From dd0130670fe3cab4c7e2c1ab4f3bf0d2b2d512b0 Mon Sep 17 00:00:00 2001
From: Denny Bortfeldt <denny@bortfeldt.net>
Date: Mon, 27 Jun 2016 18:02:16 -0400
Subject: [PATCH] When uploading a logo which is smaller than the current ispconfig one, then the logo will be on the left side of the header. In my opinion it will look better when it's centered. You could vote about it ;)
---
interface/web/dns/dns_wizard.php | 229 +++++++++++++++++++++++++++++++++++++++++----------------
1 files changed, 164 insertions(+), 65 deletions(-)
diff --git a/interface/web/dns/dns_wizard.php b/interface/web/dns/dns_wizard.php
index 74e8c1c..3cfc397 100644
--- a/interface/web/dns/dns_wizard.php
+++ b/interface/web/dns/dns_wizard.php
@@ -49,13 +49,12 @@
if (isset($_POST['server_id'])) {
$server_id = $app->functions->intval($_POST['server_id']);
$post_server_id = true;
-}
-else if (isset($_POST['server_id_value'])) {
- $server_id = $app->functions->intval($_POST['server_id_value']);
- $post_server_id = true;
- }
-else {
- $server_id = 1;
+} elseif (isset($_POST['server_id_value'])) {
+ $server_id = $app->functions->intval($_POST['server_id_value']);
+ $post_server_id = true;
+} else {
+ $settings = $app->getconf->get_global_config('dns');
+ $server_id = $app->functions->intval($settings['default_dnsserver']);
$post_server_id = false;
}
@@ -72,6 +71,9 @@
unset($n);
$app->tpl->setVar("template_id_option", $template_id_option);
+$app->uses('ini_parser,getconf');
+$domains_settings = $app->getconf->get_global_config('domains');
+
// If the user is administrator
if($_SESSION['s']['user']['typ'] == 'admin') {
@@ -84,47 +86,51 @@
}
$app->tpl->setVar("server_id", $server_id_option);
- // load the list of clients
- $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 ORDER BY sys_group.name";
- $clients = $app->db->queryAllRecords($sql);
- $client_select = '';
- if($_SESSION["s"]["user"]["typ"] == 'admin') $client_select .= "<option value='0'></option>";
- if(is_array($clients)) {
- foreach( $clients as $client) {
- $selected = ($client["groupid"] == $sys_groupid)?'SELECTED':'';
- $client_select .= "<option value='$client[groupid]' $selected>$client[contactname]</option>\r\n";
+ if ($domains_settings['use_domain_module'] != 'y') {
+ // load the list of clients
+ $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 ORDER BY client.company_name, client.contact_name, sys_group.name";
+ $clients = $app->db->queryAllRecords($sql);
+ $client_select = '';
+ if($_SESSION["s"]["user"]["typ"] == 'admin') $client_select .= "<option value='0'></option>";
+ if(is_array($clients)) {
+ foreach( $clients as $client) {
+ $selected = ($client["groupid"] == $sys_groupid)?'SELECTED':'';
+ $client_select .= "<option value='$client[groupid]' $selected>$client[contactname]</option>\r\n";
+ }
}
- }
- $app->tpl->setVar("client_group_id", $client_select);
+ $app->tpl->setVar("client_group_id", $client_select);
+ }
}
if ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
// Get the limits of the client
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
- $client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+ $client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
- // load the list of clients
- $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$app->functions->intval($client['client_id']);
- $clients = $app->db->queryAllRecords($sql);
- $tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$app->functions->intval($client['client_id']));
- $client_select = '<option value="'.$tmp['groupid'].'">'.$client['contactname'].'</option>';
- if(is_array($clients)) {
- foreach( $clients as $client) {
- $selected = ($client["groupid"] == $sys_groupid)?'SELECTED':'';
- $client_select .= "<option value='$client[groupid]' $selected>$client[contactname]</option>\r\n";
+ if ($domains_settings['use_domain_module'] != 'y') {
+ // load the list of clients
+ $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ? ORDER BY client.company_name, client.contact_name, sys_group.name";
+ $clients = $app->db->queryAllRecords($sql, $client['client_id']);
+ $tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ?", $client['client_id']);
+ $client_select = '<option value="'.$tmp['groupid'].'">'.$client['contactname'].'</option>';
+ if(is_array($clients)) {
+ foreach( $clients as $client) {
+ $selected = ($client["groupid"] == $sys_groupid)?'SELECTED':'';
+ $client_select .= "<option value='$client[groupid]' $selected>$client[contactname]</option>\r\n";
+ }
}
- }
- $app->tpl->setVar("client_group_id", $client_select);
+ $app->tpl->setVar("client_group_id", $client_select);
+ }
}
if($_SESSION["s"]["user"]["typ"] != 'admin')
-
- $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);{
- $client_dns = $app->db->queryOneRecord("SELECT dns_servers FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+{
+ $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
+ $client_dns = $app->db->queryOneRecord("SELECT dns_servers FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
$client_dns['dns_servers_ids'] = explode(',', $client_dns['dns_servers']);
@@ -135,13 +141,13 @@
$app->tpl->setVar('server_id_value', $client_dns['dns_servers_ids'][0]);
}
- $sql = "SELECT server_id, server_name FROM server WHERE server_id IN (" . $client_dns['dns_servers'] . ");";
- $dns_servers = $app->db->queryAllRecords($sql);
+ $sql = "SELECT server_id, server_name FROM server WHERE server_id IN ?";
+ $dns_servers = $app->db->queryAllRecords($sql, $client_dns['dns_servers_ids']);
$options_dns_servers = "";
foreach ($dns_servers as $dns_server) {
- $options_dns_servers .= "<option value='$dns_server[server_id]'>$dns_server[server_name]</option>";
+ $options_dns_servers .= '<option value="'.$dns_server['server_id'].'"'.($_POST['server_id'] == $dns_server['server_id'] ? ' selected="selected"' : '').'>'.$dns_server['server_name'].'</option>';
}
$app->tpl->setVar("server_id", $options_dns_servers);
@@ -149,7 +155,7 @@
}
-$template_record = $app->db->queryOneRecord("SELECT * FROM dns_template WHERE template_id = '".$app->functions->intval($template_id)."'");
+$template_record = $app->db->queryOneRecord("SELECT * FROM dns_template WHERE template_id = ?", $template_id);
$fields = explode(',', $template_record['fields']);
if(is_array($fields)) {
foreach($fields as $field) {
@@ -159,14 +165,48 @@
}
}
-if($_POST['create'] == 1) {
+/*
+ * Now we have to check, if we should use the domain-module to select the domain
+ * or not
+ */
+if ($domains_settings['use_domain_module'] == 'y') {
+ /*
+ * The domain-module is in use.
+ */
+ $domains = $app->tools_sites->getDomainModuleDomains("dns_soa");
+ $domain_select = '';
+ if(is_array($domains) && sizeof($domains) > 0) {
+ /* We have domains in the list, so create the drop-down-list */
+ foreach( $domains as $domain) {
+ $domain_select .= "<option value=" . $domain['domain_id'] ;
+ if ($domain['domain'] == $_POST['domain']) {
+ $domain_select .= " selected";
+ }
+ $domain_select .= ">" . $app->functions->idn_decode($domain['domain']) . ".</option>\r\n";
+ }
+ }
+ else {
+ /*
+ * We have no domains in the domain-list. This means, we can not add ANY new domain.
+ * To avoid, that the variable "domain_option" is empty and so the user can
+ * free enter a domain, we have to create a empty option!
+ */
+ $domain_select .= "<option value=''></option>\r\n";
+ }
+ $app->tpl->setVar("domain_option", $domain_select);
+}
+if($_POST['create'] == 1) {
+
+ //* CSRF Check
+ $app->auth->csrf_token_check();
+
$error = '';
if ($post_server_id)
{
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
- $client = $app->db->queryOneRecord("SELECT dns_servers FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+ $client = $app->db->queryOneRecord("SELECT dns_servers FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
$client['dns_servers_ids'] = explode(',', $client['dns_servers']);
@@ -182,8 +222,22 @@
// apply filters
if(isset($_POST['domain']) && $_POST['domain'] != ''){
- $_POST['domain'] = $app->functions->idn_encode($_POST['domain']);
- $_POST['domain'] = strtolower($_POST['domain']);
+ /* check if the domain module is used - and check if the selected domain can be used! */
+ if ($domains_settings['use_domain_module'] == 'y') {
+ if ($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+ $_POST['client_group_id'] = $app->tools_sites->getClientIdForDomain($_POST['domain']);
+ }
+ $domain_check = $app->tools_sites->checkDomainModuleDomain($_POST['domain']);
+ if(!$domain_check) {
+ // invalid domain selected
+ $_POST['domain'] = '';
+ } else {
+ $_POST['domain'] = $domain_check;
+ }
+ } else {
+ $_POST['domain'] = $app->functions->idn_encode($_POST['domain']);
+ $_POST['domain'] = strtolower($_POST['domain']);
+ }
}
if(isset($_POST['ns1']) && $_POST['ns1'] != ''){
$_POST['ns1'] = $app->functions->idn_encode($_POST['ns1']);
@@ -204,6 +258,8 @@
if(isset($_POST['ip']) && $_POST['ip'] == '') $error .= $app->lng('error_ip_empty').'<br />';
+ if(isset($_POST['ipv6']) && $_POST['ipv6'] == '') $error .= $app->lng('error_ipv6_empty').'<br />';
+
if(isset($_POST['ns1']) && $_POST['ns1'] == '') $error .= $app->lng('error_ns1_empty').'<br />';
elseif(isset($_POST['ns1']) && !preg_match('/^[\w\.\-]{2,64}\.[a-zA-Z0-9]{2,30}$/', $_POST['ns1'])) $error .= $app->lng('error_ns1_regex').'<br />';
@@ -211,7 +267,7 @@
elseif(isset($_POST['ns2']) && !preg_match('/^[\w\.\-]{2,64}\.[a-zA-Z0-9]{2,30}$/', $_POST['ns2'])) $error .= $app->lng('error_ns2_regex').'<br />';
if(isset($_POST['email']) && $_POST['email'] == '') $error .= $app->lng('error_email_empty').'<br />';
- elseif(isset($_POST['email']) && !preg_match('/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z0-9\-]{2,30}$/i', $_POST['email'])) $error .= $app->lng('error_email_regex').'<br />';
+ elseif(isset($_POST['email']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) $error .= $app->lng('error_email_regex').'<br />';
// make sure that the record belongs to the client group and not the admin group when admin inserts it
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($_POST['client_group_id'])) {
@@ -240,14 +296,18 @@
$tpl_content = $template_record['template'];
if($_POST['domain'] != '') $tpl_content = str_replace('{DOMAIN}', $_POST['domain'], $tpl_content);
if($_POST['ip'] != '') $tpl_content = str_replace('{IP}', $_POST['ip'], $tpl_content);
+ if($_POST['ipv6'] != '') $tpl_content = str_replace('{IPV6}',$_POST['ipv6'],$tpl_content);
if($_POST['ns1'] != '') $tpl_content = str_replace('{NS1}', $_POST['ns1'], $tpl_content);
if($_POST['ns2'] != '') $tpl_content = str_replace('{NS2}', $_POST['ns2'], $tpl_content);
if($_POST['email'] != '') $tpl_content = str_replace('{EMAIL}', $_POST['email'], $tpl_content);
+ $enable_dnssec = (($_POST['dnssec'] == 'Y') ? 'Y' : 'N');
if(isset($_POST['dkim']) && preg_match('/^[\w\.\-\/]{2,255}\.[a-zA-Z0-9\-]{2,30}[\.]{0,1}$/', $_POST['domain'])) {
- $public_key=$app->db->queryOneRecord("SELECT dkim_public FROM mail_domain WHERE domain = '".$app->db->quote($_POST['domain'])."' AND dkim = 'y' AND ".$app->tform->getAuthSQL('r'));
+ $sql = $app->db->queryOneRecord("SELECT dkim_public, dkim_selector FROM mail_domain WHERE domain = ? AND dkim = 'y' AND ".$app->tform->getAuthSQL('r'), $_POST['domain']);
+ $public_key = $sql['dkim_public'];
if ($public_key!='') {
- $dns_record=str_replace(array("\r\n", "\n", "\r", "-----BEGIN PUBLIC KEY-----", "-----END PUBLIC KEY-----"), '', $public_key['dkim_public']);
- $tpl_content = str_replace('{DKIM}', 'TXT|default._domainkey.'.$_POST['domain'].'.|v=DKIM1; t=s; p='.$dns_record, $tpl_content);
+ if (empty($sql['dkim_selector'])) $sql['dkim_selector'] = 'default';
+ $dns_record=str_replace(array("\r\n", "\n", "\r", "-----BEGIN PUBLIC KEY-----", "-----END PUBLIC KEY-----"), '', $public_key);
+ $tpl_content .= "\n".'TXT|'.$sql['dkim_selector'].'._domainkey.'.$_POST['domain'].'.|v=DKIM1; t=s; p='.$dns_record;
}
}
@@ -255,6 +315,7 @@
$tpl_rows = explode("\n", $tpl_content);
$section = '';
$vars = array();
+ $vars['xfer']='';
$dns_rr = array();
foreach($tpl_rows as $row) {
$row = trim($row);
@@ -279,11 +340,11 @@
if($section == 'dns_records') {
$parts = explode('|', $row);
$dns_rr[] = array(
- 'name' => $app->db->quote($parts[1]),
- 'type' => $app->db->quote($parts[0]),
- 'data' => $app->db->quote($parts[2]),
- 'aux' => $app->db->quote($parts[3]),
- 'ttl' => $app->db->quote($parts[4])
+ 'name' => $parts[1],
+ 'type' => $parts[0],
+ 'data' => $parts[2],
+ 'aux' => $parts[3],
+ 'ttl' => $parts[4]
);
}
}
@@ -303,28 +364,61 @@
if($error == '') {
// Insert the soa record
$sys_userid = $_SESSION['s']['user']['userid'];
- $origin = $app->db->quote($vars['origin']);
- $ns = $app->db->quote($vars['ns']);
- $mbox = $app->db->quote(str_replace('@', '.', $vars['mbox']));
- $refresh = $app->db->quote($vars['refresh']);
- $retry = $app->db->quote($vars['retry']);
- $expire = $app->db->quote($vars['expire']);
- $minimum = $app->db->quote($vars['minimum']);
- $ttl = $app->db->quote($vars['ttl']);
- $xfer = $app->db->quote($vars['xfer']);
- $also_notify = $app->db->quote($vars['also_notify']);
- $update_acl = $app->db->quote($vars['update_acl']);
+ $origin = $vars['origin'];
+ $ns = $vars['ns'];
+ $mbox = str_replace('@', '.', $vars['mbox']);
+ $refresh = $vars['refresh'];
+ $retry = $vars['retry'];
+ $expire = $vars['expire'];
+ $minimum = $vars['minimum'];
+ $ttl = $vars['ttl'];
+ $xfer = $vars['xfer'];
+ $also_notify = $vars['also_notify'];
+ $update_acl = $vars['update_acl'];
$serial = $app->validate_dns->increase_serial(0);
- $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `origin`, `ns`, `mbox`, `serial`, `refresh`, `retry`, `expire`, `minimum`, `ttl`, `active`, `xfer`, `also_notify`, `update_acl`) VALUES
- ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$origin', '$ns', '$mbox', '$serial', '$refresh', '$retry', '$expire', '$minimum', '$ttl', 'Y', '$xfer', '$also_notify', '$update_acl')";
+ $insert_data = array(
+ "sys_userid" => $sys_userid,
+ "sys_groupid" => $sys_groupid,
+ "sys_perm_user" => 'riud',
+ "sys_perm_group" => 'riud',
+ "sys_perm_other" => '',
+ "server_id" => $server_id,
+ "origin" => $origin,
+ "ns" => $ns,
+ "mbox" => $mbox,
+ "serial" => $serial,
+ "refresh" => $refresh,
+ "retry" => $retry,
+ "expire" => $expire,
+ "minimum" => $minimum,
+ "ttl" => $ttl,
+ "active" => 'Y',
+ "xfer" => $xfer,
+ "also_notify" => $also_notify,
+ "update_acl" => $update_acl,
+ "dnssec_wanted" => $enable_dnssec
+ );
$dns_soa_id = $app->db->datalogInsert('dns_soa', $insert_data, 'id');
// Insert the dns_rr records
if(is_array($dns_rr) && $dns_soa_id > 0) {
foreach($dns_rr as $rr) {
- $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `zone`, `name`, `type`, `data`, `aux`, `ttl`, `active`) VALUES
- ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$dns_soa_id', '$rr[name]', '$rr[type]', '$rr[data]', '$rr[aux]', '$rr[ttl]', 'Y')";
+ $insert_data = array(
+ "sys_userid" => $sys_userid,
+ "sys_groupid" => $sys_groupid,
+ "sys_perm_user" => 'riud',
+ "sys_perm_group" => 'riud',
+ "sys_perm_other" => '',
+ "server_id" => $server_id,
+ "zone" => $dns_soa_id,
+ "name" => $rr['name'],
+ "type" => $rr['type'],
+ "data" => $rr['data'],
+ "aux" => $rr['aux'],
+ "ttl" => $rr['ttl'],
+ "active" => 'Y'
+ );
$dns_rr_id = $app->db->datalogInsert('dns_rr', $insert_data, 'id');
}
}
@@ -342,6 +436,11 @@
$app->tpl->setVar("title", 'DNS Wizard');
+//* SET csrf token
+$csrf_token = $app->auth->csrf_token_get('dns_wizard');
+$app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']);
+$app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']);
+
$lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_dns_wizard.lng';
include $lng_file;
$app->tpl->setVar($wb);
--
Gitblit v1.9.1