yosoyhendrix
/
hestiacp
зеркало из https://github.com/hestiacp/hestiacp


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300
							<?php
use function Hestiacp\quoteshellarg\quoteshellarg;

ob_start();
$TAB = 'DNS';

// Main include
include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// List ip addresses
exec(HESTIA_CMD."v-list-user-ips ".$user." json", $output, $return_var);
$v_ips = json_decode(implode('', $output), true);
unset($output);

// Check POST request for dns domain
if (!empty($_POST['ok'])) {

    // Check token
    verify_csrf($_POST);

    // Check empty fields
    if (empty($_POST['v_domain'])) {
        $errors[] = _('domain');
    }
    if (empty($_POST['v_ip'])) {
        $errors[] = _('ip');
    }
    if (!empty($errors[0])) {
        foreach ($errors as $i => $error) {
            if ($i == 0) {
                $error_msg = $error;
            } else {
                $error_msg = $error_msg.", ".$error;
            }
        }
        $_SESSION['error_msg'] = sprintf(_('Field "%s" can not be blank.'), $error_msg);
    }

    // Protect input
    $v_domain = preg_replace("/^www./i", "", $_POST['v_domain']);
    $v_domain = quoteshellarg($v_domain);
    $v_domain = strtolower($v_domain);
    $v_ip = $_POST['v_ip'];
    // Change NameServers
    if (empty($_POST['v_ns1'])) {
        $_POST['v_ns1'] = '';
    }
    if (empty($_POST['v_ns2'])) {
        $_POST['v_ns2'] = '';
    }
    if (empty($_POST['v_ns3'])) {
        $_POST['v_ns3'] = '';
    }
    if (empty($_POST['v_ns4'])) {
        $_POST['v_ns4'] = '';
    }
    if (empty($_POST['v_ns5'])) {
        $_POST['v_ns5'] = '';
    }
    if (empty($_POST['v_ns6'])) {
        $_POST['v_ns6'] = '';
    }
    if (empty($_POST['v_ns7'])) {
        $_POST['v_ns7'] = '';
    }
    if (empty($_POST['v_ns8'])) {
        $_POST['v_ns8'] = '';
    }
    if (empty($_POST['v_dnssec'])) {
        $_POST['v_dnssec'] = 'no';
    }
    $v_ns1 = quoteshellarg($_POST['v_ns1']);
    $v_ns2 = quoteshellarg($_POST['v_ns2']);
    $v_ns3 = quoteshellarg($_POST['v_ns3']);
    $v_ns4 = quoteshellarg($_POST['v_ns4']);
    $v_ns5 = quoteshellarg($_POST['v_ns5']);
    $v_ns6 = quoteshellarg($_POST['v_ns6']);
    $v_ns7 = quoteshellarg($_POST['v_ns7']);
    $v_ns8 = quoteshellarg($_POST['v_ns8']);
    $v_dnssec = quoteshellarg($_POST['v_dnssec']);

    // Add dns domain
    if (empty($_SESSION['error_msg'])) {
        exec(HESTIA_CMD."v-add-dns-domain ".$user." ".$v_domain." ".quoteshellarg($v_ip)." ".$v_ns1." ".$v_ns2." ".$v_ns3." ".$v_ns4." ".$v_ns5."  ".$v_ns6."  ".$v_ns7." ".$v_ns8." no ".$v_dnssec, $output, $return_var);
        check_return_code($return_var, $output);
        unset($output);
    }
    exec(HESTIA_CMD."v-list-user ".$user." json", $output, $return_var);
    $user_config = json_decode(implode('', $output), true);
    unset($output);
    $v_template = $user_config[$user_plain]['DNS_TEMPLATE'];

    if (($v_template != $_POST['v_template']) && (empty($_SESSION['error_msg']))) {
        $v_template = quoteshellarg($_POST['v_template']);
        exec(HESTIA_CMD."v-change-dns-domain-tpl ".$user." ".$v_domain." ".$v_template." 'no'", $output, $return_var);
        check_return_code($return_var, $output);
        unset($output);
    }

    // Set expiration date
    if (empty($_SESSION['error_msg'])) {
        if ((!empty($_POST['v_exp'])) && ($_POST['v_exp'] != date('Y-m-d', strtotime('+1 year')))) {
            $v_exp = quoteshellarg($_POST['v_exp']);
            exec(HESTIA_CMD."v-change-dns-domain-exp ".$user." ".$v_domain." ".$v_exp." no", $output, $return_var);
            check_return_code($return_var, $output);
            unset($output);
        }
    }

    // Set ttl
    if (empty($_SESSION['error_msg'])) {
        if ((!empty($_POST['v_ttl'])) && ($_POST['v_ttl'] != '14400') && (empty($_SESSION['error_msg']))) {
            $v_ttl = quoteshellarg($_POST['v_ttl']);
            exec(HESTIA_CMD."v-change-dns-domain-ttl ".$user." ".$v_domain." ".$v_ttl." no", $output, $return_var);
            check_return_code($return_var, $output);
            unset($output);
        }
    }

    // Restart dns server
    if (empty($_SESSION['error_msg'])) {
        exec(HESTIA_CMD."v-restart-dns", $output, $return_var);
        check_return_code($return_var, $output);
        unset($output);
    }

    // Flush field values on success
    if (empty($_SESSION['error_msg'])) {
        $_SESSION['ok_msg'] = sprintf(_('DNS_DOMAIN_CREATED_OK'), htmlentities($_POST['v_domain']), htmlentities($_POST['v_domain']));
        unset($v_domain);
    }
}


// Check POST request for dns record
if (!empty($_POST['ok_rec'])) {

    // Check token
    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
        header('location: /login/');
        exit();
    }

    // Check empty fields
    if (empty($_POST['v_domain'])) {
        $errors[] = 'domain';
    }
    if (empty($_POST['v_rec'])) {
        $errors[] = 'record';
    }
    if (empty($_POST['v_type'])) {
        $errors[] = 'type';
    }
    if (empty($_POST['v_val'])) {
        $errors[] = 'value';
    }
    if (!empty($errors[0])) {
        foreach ($errors as $i => $error) {
            if ($i == 0) {
                $error_msg = $error;
            } else {
                $error_msg = $error_msg.", ".$error;
            }
        }
        $_SESSION['error_msg'] = sprintf(_('Field "%s" can not be blank.'), $error_msg);
    }

    // Protect input
    $v_domain = quoteshellarg($_POST['v_domain']);
    $v_rec = quoteshellarg($_POST['v_rec']);
    $v_type = quoteshellarg($_POST['v_type']);
    $v_val = quoteshellarg($_POST['v_val']);
    $v_priority = quoteshellarg($_POST['v_priority']);
    $v_ttl = quoteshellarg($_POST['v_ttl']);

    // Add dns record
    if (empty($_SESSION['error_msg'])) {
        exec(HESTIA_CMD."v-add-dns-record ".$user." ".$v_domain." ".$v_rec." ".$v_type." ".$v_val." ".$v_priority." '' yes ".$v_ttl, $output, $return_var);
        check_return_code($return_var, $output);
        unset($output);
    }
    $v_type = $_POST['v_type'];

    // Flush field values on success
    if (empty($_SESSION['error_msg'])) {
        $_SESSION['ok_msg'] = sprintf(_('DNS_RECORD_CREATED_OK'), htmlentities($_POST['v_rec']), htmlentities($_POST['v_domain']));
        unset($v_domain);
        unset($v_rec);
        unset($v_val);
        unset($v_priority);
        unset($v_dnssec);
    }
}

if (empty($v_ns1)) {
    $v_ns1 = '';
}
if (empty($v_ns2)) {
    $v_ns2 = '';
}
if (empty($v_ns3)) {
    $v_ns3 = '';
}
if (empty($v_ns4)) {
    $v_ns4 = '';
}
if (empty($v_ns5)) {
    $v_ns5 = '';
}
if (empty($v_ns6)) {
    $v_ns6 = '';
}
if (empty($v_ns7)) {
    $v_ns7 = '';
}
if (empty($v_ns8)) {
    $v_ns8 = '';
}

$v_ns1 = str_replace("'", "", $v_ns1);
$v_ns2 = str_replace("'", "", $v_ns2);
$v_ns3 = str_replace("'", "", $v_ns3);
$v_ns4 = str_replace("'", "", $v_ns4);
$v_ns5 = str_replace("'", "", $v_ns5);
$v_ns6 = str_replace("'", "", $v_ns6);
$v_ns7 = str_replace("'", "", $v_ns7);
$v_ns8 = str_replace("'", "", $v_ns8);

if (empty($v_ip) && count($v_ips) > 0) {
    $ip = array_key_first($v_ips);
    $v_ip = (empty($v_ips[$ip]['NAT']) ? $ip : $v_ips[$ip]['NAT']);
}

// List dns templates
exec(HESTIA_CMD."v-list-dns-templates json", $output, $return_var);
$templates = json_decode(implode('', $output), true);
unset($output);

exec(HESTIA_CMD."v-list-user ".$user." json", $output, $return_var);
$user_config = json_decode(implode('', $output), true);
unset($output);
$v_template = $user_config[$user_plain]['DNS_TEMPLATE'];

if (empty($_GET['domain'])) {
    // Display body for dns domain

    if (empty($v_ttl)) {
        $v_ttl = 14400;
    }
    if (empty($v_exp)) {
        $v_exp = date('Y-m-d', strtotime('+1 year'));
    }
    if (empty($v_ns1)) {
        exec(HESTIA_CMD."v-list-user-ns ".$user." json", $output, $return_var);
        $nameservers = json_decode(implode('', $output), true);
        for ($i = 0; $i < 8; $i++) {
            if (empty($nameservers[$i])) {
                $nameservers[$i] = '';
            }
        }
        $v_ns1 = str_replace("'", "", $nameservers[0]);
        $v_ns2 = str_replace("'", "", $nameservers[1]);
        $v_ns3 = str_replace("'", "", $nameservers[2]);
        $v_ns4 = str_replace("'", "", $nameservers[3]);
        $v_ns5 = str_replace("'", "", $nameservers[4]);
        $v_ns6 = str_replace("'", "", $nameservers[5]);
        $v_ns7 = str_replace("'", "", $nameservers[6]);
        $v_ns8 = str_replace("'", "", $nameservers[7]);
        unset($output);
    }

    render_page($user, $TAB, 'add_dns');
} else {
    // Display body for dns record
    $v_domain = $_GET['domain'];
    if (empty($v_rec)) {
        $v_rec = '@';
    }
    if (empty($v_type)) {
        $v_type = '';
    }
    if (empty($v_val)) {
        $v_val = '';
    }
    if (empty($v_priority)) {
        $v_priority = '';
    }
    if (empty($v_ttl)) {
        $v_ttl = '';
    }
    if (empty($v_dnssec)) {
        $v_dnssec = '';
    }
    render_page($user, $TAB, 'add_dns_rec');
}


// Flush session messages
unset($_SESSION['error_msg']);
unset($_SESSION['ok_msg']);