commit | author | age
|
fed17d
|
1 |
<?php |
FS |
2 |
|
|
3 |
/* |
|
4 |
Copyright (c) 2014, Florian Schaal, info@schaal-24.de |
|
5 |
All rights reserved. |
|
6 |
|
|
7 |
Redistribution and use in source and binary forms, with or without modification, |
|
8 |
are permitted provided that the following conditions are met: |
|
9 |
|
|
10 |
* Redistributions of source code must retain the above copyright notice, |
|
11 |
this list of conditions and the following disclaimer. |
|
12 |
* Redistributions in binary form must reproduce the above copyright notice, |
|
13 |
this list of conditions and the following disclaimer in the documentation |
|
14 |
and/or other materials provided with the distribution. |
|
15 |
* Neither the name of ISPConfig nor the names of its contributors |
|
16 |
may be used to endorse or promote products derived from this software without |
|
17 |
specific prior written permission. |
|
18 |
|
|
19 |
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND |
|
20 |
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
21 |
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
|
22 |
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, |
|
23 |
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
|
24 |
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
|
25 |
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY |
|
26 |
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING |
|
27 |
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, |
|
28 |
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
|
29 |
*/ |
|
30 |
|
|
31 |
/****************************************** |
|
32 |
* Begin Form configuration |
|
33 |
******************************************/ |
|
34 |
|
|
35 |
$tform_def_file = "form/dns_spf.tform.php"; |
|
36 |
|
|
37 |
/****************************************** |
|
38 |
* End Form configuration |
|
39 |
******************************************/ |
|
40 |
|
|
41 |
require_once '../../lib/config.inc.php'; |
|
42 |
require_once '../../lib/app.inc.php'; |
|
43 |
|
|
44 |
//* Check permissions for module |
|
45 |
$app->auth->check_module_permissions('dns'); |
|
46 |
|
|
47 |
// Loading classes |
|
48 |
$app->uses('tpl,tform,tform_actions,validate_dns'); |
|
49 |
$app->load('tform_actions'); |
|
50 |
|
|
51 |
class page_action extends tform_actions { |
|
52 |
|
|
53 |
function onShowNew() { |
|
54 |
global $app, $conf; |
|
55 |
// we will check only users, not admins |
|
56 |
if($_SESSION["s"]["user"]["typ"] == 'user') { |
|
57 |
|
|
58 |
// Get the limits of the client |
|
59 |
$client_group_id = intval($_SESSION["s"]["user"]["default_group"]); |
cc7a82
|
60 |
$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id); |
fed17d
|
61 |
|
FS |
62 |
// Check if the user may add another mailbox. |
|
63 |
if($client["limit_dns_record"] >= 0) { |
|
64 |
$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_rr WHERE sys_groupid = ?", $client_group_id); |
|
65 |
if($tmp["number"] >= $client["limit_dns_record"]) { |
|
66 |
$app->error($app->tform->wordbook["limit_dns_record_txt"]); |
|
67 |
} |
|
68 |
} |
|
69 |
} |
|
70 |
|
|
71 |
parent::onShowNew(); |
|
72 |
} |
|
73 |
|
|
74 |
function onShowEnd() { |
|
75 |
global $app, $conf; |
|
76 |
|
|
77 |
$zone = $app->functions->intval($_GET['zone']); |
|
78 |
|
|
79 |
//* check for an existing spf-record |
cc7a82
|
80 |
$sql = "SELECT data, active FROM dns_rr WHERE data LIKE 'v=spf1%' AND zone = ? AND " . $app->tform->getAuthSQL('r'); |
MC |
81 |
$rec = $app->db->queryOneRecord($sql, $zone); |
fed17d
|
82 |
if ( isset($rec) && !empty($rec) ) { |
FS |
83 |
$this->id = 1; |
|
84 |
$old_data = strtolower($rec['data']); |
|
85 |
|
|
86 |
$app->tpl->setVar("data", $old_data); |
|
87 |
if ($rec['active'] == 'Y') $app->tpl->setVar("active", "CHECKED"); else $app->tpl->setVar("active", "UNCHECKED"); |
|
88 |
|
|
89 |
$spf_hostname = ''; |
|
90 |
$spf_ip = ''; |
|
91 |
$spf_domain = ''; |
|
92 |
$spf_mechanism = ''; |
|
93 |
|
|
94 |
// browse through data |
|
95 |
$temp = explode(' ', $old_data); |
|
96 |
foreach ($temp as $part) { |
|
97 |
if ($part == 'a') $app->tpl->setVar("spf_a_active", "CHECKED"); |
|
98 |
if ($part == 'mx') $app->tpl->setVar("spf_mx_active", "CHECKED"); |
|
99 |
if (preg_match("/^ip(4|6):/", $part)) $spf_ip .= str_replace(array('ip4:','ip6:'), '', $part) . ' '; |
|
100 |
if (preg_match("/^a:/", $part)) $spf_hostname .= str_replace('a:', '', $part) . ' '; |
|
101 |
if (preg_match("/^\\??include/", $part)) $spf_domain .= str_replace(array('include:', '?'), '', $part) . ' '; |
|
102 |
} |
|
103 |
unset($temp); |
|
104 |
$spf_ip = rtrim($spf_ip); |
|
105 |
$spf_hostname = rtrim($spf_hostname); |
|
106 |
$spf_domain = rtrim($spf_domain); |
|
107 |
$spf_mechanism = substr($rec['data'], -4, 1); |
|
108 |
} |
|
109 |
|
|
110 |
//set html-values |
|
111 |
$app->tpl->setVar("spf_ip", $spf_ip); |
|
112 |
$app->tpl->setVar("spf_hostname", $spf_hostname); |
|
113 |
$app->tpl->setVar("spf_domain", $spf_domain); |
|
114 |
//create spf-mechanism-list |
|
115 |
$spf_mechanism_value = array( |
|
116 |
'+' => 'spf_mechanism_pass_txt', |
|
117 |
'-' => 'spf_mechanism_fail_txt', |
|
118 |
'~' => 'spf_mechanism_softfail_txt', |
|
119 |
'?' => 'spf_mechanism_neutral_txt' |
|
120 |
); |
|
121 |
$spf_mechanism_list=''; |
|
122 |
foreach($spf_mechanism_value as $value => $txt) { |
|
123 |
$selected = @($spf_mechanism == $value)?' selected':''; |
|
124 |
$spf_mechanism_list .= "<option value='$value'$selected>".$app->tform->wordbook[$txt]."</option>\r\n"; |
|
125 |
} |
|
126 |
$app->tpl->setVar('spf_mechanism', $spf_mechanism_list); |
|
127 |
|
|
128 |
parent::onShowEnd(); |
|
129 |
|
|
130 |
} |
|
131 |
|
|
132 |
function onSubmit() { |
|
133 |
global $app, $conf; |
|
134 |
|
|
135 |
|
|
136 |
// Get the parent soa record of the domain |
cc7a82
|
137 |
$soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $app->functions->intval($_POST["zone"])); |
fed17d
|
138 |
|
FS |
139 |
// Check if Domain belongs to user |
|
140 |
if($soa["id"] != $_POST["zone"]) $app->tform->errorMessage .= $app->tform->wordbook["no_zone_perm"]; |
|
141 |
|
|
142 |
// Check the client limits, if user is not the admin |
|
143 |
if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin |
|
144 |
// Get the limits of the client |
|
145 |
$client_group_id = intval($_SESSION["s"]["user"]["default_group"]); |
|
146 |
$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id); |
|
147 |
|
|
148 |
// Check if the user may add another mailbox. |
|
149 |
if($this->id == 0 && $client["limit_dns_record"] >= 0) { |
|
150 |
$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_rr WHERE sys_groupid = ?", $client_group_id); |
|
151 |
if($tmp["number"] >= $client["limit_dns_record"]) { |
|
152 |
$app->error($app->tform->wordbook["limit_dns_record_txt"]); |
|
153 |
} |
|
154 |
} |
|
155 |
} // end if user is not admin |
|
156 |
|
|
157 |
//create spf-record |
|
158 |
if (!empty($this->dataRecord['spf_mx'])) { |
|
159 |
$spf_record[] = 'mx'; |
|
160 |
} |
|
161 |
if (!empty($this->dataRecord['spf_a'])) { |
|
162 |
$spf_record[] = 'a'; |
|
163 |
} |
|
164 |
$spf_ip = trim($this->dataRecord['spf_ip']); |
|
165 |
if (!empty($spf_ip)) { |
|
166 |
$rec = split(' ', $spf_ip); |
|
167 |
foreach ($rec as $ip) { |
|
168 |
$temp_ip = explode('/', $ip); |
|
169 |
if (filter_var($temp_ip[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { |
|
170 |
$temp = 'ip4:' . $temp_ip[0]; |
|
171 |
if (isset($temp_ip[1])) $temp .= '/' . $temp_ip[1]; |
|
172 |
$spf_record[] = $temp; |
|
173 |
unset($temp); |
|
174 |
} |
|
175 |
elseif (filter_var($temp_ip[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { |
|
176 |
$temp = 'ip6:' . $temp_ip[0]; |
|
177 |
if (isset($temp_ip[1])) $temp .= '/' . $temp_ip[1]; |
|
178 |
$spf_record[] = $temp; |
|
179 |
unset($temp); |
|
180 |
} |
|
181 |
else { |
|
182 |
if (isset($app->tform->errorMessage )) $app->tform->errorMessage = '<br/>' . $app->tform->errorMessage; |
|
183 |
$app->tform->errorMessage .= $app->tform->wordbook["spf_invalid_ip_txt"]. $temp_ip[0]; |
|
184 |
if (isset( $temp_ip[1])) $app->tform->errorMessage .= "/".$temp_ip[1]; |
|
185 |
} |
|
186 |
} |
|
187 |
} |
|
188 |
$spf_hostname = trim($this->dataRecord['spf_hostname']); |
|
189 |
if (!empty($spf_hostname)) { |
|
190 |
$rec = split(' ', $spf_hostname); |
|
191 |
foreach ($rec as $hostname) { |
|
192 |
if (preg_match('/^[a-zA-Z0-9\\.\\-\\*]{0,64}$/', $hostname)) |
|
193 |
$spf_record[] = 'a:' . $hostname; |
|
194 |
else { |
|
195 |
if (isset($app->tform->errorMessage )) $app->tform->errorMessage .= '<br/>' . $app->tform->wordbook["spf_invalid_hostname_txt"]. $hostname; |
|
196 |
$app->tform->errorMessage .= $app->tform->wordbook["spf_invalid_hostname_txt"]. $hostname; |
|
197 |
} |
|
198 |
} |
|
199 |
unset($rec); |
|
200 |
} |
|
201 |
$spf_domain = trim($this->dataRecord['spf_domain']); |
|
202 |
if (!empty($spf_domain)) { |
|
203 |
$rec = split(' ', $spf_domain); |
|
204 |
foreach ($rec as $domain) { |
e42260
|
205 |
if (preg_match('/^[_a-zA-Z0-9\\.\\-\\*]{0,64}$/', $domain)) |
fed17d
|
206 |
$spf_record[] = 'include:' . $domain; |
FS |
207 |
else { |
|
208 |
if (isset($app->tform->errorMessage )) $app->tform->errorMessage .= '<br/>' . $app->tform->wordbook["spf_invalid_domain_txt"]. $domain; |
|
209 |
$app->tform->errorMessage .= $app->tform->wordbook["spf_invalid_domain_txt"]. $domain; |
|
210 |
} |
|
211 |
} |
|
212 |
} |
|
213 |
|
|
214 |
$temp = implode(' ', $spf_record);unset($spf_record); |
|
215 |
if (!empty($temp)) |
|
216 |
$this->dataRecord['data'] = 'v=spf1 ' . $temp . ' ' . $this->dataRecord['spf_mechanism'] . 'all'; |
|
217 |
else $this->dataRecord['data'] = 'v=spf1 ' . $this->dataRecord['spf_mechanism'] . 'all'; |
|
218 |
unset($temp); |
|
219 |
|
|
220 |
$this->dataRecord['name'] = $soa['origin']; |
|
221 |
if (isset($this->dataRecord['active'])) $this->dataRecord['active'] = 'Y'; |
|
222 |
|
|
223 |
// Set the server ID of the rr record to the same server ID as the parent record. |
|
224 |
$this->dataRecord["server_id"] = $soa["server_id"]; |
|
225 |
|
|
226 |
// Update the serial number and timestamp of the RR record |
|
227 |
$soa = $app->db->queryOneRecord("SELECT serial FROM dns_rr WHERE id = ?", $this->id); |
|
228 |
$this->dataRecord["serial"] = $app->validate_dns->increase_serial($soa["serial"]); |
|
229 |
$this->dataRecord["stamp"] = date('Y-m-d H:i:s'); |
|
230 |
|
|
231 |
// always update an existing entry |
f7580d
|
232 |
$check=$app->db->queryOneRecord("SELECT * FROM dns_rr WHERE zone = ? AND type = ? AND data LIKE 'v=spf1%' AND name = ?", $this->dataRecord["zone"], $this->dataRecord["type"], $this->dataRecord['name']); |
fed17d
|
233 |
$this->id = $check['id']; |
FS |
234 |
|
|
235 |
if (!isset($this->dataRecord['active'])) $this->dataRecord['active'] = 'N'; |
|
236 |
|
|
237 |
parent::onSubmit(); |
|
238 |
} |
|
239 |
|
|
240 |
function onAfterInsert() { |
|
241 |
global $app, $conf; |
|
242 |
|
|
243 |
//* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record |
cc7a82
|
244 |
$soa = $app->db->queryOneRecord("SELECT sys_groupid,serial FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $app->functions->intval($this->dataRecord["zone"])); |
3a11d2
|
245 |
$app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id); |
fed17d
|
246 |
|
FS |
247 |
//* Update the serial number of the SOA record |
|
248 |
$soa_id = $app->functions->intval($_POST["zone"]); |
|
249 |
$serial = $app->validate_dns->increase_serial($soa["serial"]); |
3a11d2
|
250 |
$app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); |
fed17d
|
251 |
|
FS |
252 |
} |
|
253 |
|
|
254 |
function onAfterUpdate() { |
|
255 |
global $app, $conf; |
|
256 |
|
|
257 |
//* Update the serial number of the SOA record |
cc7a82
|
258 |
$soa = $app->db->queryOneRecord("SELECT serial FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $app->functions->intval($this->dataRecord["zone"])); |
fed17d
|
259 |
$soa_id = $app->functions->intval($_POST["zone"]); |
FS |
260 |
$serial = $app->validate_dns->increase_serial($soa["serial"]); |
3a11d2
|
261 |
$app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); |
fed17d
|
262 |
} |
FS |
263 |
|
|
264 |
} |
|
265 |
|
|
266 |
$page = new page_action; |
|
267 |
$page->onLoad(); |
|
268 |
|
|
269 |
?> |