選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。

dns.inc.php 26KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849
  1. <?php
  2. /* Poweradmin, a friendly web-based admin tool for PowerDNS.
  3. * See <http://www.poweradmin.org> for more details.
  4. *
  5. * Copyright 2007-2009 Rejo Zenger <rejo@zenger.nl>
  6. * Copyright 2010-2017 Poweradmin Development Team
  7. * <http://www.poweradmin.org/credits.html>
  8. *
  9. * This program is free software: you can redistribute it and/or modify
  10. * it under the terms of the GNU General Public License as published by
  11. * the Free Software Foundation, either version 3 of the License, or
  12. * (at your option) any later version.
  13. *
  14. * This program is distributed in the hope that it will be useful,
  15. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  17. * GNU General Public License for more details.
  18. *
  19. * You should have received a copy of the GNU General Public License
  20. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  21. */
  22. /**
  23. * DNS functions
  24. *
  25. * @package Poweradmin
  26. * @copyright 2007-2010 Rejo Zenger <rejo@zenger.nl>
  27. * @copyright 2010-2017 Poweradmin Development Team
  28. * @license http://opensource.org/licenses/GPL-3.0 GPL
  29. */
  30. /** Validate DNS record input
  31. *
  32. * @param int $rid Record ID
  33. * @param int $zid Zone ID
  34. * @param string $type Record Type
  35. * @param mixed $content content part of record
  36. * @param mixed $name Name part of record
  37. * @param mixed $prio Priority
  38. * @param mixed $ttl TTL
  39. *
  40. * @return boolean true on success, false otherwise
  41. */
  42. function validate_input($rid, $zid, $type, &$content, &$name, &$prio, &$ttl) {
  43. $zone = get_zone_name_from_id($zid); // TODO check for return
  44. if (!endsWith(strtolower($zone), strtolower($name))) {
  45. if (isset($name) && $name != "") {
  46. $name = $name . "." . $zone;
  47. } else {
  48. $name = $zone;
  49. }
  50. }
  51. switch ($type) {
  52. case "A":
  53. if (!is_valid_ipv4($content)) {
  54. return false;
  55. }
  56. if (!is_valid_rr_cname_exists($name, $rid)) {
  57. return false;
  58. }
  59. if (!is_valid_hostname_fqdn($name, 1)) {
  60. return false;
  61. }
  62. break;
  63. case "A6": // TODO: implement validation.
  64. break;
  65. case "AAAA":
  66. if (!is_valid_ipv6($content)) {
  67. return false;
  68. }
  69. if (!is_valid_rr_cname_exists($name, $rid)) {
  70. return false;
  71. }
  72. if (!is_valid_hostname_fqdn($name, 1)) {
  73. return false;
  74. }
  75. break;
  76. case "AFSDB": // TODO: implement validation.
  77. break;
  78. case "ALIAS": // TODO: implement validation.
  79. break;
  80. case "CAA": // TODO: implement validation.
  81. break;
  82. case "CDNSKEY": // TODO: implement validation.
  83. break;
  84. case "CDS": // TODO: implement validation.
  85. break;
  86. case "CERT": // TODO: implement validation.
  87. break;
  88. case "CNAME":
  89. if (!is_valid_rr_cname_name($name)) {
  90. return false;
  91. }
  92. if (!is_valid_rr_cname_unique($name, $rid)) {
  93. return false;
  94. }
  95. if (!is_valid_hostname_fqdn($name, 1)) {
  96. return false;
  97. }
  98. if (!is_valid_hostname_fqdn($content, 0)) {
  99. return false;
  100. }
  101. if (!is_not_empty_cname_rr($name, $zone)) {
  102. return false;
  103. }
  104. break;
  105. case 'DHCID': // TODO: implement validation
  106. break;
  107. case 'DLV': // TODO: implement validation
  108. break;
  109. case "DNAME": // TODO: implement validation.
  110. break;
  111. case 'DNSKEY': // TODO: implement validation
  112. break;
  113. case 'DS': // TODO: implement validation
  114. break;
  115. case 'EUI48': // TODO: implement validation
  116. break;
  117. case 'EUI64': // TODO: implement validation
  118. break;
  119. case "HINFO":
  120. if (!is_valid_rr_hinfo_content($content)) {
  121. return false;
  122. }
  123. if (!is_valid_hostname_fqdn($name, 1)) {
  124. return false;
  125. }
  126. break;
  127. case 'IPSECKEY': // TODO: implement validation
  128. break;
  129. case 'KEY': // TODO: implement validation
  130. break;
  131. case 'KX': // TODO: implement validation
  132. break;
  133. case "LOC":
  134. if (!is_valid_loc($content)) {
  135. return false;
  136. }
  137. if (!is_valid_hostname_fqdn($name, 1)) {
  138. return false;
  139. }
  140. break;
  141. case "MAILA": // TODO: implement validation.
  142. break;
  143. case "MAILB": // TODO: implement validation.
  144. break;
  145. case 'MINFO': // TODO: implement validation
  146. break;
  147. case 'MR': // TODO: implement validation
  148. break;
  149. case "MX":
  150. if (!is_valid_hostname_fqdn($content, 0)) {
  151. return false;
  152. }
  153. if (!is_valid_hostname_fqdn($name, 1)) {
  154. return false;
  155. }
  156. if (!is_valid_non_alias_target($content)) {
  157. return false;
  158. }
  159. break;
  160. case 'NAPTR': // TODO: implement validation
  161. break;
  162. case "NS":
  163. if (!is_valid_hostname_fqdn($content, 0)) {
  164. return false;
  165. }
  166. if (!is_valid_hostname_fqdn($name, 1)) {
  167. return false;
  168. }
  169. if (!is_valid_non_alias_target($content)) {
  170. return false;
  171. }
  172. break;
  173. case 'NSEC': // TODO: implement validation
  174. break;
  175. case 'NSEC3': // TODO: implement validation
  176. break;
  177. case 'NSEC3PARAM': // TODO: implement validation
  178. break;
  179. case "OPENPGPKEY": // TODO: implement validation.
  180. break;
  181. case 'OPT': // TODO: implement validation
  182. break;
  183. case "PTR":
  184. if (!is_valid_hostname_fqdn($content, 0)) {
  185. return false;
  186. }
  187. if (!is_valid_hostname_fqdn($name, 1)) {
  188. return false;
  189. }
  190. break;
  191. case 'RKEY': // TODO: implement validation
  192. break;
  193. case 'RP': // TODO: implement validation
  194. break;
  195. case 'RRSIG': // TODO: implement validation
  196. break;
  197. case "SIG": // TODO: implement validation.
  198. break;
  199. case "SOA":
  200. if (!is_valid_rr_soa_name($name, $zone)) {
  201. return false;
  202. }
  203. if (!is_valid_hostname_fqdn($name, 1)) {
  204. return false;
  205. }
  206. if (!is_valid_rr_soa_content($content)) {
  207. error(ERR_DNS_CONTENT);
  208. return false;
  209. }
  210. break;
  211. case "SPF":
  212. if (!is_valid_spf($content)) {
  213. return false;
  214. }
  215. break;
  216. case "SRV":
  217. if (!is_valid_rr_srv_name($name)) {
  218. return false;
  219. }
  220. if (!is_valid_rr_srv_content($content)) {
  221. return false;
  222. }
  223. break;
  224. case 'SSHFP': // TODO: implement validation
  225. break;
  226. case "TKEY": // TODO: implement validation.
  227. break;
  228. case 'TLSA': // TODO: implement validation
  229. break;
  230. case 'TSIG': // TODO: implement validation
  231. break;
  232. case "TXT":
  233. if (!is_valid_printable($name)) {
  234. return false;
  235. }
  236. if (!is_valid_printable($content)) {
  237. return false;
  238. }
  239. break;
  240. case 'WKS': // TODO: implement validation
  241. break;
  242. case "MBOXFW": // TODO: implement validation
  243. break;
  244. case "URL": // TODO: implement validation.
  245. break;
  246. default:
  247. error(ERR_DNS_RR_TYPE);
  248. return false;
  249. }
  250. if (!is_valid_rr_prio($prio, $type)) {
  251. return false;
  252. }
  253. if (!is_valid_rr_ttl($ttl)) {
  254. return false;
  255. }
  256. return true;
  257. }
  258. /** Test if hostname is valid FQDN
  259. *
  260. * @param mixed $hostname Hostname string
  261. * @param string $wildcard Hostname includes wildcard '*'
  262. *
  263. * @return boolean true if valid, false otherwise
  264. */
  265. function is_valid_hostname_fqdn(&$hostname, $wildcard) {
  266. global $dns_top_level_tld_check;
  267. global $dns_strict_tld_check;
  268. global $valid_tlds;
  269. $hostname = preg_replace("/\.$/", "", $hostname);
  270. # The full domain name may not exceed a total length of 253 characters.
  271. if (strlen($hostname) > 253) {
  272. error(ERR_DNS_HN_TOO_LONG);
  273. return false;
  274. }
  275. $hostname_labels = explode('.', $hostname);
  276. $label_count = count($hostname_labels);
  277. if ($dns_top_level_tld_check && $label_count == 1) {
  278. return false;
  279. }
  280. foreach ($hostname_labels as $hostname_label) {
  281. if ($wildcard == 1 && !isset($first)) {
  282. if (!preg_match('/^(\*|[\w-\/]+)$/', $hostname_label)) {
  283. error(ERR_DNS_HN_INV_CHARS);
  284. return false;
  285. }
  286. $first = 1;
  287. } else {
  288. if (!preg_match('/^[\w-\/]+$/', $hostname_label)) {
  289. error(ERR_DNS_HN_INV_CHARS);
  290. return false;
  291. }
  292. }
  293. if (substr($hostname_label, 0, 1) == "-") {
  294. error(ERR_DNS_HN_DASH);
  295. return false;
  296. }
  297. if (substr($hostname_label, -1, 1) == "-") {
  298. error(ERR_DNS_HN_DASH);
  299. return false;
  300. }
  301. if (strlen($hostname_label) < 1 || strlen($hostname_label) > 63) {
  302. error(ERR_DNS_HN_LENGTH);
  303. return false;
  304. }
  305. }
  306. if ($hostname_labels[$label_count - 1] == "arpa" && (substr_count($hostname_labels[0], "/") == 1 XOR substr_count($hostname_labels[1], "/") == 1)) {
  307. if (substr_count($hostname_labels[0], "/") == 1) {
  308. $array = explode("/", $hostname_labels[0]);
  309. } else {
  310. $array = explode("/", $hostname_labels[1]);
  311. }
  312. if (count($array) != 2) {
  313. error(ERR_DNS_HOSTNAME);
  314. return false;
  315. }
  316. if (!is_numeric($array[0]) || $array[0] < 0 || $array[0] > 255) {
  317. error(ERR_DNS_HOSTNAME);
  318. return false;
  319. }
  320. if (!is_numeric($array[1]) || $array[1] < 25 || $array[1] > 31) {
  321. error(ERR_DNS_HOSTNAME);
  322. return false;
  323. }
  324. } else {
  325. if (substr_count($hostname, "/") > 0) {
  326. error(ERR_DNS_HN_SLASH);
  327. return false;
  328. }
  329. }
  330. if ($dns_strict_tld_check && !in_array(strtolower($hostname_labels[$label_count - 1]), $valid_tlds)) {
  331. error(ERR_DNS_INV_TLD);
  332. return false;
  333. }
  334. return true;
  335. }
  336. /** Test if IPv4 address is valid
  337. *
  338. * @param string $ipv4 IPv4 address string
  339. * @param boolean $answer print error if true
  340. * [default=true]
  341. *
  342. * @return boolean true if valid, false otherwise
  343. */
  344. function is_valid_ipv4($ipv4, $answer = true) {
  345. if(filter_var($ipv4, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === FALSE) {
  346. if($answer) {
  347. error(ERR_DNS_IPV4);
  348. }
  349. return false;
  350. }
  351. return true;
  352. }
  353. /** Test if IPv6 address is valid
  354. *
  355. * @param string $ipv6 IPv6 address string
  356. * @param boolean $answer print error if true
  357. * [default=true]
  358. *
  359. * @return boolean true if valid, false otherwise
  360. */
  361. function is_valid_ipv6($ipv6, $answer = true) {
  362. if(filter_var($ipv6, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === FALSE) {
  363. if($answer) {
  364. error(ERR_DNS_IPV6);
  365. }
  366. return false;
  367. }
  368. return true;
  369. }
  370. /** Test if multiple IP addresses are valid
  371. *
  372. * Takes a string of comma seperated IP addresses and tests validity
  373. *
  374. * @param string $ips Comma seperated IP addresses
  375. *
  376. * @return boolean true if valid, false otherwise
  377. */
  378. function are_multipe_valid_ips($ips) {
  379. // multiple master NS-records are permitted and must be separated by ,
  380. // eg. "192.0.0.1, 192.0.0.2, 2001:1::1"
  381. $are_valid = false;
  382. $multiple_ips = explode(",", $ips);
  383. if (is_array($multiple_ips)) {
  384. foreach ($multiple_ips as $m_ip) {
  385. $trimmed_ip = trim($m_ip);
  386. if (is_valid_ipv4($trimmed_ip, false) || is_valid_ipv6($trimmed_ip, true)) {
  387. $are_valid = true;
  388. } else {
  389. // as soon there is an invalid ip-addr
  390. // exit and return false
  391. echo "hin:=$trimmed_ip=";
  392. return false;
  393. }
  394. }
  395. } elseif (is_valid_ipv4($ips) || is_valid_ipv6($ips)) {
  396. $are_valid = true;
  397. }
  398. if ($are_valid) {
  399. return true;
  400. } else {
  401. return false;
  402. }
  403. }
  404. /** Test if string is printable
  405. *
  406. * @param string $string string
  407. *
  408. * @return boolean true if valid, false otherwise
  409. */
  410. function is_valid_printable($string) {
  411. if (!preg_match('/^[[:print:]]+$/', trim($string))) {
  412. error(ERR_DNS_PRINTABLE);
  413. return false;
  414. }
  415. return true;
  416. }
  417. /** Test if CNAME is valid
  418. *
  419. * Check if any MX or NS entries exist which invalidated CNAME
  420. *
  421. * @param string $name CNAME to lookup
  422. *
  423. * @return boolean true if valid, false otherwise
  424. */
  425. function is_valid_rr_cname_name($name) {
  426. global $db;
  427. $query = "SELECT id FROM records
  428. WHERE content = " . $db->quote($name, 'text') . "
  429. AND (type = " . $db->quote('MX', 'text') . " OR type = " . $db->quote('NS', 'text') . ")";
  430. $response = $db->queryOne($query);
  431. if (!empty($response)) {
  432. error(ERR_DNS_CNAME);
  433. return false;
  434. }
  435. return true;
  436. }
  437. /** Check if CNAME already exists
  438. *
  439. * @param string $name CNAME
  440. * @param int $rid Record ID
  441. *
  442. * @return boolean true if non-existant, false if exists
  443. */
  444. function is_valid_rr_cname_exists($name, $rid) {
  445. global $db;
  446. $where = ($rid > 0 ? " AND id != " . $db->quote($rid, 'integer') : '');
  447. $query = "SELECT id FROM records
  448. WHERE name = " . $db->quote($name, 'text') . $where . "
  449. AND TYPE = 'CNAME'";
  450. $response = $db->queryOne($query);
  451. if ($response) {
  452. error(ERR_DNS_CNAME_EXISTS);
  453. return false;
  454. }
  455. return true;
  456. }
  457. /** Check if CNAME is unique (doesn't overlap A/AAAA)
  458. *
  459. * @param string $name CNAME
  460. * @param string $rid Record ID
  461. *
  462. * @return boolean true if unique, false if duplicate
  463. */
  464. function is_valid_rr_cname_unique($name, $rid) {
  465. global $db;
  466. $where = ($rid > 0 ? " AND id != " . $db->quote($rid, 'integer') : '');
  467. $query = "SELECT id FROM records
  468. WHERE name = " . $db->quote($name, 'text') . $where . "
  469. AND TYPE IN ('A', 'AAAA', 'CNAME')";
  470. $response = $db->queryOne($query);
  471. if ($response) {
  472. error(ERR_DNS_CNAME_UNIQUE);
  473. return false;
  474. }
  475. return true;
  476. }
  477. /**
  478. * Check that the zone does not have a empty CNAME RR
  479. *
  480. * @param string $name
  481. * @param string $zone
  482. */
  483. function is_not_empty_cname_rr($name, $zone) {
  484. if ($name == $zone) {
  485. error(ERR_DNS_CNAME_EMPTY);
  486. return false;
  487. }
  488. return true;
  489. }
  490. /** Check if target is not a CNAME
  491. *
  492. * @param string $target target to check
  493. *
  494. * @return boolean true if not alias, false if CNAME exists
  495. */
  496. function is_valid_non_alias_target($target) {
  497. global $db;
  498. $query = "SELECT id FROM records
  499. WHERE name = " . $db->quote($target, 'text') . "
  500. AND TYPE = " . $db->quote('CNAME', 'text');
  501. $response = $db->queryOne($query);
  502. if ($response) {
  503. error(ERR_DNS_NON_ALIAS_TARGET);
  504. return false;
  505. }
  506. return true;
  507. }
  508. /** Check if HINFO content is valid
  509. *
  510. * @param string $content HINFO record content
  511. *
  512. * @return boolean true if valid, false otherwise
  513. */
  514. function is_valid_rr_hinfo_content($content) {
  515. if ($content[0] == "\"") {
  516. $fields = preg_split('/(?<=") /', $content, 2);
  517. } else {
  518. $fields = preg_split('/ /', $content, 2);
  519. }
  520. for ($i = 0; ($i < 2); $i++) {
  521. if (!preg_match("/^([^\s]{1,1000})|\"([^\"]{1,998}\")$/i", $fields[$i])) {
  522. error(ERR_DNS_HINFO_INV_CONTENT);
  523. return false;
  524. }
  525. }
  526. return true;
  527. }
  528. /** Check if SOA content is valid
  529. *
  530. * @param mixed $content SOA record content
  531. *
  532. * @return boolean true if valid, false otherwise
  533. */
  534. function is_valid_rr_soa_content(&$content) {
  535. $fields = preg_split("/\s+/", trim($content));
  536. $field_count = count($fields);
  537. if ($field_count == 0 || $field_count > 7) {
  538. return false;
  539. } else {
  540. if (!is_valid_hostname_fqdn($fields[0], 0) || preg_match('/\.arpa\.?$/', $fields[0])) {
  541. return false;
  542. }
  543. $final_soa = $fields[0];
  544. if (isset($fields[1])) {
  545. $addr_input = $fields[1];
  546. } else {
  547. global $dns_hostmaster;
  548. $addr_input = $dns_hostmaster;
  549. }
  550. if (!preg_match("/@/", $addr_input)) {
  551. $addr_input = preg_split('/(?<!\\\)\./', $addr_input, 2);
  552. $addr_to_check = str_replace("\\", "", $addr_input[0]) . "@" . $addr_input[1];
  553. } else {
  554. $addr_to_check = $addr_input;
  555. }
  556. if (!is_valid_email($addr_to_check)) {
  557. return false;
  558. } else {
  559. $addr_final = explode('@', $addr_to_check, 2);
  560. $final_soa .= " " . str_replace(".", "\\.", $addr_final[0]) . "." . $addr_final[1];
  561. }
  562. if (isset($fields[2])) {
  563. if (!is_numeric($fields[2])) {
  564. return false;
  565. }
  566. $final_soa .= " " . $fields[2];
  567. } else {
  568. $final_soa .= " 0";
  569. }
  570. if ($field_count != 7) {
  571. return false;
  572. } else {
  573. for ($i = 3; ($i < 7); $i++) {
  574. if (!is_numeric($fields[$i])) {
  575. return false;
  576. } else {
  577. $final_soa .= " " . $fields[$i];
  578. }
  579. }
  580. }
  581. }
  582. $content = $final_soa;
  583. return true;
  584. }
  585. /** Check if SOA name is valid
  586. *
  587. * Checks if SOA name = zone name
  588. *
  589. * @param string $name SOA name
  590. * @param string $zone Zone name
  591. *
  592. * @return boolean true if valid, false otherwise
  593. */
  594. function is_valid_rr_soa_name($name, $zone) {
  595. if ($name != $zone) {
  596. error(ERR_DNS_SOA_NAME);
  597. return false;
  598. }
  599. return true;
  600. }
  601. /** Check if Priority is valid
  602. *
  603. * Check if MX or SRV priority is within range, otherwise set to 0
  604. *
  605. * @param mixed $prio Priority
  606. * @param string $type Record type
  607. *
  608. * @return boolean true if valid, false otherwise
  609. */
  610. function is_valid_rr_prio(&$prio, $type) {
  611. if ($type == "MX" || $type == "SRV") {
  612. if (!is_numeric($prio) || $prio < 0 || $prio > 65535) {
  613. error(ERR_DNS_INV_PRIO);
  614. return false;
  615. }
  616. } else {
  617. $prio = 0;
  618. }
  619. return true;
  620. }
  621. /** Check if SRV name is valid
  622. *
  623. * @param mixed $name SRV name
  624. *
  625. * @return boolean true if valid, false otherwise
  626. */
  627. function is_valid_rr_srv_name(&$name) {
  628. if (strlen($name) > 255) {
  629. error(ERR_DNS_HN_TOO_LONG);
  630. return false;
  631. }
  632. $fields = explode('.', $name, 3);
  633. if (!preg_match('/^_[\w-]+$/i', $fields[0])) {
  634. error(ERR_DNS_SRV_NAME_SERVICE, $name);
  635. return false;
  636. }
  637. if (!preg_match('/^_[\w]+$/i', $fields[1])) {
  638. error(ERR_DNS_SRV_NAME_PROTO, $name);
  639. return false;
  640. }
  641. if (!is_valid_hostname_fqdn($fields[2], 0)) {
  642. error(ERR_DNS_SRV_NAME, $name);
  643. return false;
  644. }
  645. $name = join('.', $fields);
  646. return true;
  647. }
  648. /** Check if SRV content is valid
  649. *
  650. * @param mixed $content SRV content
  651. *
  652. * @return boolean true if valid, false otherwise
  653. */
  654. function is_valid_rr_srv_content(&$content) {
  655. $fields = preg_split("/\s+/", trim($content), 3);
  656. if (!is_numeric($fields[0]) || $fields[0] < 0 || $fields[0] > 65535) {
  657. error(ERR_DNS_SRV_WGHT, $name);
  658. return false;
  659. }
  660. if (!is_numeric($fields[1]) || $fields[1] < 0 || $fields[1] > 65535) {
  661. error(ERR_DNS_SRV_PORT, $name);
  662. return false;
  663. }
  664. if ($fields[2] == "" || ($fields[2] != "." && !is_valid_hostname_fqdn($fields[2], 0))) {
  665. error(ERR_DNS_SRV_TRGT, $name);
  666. return false;
  667. }
  668. $content = join(' ', $fields);
  669. return true;
  670. }
  671. /** Check if TTL is valid and within range
  672. *
  673. * @param int $ttl TTL
  674. *
  675. * @return boolean true if valid,false otherwise
  676. */
  677. function is_valid_rr_ttl(&$ttl) {
  678. if (!isset($ttl) || $ttl == "") {
  679. global $dns_ttl;
  680. $ttl = $dns_ttl;
  681. }
  682. if (!is_numeric($ttl) || $ttl < 0 || $ttl > 2147483647) {
  683. error(ERR_DNS_INV_TTL);
  684. return false;
  685. }
  686. return true;
  687. }
  688. /** Check if search string is valid
  689. *
  690. * @param string $search_string search string
  691. *
  692. * @return boolean true if valid, false otherwise
  693. */
  694. function is_valid_search($search_string) {
  695. // Only allow for alphanumeric, numeric, dot, dash, underscore and
  696. // percent in search string. The last two are wildcards for SQL.
  697. // Needs extension probably for more usual record types.
  698. return preg_match('/^[a-z0-9.\-%_]+$/i', $search_string);
  699. }
  700. /** Check if SPF content is valid
  701. *
  702. * @param string $content SPF content
  703. *
  704. * @return boolean true if valid, false otherwise
  705. */
  706. function is_valid_spf($content) {
  707. //Regex from http://www.schlitt.net/spf/tests/spf_record_regexp-03.txt
  708. $regex = "^[Vv]=[Ss][Pp][Ff]1( +([-+?~]?([Aa][Ll][Ll]|[Ii][Nn][Cc][Ll][Uu][Dd][Ee]:(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\})|[Aa](:(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}))?((/([1-9]|1[0-9]|2[0-9]|3[0-2]))?(//([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8]))?)?|[Mm][Xx](:(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}))?((/([1-9]|1[0-9]|2[0-9]|3[0-2]))?(//([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8]))?)?|[Pp][Tt][Rr](:(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}))?|[Ii][Pp]4:([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(/([1-9]|1[0-9]|2[0-9]|3[0-2]))?|[Ii][Pp]6:(::|([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4}|([0-9A-Fa-f]{1,4}:){1,8}:|([0-9A-Fa-f]{1,4}:){7}:[0-9A-Fa-f]{1,4}|([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}){1,2}|([0-9A-Fa-f]{1,4}:){5}(:[0-9A-Fa-f]{1,4}){1,3}|([0-9A-Fa-f]{1,4}:){4}(:[0-9A-Fa-f]{1,4}){1,4}|([0-9A-Fa-f]{1,4}:){3}(:[0-9A-Fa-f]{1,4}){1,5}|([0-9A-Fa-f]{1,4}:){2}(:[0-9A-Fa-f]{1,4}){1,6}|[0-9A-Fa-f]{1,4}:(:[0-9A-Fa-f]{1,4}){1,7}|:(:[0-9A-Fa-f]{1,4}){1,8}|([0-9A-Fa-f]{1,4}:){6}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|([0-9A-Fa-f]{1,4}:){6}:([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|[0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|::([0-9A-Fa-f]{1,4}:){0,6}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))(/([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8]))?|[Ee][Xx][Ii][Ss][Tt][Ss]:(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}))|[Rr][Ee][Dd][Ii][Rr][Ee][Cc][Tt]=(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\})|[Ee][Xx][Pp]=(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\})|[A-Za-z][-.0-9A-Z_a-z]*=(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*))* *$^";
  709. if (!preg_match($regex, $content)) {
  710. return false;
  711. } else {
  712. return true;
  713. }
  714. }
  715. /** Check if LOC content is valid
  716. *
  717. * @param string $content LOC content
  718. *
  719. * @return boolean true if valid, false otherwise
  720. */
  721. function is_valid_loc($content) {
  722. $regex = "^(90|[1-8]\d|0?\d)( ([1-5]\d|0?\d)( ([1-5]\d|0?\d)(\.\d{1,3})?)?)? [NS] (180|1[0-7]\d|[1-9]\d|0?\d)( ([1-5]\d|0?\d)( ([1-5]\d|0?\d)(\.\d{1,3})?)?)? [EW] (-(100000(\.00)?|\d{1,5}(\.\d\d)?)|([1-3]?\d{1,7}(\.\d\d)?|4([01][0-9]{6}|2([0-7][0-9]{5}|8([0-3][0-9]{4}|4([0-8][0-9]{3}|9([0-5][0-9]{2}|6([0-6][0-9]|7[01]))))))(\.\d\d)?|42849672(\.([0-8]\d|9[0-5]))?))[m]?( (\d{1,7}|[1-8]\d{7})(\.\d\d)?[m]?){0,3}$^";
  723. if (!preg_match($regex, $content)) {
  724. return false;
  725. } else {
  726. return true;
  727. }
  728. }