robin.thoni
/
docker-pdns-server
Watch 1
Star 0
Fork 0
Code Issues 4 Pull Requests 0 Releases 8 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
18 Commits
2 Branches
Tree: 0a7e027216
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '0a7e027216'
${ noResults }
docker-pdns-server/poweradmin/poweradmin-2.1.8/inc/dns.inc.php

dns.inc.php 26KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849 
  1. <?php

  2. 

  3. /*  Poweradmin, a friendly web-based admin tool for PowerDNS.

  4.  *  See <http://www.poweradmin.org> for more details.

  5.  *

  6.  *  Copyright 2007-2009  Rejo Zenger <rejo@zenger.nl>

  7.  *  Copyright 2010-2017  Poweradmin Development Team

  8.  *      <http://www.poweradmin.org/credits.html>

  9.  *

  10.  *  This program is free software: you can redistribute it and/or modify

  11.  *  it under the terms of the GNU General Public License as published by

  12.  *  the Free Software Foundation, either version 3 of the License, or

  13.  *  (at your option) any later version.

  14.  *

  15.  *  This program is distributed in the hope that it will be useful,

  16.  *  but WITHOUT ANY WARRANTY; without even the implied warranty of

  17.  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  18.  *  GNU General Public License for more details.

  19.  *

  20.  *  You should have received a copy of the GNU General Public License

  21.  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.

  22.  */

  23. 

  24. /**

  25.  * DNS functions

  26.  *

  27.  * @package Poweradmin

  28.  * @copyright   2007-2010 Rejo Zenger <rejo@zenger.nl>

  29.  * @copyright   2010-2017  Poweradmin Development Team

  30.  * @license     http://opensource.org/licenses/GPL-3.0 GPL

  31.  */

  32. 

  33. /** Validate DNS record input

  34.  *

  35.  * @param int $rid Record ID

  36.  * @param int $zid Zone ID

  37.  * @param string $type Record Type

  38.  * @param mixed $content content part of record

  39.  * @param mixed $name Name part of record

  40.  * @param mixed $prio Priority

  41.  * @param mixed $ttl TTL

  42.  *

  43.  * @return boolean true on success, false otherwise

  44.  */

  45. function validate_input($rid, $zid, $type, &$content, &$name, &$prio, &$ttl) {

  46. 

  47.     $zone = get_zone_name_from_id($zid);    // TODO check for return

  48. 

  49.     if (!endsWith(strtolower($zone), strtolower($name))) {

  50.         if (isset($name) && $name != "") {

  51.             $name = $name . "." . $zone;

  52.         } else {

  53.             $name = $zone;

  54.         }

  55.     }

  56. 

  57.     switch ($type) {

  58. 

  59.       case "A":

  60.         if (!is_valid_ipv4($content)) {

  61.           return false;

  62.         }

  63.         if (!is_valid_rr_cname_exists($name, $rid)) {

  64.           return false;

  65.         }

  66.         if (!is_valid_hostname_fqdn($name, 1)) {

  67.           return false;

  68.         }

  69.       break;

  70. 

  71.       case "A6": // TODO: implement validation.

  72.       break;

  73. 

  74.       case "AAAA":

  75.         if (!is_valid_ipv6($content)) {

  76.           return false;

  77.         }

  78.         if (!is_valid_rr_cname_exists($name, $rid)) {

  79.           return false;

  80.         }

  81.         if (!is_valid_hostname_fqdn($name, 1)) {

  82.           return false;

  83.         }

  84.       break;

  85. 

  86.       case "AFSDB": // TODO: implement validation.

  87.       break;

  88. 

  89.       case "ALIAS": // TODO: implement validation.

  90.       break;

  91. 

  92.       case "CAA": // TODO: implement validation.

  93.       break;

  94. 

  95.       case "CDNSKEY": // TODO: implement validation.

  96.       break;

  97. 

  98.       case "CDS": // TODO: implement validation.

  99.       break;

  100. 

  101.       case "CERT": // TODO: implement validation.

  102.       break;

  103. 

  104.       case "CNAME":

  105.         if (!is_valid_rr_cname_name($name)) {

  106.           return false;

  107.         }

  108.         if (!is_valid_rr_cname_unique($name, $rid)) {

  109.           return false;

  110.         }

  111.         if (!is_valid_hostname_fqdn($name, 1)) {

  112.           return false;

  113.         }

  114.         if (!is_valid_hostname_fqdn($content, 0)) {

  115.           return false;

  116.         }

  117.         if (!is_not_empty_cname_rr($name, $zone)) {

  118.           return false;

  119.         }

  120.         break;

  121. 

  122.       case 'DHCID': // TODO: implement validation

  123.       break;

  124. 

  125.       case 'DLV': // TODO: implement validation

  126.       break;

  127. 

  128.       case "DNAME": // TODO: implement validation.

  129.       break;

  130. 

  131.       case 'DNSKEY': // TODO: implement validation

  132.       break;

  133. 

  134.       case 'DS': // TODO: implement validation

  135.       break;

  136. 

  137.       case 'EUI48': // TODO: implement validation

  138.       break;

  139. 

  140.       case 'EUI64': // TODO: implement validation

  141.       break;

  142. 

  143.       case "HINFO":

  144.         if (!is_valid_rr_hinfo_content($content)) {

  145.           return false;

  146.         }

  147.         if (!is_valid_hostname_fqdn($name, 1)) {

  148.           return false;

  149.         }

  150.       break;

  151. 

  152.       case 'IPSECKEY': // TODO: implement validation

  153.       break;

  154. 

  155.       case 'KEY': // TODO: implement validation

  156.       break;

  157. 

  158.       case 'KX': // TODO: implement validation

  159.       break;

  160. 

  161.       case "LOC":

  162.         if (!is_valid_loc($content)) {

  163.           return false;

  164.         }

  165.         if (!is_valid_hostname_fqdn($name, 1)) {

  166.           return false;

  167.         }

  168.       break;

  169. 

  170.       case "MAILA": // TODO: implement validation.

  171.       break;

  172. 

  173.       case "MAILB": // TODO: implement validation.

  174.       break;

  175. 

  176.       case 'MINFO': // TODO: implement validation

  177.       break;

  178. 

  179.       case 'MR': // TODO: implement validation

  180.       break;

  181. 

  182.       case "MX":

  183.         if (!is_valid_hostname_fqdn($content, 0)) {

  184.           return false;

  185.         }

  186.         if (!is_valid_hostname_fqdn($name, 1)) {

  187.           return false;

  188.         }

  189.         if (!is_valid_non_alias_target($content)) {

  190.           return false;

  191.         }

  192.       break;

  193. 

  194.       case 'NAPTR': // TODO: implement validation

  195.       break;

  196. 

  197.       case "NS":

  198.         if (!is_valid_hostname_fqdn($content, 0)) {

  199.           return false;

  200.         }

  201.         if (!is_valid_hostname_fqdn($name, 1)) {

  202.           return false;

  203.         }

  204.         if (!is_valid_non_alias_target($content)) {

  205.           return false;

  206.         }

  207.       break;

  208. 

  209.       case 'NSEC': // TODO: implement validation

  210.       break;

  211. 

  212.       case 'NSEC3': // TODO: implement validation

  213.       break;

  214. 

  215.       case 'NSEC3PARAM': // TODO: implement validation

  216.       break;

  217. 

  218.       case "OPENPGPKEY": // TODO: implement validation.

  219.       break;

  220. 

  221.       case 'OPT': // TODO: implement validation

  222.       break;

  223. 

  224.       case "PTR":

  225.         if (!is_valid_hostname_fqdn($content, 0)) {

  226.           return false;

  227.         }

  228.         if (!is_valid_hostname_fqdn($name, 1)) {

  229.           return false;

  230.         }

  231.       break;

  232. 

  233.       case 'RKEY': // TODO: implement validation

  234.       break;

  235. 

  236.       case 'RP': // TODO: implement validation

  237.       break;

  238. 

  239.       case 'RRSIG': // TODO: implement validation

  240.       break;

  241. 

  242.       case "SIG": // TODO: implement validation.

  243.       break;

  244. 

  245.       case "SOA":

  246.         if (!is_valid_rr_soa_name($name, $zone)) {

  247.           return false;

  248.         }

  249.         if (!is_valid_hostname_fqdn($name, 1)) {

  250.           return false;

  251.         }

  252.         if (!is_valid_rr_soa_content($content)) {

  253.           error(ERR_DNS_CONTENT);

  254.           return false;

  255.         }

  256.       break;

  257. 

  258.       case "SPF":

  259.         if (!is_valid_spf($content)) {

  260.           return false;

  261.         }

  262.       break;

  263. 

  264.       case "SRV":

  265.         if (!is_valid_rr_srv_name($name)) {

  266.           return false;

  267.         }

  268.         if (!is_valid_rr_srv_content($content)) {

  269.           return false;

  270.         }

  271.       break;

  272. 

  273.       case 'SSHFP': // TODO: implement validation

  274.       break;

  275. 

  276.       case "TKEY": // TODO: implement validation.

  277.       break;

  278. 

  279.       case 'TLSA': // TODO: implement validation

  280.       break;

  281. 

  282.       case 'TSIG': // TODO: implement validation

  283.       break;

  284. 

  285.       case "TXT":

  286.         if (!is_valid_printable($name)) {

  287.           return false;

  288.         }

  289.         if (!is_valid_printable($content)) {

  290.           return false;

  291.         }

  292.       break;

  293. 

  294.       case 'WKS': // TODO: implement validation

  295.       break;

  296. 

  297.       case "MBOXFW": // TODO: implement validation

  298.       break;

  299. 

  300.       case "URL": // TODO: implement validation.

  301.       break;

  302. 

  303.       default:

  304.         error(ERR_DNS_RR_TYPE);

  305.         return false;

  306.     }

  307. 

  308.     if (!is_valid_rr_prio($prio, $type)) {

  309.         return false;

  310.     }

  311.     if (!is_valid_rr_ttl($ttl)) {

  312.         return false;

  313.     }

  314. 

  315.     return true;

  316. }

  317. 

  318. /** Test if hostname is valid FQDN

  319.  *

  320.  * @param mixed $hostname Hostname string

  321.  * @param string $wildcard Hostname includes wildcard '*'

  322.  *

  323.  * @return boolean true if valid, false otherwise

  324.  */

  325. function is_valid_hostname_fqdn(&$hostname, $wildcard) {

  326.     global $dns_top_level_tld_check;

  327.     global $dns_strict_tld_check;

  328.     global $valid_tlds;

  329. 

  330.     $hostname = preg_replace("/\.$/", "", $hostname);

  331. 

  332.     # The full domain name may not exceed a total length of 253 characters.

  333.     if (strlen($hostname) > 253) {

  334.         error(ERR_DNS_HN_TOO_LONG);

  335.         return false;

  336.     }

  337. 

  338.     $hostname_labels = explode('.', $hostname);

  339.     $label_count = count($hostname_labels);

  340. 

  341.     if ($dns_top_level_tld_check && $label_count == 1) {

  342.         return false;

  343.     }

  344. 

  345.     foreach ($hostname_labels as $hostname_label) {

  346.         if ($wildcard == 1 && !isset($first)) {

  347.             if (!preg_match('/^(\*|[\w-\/]+)$/', $hostname_label)) {

  348.                 error(ERR_DNS_HN_INV_CHARS);

  349.                 return false;

  350.             }

  351.             $first = 1;

  352.         } else {

  353.             if (!preg_match('/^[\w-\/]+$/', $hostname_label)) {

  354.                 error(ERR_DNS_HN_INV_CHARS);

  355.                 return false;

  356.             }

  357.         }

  358.         if (substr($hostname_label, 0, 1) == "-") {

  359.             error(ERR_DNS_HN_DASH);

  360.             return false;

  361.         }

  362.         if (substr($hostname_label, -1, 1) == "-") {

  363.             error(ERR_DNS_HN_DASH);

  364.             return false;

  365.         }

  366.         if (strlen($hostname_label) < 1 || strlen($hostname_label) > 63) {

  367.             error(ERR_DNS_HN_LENGTH);

  368.             return false;

  369.         }

  370.     }

  371. 

  372.     if ($hostname_labels[$label_count - 1] == "arpa" && (substr_count($hostname_labels[0], "/") == 1 XOR substr_count($hostname_labels[1], "/") == 1)) {

  373.         if (substr_count($hostname_labels[0], "/") == 1) {

  374.             $array = explode("/", $hostname_labels[0]);

  375.         } else {

  376.             $array = explode("/", $hostname_labels[1]);

  377.         }

  378.         if (count($array) != 2) {

  379.             error(ERR_DNS_HOSTNAME);

  380.             return false;

  381.         }

  382.         if (!is_numeric($array[0]) || $array[0] < 0 || $array[0] > 255) {

  383.             error(ERR_DNS_HOSTNAME);

  384.             return false;

  385.         }

  386.         if (!is_numeric($array[1]) || $array[1] < 25 || $array[1] > 31) {

  387.             error(ERR_DNS_HOSTNAME);

  388.             return false;

  389.         }

  390.     } else {

  391.         if (substr_count($hostname, "/") > 0) {

  392.             error(ERR_DNS_HN_SLASH);

  393.             return false;

  394.         }

  395.     }

  396. 

  397.     if ($dns_strict_tld_check && !in_array(strtolower($hostname_labels[$label_count - 1]), $valid_tlds)) {

  398.         error(ERR_DNS_INV_TLD);

  399.         return false;

  400.     }

  401. 

  402.     return true;

  403. }

  404. 

  405. /** Test if IPv4 address is valid

  406.  *

  407.  * @param string $ipv4 IPv4 address string

  408.  * @param boolean $answer print error if true

  409.  * [default=true]

  410.  *

  411.  * @return boolean true if valid, false otherwise

  412.  */

  413. function is_valid_ipv4($ipv4, $answer = true) {

  414. 

  415.   if(filter_var($ipv4, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === FALSE) {

  416.     if($answer) {

  417.       error(ERR_DNS_IPV4);

  418.     }

  419.     return false;

  420.   }

  421. 

  422.   return true;

  423. }

  424. 

  425. /** Test if IPv6 address is valid

  426.  *

  427.  * @param string $ipv6 IPv6 address string

  428.  * @param boolean $answer print error if true

  429.  * [default=true]

  430.  *

  431.  * @return boolean true if valid, false otherwise

  432.  */

  433. function is_valid_ipv6($ipv6, $answer = true) {

  434. 

  435.   if(filter_var($ipv6, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === FALSE) {

  436.     if($answer) {

  437.       error(ERR_DNS_IPV6);

  438.     }

  439.     return false;

  440.   }

  441. 

  442.   return true;

  443. }

  444. 

  445. /** Test if multiple IP addresses are valid

  446.  *

  447.  *  Takes a string of comma seperated IP addresses and tests validity

  448.  *

  449.  *  @param string $ips Comma seperated IP addresses

  450.  *

  451.  *  @return boolean true if valid, false otherwise

  452.  */

  453. function are_multipe_valid_ips($ips) {

  454. 

  455. // multiple master NS-records are permitted and must be separated by ,

  456. // eg. "192.0.0.1, 192.0.0.2, 2001:1::1"

  457. 

  458.     $are_valid = false;

  459.     $multiple_ips = explode(",", $ips);

  460.     if (is_array($multiple_ips)) {

  461.         foreach ($multiple_ips as $m_ip) {

  462.             $trimmed_ip = trim($m_ip);

  463.             if (is_valid_ipv4($trimmed_ip, false) || is_valid_ipv6($trimmed_ip, true)) {

  464.                 $are_valid = true;

  465.             } else {

  466.                 // as soon there is an invalid ip-addr

  467.                 // exit and return false

  468.                 echo "hin:=$trimmed_ip=";

  469.                 return false;

  470.             }

  471.         }

  472.     } elseif (is_valid_ipv4($ips) || is_valid_ipv6($ips)) {

  473.         $are_valid = true;

  474.     }

  475.     if ($are_valid) {

  476.         return true;

  477.     } else {

  478.         return false;

  479.     }

  480. }

  481. 

  482. /** Test if string is printable

  483.  *

  484.  * @param string $string string

  485.  *

  486.  * @return boolean true if valid, false otherwise

  487.  */

  488. function is_valid_printable($string) {

  489.     if (!preg_match('/^[[:print:]]+$/', trim($string))) {

  490.         error(ERR_DNS_PRINTABLE);

  491.         return false;

  492.     }

  493.     return true;

  494. }

  495. 

  496. /** Test if CNAME is valid

  497.  *

  498.  * Check if any MX or NS entries exist which invalidated CNAME

  499.  *

  500.  * @param string $name CNAME to lookup

  501.  *

  502.  * @return boolean true if valid, false otherwise

  503.  */

  504. function is_valid_rr_cname_name($name) {

  505.     global $db;

  506. 

  507.     $query = "SELECT id FROM records

  508. 			WHERE content = " . $db->quote($name, 'text') . "

  509. 			AND (type = " . $db->quote('MX', 'text') . " OR type = " . $db->quote('NS', 'text') . ")";

  510. 

  511.     $response = $db->queryOne($query);

  512. 

  513.     if (!empty($response)) {

  514.         error(ERR_DNS_CNAME);

  515.         return false;

  516.     }

  517. 

  518.     return true;

  519. }

  520. 

  521. /** Check if CNAME already exists

  522.  *

  523.  * @param string $name CNAME

  524.  * @param int $rid Record ID

  525.  *

  526.  * @return boolean true if non-existant, false if exists

  527.  */

  528. function is_valid_rr_cname_exists($name, $rid) {

  529.     global $db;

  530. 

  531.     $where = ($rid > 0 ? " AND id != " . $db->quote($rid, 'integer') : '');

  532.     $query = "SELECT id FROM records

  533.                         WHERE name = " . $db->quote($name, 'text') . $where . "

  534.                         AND TYPE = 'CNAME'";

  535. 

  536.     $response = $db->queryOne($query);

  537.     if ($response) {

  538.         error(ERR_DNS_CNAME_EXISTS);

  539.         return false;

  540.     }

  541.     return true;

  542. }

  543. 

  544. /** Check if CNAME is unique (doesn't overlap A/AAAA)

  545.  *

  546.  * @param string $name CNAME

  547.  * @param string $rid Record ID

  548.  *

  549.  * @return boolean true if unique, false if duplicate

  550.  */

  551. function is_valid_rr_cname_unique($name, $rid) {

  552.     global $db;

  553. 

  554.     $where = ($rid > 0 ? " AND id != " . $db->quote($rid, 'integer') : '');

  555.     $query = "SELECT id FROM records

  556.                         WHERE name = " . $db->quote($name, 'text') . $where . "

  557.                         AND TYPE IN ('A', 'AAAA', 'CNAME')";

  558. 

  559.     $response = $db->queryOne($query);

  560.     if ($response) {

  561.         error(ERR_DNS_CNAME_UNIQUE);

  562.         return false;

  563.     }

  564.     return true;

  565. }

  566. 

  567. /**

  568.  * Check that the zone does not have a empty CNAME RR

  569.  *

  570.  * @param string $name

  571.  * @param string $zone

  572.  */

  573. function is_not_empty_cname_rr($name, $zone) {

  574. 

  575.     if ($name == $zone) {

  576.         error(ERR_DNS_CNAME_EMPTY);

  577.         return false;

  578.     }

  579.     return true;

  580. }

  581. 

  582. /** Check if target is not a CNAME

  583.  *

  584.  * @param string $target target to check

  585.  *

  586.  * @return boolean true if not alias, false if CNAME exists

  587.  */

  588. function is_valid_non_alias_target($target) {

  589.     global $db;

  590. 

  591.     $query = "SELECT id FROM records

  592. 			WHERE name = " . $db->quote($target, 'text') . "

  593. 			AND TYPE = " . $db->quote('CNAME', 'text');

  594. 

  595.     $response = $db->queryOne($query);

  596.     if ($response) {

  597.         error(ERR_DNS_NON_ALIAS_TARGET);

  598.         return false;

  599.     }

  600.     return true;

  601. }

  602. 

  603. /** Check if HINFO content is valid

  604.  *

  605.  * @param string $content HINFO record content

  606.  *

  607.  * @return boolean true if valid, false otherwise

  608.  */

  609. function is_valid_rr_hinfo_content($content) {

  610. 

  611.     if ($content[0] == "\"") {

  612.         $fields = preg_split('/(?<=") /', $content, 2);

  613.     } else {

  614.         $fields = preg_split('/ /', $content, 2);

  615.     }

  616. 

  617.     for ($i = 0; ($i < 2); $i++) {

  618.         if (!preg_match("/^([^\s]{1,1000})|\"([^\"]{1,998}\")$/i", $fields[$i])) {

  619.             error(ERR_DNS_HINFO_INV_CONTENT);

  620.             return false;

  621.         }

  622.     }

  623. 

  624.     return true;

  625. }

  626. 

  627. /** Check if SOA content is valid

  628.  *

  629.  * @param mixed $content SOA record content

  630.  *

  631.  * @return boolean true if valid, false otherwise

  632.  */

  633. function is_valid_rr_soa_content(&$content) {

  634. 

  635.     $fields = preg_split("/\s+/", trim($content));

  636.     $field_count = count($fields);

  637. 

  638.     if ($field_count == 0 || $field_count > 7) {

  639.         return false;

  640.     } else {

  641.         if (!is_valid_hostname_fqdn($fields[0], 0) || preg_match('/\.arpa\.?$/', $fields[0])) {

  642.             return false;

  643.         }

  644.         $final_soa = $fields[0];

  645. 

  646.         if (isset($fields[1])) {

  647.             $addr_input = $fields[1];

  648.         } else {

  649.             global $dns_hostmaster;

  650.             $addr_input = $dns_hostmaster;

  651.         }

  652.         if (!preg_match("/@/", $addr_input)) {

  653.             $addr_input = preg_split('/(?<!\\\)\./', $addr_input, 2);

  654.             $addr_to_check = str_replace("\\", "", $addr_input[0]) . "@" . $addr_input[1];

  655.         } else {

  656.             $addr_to_check = $addr_input;

  657.         }

  658. 

  659.         if (!is_valid_email($addr_to_check)) {

  660.             return false;

  661.         } else {

  662.             $addr_final = explode('@', $addr_to_check, 2);

  663.             $final_soa .= " " . str_replace(".", "\\.", $addr_final[0]) . "." . $addr_final[1];

  664.         }

  665. 

  666.         if (isset($fields[2])) {

  667.             if (!is_numeric($fields[2])) {

  668.                 return false;

  669.             }

  670.             $final_soa .= " " . $fields[2];

  671.         } else {

  672.             $final_soa .= " 0";

  673.         }

  674. 

  675.         if ($field_count != 7) {

  676.             return false;

  677.         } else {

  678.             for ($i = 3; ($i < 7); $i++) {

  679.                 if (!is_numeric($fields[$i])) {

  680.                     return false;

  681.                 } else {

  682.                     $final_soa .= " " . $fields[$i];

  683.                 }

  684.             }

  685.         }

  686.     }

  687.     $content = $final_soa;

  688.     return true;

  689. }

  690. 

  691. /** Check if SOA name is valid

  692.  *

  693.  * Checks if SOA name = zone name

  694.  *

  695.  * @param string $name SOA name

  696.  * @param string $zone Zone name

  697.  *

  698.  * @return boolean true if valid, false otherwise

  699.  */

  700. function is_valid_rr_soa_name($name, $zone) {

  701.     if ($name != $zone) {

  702.         error(ERR_DNS_SOA_NAME);

  703.         return false;

  704.     }

  705.     return true;

  706. }

  707. 

  708. /** Check if Priority is valid

  709.  *

  710.  * Check if MX or SRV priority is within range, otherwise set to 0

  711.  *

  712.  * @param mixed $prio Priority

  713.  * @param string $type Record type

  714.  *

  715.  * @return boolean true if valid, false otherwise

  716.  */

  717. function is_valid_rr_prio(&$prio, $type) {

  718.     if ($type == "MX" || $type == "SRV") {

  719.         if (!is_numeric($prio) || $prio < 0 || $prio > 65535) {

  720.             error(ERR_DNS_INV_PRIO);

  721.             return false;

  722.         }

  723.     } else {

  724.         $prio = 0;

  725.     }

  726. 

  727.     return true;

  728. }

  729. 

  730. /** Check if SRV name is valid

  731.  *

  732.  * @param mixed $name SRV name

  733.  *

  734.  * @return boolean true if valid, false otherwise

  735.  */

  736. function is_valid_rr_srv_name(&$name) {

  737. 

  738.     if (strlen($name) > 255) {

  739.         error(ERR_DNS_HN_TOO_LONG);

  740.         return false;

  741.     }

  742. 

  743.     $fields = explode('.', $name, 3);

  744.     if (!preg_match('/^_[\w-]+$/i', $fields[0])) {

  745.         error(ERR_DNS_SRV_NAME_SERVICE, $name);

  746.         return false;

  747.     }

  748.     if (!preg_match('/^_[\w]+$/i', $fields[1])) {

  749.         error(ERR_DNS_SRV_NAME_PROTO, $name);

  750.         return false;

  751.     }

  752.     if (!is_valid_hostname_fqdn($fields[2], 0)) {

  753.         error(ERR_DNS_SRV_NAME, $name);

  754.         return false;

  755.     }

  756.     $name = join('.', $fields);

  757.     return true;

  758. }

  759. 

  760. /** Check if SRV content is valid

  761.  *

  762.  * @param mixed $content SRV content

  763.  *

  764.  * @return boolean true if valid, false otherwise

  765.  */

  766. function is_valid_rr_srv_content(&$content) {

  767.     $fields = preg_split("/\s+/", trim($content), 3);

  768.     if (!is_numeric($fields[0]) || $fields[0] < 0 || $fields[0] > 65535) {

  769.         error(ERR_DNS_SRV_WGHT, $name);

  770.         return false;

  771.     }

  772.     if (!is_numeric($fields[1]) || $fields[1] < 0 || $fields[1] > 65535) {

  773.         error(ERR_DNS_SRV_PORT, $name);

  774.         return false;

  775.     }

  776.     if ($fields[2] == "" || ($fields[2] != "." && !is_valid_hostname_fqdn($fields[2], 0))) {

  777.         error(ERR_DNS_SRV_TRGT, $name);

  778.         return false;

  779.     }

  780.     $content = join(' ', $fields);

  781.     return true;

  782. }

  783. 

  784. /** Check if TTL is valid and within range

  785.  *

  786.  * @param int $ttl TTL

  787.  *

  788.  * @return boolean true if valid,false otherwise

  789.  */

  790. function is_valid_rr_ttl(&$ttl) {

  791. 

  792.     if (!isset($ttl) || $ttl == "") {

  793.         global $dns_ttl;

  794.         $ttl = $dns_ttl;

  795.     }

  796. 

  797.     if (!is_numeric($ttl) || $ttl < 0 || $ttl > 2147483647) {

  798.         error(ERR_DNS_INV_TTL);

  799.         return false;

  800.     }

  801. 

  802.     return true;

  803. }

  804. 

  805. /** Check if search string is valid

  806.  *

  807.  * @param string $search_string search string

  808.  *

  809.  * @return boolean true if valid, false otherwise

  810.  */

  811. function is_valid_search($search_string) {

  812. 

  813.     // Only allow for alphanumeric, numeric, dot, dash, underscore and

  814.     // percent in search string. The last two are wildcards for SQL.

  815.     // Needs extension probably for more usual record types.

  816. 

  817.     return preg_match('/^[a-z0-9.\-%_]+$/i', $search_string);

  818. }

  819. 

  820. /** Check if SPF content is valid

  821.  *

  822.  * @param string $content SPF content

  823.  *

  824.  * @return boolean true if valid, false otherwise

  825.  */

  826. function is_valid_spf($content) {

  827.     //Regex from http://www.schlitt.net/spf/tests/spf_record_regexp-03.txt

  828.     $regex = "^[Vv]=[Ss][Pp][Ff]1( +([-+?~]?([Aa][Ll][Ll]|[Ii][Nn][Cc][Ll][Uu][Dd][Ee]:(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\})|[Aa](:(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}))?((/([1-9]|1[0-9]|2[0-9]|3[0-2]))?(//([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8]))?)?|[Mm][Xx](:(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}))?((/([1-9]|1[0-9]|2[0-9]|3[0-2]))?(//([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8]))?)?|[Pp][Tt][Rr](:(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}))?|[Ii][Pp]4:([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(/([1-9]|1[0-9]|2[0-9]|3[0-2]))?|[Ii][Pp]6:(::|([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4}|([0-9A-Fa-f]{1,4}:){1,8}:|([0-9A-Fa-f]{1,4}:){7}:[0-9A-Fa-f]{1,4}|([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}){1,2}|([0-9A-Fa-f]{1,4}:){5}(:[0-9A-Fa-f]{1,4}){1,3}|([0-9A-Fa-f]{1,4}:){4}(:[0-9A-Fa-f]{1,4}){1,4}|([0-9A-Fa-f]{1,4}:){3}(:[0-9A-Fa-f]{1,4}){1,5}|([0-9A-Fa-f]{1,4}:){2}(:[0-9A-Fa-f]{1,4}){1,6}|[0-9A-Fa-f]{1,4}:(:[0-9A-Fa-f]{1,4}){1,7}|:(:[0-9A-Fa-f]{1,4}){1,8}|([0-9A-Fa-f]{1,4}:){6}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|([0-9A-Fa-f]{1,4}:){6}:([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|[0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|::([0-9A-Fa-f]{1,4}:){0,6}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))(/([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8]))?|[Ee][Xx][Ii][Ss][Tt][Ss]:(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}))|[Rr][Ee][Dd][Ii][Rr][Ee][Cc][Tt]=(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\})|[Ee][Xx][Pp]=(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\})|[A-Za-z][-.0-9A-Z_a-z]*=(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*))* *$^";

  829.     if (!preg_match($regex, $content)) {

  830.         return false;

  831.     } else {

  832.         return true;

  833.     }

  834. }

  835. 

  836. /** Check if LOC content is valid

  837.  *

  838.  * @param string $content LOC content

  839.  *

  840.  * @return boolean true if valid, false otherwise

  841.  */

  842. function is_valid_loc($content) {

  843.     $regex = "^(90|[1-8]\d|0?\d)( ([1-5]\d|0?\d)( ([1-5]\d|0?\d)(\.\d{1,3})?)?)? [NS] (180|1[0-7]\d|[1-9]\d|0?\d)( ([1-5]\d|0?\d)( ([1-5]\d|0?\d)(\.\d{1,3})?)?)? [EW] (-(100000(\.00)?|\d{1,5}(\.\d\d)?)|([1-3]?\d{1,7}(\.\d\d)?|4([01][0-9]{6}|2([0-7][0-9]{5}|8([0-3][0-9]{4}|4([0-8][0-9]{3}|9([0-5][0-9]{2}|6([0-6][0-9]|7[01]))))))(\.\d\d)?|42849672(\.([0-8]\d|9[0-5]))?))[m]?( (\d{1,7}|[1-8]\d{7})(\.\d\d)?[m]?){0,3}$^";

  844.     if (!preg_match($regex, $content)) {

  845.         return false;

  846.     } else {

  847.         return true;

  848.     }

  849. }