您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符

toolkit.inc.php 32KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819
  1. <?php
  2. /* Poweradmin, a friendly web-based admin tool for PowerDNS.
  3. * See <http://www.poweradmin.org> for more details.
  4. *
  5. * Copyright 2007-2009 Rejo Zenger <rejo@zenger.nl>
  6. * Copyright 2010-2017 Poweradmin Development Team
  7. * <http://www.poweradmin.org/credits.html>
  8. *
  9. * This program is free software: you can redistribute it and/or modify
  10. * it under the terms of the GNU General Public License as published by
  11. * the Free Software Foundation, either version 3 of the License, or
  12. * (at your option) any later version.
  13. *
  14. * This program is distributed in the hope that it will be useful,
  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17. * GNU General Public License for more details.
  18. *
  19. * You should have received a copy of the GNU General Public License
  20. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  21. */
  22. /**
  23. * Toolkit functions
  24. *
  25. * @package Poweradmin
  26. * @copyright 2007-2010 Rejo Zenger <rejo@zenger.nl>
  27. * @copyright 2010-2017 Poweradmin Development Team
  28. * @license http://opensource.org/licenses/GPL-3.0 GPL
  29. */
  30. // TODO: display elapsed time and memory consumption,
  31. // used to check improvements in refactored version
  32. $display_stats = false;
  33. if ($display_stats)
  34. include('inc/benchmark.php');
  35. ob_start();
  36. require_once("error.inc.php");
  37. if (!function_exists('session_start'))
  38. die(error('You have to install PHP session extension!'));
  39. if (!function_exists('_'))
  40. die(error('You have to install PHP gettext extension!'));
  41. if (!function_exists('mcrypt_encrypt'))
  42. die(error('You have to install PHP mcrypt extension!'));
  43. session_start();
  44. include_once("config-me.inc.php");
  45. if (!@include_once("config.inc.php")) {
  46. error(_('You have to create a config.inc.php!'));
  47. }
  48. /* * ***********
  49. * Constants *
  50. * *********** */
  51. if (isset($_GET["start"])) {
  52. define('ROWSTART', (($_GET["start"] - 1) * $iface_rowamount));
  53. } else {
  54. /** Starting row
  55. */
  56. define('ROWSTART', 0);
  57. }
  58. if (isset($_GET["letter"])) {
  59. define('LETTERSTART', $_GET["letter"]);
  60. $_SESSION["letter"] = $_GET["letter"];
  61. } elseif (isset($_SESSION["letter"])) {
  62. define('LETTERSTART', $_SESSION["letter"]);
  63. } else {
  64. /** Starting letter
  65. */
  66. define('LETTERSTART', "a");
  67. }
  68. if (isset($_GET["zone_sort_by"]) && preg_match("/^[a-z_]+$/", $_GET["zone_sort_by"])) {
  69. define('ZONE_SORT_BY', $_GET["zone_sort_by"]);
  70. $_SESSION["zone_sort_by"] = $_GET["zone_sort_by"];
  71. } elseif (isset($_POST["zone_sort_by"]) && preg_match("/^[a-z_]+$/", $_POST["zone_sort_by"])) {
  72. define('ZONE_SORT_BY', $_POST["zone_sort_by"]);
  73. $_SESSION["zone_sort_by"] = $_POST["zone_sort_by"];
  74. } elseif (isset($_SESSION["zone_sort_by"])) {
  75. define('ZONE_SORT_BY', $_SESSION["zone_sort_by"]);
  76. } else {
  77. /** Field to sort zone by
  78. */
  79. define('ZONE_SORT_BY', "name");
  80. }
  81. if (isset($_SESSION["userlang"])) {
  82. $iface_lang = $_SESSION["userlang"];
  83. }
  84. if (isset($_GET["record_sort_by"]) && preg_match("/^[a-z_]+$/", $_GET["record_sort_by"])) {
  85. define('RECORD_SORT_BY', $_GET["record_sort_by"]);
  86. $_SESSION["record_sort_by"] = $_GET["record_sort_by"];
  87. } elseif (isset($_POST["record_sort_by"]) && preg_match("/^[a-z_]+$/", $_POST["record_sort_by"])) {
  88. define('RECORD_SORT_BY', $_POST["record_sort_by"]);
  89. $_SESSION["record_sort_by"] = $_POST["record_sort_by"];
  90. } elseif (isset($_SESSION["record_sort_by"])) {
  91. define('RECORD_SORT_BY', $_SESSION["record_sort_by"]);
  92. } else {
  93. /** Record to sort zone by
  94. */
  95. define('RECORD_SORT_BY', "name");
  96. }
  97. // Updated on 2017011600 - 1592 TLDs
  98. // http://data.iana.org/TLD/tlds-alpha-by-domain.txt
  99. $valid_tlds = array("aaa", "aarp", "abarth", "abb", "abbott", "abbvie", "abc", "able",
  100. "abogado", "abudhabi", "ac", "academy", "accenture", "accountant",
  101. "accountants", "aco", "active", "actor", "ad", "adac", "ads", "adult", "ae",
  102. "aeg", "aero", "aetna", "af", "afamilycompany", "afl", "ag", "agakhan",
  103. "agency", "ai", "aig", "aigo", "airbus", "airforce", "airtel", "akdn", "al",
  104. "alfaromeo", "alibaba", "alipay", "allfinanz", "allstate", "ally", "alsace",
  105. "alstom", "am", "americanexpress", "americanfamily", "amex", "amfam", "amica",
  106. "amsterdam", "analytics", "android", "anquan", "anz", "ao", "aol", "apartments",
  107. "app", "apple", "aq", "aquarelle", "ar", "aramco", "archi", "army", "arpa",
  108. "art", "arte", "as", "asda", "asia", "associates", "at", "athleta", "attorney",
  109. "au", "auction", "audi", "audible", "audio", "auspost", "author", "auto",
  110. "autos", "avianca", "aw", "aws", "ax", "axa", "az", "azure", "ba", "baby",
  111. "baidu", "banamex", "bananarepublic", "band", "bank", "bar", "barcelona",
  112. "barclaycard", "barclays", "barefoot", "bargains", "baseball", "basketball",
  113. "bauhaus", "bayern", "bb", "bbc", "bbt", "bbva", "bcg", "bcn", "bd", "be",
  114. "beats", "beauty", "beer", "bentley", "berlin", "best", "bestbuy", "bet", "bf",
  115. "bg", "bh", "bharti", "bi", "bible", "bid", "bike", "bing", "bingo", "bio",
  116. "biz", "bj", "black", "blackfriday", "blanco", "blockbuster", "blog",
  117. "bloomberg", "blue", "bm", "bms", "bmw", "bn", "bnl", "bnpparibas", "bo",
  118. "boats", "boehringer", "bofa", "bom", "bond", "boo", "book", "booking", "boots",
  119. "bosch", "bostik", "boston", "bot", "boutique", "box", "br", "bradesco",
  120. "bridgestone", "broadway", "broker", "brother", "brussels", "bs", "bt",
  121. "budapest", "bugatti", "build", "builders", "business", "buy", "buzz", "bv",
  122. "bw", "by", "bz", "bzh", "ca", "cab", "cafe", "cal", "call", "calvinklein",
  123. "cam", "camera", "camp", "cancerresearch", "canon", "capetown", "capital",
  124. "capitalone", "car", "caravan", "cards", "care", "career", "careers", "cars",
  125. "cartier", "casa", "case", "caseih", "cash", "casino", "cat", "catering",
  126. "catholic", "cba", "cbn", "cbre", "cbs", "cc", "cd", "ceb", "center", "ceo",
  127. "cern", "cf", "cfa", "cfd", "cg", "ch", "chanel", "channel", "chase", "chat",
  128. "cheap", "chintai", "chloe", "christmas", "chrome", "chrysler", "church", "ci",
  129. "cipriani", "circle", "cisco", "citadel", "citi", "citic", "city", "cityeats",
  130. "ck", "cl", "claims", "cleaning", "click", "clinic", "clinique", "clothing",
  131. "cloud", "club", "clubmed", "cm", "cn", "co", "coach", "codes", "coffee",
  132. "college", "cologne", "com", "comcast", "commbank", "community", "company",
  133. "compare", "computer", "comsec", "condos", "construction", "consulting",
  134. "contact", "contractors", "cooking", "cookingchannel", "cool", "coop",
  135. "corsica", "country", "coupon", "coupons", "courses", "cr", "credit",
  136. "creditcard", "creditunion", "cricket", "crown", "crs", "cruise", "cruises",
  137. "csc", "cu", "cuisinella", "cv", "cw", "cx", "cy", "cymru", "cyou", "cz",
  138. "dabur", "dad", "dance", "data", "date", "dating", "datsun", "day", "dclk",
  139. "dds", "de", "deal", "dealer", "deals", "degree", "delivery", "dell",
  140. "deloitte", "delta", "democrat", "dental", "dentist", "desi", "design", "dev",
  141. "dhl", "diamonds", "diet", "digital", "direct", "directory", "discount",
  142. "discover", "dish", "diy", "dj", "dk", "dm", "dnp", "do", "docs", "doctor",
  143. "dodge", "dog", "doha", "domains", "dot", "download", "drive", "dtv", "dubai",
  144. "duck", "dunlop", "duns", "dupont", "durban", "dvag", "dvr", "dz", "earth",
  145. "eat", "ec", "eco", "edeka", "edu", "education", "ee", "eg", "email", "emerck",
  146. "energy", "engineer", "engineering", "enterprises", "epost", "epson",
  147. "equipment", "er", "ericsson", "erni", "es", "esq", "estate", "esurance", "et",
  148. "eu", "eurovision", "eus", "events", "everbank", "exchange", "expert",
  149. "exposed", "express", "extraspace", "fage", "fail", "fairwinds", "faith",
  150. "family", "fan", "fans", "farm", "farmers", "fashion", "fast", "fedex",
  151. "feedback", "ferrari", "ferrero", "fi", "fiat", "fidelity", "fido", "film",
  152. "final", "finance", "financial", "fire", "firestone", "firmdale", "fish",
  153. "fishing", "fit", "fitness", "fj", "fk", "flickr", "flights", "flir", "florist",
  154. "flowers", "fly", "fm", "fo", "foo", "food", "foodnetwork", "football", "ford",
  155. "forex", "forsale", "forum", "foundation", "fox", "fr", "free", "fresenius",
  156. "frl", "frogans", "frontdoor", "frontier", "ftr", "fujitsu", "fujixerox", "fun",
  157. "fund", "furniture", "futbol", "fyi", "ga", "gal", "gallery", "gallo", "gallup",
  158. "game", "games", "gap", "garden", "gb", "gbiz", "gd", "gdn", "ge", "gea",
  159. "gent", "genting", "george", "gf", "gg", "ggee", "gh", "gi", "gift", "gifts",
  160. "gives", "giving", "gl", "glade", "glass", "gle", "global", "globo", "gm",
  161. "gmail", "gmbh", "gmo", "gmx", "gn", "godaddy", "gold", "goldpoint", "golf",
  162. "goo", "goodhands", "goodyear", "goog", "google", "gop", "got", "gov", "gp",
  163. "gq", "gr", "grainger", "graphics", "gratis", "green", "gripe", "group", "gs",
  164. "gt", "gu", "guardian", "gucci", "guge", "guide", "guitars", "guru", "gw", "gy",
  165. "hair", "hamburg", "hangout", "haus", "hbo", "hdfc", "hdfcbank", "health",
  166. "healthcare", "help", "helsinki", "here", "hermes", "hgtv", "hiphop",
  167. "hisamitsu", "hitachi", "hiv", "hk", "hkt", "hm", "hn", "hockey", "holdings",
  168. "holiday", "homedepot", "homegoods", "homes", "homesense", "honda", "honeywell",
  169. "horse", "hospital", "host", "hosting", "hot", "hoteles", "hotmail", "house",
  170. "how", "hr", "hsbc", "ht", "htc", "hu", "hughes", "hyatt", "hyundai", "ibm",
  171. "icbc", "ice", "icu", "id", "ie", "ieee", "ifm", "ikano", "il", "im", "imamat",
  172. "imdb", "immo", "immobilien", "in", "industries", "infiniti", "info", "ing",
  173. "ink", "institute", "insurance", "insure", "int", "intel", "international",
  174. "intuit", "investments", "io", "ipiranga", "iq", "ir", "irish", "is", "iselect",
  175. "ismaili", "ist", "istanbul", "it", "itau", "itv", "iveco", "iwc", "jaguar",
  176. "java", "jcb", "jcp", "je", "jeep", "jetzt", "jewelry", "jio", "jlc", "jll",
  177. "jm", "jmp", "jnj", "jo", "jobs", "joburg", "jot", "joy", "jp", "jpmorgan",
  178. "jprs", "juegos", "juniper", "kaufen", "kddi", "ke", "kerryhotels",
  179. "kerrylogistics", "kerryproperties", "kfh", "kg", "kh", "ki", "kia", "kim",
  180. "kinder", "kindle", "kitchen", "kiwi", "km", "kn", "koeln", "komatsu", "kosher",
  181. "kp", "kpmg", "kpn", "kr", "krd", "kred", "kuokgroup", "kw", "ky", "kyoto",
  182. "kz", "la", "lacaixa", "ladbrokes", "lamborghini", "lamer", "lancaster",
  183. "lancia", "lancome", "land", "landrover", "lanxess", "lasalle", "lat", "latino",
  184. "latrobe", "law", "lawyer", "lb", "lc", "lds", "lease", "leclerc", "lefrak",
  185. "legal", "lego", "lexus", "lgbt", "li", "liaison", "lidl", "life",
  186. "lifeinsurance", "lifestyle", "lighting", "like", "lilly", "limited", "limo",
  187. "lincoln", "linde", "link", "lipsy", "live", "living", "lixil", "lk", "loan",
  188. "loans", "locker", "locus", "loft", "lol", "london", "lotte", "lotto", "love",
  189. "lpl", "lplfinancial", "lr", "ls", "lt", "ltd", "ltda", "lu", "lundbeck",
  190. "lupin", "luxe", "luxury", "lv", "ly", "ma", "macys", "madrid", "maif",
  191. "maison", "makeup", "man", "management", "mango", "market", "marketing",
  192. "markets", "marriott", "marshalls", "maserati", "mattel", "mba", "mc", "mcd",
  193. "mcdonalds", "mckinsey", "md", "me", "med", "media", "meet", "melbourne",
  194. "meme", "memorial", "men", "menu", "meo", "metlife", "mg", "mh", "miami",
  195. "microsoft", "mil", "mini", "mint", "mit", "mitsubishi", "mk", "ml", "mlb",
  196. "mls", "mm", "mma", "mn", "mo", "mobi", "mobile", "mobily", "moda", "moe",
  197. "moi", "mom", "monash", "money", "monster", "montblanc", "mopar", "mormon",
  198. "mortgage", "moscow", "moto", "motorcycles", "mov", "movie", "movistar", "mp",
  199. "mq", "mr", "ms", "msd", "mt", "mtn", "mtpc", "mtr", "mu", "museum", "mutual",
  200. "mv", "mw", "mx", "my", "mz", "na", "nab", "nadex", "nagoya", "name",
  201. "nationwide", "natura", "navy", "nba", "nc", "ne", "nec", "net", "netbank",
  202. "netflix", "network", "neustar", "new", "newholland", "news", "next",
  203. "nextdirect", "nexus", "nf", "nfl", "ng", "ngo", "nhk", "ni", "nico", "nike",
  204. "nikon", "ninja", "nissan", "nissay", "nl", "no", "nokia", "northwesternmutual",
  205. "norton", "now", "nowruz", "nowtv", "np", "nr", "nra", "nrw", "ntt", "nu",
  206. "nyc", "nz", "obi", "observer", "off", "office", "okinawa", "olayan",
  207. "olayangroup", "oldnavy", "ollo", "om", "omega", "one", "ong", "onl", "online",
  208. "onyourside", "ooo", "open", "oracle", "orange", "org", "organic",
  209. "orientexpress", "origins", "osaka", "otsuka", "ott", "ovh", "pa", "page",
  210. "pamperedchef", "panasonic", "panerai", "paris", "pars", "partners", "parts",
  211. "party", "passagens", "pay", "pccw", "pe", "pet", "pf", "pfizer", "pg", "ph",
  212. "pharmacy", "philips", "phone", "photo", "photography", "photos", "physio",
  213. "piaget", "pics", "pictet", "pictures", "pid", "pin", "ping", "pink", "pioneer",
  214. "pizza", "pk", "pl", "place", "play", "playstation", "plumbing", "plus", "pm",
  215. "pn", "pnc", "pohl", "poker", "politie", "porn", "post", "pr", "pramerica",
  216. "praxi", "press", "prime", "pro", "prod", "productions", "prof", "progressive",
  217. "promo", "properties", "property", "protection", "pru", "prudential", "ps",
  218. "pt", "pub", "pw", "pwc", "py", "qa", "qpon", "quebec", "quest", "qvc",
  219. "racing", "radio", "raid", "re", "read", "realestate", "realtor", "realty",
  220. "recipes", "red", "redstone", "redumbrella", "rehab", "reise", "reisen", "reit",
  221. "reliance", "ren", "rent", "rentals", "repair", "report", "republican", "rest",
  222. "restaurant", "review", "reviews", "rexroth", "rich", "richardli", "ricoh",
  223. "rightathome", "ril", "rio", "rip", "rmit", "ro", "rocher", "rocks", "rodeo",
  224. "rogers", "room", "rs", "rsvp", "ru", "ruhr", "run", "rw", "rwe", "ryukyu",
  225. "sa", "saarland", "safe", "safety", "sakura", "sale", "salon", "samsclub",
  226. "samsung", "sandvik", "sandvikcoromant", "sanofi", "sap", "sapo", "sarl", "sas",
  227. "save", "saxo", "sb", "sbi", "sbs", "sc", "sca", "scb", "schaeffler", "schmidt",
  228. "scholarships", "school", "schule", "schwarz", "science", "scjohnson", "scor",
  229. "scot", "sd", "se", "seat", "secure", "security", "seek", "select", "sener",
  230. "services", "ses", "seven", "sew", "sex", "sexy", "sfr", "sg", "sh",
  231. "shangrila", "sharp", "shaw", "shell", "shia", "shiksha", "shoes", "shop",
  232. "shopping", "shouji", "show", "showtime", "shriram", "si", "silk", "sina",
  233. "singles", "site", "sj", "sk", "ski", "skin", "sky", "skype", "sl", "sling",
  234. "sm", "smart", "smile", "sn", "sncf", "so", "soccer", "social", "softbank",
  235. "software", "sohu", "solar", "solutions", "song", "sony", "soy", "space",
  236. "spiegel", "spot", "spreadbetting", "sr", "srl", "srt", "st", "stada",
  237. "staples", "star", "starhub", "statebank", "statefarm", "statoil", "stc",
  238. "stcgroup", "stockholm", "storage", "store", "stream", "studio", "study",
  239. "style", "su", "sucks", "supplies", "supply", "support", "surf", "surgery",
  240. "suzuki", "sv", "swatch", "swiftcover", "swiss", "sx", "sy", "sydney",
  241. "symantec", "systems", "sz", "tab", "taipei", "talk", "taobao", "target",
  242. "tatamotors", "tatar", "tattoo", "tax", "taxi", "tc", "tci", "td", "tdk",
  243. "team", "tech", "technology", "tel", "telecity", "telefonica", "temasek",
  244. "tennis", "teva", "tf", "tg", "th", "thd", "theater", "theatre", "tiaa",
  245. "tickets", "tienda", "tiffany", "tips", "tires", "tirol", "tj", "tjmaxx", "tjx",
  246. "tk", "tkmaxx", "tl", "tm", "tmall", "tn", "to", "today", "tokyo", "tools",
  247. "top", "toray", "toshiba", "total", "tours", "town", "toyota", "toys", "tr",
  248. "trade", "trading", "training", "travel", "travelchannel", "travelers",
  249. "travelersinsurance", "trust", "trv", "tt", "tube", "tui", "tunes", "tushu",
  250. "tv", "tvs", "tw", "tz", "ua", "ubank", "ubs", "uconnect", "ug", "uk", "unicom",
  251. "university", "uno", "uol", "ups", "us", "uy", "uz", "va", "vacations", "vana",
  252. "vanguard", "vc", "ve", "vegas", "ventures", "verisign", "versicherung", "vet",
  253. "vg", "vi", "viajes", "video", "vig", "viking", "villas", "vin", "vip",
  254. "virgin", "visa", "vision", "vista", "vistaprint", "viva", "vivo", "vlaanderen",
  255. "vn", "vodka", "volkswagen", "volvo", "vote", "voting", "voto", "voyage", "vu",
  256. "vuelos", "wales", "walmart", "walter", "wang", "wanggou", "warman", "watch",
  257. "watches", "weather", "weatherchannel", "webcam", "weber", "website", "wed",
  258. "wedding", "weibo", "weir", "wf", "whoswho", "wien", "wiki", "williamhill",
  259. "win", "windows", "wine", "winners", "wme", "wolterskluwer", "woodside", "work",
  260. "works", "world", "wow", "ws", "wtc", "wtf", "xbox", "xerox", "xfinity",
  261. "xihuan", "xin", "xn--11b4c3d", "xn--1ck2e1b", "xn--1qqw23a", "xn--30rr7y",
  262. "xn--3bst00m", "xn--3ds443g", "xn--3e0b707e", "xn--3oq18vl8pn36a", "xn--3pxu8k",
  263. "xn--42c2d9a", "xn--45brj9c", "xn--45q11c", "xn--4gbrim", "xn--54b7fta0cc",
  264. "xn--55qw42g", "xn--55qx5d", "xn--5su34j936bgsg", "xn--5tzm5g", "xn--6frz82g",
  265. "xn--6qq986b3xl", "xn--80adxhks", "xn--80ao21a", "xn--80aqecdr1a",
  266. "xn--80asehdb", "xn--80aswg", "xn--8y0a063a", "xn--90a3ac", "xn--90ae",
  267. "xn--90ais", "xn--9dbq2a", "xn--9et52u", "xn--9krt00a", "xn--b4w605ferd",
  268. "xn--bck1b9a5dre4c", "xn--c1avg", "xn--c2br7g", "xn--cck2b3b", "xn--cg4bki",
  269. "xn--clchc0ea0b2g2a9gcd", "xn--czr694b", "xn--czrs0t", "xn--czru2d",
  270. "xn--d1acj3b", "xn--d1alf", "xn--e1a4c", "xn--eckvdtc9d", "xn--efvy88h",
  271. "xn--estv75g", "xn--fct429k", "xn--fhbei", "xn--fiq228c5hs", "xn--fiq64b",
  272. "xn--fiqs8s", "xn--fiqz9s", "xn--fjq720a", "xn--flw351e", "xn--fpcrj9c3d",
  273. "xn--fzc2c9e2c", "xn--fzys8d69uvgm", "xn--g2xx48c", "xn--gckr3f0f",
  274. "xn--gecrj9c", "xn--gk3at1e", "xn--h2brj9c", "xn--hxt814e", "xn--i1b6b1a6a2e",
  275. "xn--imr513n", "xn--io0a7i", "xn--j1aef", "xn--j1amh", "xn--j6w193g",
  276. "xn--jlq61u9w7b", "xn--jvr189m", "xn--kcrx77d1x4a", "xn--kprw13d",
  277. "xn--kpry57d", "xn--kpu716f", "xn--kput3i", "xn--l1acc", "xn--lgbbat1ad8j",
  278. "xn--mgb9awbf", "xn--mgba3a3ejt", "xn--mgba3a4f16a", "xn--mgba7c0bbn0a",
  279. "xn--mgbaam7a8h", "xn--mgbab2bd", "xn--mgbayh7gpa", "xn--mgbb9fbpob",
  280. "xn--mgbbh1a71e", "xn--mgbc0a9azcg", "xn--mgbca7dzdo", "xn--mgberp4a5d4ar",
  281. "xn--mgbi4ecexp", "xn--mgbpl2fh", "xn--mgbt3dhd", "xn--mgbtx2b",
  282. "xn--mgbx4cd0ab", "xn--mix891f", "xn--mk1bu44c", "xn--mxtq1m", "xn--ngbc5azd",
  283. "xn--ngbe9e0a", "xn--node", "xn--nqv7f", "xn--nqv7fs00ema", "xn--nyqy26a",
  284. "xn--o3cw4h", "xn--ogbpf8fl", "xn--p1acf", "xn--p1ai", "xn--pbt977c",
  285. "xn--pgbs0dh", "xn--pssy2u", "xn--q9jyb4c", "xn--qcka1pmc", "xn--qxam",
  286. "xn--rhqv96g", "xn--rovu88b", "xn--s9brj9c", "xn--ses554g", "xn--t60b56a",
  287. "xn--tckwe", "xn--tiq49xqyj", "xn--unup4y", "xn--vermgensberater-ctb",
  288. "xn--vermgensberatung-pwb", "xn--vhquv", "xn--vuq861b", "xn--w4r85el8fhu5dnra",
  289. "xn--w4rs40l", "xn--wgbh1c", "xn--wgbl6a", "xn--xhq521b", "xn--xkc2al3hye2a",
  290. "xn--xkc2dl3a5ee0h", "xn--y9a3aq", "xn--yfro4i67o", "xn--ygbi2ammx",
  291. "xn--zfr164b", "xperia", "xxx", "xyz", "yachts", "yahoo", "yamaxun", "yandex",
  292. "ye", "yodobashi", "yoga", "yokohama", "you", "youtube", "yt", "yun", "za",
  293. "zappos", "zara", "zero", "zip", "zippo", "zm", "zone", "zuerich", "zw");
  294. // Special TLDs for testing and documentation purposes
  295. // http://tools.ietf.org/html/rfc2606#section-2
  296. array_push($valid_tlds, 'test', 'example', 'invalid', 'localhost');
  297. /* Database connection */
  298. require_once("database.inc.php");
  299. // Generates $db variable to access database.
  300. // Array of the available zone types
  301. $server_types = array("MASTER", "SLAVE", "NATIVE");
  302. // $rtypes - array of possible record types
  303. $rtypes = array(
  304. 'A',
  305. 'A6',
  306. 'AAAA',
  307. 'AFSDB',
  308. 'ALIAS',
  309. 'CAA',
  310. 'CDNSKEY',
  311. 'CDS',
  312. 'CERT',
  313. 'CNAME',
  314. 'DHCID',
  315. 'DLV',
  316. 'DNSKEY',
  317. 'DNAME',
  318. 'DS',
  319. 'EUI48',
  320. 'EUI64',
  321. 'HINFO',
  322. 'IPSECKEY',
  323. 'KEY',
  324. 'KX',
  325. 'LOC',
  326. 'MAILA',
  327. 'MAILB',
  328. 'MINFO',
  329. 'MR',
  330. 'MX',
  331. 'NAPTR',
  332. 'NS',
  333. 'NSEC',
  334. 'NSEC3',
  335. 'NSEC3PARAM',
  336. 'OPENPGPKEY',
  337. 'OPT',
  338. 'PTR',
  339. 'RKEY',
  340. 'RP',
  341. 'RRSIG',
  342. 'SIG',
  343. 'SOA',
  344. 'SPF',
  345. 'SRV',
  346. 'SSHFP',
  347. 'TLSA',
  348. 'TKEY',
  349. 'TSIG',
  350. 'TXT',
  351. 'WKS',
  352. 'URI'
  353. );
  354. // If fancy records is enabled, extend this field.
  355. if ($dns_fancy) {
  356. $rtypes[] = 'URL';
  357. $rtypes[] = 'MBOXFW';
  358. $rtypes[] = 'CURL';
  359. }
  360. /* * ***********
  361. * Includes *
  362. * *********** */
  363. $db = dbConnect();
  364. require_once "plugin.inc.php";
  365. require_once "i18n.inc.php";
  366. require_once "auth.inc.php";
  367. require_once "users.inc.php";
  368. require_once "dns.inc.php";
  369. require_once "record.inc.php";
  370. require_once "dnssec.inc.php";
  371. require_once "templates.inc.php";
  372. //do_hook('hook_post_includes');
  373. do_hook('authenticate');
  374. /* * ***********
  375. * Functions *
  376. * *********** */
  377. /** Print paging menu
  378. *
  379. * Display the page option: [ < ][ 1 ] .. [ 8 ][ 9 ][ 10 ][ 11 ][ 12 ][ 13 ][ 14 ][ 15 ][ 16 ] .. [ 34 ][ > ]
  380. *
  381. * @param int $amount Total number of items
  382. * @param int $rowamount Per page number of items
  383. * @param int $id Page specific ID (Zone ID, Template ID, etc)
  384. *
  385. * @return null
  386. */
  387. function show_pages($amount, $rowamount, $id = '') {
  388. if ($amount > $rowamount) {
  389. $num = 8;
  390. $poutput = '';
  391. $lastpage = ceil($amount / $rowamount);
  392. $startpage = 1;
  393. if (!isset($_GET["start"]))
  394. $_GET["start"] = 1;
  395. $start = $_GET["start"];
  396. if ($lastpage > $num & $start > ($num / 2)) {
  397. $startpage = ($start - ($num / 2));
  398. }
  399. echo _('Show page') . ":<br>";
  400. if ($lastpage > $num & $start > 1) {
  401. $poutput .= '<a href=" ' . htmlentities($_SERVER["PHP_SELF"], ENT_QUOTES);
  402. $poutput .= '?start=' . ($start - 1);
  403. if ($id != '')
  404. $poutput .= '&id=' . $id;
  405. $poutput .= '">';
  406. $poutput .= '[ < ]';
  407. $poutput .= '</a>';
  408. }
  409. if ($start != 1) {
  410. $poutput .= '<a href=" ' . htmlentities($_SERVER["PHP_SELF"], ENT_QUOTES);
  411. $poutput .= '?start=1';
  412. if ($id != '')
  413. $poutput .= '&id=' . $id;
  414. $poutput .= '">';
  415. $poutput .= '[ 1 ]';
  416. $poutput .= '</a>';
  417. if ($startpage > 2)
  418. $poutput .= ' .. ';
  419. }
  420. for ($i = $startpage; $i <= min(($startpage + $num), $lastpage); $i++) {
  421. if ($start == $i) {
  422. $poutput .= '[ <b>' . $i . '</b> ]';
  423. } elseif ($i != $lastpage & $i != 1) {
  424. $poutput .= '<a href=" ' . htmlentities($_SERVER["PHP_SELF"], ENT_QUOTES);
  425. $poutput .= '?start=' . $i;
  426. if ($id != '')
  427. $poutput .= '&id=' . $id;
  428. $poutput .= '">';
  429. $poutput .= '[ ' . $i . ' ]';
  430. $poutput .= '</a>';
  431. }
  432. }
  433. if ($start != $lastpage) {
  434. if (min(($startpage + $num), $lastpage) < ($lastpage - 1))
  435. $poutput .= ' .. ';
  436. $poutput .= '<a href=" ' . htmlentities($_SERVER["PHP_SELF"], ENT_QUOTES);
  437. $poutput .= '?start=' . $lastpage;
  438. if ($id != '')
  439. $poutput .= '&id=' . $id;
  440. $poutput .= '">';
  441. $poutput .= '[ ' . $lastpage . ' ]';
  442. $poutput .= '</a>';
  443. }
  444. if ($lastpage > $num & $start < $lastpage) {
  445. $poutput .= '<a href=" ' . htmlentities($_SERVER["PHP_SELF"], ENT_QUOTES);
  446. $poutput .= '?start=' . ($start + 1);
  447. if ($id != '')
  448. $poutput .= '&id=' . $id;
  449. $poutput .= '">';
  450. $poutput .= '[ > ]';
  451. $poutput .= '</a>';
  452. }
  453. echo $poutput;
  454. }
  455. }
  456. /** Print alphanumeric paging menu
  457. *
  458. * Display the alphabetic option: [0-9] [a] [b] .. [z]
  459. *
  460. * @param string $letterstart Starting letter/number or 'all'
  461. * @param int $userid Current user ID
  462. *
  463. * @return null
  464. */
  465. function show_letters($letterstart, $userid) {
  466. global $db;
  467. $char_range = array_merge(range('a', 'z'), array('_'));
  468. $allowed = zone_content_view_others($userid);
  469. $query = "SELECT
  470. DISTINCT SUBSTRING(domains.name, 1, 1) AS letter
  471. FROM domains
  472. LEFT JOIN zones ON domains.id = zones.domain_id
  473. WHERE " . $allowed . " = 1
  474. OR zones.owner = " . $userid . "
  475. ORDER BY 1";
  476. $db->setLimit(36);
  477. $available_chars = array();
  478. $digits_available = 0;
  479. $response = $db->query($query);
  480. while ($row = $response->fetchRow()) {
  481. if (preg_match("/[0-9]/", $row['letter'])) {
  482. $digits_available = 1;
  483. } elseif (in_array($row['letter'], $char_range)) {
  484. array_push($available_chars, $row['letter']);
  485. }
  486. }
  487. echo _('Show zones beginning with') . ":<br>";
  488. if ($letterstart == "1") {
  489. echo "<span class=\"lettertaken\">[ 0-9 ]</span> ";
  490. } elseif ($digits_available) {
  491. echo "<a href=\"" . htmlentities($_SERVER["PHP_SELF"], ENT_QUOTES) . "?letter=1\">[ 0-9 ]</a> ";
  492. } else {
  493. echo "[ <span class=\"letternotavailable\">0-9</span> ] ";
  494. }
  495. foreach ($char_range as $letter) {
  496. if ($letter == $letterstart) {
  497. echo "<span class=\"lettertaken\">[ " . $letter . " ]</span> ";
  498. } elseif (in_array($letter, $available_chars)) {
  499. echo "<a href=\"" . htmlentities($_SERVER["PHP_SELF"], ENT_QUOTES) . "?letter=" . $letter . "\">[ " . $letter . " ]</a> ";
  500. } else {
  501. echo "[ <span class=\"letternotavailable\">" . $letter . "</span> ] ";
  502. }
  503. }
  504. if ($letterstart == 'all') {
  505. echo "<span class=\"lettertaken\">[ Show all ]</span>";
  506. } else {
  507. echo "<a href=\"" . htmlentities($_SERVER["PHP_SELF"], ENT_QUOTES) . "?letter=all\">[ Show all ]</a> ";
  508. }
  509. }
  510. /** Check if current user allowed to view any zone content
  511. *
  512. * @param int $userid Current user ID
  513. *
  514. * @return int 1 if user has permission to view other users zones content, 0 otherwise
  515. */
  516. function zone_content_view_others($userid) {
  517. global $db;
  518. $query = "SELECT
  519. DISTINCT u.id
  520. FROM users u,
  521. perm_templ pt,
  522. perm_templ_items pti,
  523. (SELECT id FROM perm_items WHERE name
  524. IN ('zone_content_view_others', 'user_is_ueberuser')) pit
  525. WHERE u.id = " . $userid . "
  526. AND u.perm_templ = pt.id
  527. AND pti.templ_id = pt.id
  528. AND pti.perm_id = pit.id";
  529. $result = $db->queryOne($query);
  530. return ($result ? 1 : 0);
  531. }
  532. /** Print success message (toolkit.inc)
  533. *
  534. * @param string $msg Success message
  535. *
  536. * @return null
  537. */
  538. function success($msg) {
  539. if ($msg) {
  540. echo " <div class=\"success\">" . $msg . "</div>\n";
  541. } else {
  542. echo " <div class=\"success\">" . _('Something has been successfully performed. What exactly, however, will remain a mystery.') . "</div>\n";
  543. }
  544. }
  545. /** Print message
  546. *
  547. * Something has been done nicely, display a message and a back button.
  548. *
  549. * @param string $msg Message
  550. *
  551. * @return null
  552. */
  553. function message($msg) {
  554. include_once("header.inc.php");
  555. ?>
  556. <P><TABLE CLASS="messagetable"><TR><TD CLASS="message"><H2><?php echo _('Success!'); ?></H2>
  557. <BR>
  558. <FONT STYLE="font-weight: Bold">
  559. <P>
  560. <?php
  561. if ($msg) {
  562. echo nl2br($msg);
  563. } else {
  564. echo _('Successful!');
  565. }
  566. ?>
  567. </P>
  568. <BR>
  569. <P>
  570. <a href="javascript:history.go(-1)">&lt;&lt; <?php echo _('back'); ?></a></FONT>
  571. </P>
  572. </TD></TR></TABLE></P>
  573. <?php
  574. include_once("footer.inc.php");
  575. }
  576. /** Send 302 Redirect with optional argument
  577. *
  578. * Reroute a user to a cleanpage of (if passed) arg
  579. *
  580. * @param string $arg argument string to add to url
  581. *
  582. * @return null
  583. */
  584. function clean_page($arg = '') {
  585. if (!$arg) {
  586. header("Location: " . htmlentities($_SERVER['SCRIPT_NAME'], ENT_QUOTES) . "?time=" . time());
  587. exit;
  588. } else {
  589. if (preg_match('!\?!si', $arg)) {
  590. $add = "&time=";
  591. } else {
  592. $add = "?time=";
  593. }
  594. header("Location: $arg$add" . time());
  595. exit;
  596. }
  597. }
  598. /** Validate email address string
  599. *
  600. * @param string $address email address string
  601. *
  602. * @return boolean true if valid, false otherwise
  603. */
  604. function is_valid_email($address) {
  605. $fields = preg_split("/@/", $address, 2);
  606. if ((!preg_match("/^[0-9a-z]([-_.]?[0-9a-z])*$/i", $fields[0])) || (!isset($fields[1]) || $fields[1] == '' || !is_valid_hostname_fqdn($fields[1], 0))) {
  607. return false;
  608. }
  609. return true;
  610. }
  611. /** Validate numeric string
  612. *
  613. * @param string $string number
  614. *
  615. * @return boolean true if number, false otherwise
  616. */
  617. function v_num($string) {
  618. if (!preg_match("/^[0-9]+$/i", $string)) {
  619. return false;
  620. } else {
  621. return true;
  622. }
  623. }
  624. /** Debug print
  625. *
  626. * @param string $var debug statement
  627. *
  628. * @return null
  629. */
  630. function debug_print($var) {
  631. echo "<pre style=\"border: 2px solid blue;\">\n";
  632. if (is_array($var)) {
  633. print_r($var);
  634. } else {
  635. echo $var;
  636. }
  637. echo "</pre>\n";
  638. }
  639. function do_log($syslog_message, $priority) {
  640. global $syslog_use, $syslog_ident, $syslog_facility;
  641. if ($syslog_use) {
  642. openlog($syslog_ident, LOG_PERROR, $syslog_facility);
  643. syslog($priority, $syslog_message);
  644. closelog();
  645. }
  646. }
  647. function log_error($syslog_message) {
  648. do_log($syslog_message, LOG_ERR);
  649. }
  650. function log_warn($syslog_message) {
  651. do_log($syslog_message, LOG_WARNING);
  652. }
  653. function log_notice($syslog_message) {
  654. do_log($syslog_message, LOG_NOTICE);
  655. }
  656. function log_info($syslog_message) {
  657. do_log($syslog_message, LOG_INFO);
  658. }
  659. /** Print the login form
  660. *
  661. * @param string $msg Error Message
  662. * @param string $type Message type [default='success', 'error']
  663. *
  664. * @return null
  665. */
  666. function auth($msg = "", $type = "success") {
  667. include_once 'inc/header.inc.php';
  668. include_once 'inc/config.inc.php';
  669. global $iface_lang;
  670. if ($msg) {
  671. print "<div class=\"$type\">$msg</div>\n";
  672. }
  673. ?>
  674. <h2><?php echo _('Log in'); ?></h2>
  675. <form method="post" action="<?php echo htmlentities($_SERVER["PHP_SELF"], ENT_QUOTES); ?>">
  676. <input type="hidden" name="query_string" value="<?php echo htmlentities($_SERVER["QUERY_STRING"]); ?>">
  677. <table border="0">
  678. <tr>
  679. <td class="n" width="100"><?php echo _('Username'); ?>:</td>
  680. <td class="n"><input type="text" class="input" name="username" id="username"></td>
  681. </tr>
  682. <tr>
  683. <td class="n"><?php echo _('Password'); ?>:</td>
  684. <td class="n"><input type="password" class="input" name="password"></td>
  685. </tr>
  686. <tr>
  687. <td class="n"><?php echo _('Language'); ?>:</td>
  688. <td class="n">
  689. <select class="input" name="userlang">
  690. <?php
  691. // List available languages (sorted alphabetically)
  692. include_once 'inc/countrycodes.inc.php';
  693. $locales = scandir('locale/');
  694. foreach ($locales as $locale) {
  695. if (strlen($locale) == 5) {
  696. $locales_fullname[$locale] = $country_codes[substr($locale, 0, 2)];
  697. }
  698. }
  699. asort($locales_fullname);
  700. foreach ($locales_fullname as $locale => $language) {
  701. if (substr($locale, 0, 2) == substr($iface_lang, 0, 2)) {
  702. echo _('<option selected value="' . $locale . '">' . $language);
  703. } else {
  704. echo _('<option value="' . $locale . '">' . $language);
  705. }
  706. }
  707. ?>
  708. </select>
  709. </td>
  710. </tr>
  711. <tr>
  712. <td class="n">&nbsp;</td>
  713. <td class="n">
  714. <input type="submit" name="authenticate" class="button" value=" <?php echo _('Go'); ?> ">
  715. </td>
  716. </tr>
  717. </table>
  718. </form>
  719. <script type="text/javascript">
  720. <!--
  721. document.getElementById('username').focus();
  722. //-->
  723. </script>
  724. <?php
  725. include_once('inc/footer.inc.php');
  726. exit;
  727. }
  728. /** Logout the user
  729. *
  730. * Logout the user and kickback to login form
  731. *
  732. * @param string $msg Error Message
  733. * @param string $type Message type [default='']
  734. *
  735. * @return null
  736. */
  737. function logout($msg = "", $type = "") {
  738. session_unset();
  739. session_destroy();
  740. session_write_close();
  741. auth($msg, $type);
  742. exit;
  743. }
  744. /** Matches end of string
  745. *
  746. * Matches end of string (haystack) against another string (needle)
  747. *
  748. * @param string $needle
  749. * @param string $haystack
  750. *
  751. * @return true if ends with specified string, otherwise false
  752. */
  753. function endsWith($needle, $haystack) {
  754. $length = strlen($haystack);
  755. $nLength = strlen($needle);
  756. return $nLength <= $length && strncmp(substr($haystack, -$nLength), $needle, $nLength) === 0;
  757. }