From baf5dda4cc07aa35eb9e41dda90aee0d2cdecf23 Mon Sep 17 00:00:00 2001
From: Sergio Cambra <sergio@programatica.es>
Date: Tue, 08 Jul 2014 09:53:13 -0400
Subject: [PATCH] fix escaping in sql query
---
interface/web/dns/dns_wizard.php | 77 +++++++++++++++++++++++++++++++-------
1 files changed, 62 insertions(+), 15 deletions(-)
diff --git a/interface/web/dns/dns_wizard.php b/interface/web/dns/dns_wizard.php
index 74e8c1c..8549a6b 100644
--- a/interface/web/dns/dns_wizard.php
+++ b/interface/web/dns/dns_wizard.php
@@ -49,12 +49,10 @@
if (isset($_POST['server_id'])) {
$server_id = $app->functions->intval($_POST['server_id']);
$post_server_id = true;
-}
-else if (isset($_POST['server_id_value'])) {
- $server_id = $app->functions->intval($_POST['server_id_value']);
- $post_server_id = true;
- }
-else {
+} elseif (isset($_POST['server_id_value'])) {
+ $server_id = $app->functions->intval($_POST['server_id_value']);
+ $post_server_id = true;
+} else {
$server_id = 1;
$post_server_id = false;
}
@@ -85,7 +83,7 @@
$app->tpl->setVar("server_id", $server_id_option);
// load the list of clients
- $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 ORDER BY sys_group.name";
+ $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 ORDER BY client.company_name, client.contact_name, sys_group.name";
$clients = $app->db->queryAllRecords($sql);
$client_select = '';
if($_SESSION["s"]["user"]["typ"] == 'admin') $client_select .= "<option value='0'></option>";
@@ -107,7 +105,7 @@
// load the list of clients
- $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$app->functions->intval($client['client_id']);
+ $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$app->functions->intval($client['client_id'])." ORDER BY client.company_name, client.contact_name, sys_group.name";
$clients = $app->db->queryAllRecords($sql);
$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$app->functions->intval($client['client_id']));
$client_select = '<option value="'.$tmp['groupid'].'">'.$client['contactname'].'</option>';
@@ -122,8 +120,8 @@
}
if($_SESSION["s"]["user"]["typ"] != 'admin')
-
- $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);{
+{
+ $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client_dns = $app->db->queryOneRecord("SELECT dns_servers FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
$client_dns['dns_servers_ids'] = explode(',', $client_dns['dns_servers']);
@@ -159,6 +157,39 @@
}
}
+/*
+ * Now we have to check, if we should use the domain-module to select the domain
+ * or not
+ */
+$app->uses('ini_parser,getconf');
+$settings = $app->getconf->get_global_config('domains');
+if ($settings['use_domain_module'] == 'y') {
+ /*
+ * The domain-module is in use.
+ */
+ $domains = $app->tools_sites->getDomainModuleDomains("dns_soa");
+ $domain_select = '';
+ if(is_array($domains) && sizeof($domains) > 0) {
+ /* We have domains in the list, so create the drop-down-list */
+ foreach( $domains as $domain) {
+ $domain_select .= "<option value=" . $domain['domain_id'] ;
+ if ($domain['domain'] == $_POST['domain']) {
+ $domain_select .= " selected";
+ }
+ $domain_select .= ">" . $app->functions->idn_decode($domain['domain']) . ".</option>\r\n";
+ }
+ }
+ else {
+ /*
+ * We have no domains in the domain-list. This means, we can not add ANY new domain.
+ * To avoid, that the variable "domain_option" is empty and so the user can
+ * free enter a domain, we have to create a empty option!
+ */
+ $domain_select .= "<option value=''></option>\r\n";
+ }
+ $app->tpl->setVar("domain_option", $domain_select);
+}
+
if($_POST['create'] == 1) {
$error = '';
@@ -182,8 +213,19 @@
// apply filters
if(isset($_POST['domain']) && $_POST['domain'] != ''){
- $_POST['domain'] = $app->functions->idn_encode($_POST['domain']);
- $_POST['domain'] = strtolower($_POST['domain']);
+ /* check if the domain module is used - and check if the selected domain can be used! */
+ if ($settings['use_domain_module'] == 'y') {
+ $domain_check = $app->tools_sites->checkDomainModuleDomain($_POST['domain']);
+ if(!$domain_check) {
+ // invalid domain selected
+ $_POST['domain'] = '';
+ } else {
+ $_POST['domain'] = $domain_check;
+ }
+ } else {
+ $_POST['domain'] = $app->functions->idn_encode($_POST['domain']);
+ $_POST['domain'] = strtolower($_POST['domain']);
+ }
}
if(isset($_POST['ns1']) && $_POST['ns1'] != ''){
$_POST['ns1'] = $app->functions->idn_encode($_POST['ns1']);
@@ -203,6 +245,8 @@
elseif(isset($_POST['domain']) && !preg_match('/^[\w\.\-]{2,64}\.[a-zA-Z0-9\-]{2,30}$/', $_POST['domain'])) $error .= $app->lng('error_domain_regex').'<br />';
if(isset($_POST['ip']) && $_POST['ip'] == '') $error .= $app->lng('error_ip_empty').'<br />';
+
+ if(isset($_POST['ipv6']) && $_POST['ipv6'] == '') $error .= $app->lng('error_ipv6_empty').'<br />';
if(isset($_POST['ns1']) && $_POST['ns1'] == '') $error .= $app->lng('error_ns1_empty').'<br />';
elseif(isset($_POST['ns1']) && !preg_match('/^[\w\.\-]{2,64}\.[a-zA-Z0-9]{2,30}$/', $_POST['ns1'])) $error .= $app->lng('error_ns1_regex').'<br />';
@@ -240,14 +284,17 @@
$tpl_content = $template_record['template'];
if($_POST['domain'] != '') $tpl_content = str_replace('{DOMAIN}', $_POST['domain'], $tpl_content);
if($_POST['ip'] != '') $tpl_content = str_replace('{IP}', $_POST['ip'], $tpl_content);
+ if($_POST['ipv6'] != '') $tpl_content = str_replace('{IPV6}',$_POST['ipv6'],$tpl_content);
if($_POST['ns1'] != '') $tpl_content = str_replace('{NS1}', $_POST['ns1'], $tpl_content);
if($_POST['ns2'] != '') $tpl_content = str_replace('{NS2}', $_POST['ns2'], $tpl_content);
if($_POST['email'] != '') $tpl_content = str_replace('{EMAIL}', $_POST['email'], $tpl_content);
if(isset($_POST['dkim']) && preg_match('/^[\w\.\-\/]{2,255}\.[a-zA-Z0-9\-]{2,30}[\.]{0,1}$/', $_POST['domain'])) {
- $public_key=$app->db->queryOneRecord("SELECT dkim_public FROM mail_domain WHERE domain = '".$app->db->quote($_POST['domain'])."' AND dkim = 'y' AND ".$app->tform->getAuthSQL('r'));
+ $sql = $app->db->queryOneRecord("SELECT dkim_public, dkim_selecotr FROM mail_domain WHERE domain = ? AND dkim = 'y' AND ".$app->tform->getAuthSQL('r'), $_POST['domain']);
+ $public_key = $sql['dkim_public'];
if ($public_key!='') {
- $dns_record=str_replace(array("\r\n", "\n", "\r", "-----BEGIN PUBLIC KEY-----", "-----END PUBLIC KEY-----"), '', $public_key['dkim_public']);
- $tpl_content = str_replace('{DKIM}', 'TXT|default._domainkey.'.$_POST['domain'].'.|v=DKIM1; t=s; p='.$dns_record, $tpl_content);
+ if (empty($sql['dkim_selector'])) $sql['dkim_selector'] = 'default';
+ $dns_record=str_replace(array("\r\n", "\n", "\r", "-----BEGIN PUBLIC KEY-----", "-----END PUBLIC KEY-----"), '', $public_key);
+ $tpl_content .= "\n".'TXT|'.$sql['dkim_selector'].'._domainkey.'.$_POST['domain'].'.|v=DKIM1; t=s; p='.$dns_record;
}
}
--
Gitblit v1.9.1