robin.thoni
/
docker-pdns-server
Watch 1
Star 0
Fork 0
Code Issues 4 Pull Requests 0 Releases 8 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
2 Branches
Tree: a628060c97
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a628060c97'
${ noResults }
docker-pdns-server/poweradmin/poweradmin-2.1.7/inc/dns.inc.php

dns.inc.php 27KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882 
  1. <?php

  2. 

  3. /*  Poweradmin, a friendly web-based admin tool for PowerDNS.

  4.  *  See <http://www.poweradmin.org> for more details.

  5.  *

  6.  *  Copyright 2007-2009  Rejo Zenger <rejo@zenger.nl>

  7.  *  Copyright 2010-2014  Poweradmin Development Team

  8.  *      <http://www.poweradmin.org/credits.html>

  9.  *

  10.  *  This program is free software: you can redistribute it and/or modify

  11.  *  it under the terms of the GNU General Public License as published by

  12.  *  the Free Software Foundation, either version 3 of the License, or

  13.  *  (at your option) any later version.

  14.  *

  15.  *  This program is distributed in the hope that it will be useful,

  16.  *  but WITHOUT ANY WARRANTY; without even the implied warranty of

  17.  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  18.  *  GNU General Public License for more details.

  19.  *

  20.  *  You should have received a copy of the GNU General Public License

  21.  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.

  22.  */

  23. 

  24. /**

  25.  * DNS functions

  26.  *

  27.  * @package Poweradmin

  28.  * @copyright   2007-2010 Rejo Zenger <rejo@zenger.nl>

  29.  * @copyright   2010-2014 Poweradmin Development Team

  30.  * @license     http://opensource.org/licenses/GPL-3.0 GPL

  31.  */

  32. 

  33. /** Validate DNS record input

  34.  *

  35.  * @param int $rid Record ID

  36.  * @param int $zid Zone ID

  37.  * @param string $type Record Type

  38.  * @param mixed $content content part of record

  39.  * @param mixed $name Name part of record

  40.  * @param mixed $prio Priority

  41.  * @param mixed $ttl TTL

  42.  *

  43.  * @return boolean true on success, false otherwise

  44.  */

  45. function validate_input($rid, $zid, $type, &$content, &$name, &$prio, &$ttl) {

  46. 

  47.     $zone = get_zone_name_from_id($zid);    // TODO check for return

  48. 

  49.     if (!(preg_match("/$zone$/i", $name))) {

  50.         if (isset($name) && $name != "") {

  51.             $name = $name . "." . $zone;

  52.         } else {

  53.             $name = $zone;

  54.         }

  55.     }

  56. 

  57.     switch ($type) {

  58. 

  59.         case "A":

  60.             if (!is_valid_ipv4($content)) {

  61.                 return false;

  62.             }

  63.             if (!is_valid_rr_cname_exists($name, $rid)) {

  64.                 return false;

  65.             }

  66.             if (!is_valid_hostname_fqdn($name, 1)) {

  67.                 return false;

  68.             }

  69.             break;

  70. 

  71.         case "AAAA":

  72.             if (!is_valid_ipv6($content)) {

  73.                 return false;

  74.             }

  75.             if (!is_valid_rr_cname_exists($name, $rid)) {

  76.                 return false;

  77.             }

  78.             if (!is_valid_hostname_fqdn($name, 1)) {

  79.                 return false;

  80.             }

  81.             break;

  82. 

  83.         case "AFSDB": // TODO: implement validation.

  84.             break;

  85. 

  86.         case "CERT": // TODO: implement validation.

  87.             break;

  88. 

  89.         case "CNAME":

  90.             if (!is_valid_rr_cname_name($name)) {

  91.                 return false;

  92.             }

  93.             if (!is_valid_rr_cname_unique($name, $rid)) {

  94.                 return false;

  95.             }

  96.             if (!is_valid_hostname_fqdn($name, 1)) {

  97.                 return false;

  98.             }

  99.             if (!is_valid_hostname_fqdn($content, 0)) {

  100.                 return false;

  101.             }

  102.             if (!is_not_empty_cname_rr($name, $zone)) {

  103.                 return false;

  104.             }

  105.             break;

  106. 

  107.         case 'DHCID': // TODO: implement validation

  108.             break;

  109. 

  110.         case 'DLV': // TODO: implement validation

  111.             break;

  112. 

  113.         case 'DNSKEY': // TODO: implement validation

  114.             break;

  115. 

  116.         case 'DS': // TODO: implement validation

  117.             break;

  118. 

  119.         case 'EUI48': // TODO: implement validation

  120.             break;

  121. 

  122.         case 'EUI64': // TODO: implement validation

  123.             break;

  124. 

  125.         case "HINFO":

  126.             if (!is_valid_rr_hinfo_content($content)) {

  127.                 return false;

  128.             }

  129.             if (!is_valid_hostname_fqdn($name, 1)) {

  130.                 return false;

  131.             }

  132.             break;

  133. 

  134.         case 'IPSECKEY': // TODO: implement validation

  135.             break;

  136. 

  137.         case 'KEY': // TODO: implement validation

  138.             break;

  139. 

  140.         case 'KX': // TODO: implement validation

  141.             break;

  142. 

  143.         case "LOC":

  144.             if (!is_valid_loc($content)) {

  145.                 return false;

  146.             }

  147.             if (!is_valid_hostname_fqdn($name, 1)) {

  148.                 return false;

  149.             }

  150.             break;

  151. 

  152.         case 'MINFO': // TODO: implement validation

  153.             break;

  154. 

  155.         case 'MR': // TODO: implement validation

  156.             break;

  157. 

  158.         case "MX":

  159.             if (!is_valid_hostname_fqdn($content, 0)) {

  160.                 return false;

  161.             }

  162.             if (!is_valid_hostname_fqdn($name, 1)) {

  163.                 return false;

  164.             }

  165.             if (!is_valid_non_alias_target($content)) {

  166.                 return false;

  167.             }

  168.             break;

  169. 

  170.         case 'NAPTR': // TODO: implement validation

  171.             break;

  172. 

  173.         case "NS":

  174.             if (!is_valid_hostname_fqdn($content, 0)) {

  175.                 return false;

  176.             }

  177.             if (!is_valid_hostname_fqdn($name, 1)) {

  178.                 return false;

  179.             }

  180.             if (!is_valid_non_alias_target($content)) {

  181.                 return false;

  182.             }

  183.             break;

  184. 

  185.         case 'NSEC': // TODO: implement validation

  186.             break;

  187. 

  188.         case 'NSEC3': // TODO: implement validation

  189.             break;

  190. 

  191.         case 'NSEC3PARAM': // TODO: implement validation

  192.             break;

  193. 

  194.         case 'OPT': // TODO: implement validation

  195.             break;

  196. 

  197.         case "PTR":

  198.             if (!is_valid_hostname_fqdn($content, 0)) {

  199.                 return false;

  200.             }

  201.             if (!is_valid_hostname_fqdn($name, 1)) {

  202.                 return false;

  203.             }

  204.             break;

  205. 

  206.         case 'RKEY': // TODO: implement validation

  207.             break;

  208. 

  209.         case 'RP': // TODO: implement validation

  210.             break;

  211. 

  212.         case 'RRSIG': // TODO: implement validation

  213.             break;

  214. 

  215.         case "SOA":

  216.             if (!is_valid_rr_soa_name($name, $zone)) {

  217.                 return false;

  218.             }

  219.             if (!is_valid_hostname_fqdn($name, 1)) {

  220.                 return false;

  221.             }

  222.             if (!is_valid_rr_soa_content($content)) {

  223.                 error(ERR_DNS_CONTENT);

  224.                 return false;

  225.             }

  226.             break;

  227. 

  228.         case "SPF":

  229.             if (!is_valid_spf($content)) {

  230.                 return false;

  231.             }

  232.             break;

  233. 

  234.         case "SRV":

  235.             if (!is_valid_rr_srv_name($name)) {

  236.                 return false;

  237.             }

  238.             if (!is_valid_rr_srv_content($content)) {

  239.                 return false;

  240.             }

  241.             break;

  242. 

  243.         case 'SSHFP': // TODO: implement validation

  244.             break;

  245. 

  246.         case 'TLSA': // TODO: implement validation

  247.             break;

  248. 

  249.         case 'TSIG': // TODO: implement validation

  250.             break;

  251. 

  252.         case "TXT":

  253.             if (!is_valid_printable($name)) {

  254.                 return false;

  255.             }

  256.             if (!is_valid_printable($content)) {

  257.                 return false;

  258.             }

  259.             break;

  260. 

  261.         case 'WKS': // TODO: implement validation

  262.             break;

  263. 

  264.         case "CURL":

  265.         case "MBOXFW":

  266.         case "URL":

  267.             // TODO: implement validation?

  268.             // Fancy types are not supported anymore in PowerDNS

  269.             break;

  270. 

  271.         default:

  272.             error(ERR_DNS_RR_TYPE);

  273.             return false;

  274.     }

  275. 

  276.     if (!is_valid_rr_prio($prio, $type)) {

  277.         return false;

  278.     }

  279.     if (!is_valid_rr_ttl($ttl)) {

  280.         return false;

  281.     }

  282. 

  283.     return true;

  284. }

  285. 

  286. /** Test if hostname is valid FQDN

  287.  *

  288.  * @param mixed $hostname Hostname string

  289.  * @param string $wildcard Hostname includes wildcard '*'

  290.  *

  291.  * @return boolean true if valid, false otherwise

  292.  */

  293. function is_valid_hostname_fqdn(&$hostname, $wildcard) {

  294.     global $dns_top_level_tld_check;

  295.     global $dns_strict_tld_check;

  296.     global $valid_tlds;

  297. 

  298.     $hostname = preg_replace("/\.$/", "", $hostname);

  299. 

  300.     # The full domain name may not exceed a total length of 253 characters.

  301.     if (strlen($hostname) > 253) {

  302.         error(ERR_DNS_HN_TOO_LONG);

  303.         return false;

  304.     }

  305. 

  306.     $hostname_labels = explode('.', $hostname);

  307.     $label_count = count($hostname_labels);

  308. 

  309.     if ($dns_top_level_tld_check && $label_count == 1) {

  310.         return false;

  311.     }

  312. 

  313.     foreach ($hostname_labels as $hostname_label) {

  314.         if ($wildcard == 1 && !isset($first)) {

  315.             if (!preg_match('/^(\*|[\w-\/]+)$/', $hostname_label)) {

  316.                 error(ERR_DNS_HN_INV_CHARS);

  317.                 return false;

  318.             }

  319.             $first = 1;

  320.         } else {

  321.             if (!preg_match('/^[\w-\/]+$/', $hostname_label)) {

  322.                 error(ERR_DNS_HN_INV_CHARS);

  323.                 return false;

  324.             }

  325.         }

  326.         if (substr($hostname_label, 0, 1) == "-") {

  327.             error(ERR_DNS_HN_DASH);

  328.             return false;

  329.         }

  330.         if (substr($hostname_label, -1, 1) == "-") {

  331.             error(ERR_DNS_HN_DASH);

  332.             return false;

  333.         }

  334.         if (strlen($hostname_label) < 1 || strlen($hostname_label) > 63) {

  335.             error(ERR_DNS_HN_LENGTH);

  336.             return false;

  337.         }

  338.     }

  339. 

  340.     if ($hostname_labels[$label_count - 1] == "arpa" && (substr_count($hostname_labels[0], "/") == 1 XOR substr_count($hostname_labels[1], "/") == 1)) {

  341.         if (substr_count($hostname_labels[0], "/") == 1) {

  342.             $array = explode("/", $hostname_labels[0]);

  343.         } else {

  344.             $array = explode("/", $hostname_labels[1]);

  345.         }

  346.         if (count($array) != 2) {

  347.             error(ERR_DNS_HOSTNAME);

  348.             return false;

  349.         }

  350.         if (!is_numeric($array[0]) || $array[0] < 0 || $array[0] > 255) {

  351.             error(ERR_DNS_HOSTNAME);

  352.             return false;

  353.         }

  354.         if (!is_numeric($array[1]) || $array[1] < 25 || $array[1] > 31) {

  355.             error(ERR_DNS_HOSTNAME);

  356.             return false;

  357.         }

  358.     } else {

  359.         if (substr_count($hostname, "/") > 0) {

  360.             error(ERR_DNS_HN_SLASH);

  361.             return false;

  362.         }

  363.     }

  364. 

  365.     if ($dns_strict_tld_check && !in_array(strtolower($hostname_labels[$label_count - 1]), $valid_tlds)) {

  366.         error(ERR_DNS_INV_TLD);

  367.         return false;

  368.     }

  369. 

  370.     return true;

  371. }

  372. 

  373. /** Test if IPv4 address is valid

  374.  *

  375.  * @param string $ipv4 IPv4 address string

  376.  * @param boolean $answer print error if true

  377.  * [default=true]

  378.  *

  379.  * @return boolean true if valid, false otherwise

  380.  */

  381. function is_valid_ipv4($ipv4, $answer = true) {

  382. 

  383. // 20080424/RZ: The current code may be replaced by the following if()

  384. // statement, but it will raise the required PHP version to ">= 5.2.0".

  385. // Not sure if we want that now.

  386. //

  387. //	if(filter_var($ipv4, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === FALSE) {

  388. //		error(ERR_DNS_IPV4); return false;

  389. //	}

  390. 

  391.     if (!preg_match("/^[0-9\.]{7,15}$/", $ipv4)) {

  392.         if ($answer) {

  393.             error(ERR_DNS_IPV4);

  394.         }

  395.         return false;

  396.     }

  397. 

  398.     $quads = explode('.', $ipv4);

  399.     $numquads = count($quads);

  400. 

  401.     if ($numquads != 4) {

  402.         if ($answer) {

  403.             error(ERR_DNS_IPV4);

  404.         }

  405.         return false;

  406.     }

  407. 

  408.     for ($i = 0; $i < 4; $i++) {

  409.         if ($quads[$i] > 255) {

  410.             if ($answer) {

  411.                 error(ERR_DNS_IPV4);

  412.             }

  413.             return false;

  414.         }

  415.     }

  416. 

  417.     return true;

  418. }

  419. 

  420. /** Test if IPv6 address is valid

  421.  *

  422.  * @param string $ipv6 IPv6 address string

  423.  * @param boolean $answer print error if true

  424.  * [default=true]

  425.  *

  426.  * @return boolean true if valid, false otherwise

  427.  */

  428. function is_valid_ipv6($ipv6, $answer = true) {

  429. 

  430. // 20080424/RZ: The current code may be replaced by the following if()

  431. // statement, but it will raise the required PHP version to ">= 5.2.0".

  432. // Not sure if we want that now.

  433. //

  434. //	if(filter_var($ipv6, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === FALSE) {

  435. //		error(ERR_DNS_IPV6); return false;

  436. //	}

  437. 

  438.     if (!preg_match("/^[0-9a-f]{0,4}:([0-9a-f]{0,4}:){0,6}[0-9a-f]{0,4}$/i", $ipv6)) {

  439.         if ($answer) {

  440.             error(ERR_DNS_IPV6);

  441.         }

  442.         return false;

  443.     }

  444. 

  445.     $quads = explode(':', $ipv6);

  446.     $numquads = count($quads);

  447. 

  448.     if ($numquads > 8 || $numquads < 3) {

  449.         if ($answer) {

  450.             error(ERR_DNS_IPV6);

  451.         }

  452.         return false;

  453.     }

  454. 

  455.     $emptyquads = 0;

  456.     for ($i = 1; $i < $numquads - 1; $i++) {

  457.         if ($quads[$i] == "")

  458.             $emptyquads++;

  459.     }

  460. 

  461.     if ($emptyquads > 1) {

  462.         if ($answer) {

  463.             error(ERR_DNS_IPV6);

  464.         }

  465.         return false;

  466.     }

  467. 

  468.     if ($emptyquads == 0 && $numquads != 8) {

  469.         if ($answer) {

  470.             error(ERR_DNS_IPV6);

  471.         }

  472.         return false;

  473.     }

  474. 

  475.     return true;

  476. }

  477. 

  478. /** Test if multiple IP addresses are valid

  479.  *

  480.  *  Takes a string of comma seperated IP addresses and tests validity

  481.  *

  482.  *  @param string $ips Comma seperated IP addresses

  483.  *

  484.  *  @return boolean true if valid, false otherwise

  485.  */

  486. function are_multipe_valid_ips($ips) {

  487. 

  488. // multiple master NS-records are permitted and must be separated by ,

  489. // eg. "192.0.0.1, 192.0.0.2, 2001:1::1"

  490. 

  491.     $are_valid = false;

  492.     $multiple_ips = explode(",", $ips);

  493.     if (is_array($multiple_ips)) {

  494.         foreach ($multiple_ips as $m_ip) {

  495.             $trimmed_ip = trim($m_ip);

  496.             if (is_valid_ipv4($trimmed_ip, false) || is_valid_ipv6($trimmed_ip, true)) {

  497.                 $are_valid = true;

  498.             } else {

  499.                 // as soon there is an invalid ip-addr

  500.                 // exit and return false

  501.                 echo "hin:=$trimmed_ip=";

  502.                 return false;

  503.             }

  504.         }

  505.     } elseif (is_valid_ipv4($ips) || is_valid_ipv6($ips)) {

  506.         $are_valid = true;

  507.     }

  508.     if ($are_valid) {

  509.         return true;

  510.     } else {

  511.         return false;

  512.     }

  513. }

  514. 

  515. /** Test if string is printable

  516.  *

  517.  * @param string $string string

  518.  *

  519.  * @return boolean true if valid, false otherwise

  520.  */

  521. function is_valid_printable($string) {

  522.     if (!preg_match('/^[[:print:]]+$/', trim($string))) {

  523.         error(ERR_DNS_PRINTABLE);

  524.         return false;

  525.     }

  526.     return true;

  527. }

  528. 

  529. /** Test if CNAME is valid

  530.  *

  531.  * Check if any MX or NS entries exist which invalidated CNAME

  532.  *

  533.  * @param string $name CNAME to lookup

  534.  *

  535.  * @return boolean true if valid, false otherwise

  536.  */

  537. function is_valid_rr_cname_name($name) {

  538.     global $db;

  539. 

  540.     $query = "SELECT id FROM records

  541. 			WHERE content = " . $db->quote($name, 'text') . "

  542. 			AND (type = " . $db->quote('MX', 'text') . " OR type = " . $db->quote('NS', 'text') . ")";

  543. 

  544.     $response = $db->queryOne($query);

  545. 

  546.     if (!empty($response)) {

  547.         error(ERR_DNS_CNAME);

  548.         return false;

  549.     }

  550. 

  551.     return true;

  552. }

  553. 

  554. /** Check if CNAME already exists

  555.  *

  556.  * @param string $name CNAME

  557.  * @param int $rid Record ID

  558.  *

  559.  * @return boolean true if non-existant, false if exists

  560.  */

  561. function is_valid_rr_cname_exists($name, $rid) {

  562.     global $db;

  563. 

  564.     $where = ($rid > 0 ? " AND id != " . $db->quote($rid, 'integer') : '');

  565.     $query = "SELECT id FROM records

  566.                         WHERE name = " . $db->quote($name, 'text') . $where . "

  567.                         AND TYPE = 'CNAME'";

  568. 

  569.     $response = $db->queryOne($query);

  570.     if ($response) {

  571.         error(ERR_DNS_CNAME_EXISTS);

  572.         return false;

  573.     }

  574.     return true;

  575. }

  576. 

  577. /** Check if CNAME is unique (doesn't overlap A/AAAA)

  578.  *

  579.  * @param string $name CNAME

  580.  * @param string $rid Record ID

  581.  *

  582.  * @return boolean true if unique, false if duplicate

  583.  */

  584. function is_valid_rr_cname_unique($name, $rid) {

  585.     global $db;

  586. 

  587.     $where = ($rid > 0 ? " AND id != " . $db->quote($rid, 'integer') : '');

  588.     $query = "SELECT id FROM records

  589.                         WHERE name = " . $db->quote($name, 'text') . $where . "

  590.                         AND TYPE IN ('A', 'AAAA', 'CNAME')";

  591. 

  592.     $response = $db->queryOne($query);

  593.     if ($response) {

  594.         error(ERR_DNS_CNAME_UNIQUE);

  595.         return false;

  596.     }

  597.     return true;

  598. }

  599. 

  600. /**

  601.  * Check that the zone does not have a empty CNAME RR

  602.  *

  603.  * @param string $name

  604.  * @param string $zone

  605.  */

  606. function is_not_empty_cname_rr($name, $zone) {

  607. 

  608.     if ($name == $zone) {

  609.         error(ERR_DNS_CNAME_EMPTY);

  610.         return false;

  611.     }

  612.     return true;

  613. }

  614. 

  615. /** Check if target is not a CNAME

  616.  *

  617.  * @param string $target target to check

  618.  *

  619.  * @return boolean true if not alias, false if CNAME exists

  620.  */

  621. function is_valid_non_alias_target($target) {

  622.     global $db;

  623. 

  624.     $query = "SELECT id FROM records

  625. 			WHERE name = " . $db->quote($target, 'text') . "

  626. 			AND TYPE = " . $db->quote('CNAME', 'text');

  627. 

  628.     $response = $db->queryOne($query);

  629.     if ($response) {

  630.         error(ERR_DNS_NON_ALIAS_TARGET);

  631.         return false;

  632.     }

  633.     return true;

  634. }

  635. 

  636. /** Check if HINFO content is valid

  637.  *

  638.  * @param string $content HINFO record content

  639.  *

  640.  * @return boolean true if valid, false otherwise

  641.  */

  642. function is_valid_rr_hinfo_content($content) {

  643. 

  644.     if ($content[0] == "\"") {

  645.         $fields = preg_split('/(?<=") /', $content, 2);

  646.     } else {

  647.         $fields = preg_split('/ /', $content, 2);

  648.     }

  649. 

  650.     for ($i = 0; ($i < 2); $i++) {

  651.         if (!preg_match("/^([^\s]{1,1000})|\"([^\"]{1,998}\")$/i", $fields[$i])) {

  652.             error(ERR_DNS_HINFO_INV_CONTENT);

  653.             return false;

  654.         }

  655.     }

  656. 

  657.     return true;

  658. }

  659. 

  660. /** Check if SOA content is valid

  661.  *

  662.  * @param mixed $content SOA record content

  663.  *

  664.  * @return boolean true if valid, false otherwise

  665.  */

  666. function is_valid_rr_soa_content(&$content) {

  667. 

  668.     $fields = preg_split("/\s+/", trim($content));

  669.     $field_count = count($fields);

  670. 

  671.     if ($field_count == 0 || $field_count > 7) {

  672.         return false;

  673.     } else {

  674.         if (!is_valid_hostname_fqdn($fields[0], 0) || preg_match('/\.arpa\.?$/', $fields[0])) {

  675.             return false;

  676.         }

  677.         $final_soa = $fields[0];

  678. 

  679.         if (isset($fields[1])) {

  680.             $addr_input = $fields[1];

  681.         } else {

  682.             global $dns_hostmaster;

  683.             $addr_input = $dns_hostmaster;

  684.         }

  685.         if (!preg_match("/@/", $addr_input)) {

  686.             $addr_input = preg_split('/(?<!\\\)\./', $addr_input, 2);

  687.             $addr_to_check = str_replace("\\", "", $addr_input[0]) . "@" . $addr_input[1];

  688.         } else {

  689.             $addr_to_check = $addr_input;

  690.         }

  691. 

  692.         if (!is_valid_email($addr_to_check)) {

  693.             return false;

  694.         } else {

  695.             $addr_final = explode('@', $addr_to_check, 2);

  696.             $final_soa .= " " . str_replace(".", "\\.", $addr_final[0]) . "." . $addr_final[1];

  697.         }

  698. 

  699.         if (isset($fields[2])) {

  700.             if (!is_numeric($fields[2])) {

  701.                 return false;

  702.             }

  703.             $final_soa .= " " . $fields[2];

  704.         } else {

  705.             $final_soa .= " 0";

  706.         }

  707. 

  708.         if ($field_count != 7) {

  709.             return false;

  710.         } else {

  711.             for ($i = 3; ($i < 7); $i++) {

  712.                 if (!is_numeric($fields[$i])) {

  713.                     return false;

  714.                 } else {

  715.                     $final_soa .= " " . $fields[$i];

  716.                 }

  717.             }

  718.         }

  719.     }

  720.     $content = $final_soa;

  721.     return true;

  722. }

  723. 

  724. /** Check if SOA name is valid

  725.  *

  726.  * Checks if SOA name = zone name

  727.  *

  728.  * @param string $name SOA name

  729.  * @param string $zone Zone name

  730.  *

  731.  * @return boolean true if valid, false otherwise

  732.  */

  733. function is_valid_rr_soa_name($name, $zone) {

  734.     if ($name != $zone) {

  735.         error(ERR_DNS_SOA_NAME);

  736.         return false;

  737.     }

  738.     return true;

  739. }

  740. 

  741. /** Check if Priority is valid

  742.  *

  743.  * Check if MX or SRV priority is within range, otherwise set to 0

  744.  *

  745.  * @param mixed $prio Priority

  746.  * @param string $type Record type

  747.  *

  748.  * @return boolean true if valid, false otherwise

  749.  */

  750. function is_valid_rr_prio(&$prio, $type) {

  751.     if ($type == "MX" || $type == "SRV") {

  752.         if (!is_numeric($prio) || $prio < 0 || $prio > 65535) {

  753.             error(ERR_DNS_INV_PRIO);

  754.             return false;

  755.         }

  756.     } else {

  757.         $prio = 0;

  758.     }

  759. 

  760.     return true;

  761. }

  762. 

  763. /** Check if SRV name is valid

  764.  *

  765.  * @param mixed $name SRV name

  766.  *

  767.  * @return boolean true if valid, false otherwise

  768.  */

  769. function is_valid_rr_srv_name(&$name) {

  770. 

  771.     if (strlen($name) > 255) {

  772.         error(ERR_DNS_HN_TOO_LONG);

  773.         return false;

  774.     }

  775. 

  776.     $fields = explode('.', $name, 3);

  777.     if (!preg_match('/^_[\w-]+$/i', $fields[0])) {

  778.         error(ERR_DNS_SRV_NAME);

  779.         return false;

  780.     }

  781.     if (!preg_match('/^_[\w]+$/i', $fields[1])) {

  782.         error(ERR_DNS_SRV_NAME);

  783.         return false;

  784.     }

  785.     if (!is_valid_hostname_fqdn($fields[2], 0)) {

  786.         error(ERR_DNS_SRV_NAME);

  787.         return false;

  788.     }

  789.     $name = join('.', $fields);

  790.     return true;

  791. }

  792. 

  793. /** Check if SRV content is valid

  794.  *

  795.  * @param mixed $content SRV content

  796.  *

  797.  * @return boolean true if valid, false otherwise

  798.  */

  799. function is_valid_rr_srv_content(&$content) {

  800.     $fields = preg_split("/\s+/", trim($content), 3);

  801.     if (!is_numeric($fields[0]) || $fields[0] < 0 || $fields[0] > 65535) {

  802.         error(ERR_DNS_SRV_WGHT);

  803.         return false;

  804.     }

  805.     if (!is_numeric($fields[1]) || $fields[1] < 0 || $fields[1] > 65535) {

  806.         error(ERR_DNS_SRV_PORT);

  807.         return false;

  808.     }

  809.     if ($fields[2] == "" || ($fields[2] != "." && !is_valid_hostname_fqdn($fields[2], 0))) {

  810.         error(ERR_DNS_SRV_TRGT);

  811.         return false;

  812.     }

  813.     $content = join(' ', $fields);

  814.     return true;

  815. }

  816. 

  817. /** Check if TTL is valid and within range

  818.  *

  819.  * @param int $ttl TTL

  820.  *

  821.  * @return boolean true if valid,false otherwise

  822.  */

  823. function is_valid_rr_ttl(&$ttl) {

  824. 

  825.     if (!isset($ttl) || $ttl == "") {

  826.         global $dns_ttl;

  827.         $ttl = $dns_ttl;

  828.     }

  829. 

  830.     if (!is_numeric($ttl) || $ttl < 0 || $ttl > 2147483647) {

  831.         error(ERR_DNS_INV_TTL);

  832.         return false;

  833.     }

  834. 

  835.     return true;

  836. }

  837. 

  838. /** Check if search string is valid

  839.  *

  840.  * @param string $search_string search string

  841.  *

  842.  * @return boolean true if valid, false otherwise

  843.  */

  844. function is_valid_search($search_string) {

  845. 

  846.     // Only allow for alphanumeric, numeric, dot, dash, underscore and

  847.     // percent in search string. The last two are wildcards for SQL.

  848.     // Needs extension probably for more usual record types.

  849. 

  850.     return preg_match('/^[a-z0-9.\-%_]+$/i', $search_string);

  851. }

  852. 

  853. /** Check if SPF content is valid

  854.  *

  855.  * @param string $content SPF content

  856.  *

  857.  * @return boolean true if valid, false otherwise

  858.  */

  859. function is_valid_spf($content) {

  860.     //Regex from http://www.schlitt.net/spf/tests/spf_record_regexp-03.txt

  861.     $regex = "^[Vv]=[Ss][Pp][Ff]1( +([-+?~]?([Aa][Ll][Ll]|[Ii][Nn][Cc][Ll][Uu][Dd][Ee]:(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\})|[Aa](:(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}))?((/([1-9]|1[0-9]|2[0-9]|3[0-2]))?(//([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8]))?)?|[Mm][Xx](:(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}))?((/([1-9]|1[0-9]|2[0-9]|3[0-2]))?(//([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8]))?)?|[Pp][Tt][Rr](:(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}))?|[Ii][Pp]4:([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(/([1-9]|1[0-9]|2[0-9]|3[0-2]))?|[Ii][Pp]6:(::|([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4}|([0-9A-Fa-f]{1,4}:){1,8}:|([0-9A-Fa-f]{1,4}:){7}:[0-9A-Fa-f]{1,4}|([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}){1,2}|([0-9A-Fa-f]{1,4}:){5}(:[0-9A-Fa-f]{1,4}){1,3}|([0-9A-Fa-f]{1,4}:){4}(:[0-9A-Fa-f]{1,4}){1,4}|([0-9A-Fa-f]{1,4}:){3}(:[0-9A-Fa-f]{1,4}){1,5}|([0-9A-Fa-f]{1,4}:){2}(:[0-9A-Fa-f]{1,4}){1,6}|[0-9A-Fa-f]{1,4}:(:[0-9A-Fa-f]{1,4}){1,7}|:(:[0-9A-Fa-f]{1,4}){1,8}|([0-9A-Fa-f]{1,4}:){6}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|([0-9A-Fa-f]{1,4}:){6}:([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|[0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])|::([0-9A-Fa-f]{1,4}:){0,6}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))(/([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8]))?|[Ee][Xx][Ii][Ss][Tt][Ss]:(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}))|[Rr][Ee][Dd][Ii][Rr][Ee][Cc][Tt]=(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\})|[Ee][Xx][Pp]=(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*(\.([A-Za-z]|[A-Za-z]([-0-9A-Za-z]?)*[0-9A-Za-z])|%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\})|[A-Za-z][-.0-9A-Z_a-z]*=(%\{[CDHILOPR-Tcdhilopr-t]([1-9][0-9]?|10[0-9]|11[0-9]|12[0-8])?[Rr]?[+-/=_]*\}|%%|%_|%-|[!-$&-~])*))* *$^";

  862.     if (!preg_match($regex, $content)) {

  863.         return false;

  864.     } else {

  865.         return true;

  866.     }

  867. }

  868. 

  869. /** Check if LOC content is valid

  870.  *

  871.  * @param string $content LOC content

  872.  *

  873.  * @return boolean true if valid, false otherwise

  874.  */

  875. function is_valid_loc($content) {

  876.     $regex = "^(90|[1-8]\d|0?\d)( ([1-5]\d|0?\d)( ([1-5]\d|0?\d)(\.\d{1,3})?)?)? [NS] (180|1[0-7]\d|[1-9]\d|0?\d)( ([1-5]\d|0?\d)( ([1-5]\d|0?\d)(\.\d{1,3})?)?)? [EW] (-(100000(\.00)?|\d{1,5}(\.\d\d)?)|([1-3]?\d{1,7}(\.\d\d)?|4([01][0-9]{6}|2([0-7][0-9]{5}|8([0-3][0-9]{4}|4([0-8][0-9]{3}|9([0-5][0-9]{2}|6([0-6][0-9]|7[01]))))))(\.\d\d)?|42849672(\.([0-8]\d|9[0-5]))?))[m]?( (\d{1,7}|[1-8]\d{7})(\.\d\d)?[m]?){0,3}$^";

  877.     if (!preg_match($regex, $content)) {

  878.         return false;

  879.     } else {

  880.         return true;

  881.     }

  882. }