From e4e2a430bbbf2cd9516f4d01f2b49a10ff981d5c Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Mon, 27 Jan 2014 10:33:40 -0500
Subject: [PATCH]  Merge branch 'master' into 'master'

---
 interface/web/dns/dns_wizard.php |   76 +++++++++++++++++++++++++++++++++-----
 1 files changed, 66 insertions(+), 10 deletions(-)

diff --git a/interface/web/dns/dns_wizard.php b/interface/web/dns/dns_wizard.php
index e51c76d..1d295ec 100644
--- a/interface/web/dns/dns_wizard.php
+++ b/interface/web/dns/dns_wizard.php
@@ -46,14 +46,16 @@
 $sys_groupid = (isset($_POST['client_group_id']))?$app->functions->intval($_POST['client_group_id']):0;
 
 // get the correct server_id
-if($_SESSION['s']['user']['typ'] == 'admin') {
-	$server_id = (isset($_POST['server_id']))?$app->functions->intval($_POST['server_id']):1;
+if (isset($_POST['server_id'])) {
+	$server_id = $app->functions->intval($_POST['server_id']);
+	$post_server_id = true;
+} elseif (isset($_POST['server_id_value'])) {
+	$server_id = $app->functions->intval($_POST['server_id_value']);
+	$post_server_id = true;
 } else {
-	$client_group_id = $_SESSION["s"]["user"]["default_group"];
-	$client = $app->db->queryOneRecord("SELECT default_dnsserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-	$server_id = $client["default_dnsserver"];
+	$server_id = 1;
+	$post_server_id = false;
 }
-
 
 // Load the templates
 $records = $app->db->queryAllRecords("SELECT * FROM dns_template WHERE visible = 'Y' ORDER BY name ASC");
@@ -98,14 +100,14 @@
 if ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
 
 	// Get the limits of the client
-	$client_group_id = $_SESSION["s"]["user"]["default_group"];
+	$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
 	$client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 
 	// load the list of clients
-	$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id'];
+	$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$app->functions->intval($client['client_id']);
 	$clients = $app->db->queryAllRecords($sql);
-	$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$client['client_id']);
+	$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$app->functions->intval($client['client_id']));
 	$client_select = '<option value="'.$tmp['groupid'].'">'.$client['contactname'].'</option>';
 	if(is_array($clients)) {
 		foreach( $clients as $client) {
@@ -117,8 +119,35 @@
 	$app->tpl->setVar("client_group_id", $client_select);
 }
 
+if($_SESSION["s"]["user"]["typ"] != 'admin')
+{
+	$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
+	$client_dns = $app->db->queryOneRecord("SELECT dns_servers FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
-$template_record = $app->db->queryOneRecord("SELECT * FROM dns_template WHERE template_id = '$template_id'");
+	$client_dns['dns_servers_ids'] = explode(',', $client_dns['dns_servers']);
+
+	$only_one_server = count($client_dns['dns_servers_ids']) === 1;
+	$app->tpl->setVar('only_one_server', $only_one_server);
+
+	if ($only_one_server) {
+		$app->tpl->setVar('server_id_value', $client_dns['dns_servers_ids'][0]);
+	}
+
+	$sql = "SELECT server_id, server_name FROM server WHERE server_id IN (" . $client_dns['dns_servers'] . ");";
+	$dns_servers = $app->db->queryAllRecords($sql);
+
+	$options_dns_servers = "";
+
+	foreach ($dns_servers as $dns_server) {
+		$options_dns_servers .= "<option value='$dns_server[server_id]'>$dns_server[server_name]</option>";
+	}
+
+	$app->tpl->setVar("server_id", $options_dns_servers);
+	unset($options_dns_servers);
+
+}
+
+$template_record = $app->db->queryOneRecord("SELECT * FROM dns_template WHERE template_id = '".$app->functions->intval($template_id)."'");
 $fields = explode(',', $template_record['fields']);
 if(is_array($fields)) {
 	foreach($fields as $field) {
@@ -131,6 +160,23 @@
 if($_POST['create'] == 1) {
 
 	$error = '';
+
+	if ($post_server_id)
+	{
+		$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
+		$client = $app->db->queryOneRecord("SELECT dns_servers FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+
+		$client['dns_servers_ids'] = explode(',', $client['dns_servers']);
+
+		// Check if chosen server is in authorized servers for this client
+		if (!(is_array($client['dns_servers_ids']) && in_array($server_id, $client['dns_servers_ids'])) && $_SESSION["s"]["user"]["typ"] != 'admin') {
+			$error .= $app->lng('error_not_allowed_server_id').'<br />';
+		}
+	}
+	else
+	{
+		$error .= $app->lng('error_no_server_id').'<br />';
+	}
 
 	// apply filters
 	if(isset($_POST['domain']) && $_POST['domain'] != ''){
@@ -155,6 +201,8 @@
 	elseif(isset($_POST['domain']) && !preg_match('/^[\w\.\-]{2,64}\.[a-zA-Z0-9\-]{2,30}$/', $_POST['domain'])) $error .= $app->lng('error_domain_regex').'<br />';
 
 	if(isset($_POST['ip']) && $_POST['ip'] == '') $error .= $app->lng('error_ip_empty').'<br />';
+
+	if(isset($_POST['ipv6']) && $_POST['ipv6'] == '') $error .= $app->lng('error_ipv6_empty').'<br />';
 
 	if(isset($_POST['ns1']) && $_POST['ns1'] == '') $error .= $app->lng('error_ns1_empty').'<br />';
 	elseif(isset($_POST['ns1']) && !preg_match('/^[\w\.\-]{2,64}\.[a-zA-Z0-9]{2,30}$/', $_POST['ns1'])) $error .= $app->lng('error_ns1_regex').'<br />';
@@ -192,9 +240,17 @@
 	$tpl_content = $template_record['template'];
 	if($_POST['domain'] != '') $tpl_content = str_replace('{DOMAIN}', $_POST['domain'], $tpl_content);
 	if($_POST['ip'] != '') $tpl_content = str_replace('{IP}', $_POST['ip'], $tpl_content);
+	if($_POST['ipv6'] != '') $tpl_content = str_replace('{IPV6}',$_POST['ipv6'],$tpl_content);
 	if($_POST['ns1'] != '') $tpl_content = str_replace('{NS1}', $_POST['ns1'], $tpl_content);
 	if($_POST['ns2'] != '') $tpl_content = str_replace('{NS2}', $_POST['ns2'], $tpl_content);
 	if($_POST['email'] != '') $tpl_content = str_replace('{EMAIL}', $_POST['email'], $tpl_content);
+	if(isset($_POST['dkim']) && preg_match('/^[\w\.\-\/]{2,255}\.[a-zA-Z0-9\-]{2,30}[\.]{0,1}$/', $_POST['domain'])) {
+		$public_key=$app->db->queryOneRecord("SELECT dkim_public FROM mail_domain WHERE domain = '".$app->db->quote($_POST['domain'])."' AND dkim = 'y' AND ".$app->tform->getAuthSQL('r'));
+		if ($public_key!='') {
+			$dns_record=str_replace(array("\r\n", "\n", "\r", "-----BEGIN PUBLIC KEY-----", "-----END PUBLIC KEY-----"), '', $public_key['dkim_public']);
+			$tpl_content = str_replace('TXT|'.$_POST['domain'].'.|{DKIM}', 'TXT|default._domainkey.'.$_POST['domain'].'.|v=DKIM1; t=s; p='.$dns_record, $tpl_content);
+		}
+	}
 
 	// Parse the template
 	$tpl_rows = explode("\n", $tpl_content);

--
Gitblit v1.9.1