You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

edit_record.php 7.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164
  1. <?php
  2. /* Poweradmin, a friendly web-based admin tool for PowerDNS.
  3. * See <http://www.poweradmin.org> for more details.
  4. *
  5. * Copyright 2007-2010 Rejo Zenger <rejo@zenger.nl>
  6. * Copyright 2010-2014 Poweradmin Development Team
  7. * <http://www.poweradmin.org/credits.html>
  8. *
  9. * This program is free software: you can redistribute it and/or modify
  10. * it under the terms of the GNU General Public License as published by
  11. * the Free Software Foundation, either version 3 of the License, or
  12. * (at your option) any later version.
  13. *
  14. * This program is distributed in the hope that it will be useful,
  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17. * GNU General Public License for more details.
  18. *
  19. * You should have received a copy of the GNU General Public License
  20. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  21. */
  22. /**
  23. * Script that handles requests to edit zone records
  24. *
  25. * @package Poweradmin
  26. * @copyright 2007-2010 Rejo Zenger <rejo@zenger.nl>
  27. * @copyright 2010-2014 Poweradmin Development Team
  28. * @license http://opensource.org/licenses/GPL-3.0 GPL
  29. */
  30. require_once("inc/toolkit.inc.php");
  31. include_once("inc/header.inc.php");
  32. global $pdnssec_use;
  33. if (verify_permission('zone_content_view_others')) {
  34. $perm_view = "all";
  35. } elseif (verify_permission('zone_content_view_own')) {
  36. $perm_view = "own";
  37. } else {
  38. $perm_view = "none";
  39. }
  40. if (verify_permission('zone_content_edit_others')) {
  41. $perm_content_edit = "all";
  42. } elseif (verify_permission('zone_content_edit_own')) {
  43. $perm_content_edit = "own";
  44. } else {
  45. $perm_content_edit = "none";
  46. }
  47. if (verify_permission('zone_meta_edit_others')) {
  48. $perm_meta_edit = "all";
  49. } elseif (verify_permission('zone_meta_edit_own')) {
  50. $perm_meta_edit = "own";
  51. } else {
  52. $perm_meta_edit = "none";
  53. }
  54. $zid = get_zone_id_from_record_id($_GET['id']);
  55. $user_is_zone_owner = verify_user_is_owner_zoneid($zid);
  56. $zone_type = get_domain_type($zid);
  57. $zone_name = get_zone_name_from_id($zid);
  58. if (isset($_POST["commit"])) {
  59. if ($zone_type == "SLAVE" || $perm_content_edit == "none" || $perm_content_edit == "own" && $user_is_zone_owner == "0") {
  60. error(ERR_PERM_EDIT_RECORD);
  61. } else {
  62. $old_record_info = get_record_from_id($_POST["rid"]);
  63. $ret_val = edit_record($_POST);
  64. if ($ret_val == "1") {
  65. if ($_POST['type'] != "SOA") {
  66. update_soa_serial($zid);
  67. }
  68. success(SUC_RECORD_UPD);
  69. $new_record_info = get_record_from_id($_POST["rid"]);
  70. log_info(sprintf('client_ip:%s user:%s operation:edit_record'
  71. .' old_record_type:%s old_record:%s old_content:%s old_ttl:%s old_priority:%s'
  72. .' record_type:%s record:%s content:%s ttl:%s priority:%s',
  73. $_SERVER['REMOTE_ADDR'], $_SESSION["userlogin"],
  74. $old_record_info['type'], $old_record_info['name'], $old_record_info['content'], $old_record_info['ttl'], $old_record_info['prio'],
  75. $new_record_info['type'], $new_record_info['name'], $new_record_info['content'], $new_record_info['ttl'], $new_record_info['prio']));
  76. if ($pdnssec_use) {
  77. if (dnssec_rectify_zone($zid)) {
  78. success(SUC_EXEC_PDNSSEC_RECTIFY_ZONE);
  79. }
  80. }
  81. }
  82. }
  83. }
  84. echo " <h2>" . _('Edit record in zone') . " \"<a href=\"edit.php?id=" . $zid . "\">" . $zone_name . "</a>\"</h2>\n";
  85. if ($perm_view == "none" || $perm_view == "own" && $user_is_zone_owner == "0") {
  86. error(ERR_PERM_VIEW_RECORD);
  87. } else {
  88. $record = get_record_from_id($_GET["id"]);
  89. echo " <form method=\"post\" action=\"edit_record.php?domain=" . $zid . "&amp;id=" . $_GET["id"] . "\">\n";
  90. echo " <table>\n";
  91. echo " <tr>\n";
  92. echo " <th>" . _('Name') . "</th>\n";
  93. echo " <th>&nbsp;</th>\n";
  94. echo " <th>" . _('Type') . "</th>\n";
  95. echo " <th>" . _('Content') . "</th>\n";
  96. echo " <th>" . _('Priority') . "</th>\n";
  97. echo " <th>" . _('TTL') . "</th>\n";
  98. echo " </tr>\n";
  99. /*
  100. Sanitize content due to SPF record quoting in PowerDNS
  101. */
  102. if ($record['type'] == "SRV" || $record['type'] == "SPF" || $record['type'] == "TXT") {
  103. $clean_content = trim($record['content'], "\x22\x27");
  104. } else {
  105. $clean_content = $record['content'];
  106. }
  107. if ($zone_type == "SLAVE" || $perm_content_edit == "none" || $perm_content_edit == "own" && $user_is_zone_owner == "0") {
  108. echo " <tr>\n";
  109. echo " <td>" . $record["name"] . "</td>\n";
  110. echo " <td>IN</td>\n";
  111. echo " <td>" . htmlspecialchars($record["type"]) . "</td>\n";
  112. echo " <td>" . htmlspecialchars($clean_content) . "</td>\n";
  113. echo " <td>" . htmlspecialchars($record["prio"]) . "</td>\n";
  114. echo " <td>" . htmlspecialchars($record["ttl"]) . "</td>\n";
  115. echo " </tr>\n";
  116. } else {
  117. echo " <tr>\n";
  118. echo " <td><input type=\"hidden\" name=\"rid\" value=\"" . $_GET["id"] . "\">\n";
  119. echo " <input type=\"hidden\" name=\"zid\" value=\"" . $zid . "\">\n";
  120. echo " <input type=\"text\" name=\"name\" value=\"" . htmlspecialchars(trim(str_replace($zone_name, '', $record["name"]), '.')) . "\" class=\"input\">." . $zone_name . "</td>\n";
  121. echo " <td>IN</td>\n";
  122. echo " <td>\n";
  123. echo " <select name=\"type\">\n";
  124. $found_selected_type = false;
  125. foreach (get_record_types() as $type_available) {
  126. if ($type_available == $record["type"]) {
  127. $add = " SELECTED";
  128. $found_selected_type = true;
  129. } else {
  130. $add = "";
  131. }
  132. echo " <option" . $add . " value=\"" . htmlspecialchars($type_available) . "\" >" . $type_available . "</option>\n";
  133. }
  134. if (!$found_selected_type)
  135. echo " <option SELECTED value=\"" . htmlspecialchars($record['type']) . "\"><i>" . $record['type'] . "</i></option>\n";
  136. echo " </select>\n";
  137. echo " </td>\n";
  138. echo " <td><input type=\"text\" name=\"content\" value=\"" . htmlspecialchars($clean_content) . "\" class=\"input\"></td>\n";
  139. echo " <td><input type=\"text\" name=\"prio\" value=\"" . htmlspecialchars($record["prio"]) . "\" class=\"sinput\"></td>\n";
  140. echo " <td><input type=\"text\" name=\"ttl\" value=\"" . htmlspecialchars($record["ttl"]) . "\" class=\"sinput\"></td>\n";
  141. echo " </tr>\n";
  142. }
  143. echo " </table>\n";
  144. echo " <input type=\"submit\" name=\"commit\" value=\"" . _('Commit changes') . "\" class=\"button\">&nbsp;&nbsp;\n";
  145. echo " <input type=\"reset\" name=\"reset\" value=\"" . _('Reset changes') . "\" class=\"button\">&nbsp;&nbsp;\n";
  146. echo " </form>\n";
  147. }
  148. include_once("inc/footer.inc.php");