == 'P') {
$tempzonetype = $l['str_primary'];
} else {
$tempzonetype = $l['str_secondary'];
}
$content .= sprintf($l['str_do_you_confirm_zone_deletion_x_x_from_x'], $zone->zonename, $tempzonetype, $config->sitename) . '
<div align="center">
<form action="' . $_SERVER["PHP_SELF"] . '" method="POST">
' . $hiddenfields . '
$zonename = $_REQUEST['zonename'];
}
$zonename = addslashes($zonename);
if (isset($_REQUEST) && empty($_REQUEST['zonetype']) || !isset($_REQUEST) && empty($zonetype)) {
$content .= sprintf($html->string_error, $l['str_you_did_not_specify_zonetype']);
$localerror = 1;
} else {
if (isset($_REQUEST)) {
$zonetype = $_REQUEST['zonetype'];
}
$zonetype = addslashes($zonetype);
$zone = new Zone($zonename, $zonetype);
if (!empty($zone->error)) {
$content .= sprintf($html->string_error, $zone->error);
} else {
$userid = $zone->RetrieveUser();
}
}
} else {
// nothing entered
$content .= sprintf($html->string_error, $l['str_you_did_not_enter_login_nor_zonename']);
$localerror = 1;
}
}
}
}
print $html->box('mainbox', $title, $content);
if (file_exists("includes/right_side.php")) {
include "includes/right_side.php";
} else {
include "includes/right_side_default.php";
if (isset($_REQUEST['logout']) && $_REQUEST['logout'] || isset($logout) && $logout) {
$user->logout($idsession);
}
$link = "?language=" . $lang;
if (!empty($idsession)) {
$link .= "&idsession=" . $idsession;
}
if ($user->error) {
printf($html->string_error, $user->error);
}
if ($user->authenticated == 1) {
if (isset($_REQUEST)) {
$zonename = $_REQUEST['zonename'];
$zonetype = $_REQUEST['zonetype'];
$server = $_REQUEST['server'];
}
$zone = new Zone($zonename, $zonetype);
if ($zone->error) {
printf($html->string_error, $zone->error);
} else {
if ($zone->RetrieveUser() != $user->userid && ($config->usergroups && $zone->RetrieveUser() != $group->groupid)) {
printf($html->string_error, $l['str_you_dont_own_this_zone']);
} else {
$title = sprintf($l['str_zone_content_for_x_on_server_x'], $zone->zonename, xssafe($server));
$content = sprintf("\n<pre>%s</pre>", xssafe(zoneDig($server, $zonename)));
print $html->box('digwindow', $title, $content);
}
}
}
// print close "window"
print $html->footerlight();
/**
* XML-RPC service to update A records
*
*@access public
*@params XML-RPC message $m
*@return XML-RPC answer
*
*The request for this service is a structure containing:
*
* - user: the user name
* - password: his password
* - zone: the name of the zone
* - name: the name of the A record(s)
* - oldaddress (optional): the address of the A record to
* delete or "*" to delete all A records
* for the given name.
* - newaddress (optional): the address of the A record to add.
* - ttl (optional): the TTL of the A record to add.
*
* The return value is the whole zone as text.
*
* Inserts can be performed by leaving "oldaddress" empty.
* Deletes can be performed by leaving "newaddress" empty.
* Updates are performed by giving both old and new addresses.
*
*/
function updateArecord($m)
{
global $xmlrpcerruser, $stateNames;
global $db, $dbauth, $user, $config;
if ($_SERVER["HTTPS"] != "on") {
return new xmlrpcresp(0, $xmlrpcerruser, "non-https modifications disabled " . "(also, now you have to change your password)");
}
$res = "";
$modified = 0;
$req = php_xmlrpc_decode($m->getParam(0));
$db = new Db();
if ($config->userdbname) {
$dbauth = new DbAuth();
} else {
$dbauth = $db;
}
$user = new User($req["user"], $req["password"], NULL);
if ($user->authenticated == 0) {
$user = new User($req["user"], $req["password"], NULL, 1);
}
if ($user->authenticated == 0) {
return new xmlrpcresp(0, $xmlrpcerruser, "authentication refused");
} elseif ($user->authenticated >= 2) {
return new xmlrpcresp(0, $xmlrpcerruser, "you have to migrate first");
}
$zonename = $req["zone"];
$zonetype = "P";
$zone = new Zone($zonename, $zonetype);
$zone->isErroneous();
if ($zone->error) {
return new xmlrpcresp(0, $xmlrpcerruser, $zone->error);
}
if ($config->usergroups) {
include 'libs/group.php';
$group = new Group($user->userid);
if ($config->userlogs) {
include 'libs/userlogs.php';
$userlogs = new UserLogs($group->groupid, $user->userid);
}
}
if (!$config->usergroups && $zone->RetrieveUser() != $user->userid || $config->usergroups && $zone->RetrieveUser() != $group->groupid) {
return new xmlrpcresp(0, $xmlrpcerruser, "You can not manage zone " . $zone->zonename);
}
$currentzone = new Primary($zone->zonename, $zone->zonetype, $user);
if (!empty($req["newaddress"]) && $req["newaddress"] == "<dynamic>") {
$req["newaddress"] = $_SERVER["REMOTE_ADDR"];
}
if (!empty($req["oldaddress"])) {
if (!empty($req["newaddress"])) {
# skip changes if newaddress is the same we already have
$currentzone->getARecords($addarr, mysql_real_escape_string($req["name"]));
if (count($addarr) == 1 && in_array($req["newaddress"], $addarr)) {
$ttl = intval($req["ttl"]);
if (empty($ttl)) {
$ttl = "-1";
}
$ret = array("zone" => $req["zone"], "serial" => $currentzone->serial, "name" => $req["name"], "addresses" => $addarr, "ttl" => $ttl);
return new xmlrpcresp(php_xmlrpc_encode($ret));
}
}
$modified = 1;
if ($req["oldaddress"] == "*") {
$currentzone->deleteMultipleARecords($req["name"]);
} elseif ($req["oldaddress"] == "*.*") {
$currentzone->deleteMultipleARecords($req["name"], "A");
} elseif ($req["oldaddress"] == "*:*") {
$currentzone->deleteMultipleARecords($req["name"], "AAAA");
} else {
$tmpname = sprintf("%s(%s/%s)", preg_match('/:/', $req["oldaddress"]) ? "aaaa" : "a", mysql_real_escape_string($req["name"]), mysql_real_escape_string($req["oldaddress"]));
$currentzone->Delete(array($tmpname), 0, 0);
}
if ($currentzone->error) {
return new xmlrpcresp(0, $xmlrpcerruser, $currentzone->error);
}
}
$ttl = intval($req["ttl"]);
if (empty($ttl)) {
$ttl = "-1";
}
$updatereverse = !empty($req["updatereveverse"]);
if (!empty($req["newaddress"])) {
$modified = 1;
if (preg_match('/:/', $req["newaddress"])) {
$fn = "addAAAARecord";
} else {
$fn = "addARecord";
}
$res = $currentzone->{$fn}($zone->zoneid, array(mysql_real_escape_string($req["newaddress"])), array(mysql_real_escape_string($req["name"])), array($ttl), $updatereverse);
if ($currentzone->error) {
return new xmlrpcresp(0, $xmlrpcerruser, $res);
}
}
$currentzone->generateConfigFile();
$checker = sprintf("%s %s %s", $config->binnamedcheckzone, $currentzone->zonename, $currentzone->tempZoneFile());
$check = `{$checker}`;
unlink($currentzone->tempZoneFile());
if (!preg_match("/OK/", $check)) {
return new xmlrpcresp(0, $xmlrpcerruser, "Check error: " . $checker);
}
if ($modified) {
$currentzone->flagModified($currentzone->zoneid);
$currentzone->updateSerial($currentzone->zoneid);
if ($currentzone->error) {
return new xmlrpcresp(0, $xmlrpcerruser, "DB error: " . $currentzone->error);
}
}
$ret = array("zone" => $req["zone"], "serial" => $currentzone->serial, "name" => $req["name"], "addresses" => NULL, "ttl" => $ttl);
$currentzone->getArecords($ret["addresses"], mysql_real_escape_string($req["name"]));
if ($currentzone->error) {
return new xmlrpcresp(0, $xmlrpcerruser, $currentzone->error);
}
return new xmlrpcresp(php_xmlrpc_encode($ret));
}
