deblan/pdnsmanager
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Removed spaces from empty lines

Browse source
This commit is contained in:
Maurice Meyer 2017-07-20 16:22:46 +02:00
parent 39dd3f86c6
commit b1a06a8684
42 changed files with 0 additions and 756 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
README.md
View file

@ -1,22 +1,16 @@
# PDNS Manager
[PDNS Manager](https://pdnsmanager.lmitsystems.de) is a simple yet powerful free administration tool for the
Powerdns authoritative nameserver. It supports master and native zones.
PNDS Manager was developed from scratch to achieve a user-friendly
and pretty looking interface.
PDNS Manager also features a powerful API to set records programatically.
This can be used e.g. for a dynamic DNS service, but also to obtain certificates
from [Let's Encrypt](https://letsencrypt.org/) via the dns-01 challenge.
PDNS Manager is written in PHP using [Bootstrap](http://getbootstrap.com/)
and [jQuery](http://jquery.com/). The backend uses a MySQL/Maria DB or Postgres
database. The database is also used by Powerdns using the pdns-backend-mysql or
pdns-backend-pgsql backend.
## More information
You can find more information and documentation as well as contact information on [pdnsmanager.lmitsystems.de](https://pdnsmanager.lmitsystems.de). There are also some tutorials to get you quickly up and running.
## Contribute
If you are looking for a new feature or you found a bug, feel free to create a pull request or open a issue.

13
add-domain.php
View file

@ -1,13 +1,10 @@
<!DOCTYPE html>
<!--
Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@ -23,14 +20,11 @@ limitations under the License.
<title>PDNS Manager - Domains</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="include/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<link href="include/bootstrap/css/bootstrap-theme.min.css" rel="stylesheet">
<link href="include/custom.css" rel="stylesheet">
<script src="include/jquery.js"></script>
<script src="include/bootstrap/js/bootstrap.min.js"></script>
<script src="js/add-domain.js"></script>
</head>
<body>
@ -47,13 +41,10 @@ limitations under the License.
</ul>
</div>
</nav>
<div class="container">
<row>
<h2 id="domain-name">Add Domain</h2>
</row>
<row>
<form>
<div class="col-md-3">
@ -71,7 +62,6 @@ limitations under the License.
</div>
<button id="zone-button-add" class="btn btn-primary" tabindex="8">Add</button>
</div>
<div class="col-md-2 col-md-offset-1">
<div class="form-group">
<label for="zone-refresh" class="control-label">Refresh</label>
@ -82,7 +72,6 @@ limitations under the License.
<input type="text" class="form-control" id="zone-retry" placeholder="Retry" autocomplete="off" data-regex="^[0-9]+$" tabindex="5" value="900">
</div>
</div>
<div class="col-md-2 col-md-offset-1">
<div class="form-group">
<label for="zone-expire" class="control-label">Expire</label>
@ -95,9 +84,7 @@ limitations under the License.
</div>
</form>
</row>
</div>
<?php echo '<span class="hidden" id="csrfToken">' . $_SESSION['csrfToken'] . '</span>'; ?>
</body>
</html>

15
api/add-domain.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,24 +14,19 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../config/config-default.php';
require_once '../lib/database.php';
require_once '../lib/session.php';
require_once '../lib/soa-mail.php';
$input = json_decode(file_get_contents('php://input'));
if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
echo "Permission denied!";
exit();
}
if(!isset($_SESSION['type']) || $_SESSION['type'] != "admin") {
echo "Permission denied!";
exit();
}
if(isset($input->action) && $input->action == "addDomain") {
$soaData = Array();
$soaData[] = strtolower(preg_replace('/\s+/', '', $input->primary));
@ -42,37 +36,28 @@ if(isset($input->action) && $input->action == "addDomain") {
$soaData[] = $input->retry;
$soaData[] = $input->expire;
$soaData[] = $input->ttl;
$domainsName = strtolower(preg_replace('/\s+/', '', $input->name));
$soaContent = implode(" ", $soaData);
$db->beginTransaction();
$stmt = $db->prepare("INSERT INTO domains(name,type) VALUES (:name,:type)");
$stmt->bindValue(':name', $domainsName, PDO::PARAM_STR);
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
$stmt->execute();
$stmt = $db->prepare("SELECT MAX(id) FROM domains WHERE name=:name AND type=:type");
$stmt->bindValue(':name', $domainsName, PDO::PARAM_STR);
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
$stmt->execute();
$newDomainId = $stmt->fetchColumn();
$stmt = $db->prepare("INSERT INTO records(domain_id,name,type,content,ttl) VALUES (:domain_id,:name,'SOA',:content,:ttl)");
$stmt->bindValue(':domain_id', $newDomainId, PDO::PARAM_INT);
$stmt->bindValue(':name', $domainsName, PDO::PARAM_STR);
$stmt->bindValue(':content', $soaContent, PDO::PARAM_STR);
$stmt->bindValue(':ttl', $input->ttl, PDO::PARAM_INT);
$stmt->execute();
$db->commit();
$retval = Array();
$retval['newId'] = $newDomainId;
}
if(isset($retval)) {
echo json_encode($retval);
} else {

34
api/domains.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,25 +14,20 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../config/config-default.php';
require_once '../lib/database.php';
require_once '../lib/session.php';
$input = json_decode(file_get_contents('php://input'));
if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
echo "Permission denied!";
exit();
}
if(isset($input->action) && $input->action == "getDomains") {
// Check if the requested page is a number
if(!(isset($input->page) && is_int($input->page) && $input->page > 0)) {
echo "Requested page must be a positive number!";
exit();
}
// Here we get the number of matching records
$sql = "
SELECT COUNT(*) AS anzahl
@ -43,9 +37,7 @@ if(isset($input->action) && $input->action == "getDomains") {
(D.name LIKE :name1 OR :name2) AND
(D.type=:type1 OR :type2)
";
$stmt = $db->prepare($sql);
if(isset($input->name)) {
$name_filter = "%" . $input->name . "%";
$name_filter_used = 0;
@ -53,10 +45,8 @@ if(isset($input->action) && $input->action == "getDomains") {
$name_filter = "";
$name_filter_used = 1;
}
$id_filter = $_SESSION['id'];
$id_filter_used = (int)($_SESSION['type'] == "admin" ? 1 : 0);
if(isset($input->type)) {
$type_filter = $input->type;
$type_filter_used = 0;
@ -64,7 +54,6 @@ if(isset($input->action) && $input->action == "getDomains") {
$type_filter = "";
$type_filter_used = 1;
}
$stmt->bindValue(':user1', $id_filter, PDO::PARAM_STR);
$stmt->bindValue(':user2', $id_filter_used, PDO::PARAM_INT);
$stmt->bindValue(':name1', $name_filter, PDO::PARAM_STR);
@ -73,18 +62,13 @@ if(isset($input->action) && $input->action == "getDomains") {
$stmt->bindValue(':type2', $type_filter_used, PDO::PARAM_INT);
$stmt->execute();
$result = $stmt->fetchColumn();
if ($result == 0) {
$result = 1;
}
// Initialize the return value
$retval = Array();
$retval['pages']['current'] = $input->page;
$retval['pages']['total'] = ceil($result / $config['domain_rows']);
// Now the real search is done on the database
$sql = "
SELECT D.id,D.name,D.type,count(R.domain_id) AS records
@ -97,7 +81,6 @@ if(isset($input->action) && $input->action == "getDomains") {
(D.name LIKE :name1 OR :name2) AND
(D.type=:type1 OR :type2)
";
if(isset($input->sort->field) && $input->sort->field != "") {
if($input->sort->field == "id") {
$sql .= "ORDER BY id";
@ -108,7 +91,6 @@ if(isset($input->action) && $input->action == "getDomains") {
} else if($input->sort->field == "records") {
$sql .= "ORDER BY records";
}
if(isset($input->sort->order)) {
if($input->sort->order == 0) {
$sql .= " DESC";
@ -117,7 +99,6 @@ if(isset($input->action) && $input->action == "getDomains") {
}
}
}
/*
* Now the number of entries gets limited to the domainRows config value.
* SQL LIMIT and OFFSET is used for that:
@ -125,11 +106,8 @@ if(isset($input->action) && $input->action == "getDomains") {
* Note that LIMIT 5 OFFSET 0 returns the first five rows!
*/
$lower_limit = ($config['domain_rows'] * ($input->page - 1));
$sql .= " LIMIT " . $config['domain_rows'] . " OFFSET " . $lower_limit;
$stmt = $db->prepare($sql);
if(isset($input->name)) {
$name_filter = "%" . $input->name . "%";
$name_filter_used = 0;
@ -137,10 +115,8 @@ if(isset($input->action) && $input->action == "getDomains") {
$name_filter = "";
$name_filter_used = 1;
}
$id_filter = $_SESSION['id'];
$id_filter_used = (int)($_SESSION['type'] == "admin" ? 1 : 0);
if(isset($input->type)) {
$type_filter = $input->type;
$type_filter_used = 0;
@ -148,7 +124,6 @@ if(isset($input->action) && $input->action == "getDomains") {
$type_filter = "";
$type_filter_used = 1;
}
$stmt->bindValue(':user1', $id_filter, PDO::PARAM_STR);
$stmt->bindValue(':user2', $id_filter_used, PDO::PARAM_INT);
$stmt->bindValue(':name1', $name_filter, PDO::PARAM_STR);
@ -156,36 +131,27 @@ if(isset($input->action) && $input->action == "getDomains") {
$stmt->bindValue(':type1', $type_filter, PDO::PARAM_INT);
$stmt->bindValue(':type2', $type_filter_used, PDO::PARAM_INT);
$stmt->execute();
while($obj = $stmt->fetchObject()) {
$retval['data'][] = $obj;
}
}
if(isset($input->action) && $input->action == "deleteDomain") {
$domainId = $input->id;
$db->beginTransaction();
$stmt = $db->prepare("DELETE FROM permissions WHERE domain=:domain_id");
$stmt->bindValue(':domain_id', $domainId, PDO::PARAM_INT);
$stmt->execute();
$stmt = $db->prepare("DELETE FROM remote WHERE record IN (SELECT id FROM records WHERE domain_id=:domain_id)");
$stmt->bindValue(':domain_id', $domainId, PDO::PARAM_INT);
$stmt->execute();
$stmt = $db->prepare("DELETE FROM records WHERE domain_id=:domain_id");
$stmt->bindValue(':domain_id', $domainId, PDO::PARAM_INT);
$stmt->execute();
$stmt = $db->prepare("DELETE FROM domains WHERE id=:domain_id");
$stmt->bindValue(':domain_id', $domainId, PDO::PARAM_INT);
$stmt->execute();
$db->commit();
}
if(isset($retval)) {
echo json_encode($retval);
} else {

57
api/edit-master.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,20 +14,16 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../config/config-default.php';
require_once '../lib/database.php';
require_once '../lib/session.php';
require_once '../lib/soa-mail.php';
require_once '../lib/update-serial.php';
$input = json_decode(file_get_contents('php://input'));
if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
echo "Permission denied!";
exit();
}
//Permission check
if(isset($input->domain)) {
$permquery = $db->prepare("SELECT COUNT(*) FROM permissions WHERE userid=:user AND domain=:domain");
@ -43,11 +38,8 @@ if(isset($input->domain)) {
echo "Permission denied!";
exit();
}
//Action for getting Records
if(isset($input->action) && $input->action == "getRecords") {
$sql = "
SELECT id,name,type,content,ttl,prio AS priority
FROM records
@ -57,10 +49,8 @@ if(isset($input->action) && $input->action == "getRecords") {
(domain_id = :domain_id) AND
(type != 'SOA')
";
if(isset($input->type)) {
$sql .= " AND type IN(";
foreach($input->type as $filtertype) {
$filtertype = $db->escape_string($filtertype);
$sql .= "'" . $filtertype . "'" . ",";
@ -68,7 +58,6 @@ if(isset($input->action) && $input->action == "getRecords") {
$sql = rtrim($sql, ",");
$sql .= ")";
}
if(isset($input->sort->field) && $input->sort->field != "") {
if($input->sort->field == "id") {
$sql .= " ORDER BY id";
@ -83,7 +72,6 @@ if(isset($input->action) && $input->action == "getRecords") {
} else if($input->sort->field == "priority") {
$sql .= " ORDER BY prio";
}
if(isset($input->sort->order)) {
if($input->sort->order == 0) {
$sql .= " DESC";
@ -92,9 +80,7 @@ if(isset($input->action) && $input->action == "getRecords") {
}
}
}
$stmt = $db->prepare($sql);
if(isset($input->name)) {
$name_filter = "%" . $input->name . "%";
$name_filter_used = 0;
@ -102,7 +88,6 @@ if(isset($input->action) && $input->action == "getRecords") {
$name_filter = "";
$name_filter_used = 1;
}
if(isset($input->content)) {
$content_filter = "%" . $input->content . "%";
$content_filter_used = 0;
@ -110,38 +95,27 @@ if(isset($input->action) && $input->action == "getRecords") {
$content_filter = "";
$content_filter_used = 1;
}
$domainId = (int)$input->domain;
$stmt->bindValue(':name1', $name_filter, PDO::PARAM_STR);
$stmt->bindValue(':name2', $name_filter_used, PDO::PARAM_INT);
$stmt->bindValue(':content1', $content_filter, PDO::PARAM_STR);
$stmt->bindValue(':content2', $content_filter_used, PDO::PARAM_INT);
$stmt->bindValue(':domain_id', $domainId, PDO::PARAM_INT);
$stmt->execute();
$retval = Array();
while($obj = $stmt->fetchObject()) {
$retval[] = $obj;
}
}
//Action for getting SOA
if(isset($input->action) && $input->action == "getSoa") {
$domainId = (int)$input->domain;
$stmt = $db->prepare("SELECT content FROM records WHERE type='SOA' AND domain_id=:domain_id LIMIT 1");
$stmt->bindValue(':domain_id', $domainId, PDO::PARAM_INT);
$stmt->execute();
$content = $stmt->fetchColumn();
$content = explode(" ", $content);
$retval = Array();
$retval['primary'] = $content[0];
$retval['email'] = soa_to_mail($content[1]);
$retval['serial'] = $content[2];
@ -150,38 +124,27 @@ if(isset($input->action) && $input->action == "getSoa") {
$retval['expire'] = $content[5];
$retval['ttl'] = $content[6];
}
//Action for getting SOA Serial
if(isset($input->action) && $input->action == "getSerial") {
$domainId = (int)$input->domain;
$stmt = $db->prepare("SELECT content FROM records WHERE type='SOA' AND domain_id=:domain_id LIMIT 1");
$stmt->bindValue(':domain_id', $domainId, PDO::PARAM_INT);
$stmt->execute();
$content = $stmt->fetchColumn();
$content = explode(" ", $content);
$retval = Array();
$retval['serial'] = $content[2];
}
//Action for saving SOA
if(isset($input->action) && $input->action == "saveSoa") {
$domainId = (int)$input->domain;
$db->beginTransaction();
$stmt = $db->prepare("SELECT content FROM records WHERE type='SOA' AND domain_id=:domain_id LIMIT 1");
$stmt->bindValue(':domain_id', $domainId, PDO::PARAM_INT);
$stmt->execute();
$content = $stmt->fetchColumn();;
$content = explode(" ", $content);
$serial = $content[2];
$newsoa = strtolower(preg_replace('/\s+/', '', $input->primary)) . " ";
$newsoa .= strtolower(mail_to_soa(preg_replace('/\s+/', '', $input->email))) . " ";
$newsoa .= $serial . " ";
@ -189,26 +152,20 @@ if(isset($input->action) && $input->action == "saveSoa") {
$newsoa .= $input->retry . " ";
$newsoa .= $input->expire . " ";
$newsoa .= $input->ttl;
$stmt = $db->prepare("UPDATE records SET content=:content,ttl=:ttl WHERE type='SOA' AND domain_id=:domain_id");
$stmt->bindValue(':content', $newsoa, PDO::PARAM_STR);
$stmt->bindValue(':ttl', $input->ttl, PDO::PARAM_INT);
$stmt->bindValue(':domain_id', $domainId, PDO::PARAM_INT);
$stmt->execute();
$db->commit();
$retval = Array();
update_serial($db, $domainId);
}
//Action for saving Record
if(isset($input->action) && $input->action == "saveRecord") {
$domainId = $input->domain;
$recordName = strtolower(preg_replace('/\s+/', '', $input->name));
$recordContent = trim($input->content);
$stmt = $db->prepare("UPDATE records SET name=:name,type=:type,content=:content,ttl=:ttl,prio=:prio WHERE id=:id AND domain_id=:domain_id");
$stmt->bindValue(':name', $recordName, PDO::PARAM_STR);
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
@ -220,15 +177,12 @@ if(isset($input->action) && $input->action == "saveRecord") {
$stmt->execute();
update_serial($db, $domainId);
}
//Action for adding Record
if(isset($input->action) && $input->action == "addRecord") {
$domainId = $input->domain;
$recordName = strtolower(preg_replace('/\s+/', '', $input->name));
$recordContent = trim($input->content);
$db->beginTransaction();
$stmt = $db->prepare("INSERT INTO records (domain_id, name, type, content, prio, ttl) VALUES (:domain_id,:name,:type,:content,:prio,:ttl)");
$stmt->bindValue(':domain_id', $domainId, PDO::PARAM_INT);
$stmt->bindValue(':name', $recordName, PDO::PARAM_STR);
@ -237,7 +191,6 @@ if(isset($input->action) && $input->action == "addRecord") {
$stmt->bindValue(':ttl', $input->ttl, PDO::PARAM_INT);
$stmt->bindValue(':prio', $input->prio, PDO::PARAM_INT);
$stmt->execute();
$stmt = $db->prepare("SELECT MAX(id) FROM records WHERE domain_id=:domain_id AND name=:name AND type=:type AND content=:content AND prio=:prio AND ttl=:ttl");
$stmt->bindValue(':domain_id', $domainId, PDO::PARAM_INT);
$stmt->bindValue(':name', $recordName, PDO::PARAM_STR);
@ -247,41 +200,31 @@ if(isset($input->action) && $input->action == "addRecord") {
$stmt->bindValue(':prio', $input->prio, PDO::PARAM_INT);
$stmt->execute();
$newId = $stmt->fetchColumn();
$db->commit();
$retval = Array();
$retval['newId'] = $newId;
update_serial($db, $domainId);
}
//Action for removing Record
if(isset($input->action) && $input->action == "removeRecord") {
$domainId = $input->domain;
$recordId = $input->id;
$stmt = $db->prepare("DELETE FROM records WHERE id=:id AND domain_id=:domain_id");
$stmt->bindValue(':id', $recordId, PDO::PARAM_INT);
$stmt->bindValue(':domain_id', $domainId, PDO::PARAM_INT);
$stmt->execute();
update_serial($db, $domainId);
}
//Action for getting domain name
if(isset($input->action) && $input->action == "getDomainName") {
$domainId = $input->domain;
$stmt = $db->prepare("SELECT name FROM domains WHERE id=:id LIMIT 1");
$stmt->bindValue(':id', $domainId, PDO::PARAM_INT);
$stmt->execute();
$domainName = $stmt->fetchColumn();
$retval = Array();
$retval['name'] = $domainName;
}
if (isset($retval)) {
echo json_encode($retval);
} else {

24
api/edit-remote.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,18 +14,14 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../config/config-default.php';
require_once '../lib/database.php';
require_once '../lib/session.php';
$input = json_decode(file_get_contents('php://input'));
if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
echo "Permission denied!";
exit();
}
//Permission check
if(isset($input->record)) {
$permquery = $db->prepare("SELECT COUNT(*) FROM records JOIN permissions ON records.domain_id=permissions.domain WHERE userid=:user AND records.id=:id");
@ -41,48 +36,36 @@ if(isset($input->record)) {
echo "Permission denied!";
exit();
}
//Action for getting permission
if(isset($input->action) && $input->action == "getPermissions") {
$sql = "SELECT id, description, type FROM remote WHERE record=:record";
$stmt = $db->prepare($sql);
$stmt->bindValue(':record', $input->record, PDO::PARAM_INT);
$stmt->execute();
$retval = Array();
while($obj = $stmt->fetchObject()) {
$retval[] = $obj;
}
}
//Action for adding password
if(isset($input->action) && $input->action == "addPassword") {
$passwordHash = password_hash($input->password, PASSWORD_DEFAULT);
$sql = "INSERT INTO remote(record,description,type,security) VALUES (:record,:description,'password',:security)";
$stmt = $db->prepare($sql);
$stmt->bindValue(':record', $input->record, PDO::PARAM_INT);
$stmt->bindValue(':description', $input->description, PDO::PARAM_STR);
$stmt->bindValue(':security', $passwordHash, PDO::PARAM_STR);
$stmt->execute();
}
//Action for adding key
if(isset($input->action) && $input->action == "addKey") {
$sql = "INSERT INTO remote(record,description,type,security) VALUES (:record,:description,'key',:security)";
$stmt = $db->prepare($sql);
$stmt->bindValue(':record', $input->record, PDO::PARAM_INT);
$stmt->bindValue(':description', $input->description, PDO::PARAM_STR);
$stmt->bindValue(':security', $input->key, PDO::PARAM_STR);
$stmt->execute();
}
//Action for updating password
if(isset($input->action) && $input->action == "changePassword") {
if(isset($input->password)) {
@ -101,18 +84,15 @@ if(isset($input->action) && $input->action == "changePassword") {
$stmt->execute();
}
}
//Action for updating key
if(isset($input->action) && $input->action == "changeKey") {
$sql = "UPDATE remote SET description=:description,security=:security WHERE id=:id";
$stmt = $db->prepare($sql);
$stmt->bindValue(':description', $input->description, PDO::PARAM_STR);
$stmt->bindValue(':security', $input->key, PDO::PARAM_STR);
$stmt->bindValue(':id', $input->permission, PDO::PARAM_INT);
$stmt->execute();
}
//Action for getting key
if(isset($input->action) && $input->action == "getKey") {
$sql = "SELECT security FROM remote WHERE id=:id AND type='key' LIMIT 1";
@ -120,20 +100,16 @@ if(isset($input->action) && $input->action == "getKey") {
$stmt->bindValue(':id', $input->permission, PDO::PARAM_INT);
$stmt->execute();
$key = $stmt->fetchColumn();
$retval = Array();
$retval['key'] = $key;
}
//Action for deleting permission
if(isset($input->action) && $input->action == "deletePermission") {
$sql = "DELETE FROM remote WHERE id=:id";
$stmt = $db->prepare($sql);
$stmt->bindValue(':id', $input->permission, PDO::PARAM_INT);
$stmt->execute();
}
if(isset($retval)) {
echo json_encode($retval);
} else {

30
api/edit-user.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,47 +14,36 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../config/config-default.php';
require_once '../lib/database.php';
require_once '../lib/session.php';
$input = json_decode(file_get_contents('php://input'));
if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
echo "Permission denied!";
exit();
}
if(!isset($_SESSION['type']) || $_SESSION['type'] != "admin") {
echo "Permission denied!";
exit();
}
if(isset($input->action) && $input->action == "addUser") {
$passwordHash = password_hash($input->password, PASSWORD_DEFAULT);
$db->beginTransaction();
$stmt = $db->prepare("INSERT INTO users(name,password,type) VALUES (:name,:password,:type)");
$stmt->bindValue(':name', $input->name, PDO::PARAM_STR);
$stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR);
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
$stmt->execute();
$stmt = $db->prepare("SELECT MAX(id) FROM users WHERE name=:name AND password=:password AND type=:type");
$stmt->bindValue(':name', $input->name, PDO::PARAM_STR);
$stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR);
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
$stmt->execute();
$newUserId = $stmt->fetchColumn();
$db->commit();
$retval = Array();
$retval['newId'] = $newUserId;
}
if(isset($input->action) && $input->action == "getUserData") {
$stmt = $db->prepare("SELECT name,type FROM users WHERE id=:id LIMIT 1");
$stmt->bindValue(':id', $input->id, PDO::PARAM_INT);
@ -63,12 +51,10 @@ if(isset($input->action) && $input->action == "getUserData") {
$stmt->bindColumn('name', $userName);
$stmt->bindColumn('type', $userType);
$stmt->fetch(PDO::FETCH_BOUND);
$retval = Array();
$retval['name'] = $userName;
$retval['type'] = $userType;
}
if(isset($input->action) && $input->action == "saveUserChanges") {
if(isset($input->password)) {
$passwordHash = password_hash($input->password, PASSWORD_DEFAULT);
@ -86,61 +72,45 @@ if(isset($input->action) && $input->action == "saveUserChanges") {
$stmt->execute();
}
}
if(isset($input->action) && $input->action == "getPermissions") {
$stmt = $db->prepare("
SELECT D.id,D.name
FROM permissions P
JOIN domains D ON P.domain=D.id
WHERE P.userid=:user
");
$stmt->bindValue(':user', $input->id, PDO::PARAM_INT);
$stmt->execute();
$retval = Array();
while($obj = $stmt->fetchObject()) {
$retval[] = $obj;
}
}
if(isset($input->action) && $input->action == "removePermission") {
$stmt = $db->prepare("DELETE FROM permissions WHERE userid=:user AND domain=:domain");
$stmt->bindValue(':user', $input->userId, PDO::PARAM_INT);
$stmt->bindValue(':domain', $input->domainId, PDO::PARAM_INT);
$stmt->execute();
}
if(isset($input->action) && $input->action == "searchDomains" && isset($input->term)) {
$stmt = $db->prepare("SELECT id,name AS text FROM domains WHERE name LIKE :name AND id NOT IN(SELECT domain FROM permissions WHERE userid=:user)");
$searchTerm = "%" . $input->term . "%";
$stmt->bindValue(':name', $searchTerm, PDO::PARAM_STR);
$stmt->bindValue(':user', $input->userId, PDO::PARAM_INT);
$stmt->execute();
$retval = Array();
while($obj = $stmt->fetchObject()) {
$retval[] = $obj;
}
}
if(isset($input->action) && $input->action == "addPermissions") {
$stmt = $db->prepare("INSERT INTO permissions(userid,domain) VALUES (:user,:domain)");
foreach($input->domains as $domain) {
$stmt->bindValue(':user', $input->userId, PDO::PARAM_INT);
$stmt->bindValue(':domain', $domain, PDO::PARAM_INT);
$stmt->execute();
}
}
if(isset($retval)) {
echo json_encode($retval);
} else {

10
api/index.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,12 +14,9 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../config/config-default.php';
require_once '../lib/database.php';
$input = json_decode(file_get_contents('php://input'));
$stmt = $db->prepare("SELECT id,password,type FROM users WHERE name=:name LIMIT 1");
$stmt->bindValue(':name', $input->user, PDO::PARAM_STR);
$stmt->execute();
@ -28,23 +24,17 @@ $stmt->bindColumn('id', $id);
$stmt->bindColumn('password', $password);
$stmt->bindColumn('type', $type);
$stmt->fetch(PDO::FETCH_BOUND);
if (password_verify($input->password, $password)) {
$retval['status'] = "success";
session_start();
$_SESSION['id'] = $id;
$_SESSION['type'] = $type;
$randomSecret = base64_encode(openssl_random_pseudo_bytes(32));
$_SESSION['secret'] = $randomSecret;
setcookie("authSecret", $randomSecret, 0, "/", "", false, true);
$csrfToken = base64_encode(openssl_random_pseudo_bytes(32));
$_SESSION['csrfToken'] = $csrfToken;
} else {
$retval['status'] = "fail";
}
echo json_encode($retval);

38
api/install.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,15 +14,12 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
if(file_exists("../config/config-user.php")) {
echo "Permission denied!";
exit();
}
//Get input
$input = json_decode(file_get_contents('php://input'));
//Database command
$sql["mysql"] = "
CREATE TABLE IF NOT EXISTS domains (
@ -37,7 +33,6 @@ CREATE TABLE IF NOT EXISTS domains (
PRIMARY KEY (id),
UNIQUE KEY name_index (name)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS records (
id int(11) NOT NULL AUTO_INCREMENT,
domain_id int(11) DEFAULT NULL,
@ -55,7 +50,6 @@ CREATE TABLE IF NOT EXISTS records (
KEY domain_id (domain_id),
CONSTRAINT records_ibfk_1 FOREIGN KEY (domain_id) REFERENCES domains (id) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS users (
id int(11) NOT NULL AUTO_INCREMENT,
name varchar(50) NOT NULL,
@ -64,7 +58,6 @@ CREATE TABLE IF NOT EXISTS users (
PRIMARY KEY (id),
UNIQUE KEY user_name_index (name)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS permissions (
userid int(11) NOT NULL,
domain int(11) NOT NULL,
@ -73,7 +66,6 @@ CREATE TABLE IF NOT EXISTS permissions (
CONSTRAINT permissions_ibfk_1 FOREIGN KEY (domain) REFERENCES domains (id) ON DELETE CASCADE,
CONSTRAINT permissions_ibfk_2 FOREIGN KEY (userid) REFERENCES users (id) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS remote (
id int(11) NOT NULL AUTO_INCREMENT,
record int(11) NOT NULL,
@ -85,18 +77,14 @@ CREATE TABLE IF NOT EXISTS remote (
KEY record (record),
CONSTRAINT remote_ibfk_1 FOREIGN KEY (record) REFERENCES records (id) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS options (
name varchar(255) NOT NULL,
value varchar(2000) DEFAULT NULL,
PRIMARY KEY (name)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
DELETE FROM options where name='schema_version';
INSERT INTO options(name,value) VALUES ('schema_version', 4);
";
$sql["pgsql"]="
CREATE TABLE IF NOT EXISTS domains (
id SERIAL PRIMARY KEY,
@ -108,9 +96,7 @@ CREATE TABLE IF NOT EXISTS domains (
account VARCHAR(40) DEFAULT NULL,
CONSTRAINT c_lowercase_name CHECK (((name)::TEXT = LOWER((name)::TEXT)))
);
CREATE UNIQUE INDEX IF NOT EXISTS name_index ON domains(name);
CREATE TABLE IF NOT EXISTS records (
id SERIAL PRIMARY KEY,
domain_id INT DEFAULT NULL,
@ -128,21 +114,17 @@ CREATE TABLE IF NOT EXISTS records (
ON DELETE CASCADE,
CONSTRAINT c_lowercase_name CHECK (((name)::TEXT = LOWER((name)::TEXT)))
);
CREATE INDEX IF NOT EXISTS rec_name_index ON records(name);
CREATE INDEX IF NOT EXISTS nametype_index ON records(name,type);
CREATE INDEX IF NOT EXISTS domain_id ON records(domain_id);
CREATE INDEX IF NOT EXISTS recordorder ON records (domain_id, ordername text_pattern_ops);
CREATE TABLE IF NOT EXISTS users (
id SERIAL PRIMARY KEY,
name varchar(50) NOT NULL,
password varchar(200) NOT NULL,
type varchar(20) NOT NULL
);
CREATE UNIQUE INDEX IF NOT EXISTS user_name_index ON users(name);
CREATE TABLE IF NOT EXISTS permissions (
userid INT NOT NULL,
domain INT NOT NULL,
@ -154,10 +136,8 @@ CREATE TABLE IF NOT EXISTS permissions (
FOREIGN KEY(userid) REFERENCES users(id)
ON DELETE CASCADE
);
CREATE INDEX IF NOT EXISTS perm_domain_index ON permissions(domain);
CREATE INDEX IF NOT EXISTS perm_userid_index ON permissions(userid);
CREATE TABLE IF NOT EXISTS remote (
id SERIAL PRIMARY KEY,
record INT NOT NULL,
@ -169,20 +149,15 @@ CREATE TABLE IF NOT EXISTS remote (
FOREIGN KEY(record) REFERENCES records(id)
ON DELETE CASCADE
);
CREATE INDEX IF NOT EXISTS rem_record_index ON remote(record);
CREATE TABLE IF NOT EXISTS options (
name varchar(255) NOT NULL,
value varchar(2000) DEFAULT NULL,
PRIMARY KEY (name)
);
DELETE FROM options where name='schema_version';
INSERT INTO options(name,value) VALUES ('schema_version', 4);
";
try {
$db = new PDO("$input->type:dbname=$input->database;host=$input->host;port=" . intval($input->port), $input->user, $input->password);
}
@ -190,33 +165,22 @@ catch (PDOException $e) {
$retval['status'] = "error";
$retval['message'] = serialize($e);
}
if (!isset($retval)) {
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$passwordHash = password_hash($input->userPassword, PASSWORD_DEFAULT);
$queries = explode(";", $sql[$input->type]);
$db->beginTransaction();
foreach ($queries as $query) {
if (preg_replace('/\s+/', '', $query) != '') {
$db->exec($query);
}
}
$db->commit();
$stmt = $db->prepare("INSERT INTO users(name,password,type) VALUES (:user,:hash,'admin')");
$stmt->bindValue(':user', $input->userName, PDO::PARAM_STR);
$stmt->bindValue(':hash', $passwordHash, PDO::PARAM_STR);
$stmt->execute();
$configFile = Array();
$configFile[] = '<?php';
$configFile[] = '$config[\'db_host\'] = \'' . addslashes($input->host) . "';";
$configFile[] = '$config[\'db_user\'] = \'' . addslashes($input->user) . "';";
@ -224,7 +188,6 @@ if (!isset($retval)) {
$configFile[] = '$config[\'db_name\'] = \'' . addslashes($input->database) . "';";
$configFile[] = '$config[\'db_port\'] = ' . intval($input->port) . ";";
$configFile[] = '$config[\'db_type\'] = \'' . addslashes($input->type) . "';";
$retval['status'] = "success";
try {
file_put_contents("../config/config-user.php", implode("\n", $configFile));
@ -234,7 +197,6 @@ if (!isset($retval)) {
$retval['message'] = serialize($e);
}
}
if(isset($retval)) {
echo json_encode($retval);
} else {

7
api/password.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,27 +14,21 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../config/config-default.php';
require_once '../lib/database.php';
require_once '../lib/session.php';
$input = json_decode(file_get_contents('php://input'));
if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
echo "Permission denied!";
exit();
}
if(isset($input->action) && $input->action == "changePassword") {
$passwordHash = password_hash($input->password, PASSWORD_DEFAULT);
$stmt = $db->prepare("UPDATE users SET password=:password WHERE id=:id");
$stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR);
$stmt->bindValue(':id', $_SESSION['id'], PDO::PARAM_INT);
$stmt->execute();
}
if(isset($retval)) {
echo json_encode($retval);
} else {

25
api/remote.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,45 +14,37 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../config/config-default.php';
require_once '../lib/database.php';
require_once '../lib/update-serial.php';
if(filter_input(INPUT_SERVER, "REQUEST_METHOD") == "GET") {
if(filter_input(INPUT_GET, "action") == "updateRecord") {
$input_domain = filter_input(INPUT_GET, "domain");
$input_id = filter_input(INPUT_GET, "id");
$input_password = filter_input(INPUT_GET, "password");
$input_content = filter_input(INPUT_GET, "content");
$stmt = $db->prepare("SELECT security,record FROM remote WHERE type='password' AND id=:id LIMIT 1");
$stmt->bindValue(':id', $input_id, PDO::PARAM_INT);
$stmt->execute();
$stmt->bindColumn('security', $passwordHash);
$stmt->bindColumn('record', $record);
$stmt->fetch(PDO::FETCH_BOUND);
if(!password_verify($input_password, $passwordHash)) {
$return['status'] = "error";
$return['error'] = "Permission denied";
echo json_encode($return);
exit();
}
$stmt = $db->prepare("UPDATE records SET content=:content WHERE name=:name AND id=:id");
$stmt->bindValue(':content', $input_content, PDO::PARAM_STR);
$stmt->bindValue(':name', $input_domain, PDO::PARAM_STR);
$stmt->bindValue(':id', $record, PDO::PARAM_INT);
$stmt->execute();
$stmt = $db->prepare("SELECT domain_id FROM records WHERE id=:id LIMIT 1");
$stmt->bindValue(':id', $record, PDO::PARAM_INT);
$stmt->execute();
$domain_id = $stmt->fetchColumn();
update_serial($db, $domain_id);
$return['status'] = "success";
echo json_encode($return);
exit();
@ -61,17 +52,14 @@ if(filter_input(INPUT_SERVER, "REQUEST_METHOD") == "GET") {
// If we are behind a proxy, return the first IP the request was forwarded for.
if(filter_input(INPUT_SERVER, "HTTP_X_FORWARDED_FOR") != null){
$return['ip'] = explode(",", filter_input(INPUT_SERVER, "HTTP_X_FORWARDED_FOR"))[0];
} else {
$return['ip'] = filter_input(INPUT_SERVER, "REMOTE_ADDR");
}
echo json_encode($return);
exit();
}
} else if(filter_input(INPUT_SERVER, "REQUEST_METHOD") == "POST") {
$input = json_decode(file_get_contents('php://input'));
if(isset($input->domain) && isset($input->id) && isset($input->content)) {
$stmt = $db->prepare("SELECT E.name,E.id FROM remote R JOIN records E ON R.record = E.id WHERE R.id=:id LIMIT 1");
$stmt->bindValue(':id', $input->id, PDO::PARAM_INT);
@ -79,23 +67,19 @@ if(filter_input(INPUT_SERVER, "REQUEST_METHOD") == "GET") {
$stmt->bindColumn('E.name', $domainName);
$stmt->bindColumn('E.id', $record);
$stmt->fetch(PDO::FETCH_BOUND);
if($domainName != $input->domain) {
$return['status'] = "error";
$return['error'] = "Id and domain do not match!";
echo json_encode($return);
exit();
}
if(isset($_GET['getNonce'])) {
$newNonce = base64_encode(openssl_random_pseudo_bytes(32));
$dbNonce = $newNonce . ":" . time();
$stmt = $db->prepare("UPDATE remote SET nonce=:nonce WHERE id=:id");
$stmt->bindValue(':nonce', $dbNonce, PDO::PARAM_STR);
$stmt->bindValue(':id', $input->id, PDO::PARAM_INT);
$stmt->execute();
$return['nonce'] = $newNonce;
echo json_encode($return);
exit();
@ -106,39 +90,31 @@ if(filter_input(INPUT_SERVER, "REQUEST_METHOD") == "GET") {
$stmt->bindColumn('security', $pubkey);
$stmt->bindColumn('nonce', $dbNonce);
$stmt->fetch(PDO::FETCH_BOUND);
$nonce = explode(":", $dbNonce);
if($dbNonce == NULL || (time() - $nonce[1]) > $config['nonce_lifetime']) {
$return['status'] = "error";
$return['error'] = "No valid nonce available!";
echo json_encode($return);
exit();
}
$verifyString = $input->domain . $input->id . $input->content . $nonce[0];
$signature = base64_decode($input->signature);
if(openssl_verify($verifyString, $signature, $pubkey, OPENSSL_ALGO_SHA512) != 1) {
$return['status'] = "error";
$return['error'] = "Bad signature!";
echo json_encode($return);
exit();
}
$stmt = $db->prepare("UPDATE records SET content=:content WHERE name=:name AND id=:id");
$stmt->bindValue(':content', $input->content, PDO::PARAM_STR);
$stmt->bindValue(':name', $input->domain, PDO::PARAM_STR);
$stmt->bindValue(':id', $record, PDO::PARAM_INT);
$stmt->execute();
$stmt = $db->prepare("SELECT domain_id FROM records WHERE id=:id LIMIT 1");
$stmt->bindValue(':id', $record, PDO::PARAM_INT);
$stmt->execute();
$domain_id = $stmt->fetchColumn();
update_serial($db, $domain_id);
$return['status'] = "success";
echo json_encode($return);
exit();
@ -148,7 +124,6 @@ if(filter_input(INPUT_SERVER, "REQUEST_METHOD") == "GET") {
echo json_encode($return);
exit();
}
} else {
$return['status'] = "error";
$return['error'] = "Missing data";

30
api/upgrade.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,18 +14,14 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../config/config-default.php';
require_once '../lib/database.php';
require_once '../lib/checkversion.php';
$input = json_decode(file_get_contents('php://input'));
if(isset($input->action) && $input->action == "getVersions") {
$retval['from'] = getVersion($db);
$retval['to'] = getExpectedVersion();
}
if(isset($input->action) && $input->action == "requestUpgrade") {
$currentVersion = getVersion($db);
$dbType = $config['db_type'];
@ -42,28 +37,23 @@ if(isset($input->action) && $input->action == "requestUpgrade") {
PRIMARY KEY (id),
KEY record (record)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
ALTER TABLE `remote`
ADD CONSTRAINT `remote_ibfk_1` FOREIGN KEY (`record`) REFERENCES `records` (`id`);
CREATE TABLE IF NOT EXISTS options (
name varchar(255) NOT NULL,
value varchar(2000) DEFAULT NULL,
PRIMARY KEY (name)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
INSERT INTO options(name,value) VALUES ('schema_version', 1);
";
$sql["pgsql"] = "INSERT INTO options(name,value) VALUES ('schema_version', 1);";
$queries = explode(";", $sql[$dbType]);
$db->beginTransaction();
foreach ($queries as $query) {
if (preg_replace('/\s+/', '', $query) != '') {
$db->exec($query);
}
}
$db->commit();
}
if($currentVersion < 2) {
@ -76,28 +66,22 @@ if(isset($input->action) && $input->action == "requestUpgrade") {
ADD CONSTRAINT permissions_ibfk_1 FOREIGN KEY (domain) REFERENCES domains (id) ON DELETE CASCADE;
ALTER TABLE permissions
ADD CONSTRAINT permissions_ibfk_2 FOREIGN KEY (user) REFERENCES user (id) ON DELETE CASCADE;
ALTER TABLE remote
DROP FOREIGN KEY remote_ibfk_1;
ALTER TABLE remote
ADD CONSTRAINT remote_ibfk_1 FOREIGN KEY (record) REFERENCES records (id) ON DELETE CASCADE;
ALTER TABLE records
ADD CONSTRAINT records_ibfk_1 FOREIGN KEY (domain_id) REFERENCES domains (id) ON DELETE CASCADE;
UPDATE options SET value=2 WHERE name='schema_version';
";
$sql["pgsql"] = "UPDATE options SET value=2 WHERE name='schema_version';";
$queries = explode(";", $sql[$dbType]);
$db->beginTransaction();
foreach ($queries as $query) {
if (preg_replace('/\s+/', '', $query) != '') {
$db->exec($query);
}
}
$db->commit();
}
if($currentVersion < 3) {
@ -109,24 +93,18 @@ if(isset($input->action) && $input->action == "requestUpgrade") {
content TEXT,
PRIMARY KEY (id)
) Engine=InnoDB;
ALTER TABLE records ADD disabled TINYINT(1) DEFAULT 0;
ALTER TABLE records ADD auth TINYINT(1) DEFAULT 1;
UPDATE options SET value=3 WHERE name='schema_version';
";
$sql["pgsql"] = "UPDATE options SET value=3 WHERE name='schema_version';";
$queries = explode(";", $sql[$dbType]);
$db->beginTransaction();
foreach ($queries as $query) {
if (preg_replace('/\s+/', '', $query) != '') {
$db->exec($query);
}
}
$db->commit();
}
if($currentVersion < 4) {
@ -136,29 +114,21 @@ if(isset($input->action) && $input->action == "requestUpgrade") {
ALTER TABLE permissions CHANGE user userid INT(11);
ALTER TABLE permissions
ADD CONSTRAINT permissions_ibfk_2 FOREIGN KEY (userid) REFERENCES users (id) ON DELETE CASCADE;
ALTER TABLE users ADD CONSTRAINT UNIQUE KEY user_name_index (name);
UPDATE options SET value=4 WHERE name='schema_version';
";
$sql["pgsql"] = "UPDATE options SET value=4 WHERE name='schema_version';";
$queries = explode(";", $sql[$dbType]);
$db->beginTransaction();
foreach ($queries as $query) {
if (preg_replace('/\s+/', '', $query) != '') {
$db->exec($query);
}
}
$db->commit();
}
$retval['status'] = "success";
}
if(isset($retval)) {
echo json_encode($retval);
} else {

21
api/users.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,25 +14,19 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../config/config-default.php';
require_once '../lib/database.php';
require_once '../lib/session.php';
$input = json_decode(file_get_contents('php://input'));
if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
echo "Permission denied!";
exit();
}
if(!isset($_SESSION['type']) || $_SESSION['type'] != "admin") {
echo "Permission denied!";
exit();
}
if(isset($input->action) && $input->action == "getUsers") {
$sql = "
SELECT id,name,type
FROM users
@ -41,7 +34,6 @@ if(isset($input->action) && $input->action == "getUsers") {
(name LIKE :name1 OR :name2) AND
(type=:type1 OR :type2)
";
if(isset($input->sort->field) && $input->sort->field != "") {
if($input->sort->field == "id") {
$sql .= "ORDER BY id";
@ -50,7 +42,6 @@ if(isset($input->action) && $input->action == "getUsers") {
} else if($input->sort->field == "type") {
$sql .= "ORDER BY type";
}
if(isset($input->sort->order)) {
if($input->sort->order == 0) {
$sql .= " DESC";
@ -59,9 +50,7 @@ if(isset($input->action) && $input->action == "getUsers") {
}
}
}
$stmt = $db->prepare($sql);
if(isset($input->name)) {
$name_filter = "%" . $input->name . "%";
$name_filter_used = 0;
@ -69,7 +58,6 @@ if(isset($input->action) && $input->action == "getUsers") {
$name_filter = "";
$name_filter_used = 1;
}
if(isset($input->type)) {
$type_filter = $input->type;
$type_filter_used = 0;
@ -77,36 +65,27 @@ if(isset($input->action) && $input->action == "getUsers") {
$type_filter = "";
$type_filter_used = 1;
}
$stmt->bindValue(':name1', $name_filter, PDO::PARAM_STR);
$stmt->bindValue(':name2', $name_filter_used, PDO::PARAM_INT);
$stmt->bindValue(':type1', $type_filter, PDO::PARAM_INT);
$stmt->bindValue(':type2', $type_filter_used, PDO::PARAM_INT);
$stmt->execute();
$retval = Array();
while($obj = $stmt->fetchObject()) {
$retval[] = $obj;
}
}
if(isset($input->action) && $input->action == "deleteUser") {
$userId = $input->id;
$db->beginTransaction();
$stmt = $db->prepare("DELETE FROM permissions WHERE userid=:userid");
$stmt->bindValue(':userid', $userId, PDO::PARAM_INT);
$stmt->execute();
$stmt = $db->prepare("DELETE FROM users WHERE id=:id");
$stmt->bindValue(':id', $userId, PDO::PARAM_INT);
$stmt->execute();
$db->commit();
}
if(isset($retval)) {
echo json_encode($retval);
} else {

5
config/config-default.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,7 +14,6 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
//Database settings
$config['db_type'] = "mysql";
$config['db_host'] = "localhost";
@ -23,11 +21,8 @@ $config['db_user'] = "root";
$config['db_password'] = "";
$config['db_port'] = 3306;
$config['db_name'] = "pdnsmanager";
//Remote update
$config['nonce_lifetime'] = 15;
//Number of rows in domain overview
$config['domain_rows'] = 15;
require 'config-user.php';

12
domains.php
View file

@ -1,13 +1,10 @@
<!DOCTYPE html>
<!--
Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@ -23,17 +20,14 @@ limitations under the License.
<title>PDNS Manager - Domains</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="include/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<link href="include/bootstrap/css/bootstrap-theme.min.css" rel="stylesheet">
<link href="include/select2/select2.min.css" rel="stylesheet">
<link href="include/select2/select2-bootstrap.min.css" rel="stylesheet">
<link href="include/custom.css" rel="stylesheet">
<script src="include/jquery.js"></script>
<script src="include/bootstrap/js/bootstrap.min.js"></script>
<script src="include/select2/select2.min.js"></script>
<script src="js/domains.js"></script>
</head>
<body>
@ -50,7 +44,6 @@ limitations under the License.
</ul>
</div>
</nav>
<div class="container">
<table class="table table-hover" id="table-domains">
<thead>
@ -86,10 +79,8 @@ limitations under the License.
</table>
<nav id="pagination-wrapper" class="text-center defaulthidden">
<ul id="pagination" class="pagination cursor-pointer">
</ul>
</nav>
<?php
if($_SESSION['type'] == "admin") {
echo '<div class="row text-center">';
@ -99,7 +90,6 @@ limitations under the License.
}
?>
</div>
<div class="modal fade" id="deleteConfirm" tabindex="-1" role="dialog">
<div class="modal-dialog" role="document">
<div class="modal-content">
@ -113,8 +103,6 @@ limitations under the License.
</div>
</div>
</div>
<?php echo '<span class="hidden" id="csrfToken">' . $_SESSION['csrfToken'] . '</span>'; ?>
</body>
</html>

15
edit-master.php
View file

@ -1,13 +1,10 @@
<!DOCTYPE html>
<!--
Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@ -23,17 +20,14 @@ limitations under the License.
<title>PDNS Manager - Domains</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="include/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<link href="include/bootstrap/css/bootstrap-theme.min.css" rel="stylesheet">
<link href="include/select2/select2.min.css" rel="stylesheet">
<link href="include/select2/select2-bootstrap.min.css" rel="stylesheet">
<link href="include/custom.css" rel="stylesheet">
<script src="include/jquery.js"></script>
<script src="include/bootstrap/js/bootstrap.min.js"></script>
<script src="include/select2/select2.min.js"></script>
<script src="js/edit-master.js"></script>
</head>
<body>
@ -50,13 +44,10 @@ limitations under the License.
</ul>
</div>
</nav>
<div class="container">
<row>
<h2 id="domain-name"></h2>
</row>
<div id="soa" class="container">
<row>
<h3>SOA</h3>
@ -74,7 +65,6 @@ limitations under the License.
</div>
<button disabled type="submit" class="btn btn-primary" tabindex="7">Save</button>
</div>
<div class="col-md-2 col-md-offset-1">
<div class="form-group">
<label for="soa-refresh" class="control-label">Refresh</label>
@ -85,7 +75,6 @@ limitations under the License.
<input type="text" class="form-control" id="soa-retry" placeholder="Retry" autocomplete="off" data-regex="^[0-9]+$" tabindex="4">
</div>
</div>
<div class="col-md-2 col-md-offset-1">
<div class="form-group">
<label for="soa-expire" class="control-label">Expire</label>
@ -96,7 +85,6 @@ limitations under the License.
<input type="text" class="form-control" id="soa-ttl" placeholder="TTL" autocomplete="off" data-regex="^[0-9]+$" tabindex="6">
</div>
</div>
<div class="col-md-2 col-md-offset-1">
<div class="form-group">
<label for="soa-serial" class="control-label">Serial</label>
@ -106,7 +94,6 @@ limitations under the License.
</form>
</row>
</div>
<div id="records" class="container">
<row>
<h3>Records</h3>
@ -166,7 +153,5 @@ limitations under the License.
</div>
</div>
<?php echo '<span class="hidden" id="csrfToken">' . $_SESSION['csrfToken'] . '</span>'; ?>
</body>
</html>

13
edit-remote.php
View file

@ -1,13 +1,10 @@
<!DOCTYPE html>
<!--
Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@ -23,17 +20,14 @@ limitations under the License.
<title>PDNS Manager - Remotes</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="include/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<link href="include/bootstrap/css/bootstrap-theme.min.css" rel="stylesheet">
<link href="include/select2/select2.min.css" rel="stylesheet">
<link href="include/select2/select2-bootstrap.min.css" rel="stylesheet">
<link href="include/custom.css" rel="stylesheet">
<script src="include/jquery.js"></script>
<script src="include/bootstrap/js/bootstrap.min.js"></script>
<script src="include/select2/select2.min.js"></script>
<script src="js/edit-remote.js"></script>
</head>
<body>
@ -50,13 +44,10 @@ limitations under the License.
</ul>
</div>
</nav>
<div class="container">
<row>
<h2 id="heading">Remote access</h2>
</row>
<row>
<div class="col-md-4">
<table id="permissions" class="table table-hover">
@ -72,7 +63,6 @@ limitations under the License.
<tbody>
</tbody>
</table>
<row>
<button id="button-add-password" class="btn btn-success">Add password</button>
<button id="button-add-key" class="btn btn-success">Add key</button>
@ -97,7 +87,6 @@ limitations under the License.
<button id="data-password-cancel" class="btn btn-default">Cancel</button>
</form>
</row>
<row id="data-key" class="defaulthidden">
<form>
<div class="form-group">
@ -116,7 +105,5 @@ limitations under the License.
</row>
</div>
<?php echo '<span class="hidden" id="csrfToken">' . $_SESSION['csrfToken'] . '</span>'; ?>
</body>
</html>

16
edit-user.php
View file

@ -1,13 +1,10 @@
<!DOCTYPE html>
<!--
Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@ -23,17 +20,14 @@ limitations under the License.
<title>PDNS Manager - Users</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="include/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<link href="include/bootstrap/css/bootstrap-theme.min.css" rel="stylesheet">
<link href="include/select2/select2.min.css" rel="stylesheet">
<link href="include/select2/select2-bootstrap.min.css" rel="stylesheet">
<link href="include/custom.css" rel="stylesheet">
<script src="include/jquery.js"></script>
<script src="include/bootstrap/js/bootstrap.min.js"></script>
<script src="include/select2/select2.min.js"></script>
<script src="js/edit-user.js"></script>
</head>
<body>
@ -50,17 +44,13 @@ limitations under the License.
</ul>
</div>
</nav>
<div class="container">
<row>
<h2 id="heading">Change user</h2>
</row>
<row>
<div class="col-md-3">
<form>
<div class="form-group">
<label for="user-name" class="control-label">Name</label>
<input type="text" class="form-control" id="user-name" placeholder="Username" autocomplete="off" data-regex="^[A-Za-z0-9\._-]+$" tabindex="1">
@ -83,25 +73,19 @@ limitations under the License.
<button id="user-button-add" class="btn btn-primary" tabindex="5">Change</button>
</form>
</div>
<div class="col-md-3 col-md-offset-1 defaulthidden" id="permissions">
<h3>Permissions</h3>
<table class="table table-hover">
<tbody>
</tbody>
</table>
<label for="selectAdd" class="control-label">Add</label>
<select multiple class="form-control" id="selectAdd"></select>
<div class="vspacer-15"></div>
<button class="btn btn-primary" id="btnAddPermissions">Add</button>
</div>
</row>
</div>
<?php echo '<span class="hidden" id="csrfToken">' . $_SESSION['csrfToken'] . '</span>'; ?>
</body>
</html>

7
include/custom.css
View file

@ -8,25 +8,18 @@
.vspacer-80 { height: 80px; }
.vspacer-100 { height: 100px; }
.vspacer-150 { height: 150px; }
.margin-left-20 { margin-left: 20px; }
.defaulthidden { display: none; }
.cursor-pointer {cursor: pointer; }
.wrap-all-words {
word-wrap: break-word;
max-width: 350px;
}
.no-shadow {
box-shadow: none!important;
border-color: #CCC!important;
}
.cell-vertical-bottom { vertical-align: bottom !important; }
.cell-vertical-middle { vertical-align: middle !important; }
.cell-vertical-top { vertical-align: top !important; }
.select-narrow-70 { width: 70%; }

8
index.php
View file

@ -3,7 +3,6 @@
require_once 'config/config-default.php';
require_once 'lib/database.php';
require_once 'lib/checkversion.php';
if(!checkVersion($db)) {
Header("Location: upgrade.php");
}
@ -11,13 +10,10 @@
<!DOCTYPE html>
<!--
Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@ -29,14 +25,11 @@ limitations under the License.
<title>PDNS Manager</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="include/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<link href="include/bootstrap/css/bootstrap-theme.min.css" rel="stylesheet">
<link href="include/custom.css" rel="stylesheet">
<script src="include/jquery.js"></script>
<script src="include/bootstrap/js/bootstrap.min.js"></script>
<script src="js/index.js"></script>
</head>
<body>
@ -49,7 +42,6 @@ limitations under the License.
</ul>
</div>
</nav>
<div class="container">
<div class="row vspacer-60"></div>
<div class="row">

16
install.php
View file

@ -1,13 +1,10 @@
<!DOCTYPE html>
<!--
Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@ -25,14 +22,11 @@ limitations under the License.
<title>PDNS Manager - Domains</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="include/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<link href="include/bootstrap/css/bootstrap-theme.min.css" rel="stylesheet">
<link href="include/custom.css" rel="stylesheet">
<script src="include/jquery.js"></script>
<script src="include/bootstrap/js/bootstrap.min.js"></script>
<script src="js/install.js"></script>
</head>
<body>
@ -46,21 +40,16 @@ limitations under the License.
</ul>
</div>
</nav>
<div class="container">
<row>
<h2 id="domain-name">Install PDNS Manager</h2>
</row>
<row>
<div class="alert alert-danger defaulthidden" id="alertFailed" role="alert">
Error
</div>
</row>
<row>
<form>
<div class="container col-md-3">
<h3>Database</h3>
@ -93,10 +82,8 @@ limitations under the License.
</div>
<button id="buttonInstall" class="btn btn-primary">Install</button>
</div>
<div class="container col-md-3">
<h3>Admin</h3>
<div class="form-group">
<label for="adminName" class="control-label">Name</label>
<input type="text" class="form-control" id="adminName" placeholder="Name" autocomplete="off">
@ -112,9 +99,6 @@ limitations under the License.
</div>
</form>
</row>
</div>
</body>
</html>

15
js/add-domain.js
View file

@ -13,9 +13,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
$(document).ready(function() {
$('#zone-button-add').click(function(evt){
evt.preventDefault();
if(validateData()) {
@ -26,26 +24,19 @@ $(document).ready(function() {
shake($('#zone-button-add'));
}
});
$('form input').bind("paste keyup change", regexValidate);
});
function validateData() {
var error = 0;
$('form input').change();
$('form input').each(function() {
if($(this).val().length <= 0 || $(this).parent().hasClass('has-error')) {
error++;
$(this).parent().addClass('has-error');
}
});
return error<=0;
}
function regexValidate() {
var regex = new RegExp($(this).attr('data-regex'));
if(!regex.test($(this).val())) {
@ -54,7 +45,6 @@ function regexValidate() {
$(this).parent().removeClass("has-error");
}
}
function saveData(callback) {
var data = {
name: $('#zone-name').val(),
@ -68,7 +58,6 @@ function saveData(callback) {
action: "addDomain",
csrfToken: $('#csrfToken').text()
};
$.post(
"api/add-domain.php",
JSON.stringify(data),
@ -78,19 +67,15 @@ function saveData(callback) {
"json"
);
}
function shake(element){
var interval = 50;
var distance = 5;
var times = 6;
$(element).css('position','relative');
for(var iter=0;iter<(times+1);iter++){
$(element).animate({
left:((iter%2===0 ? distance : distance*-1))
},interval);
}
$(element).animate({ left: 0},interval);
}

37
js/domains.js
View file

@ -13,15 +13,12 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
var sort = {
field: "",
order: 1
}
$(document).ready(function() {
requestData();
$('#table-domains>thead>tr>td span').click(function() {
var field = $(this).siblings('strong').text().toLowerCase();
if(sort.field == field) {
@ -32,51 +29,40 @@ $(document).ready(function() {
sort.order = 1;
}
$('#table-domains>thead>tr>td span').removeClass("glyphicon-sort-by-attributes glyphicon-sort-by-attributes-alt");
if(sort.field == field) {
if(sort.order == 1) $(this).addClass("glyphicon-sort-by-attributes");
else $(this).addClass("glyphicon-sort-by-attributes-alt");
}
requestData();
});
$('#searchName').bind("paste keyup", function() {
requestData();
});
$('#searchType').change(function() {
requestData();
});
$('#searchType').select2({
minimumResultsForSearch: Infinity
});
});
function requestData(page) {
if(typeof(page) !== 'number' || page <= 0) {
page = 1;
}
var restrictions = {
csrfToken: $('#csrfToken').text(),
};
restrictions.sort = sort;
var searchName = $('#searchName').val();
if(searchName.length > 0) {
restrictions.name = searchName;
}
var searchType = $('#searchType').val();
if(searchType != "none") {
restrictions.type = searchType;
}
restrictions.action = "getDomains";
restrictions.page = page;
$.post(
"api/domains.php",
JSON.stringify(restrictions),
@ -87,25 +73,19 @@ function requestData(page) {
"json"
);
}
function recreatePagination(data) {
$('#pagination').empty();
if(data.total === 1) {
$('#pagination-wrapper').hide();
return;
}
if(data.current > 1) {
$('<li><a href="#"><span class="glyphicon glyphicon-chevron-left"></span></a></li>').appendTo('#pagination').data("page", data.current - 1).click(paginationClicked);
}
$('<li><span>1</span></li>').appendTo('#pagination').data("page", 1).click(paginationClicked);
if(data.current > 4) {
$('<li class="disabled"><span>&hellip;</span></li>').appendTo('#pagination');
}
for(var i = data.current - 2; i <= data.current + 2; i++) {
if(i > 1 && i < data.total) {
if(data.current === i) {
@ -115,23 +95,17 @@ function recreatePagination(data) {
}
}
}
if(data.current < data.total - 3) {
$('<li class="disabled"><span>&hellip;</span></li>').appendTo('#pagination');
}
$('<li><span>' + data.total + '</span></li>').appendTo('#pagination').data("page", data.total).click(paginationClicked);
if(data.current < data.total) {
$('<li><a href="#"><span class="glyphicon glyphicon-chevron-right"></span></a></li>').appendTo('#pagination').data("page", data.current + 1).click(paginationClicked);
}
$('#pagination-wrapper').show();
}
function recreateTable(data) {
$('#table-domains>tbody').empty();
$.each(data, function(index,item) {
$('<tr></tr>').appendTo('#table-domains>tbody')
.append('<td>' + item.id + '</td>')
@ -139,50 +113,40 @@ function recreateTable(data) {
.append('<td>' + item.type + '</td>')
.append('<td>' + item.records + '</td>')
.append('<td><span class="glyphicon glyphicon-trash cursor-pointer"></span></td>');
});
$('#table-domains>tbody>tr>td:not(:last-child)').click(function() {
var id = $(this).parent().children('td').first().text();
var type = $(this).parent().children('td').eq(2).text();
if(type == 'MASTER') {
location.assign('edit-master.php#' + id);
} else if(type == 'NATIVE') {
location.assign('edit-master.php#' + id);
}
});
$('#table-domains>tbody>tr>td>span.glyphicon-trash').click(function() {
$(this).parent().parent().unbind();
deleteDomain.call(this);
});
}
function deleteDomain() {
var deleteId = $(this).parent().parent().children('td').eq(0).text();
var deleteZone = $(this).parent().parent().children('td').eq(1).text();
var rowToRemove = $(this).parent().parent();
$('#zoneToDelete').text(deleteZone);
$('#deleteConfirm #buttonDelete').click(function() {
deleteDomainWithId(deleteId, function() {
$('#deleteConfirm').modal("hide");
$(rowToRemove).remove();
});
});
$('#deleteConfirm').modal();
}
function deleteDomainWithId(id, callback) {
var data = {
action: "deleteDomain",
id: id,
csrfToken: $('#csrfToken').text()
};
$.post(
"api/domains.php",
JSON.stringify(data),
@ -192,7 +156,6 @@ function deleteDomainWithId(id, callback) {
"json"
);
}
function paginationClicked() {
requestData($(this).data("page"));
}

83
js/edit-master.js
View file

@ -13,14 +13,11 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
var sort = {
field: "",
order: 1
};
var domainName = "";
var recordTypes = [
"A","A6","AAAA","AFSDB","ALIAS","CAA","CDNSKEY","CDS","CERT","CNAME","DHCID",
"DLV","DNAME","DNSKEY","DS","EUI48","EUI64","HINFO",
@ -29,9 +26,7 @@ var recordTypes = [
"OPT","PTR","RKEY","RP","RRSIG","SIG","SPF",
"SRV","TKEY","SSHFP","TLSA","TSIG","TXT","WKS","MBOXFW","URL"
];
$(document).ready(function() {
$('#soa button[type=submit]').click(function(){
if(validateSoaData()) {
saveSoaData();
@ -40,23 +35,18 @@ $(document).ready(function() {
shake($('#soa button[type=submit]'));
}
});
$('#soa input').bind("paste keyup change", function() {
$('#soa button[type=submit]').prop("disabled", false);
});
$('#soa form input').bind("paste keyup change", regexValidate);
$('#table-records>tfoot input').bind("paste keyup change", regexValidate);
$('#searchType').select2({
placeholder: "Filter...",
data: recordTypes
});
$('#addType').select2({
data: recordTypes
});
$('#table-records>thead>tr>td span.glyphicon').click(function() {
var field = $(this).siblings('strong').text().toLowerCase();
if(sort.field == field) {
@ -67,45 +57,35 @@ $(document).ready(function() {
sort.order = 1;
}
$('#table-records>thead>tr>td span').removeClass("glyphicon-sort-by-attributes glyphicon-sort-by-attributes-alt");
if(sort.field == field) {
if(sort.order == 1) $(this).addClass("glyphicon-sort-by-attributes");
else $(this).addClass("glyphicon-sort-by-attributes-alt");
}
requestRecordData();
});
$('#searchName, #searchContent').bind("paste keyup", function() {
requestRecordData();
});
$('#searchType').change(function() {
requestRecordData();
});
requestRecordData();
requestSoaData();
requestSerial();
requestDomainName();
});
function validateSoaData() {
var error = 0;
$('#soa form input:not(#soa-serial)').each(function() {
if($(this).val().length <= 0 || $(this).parent().hasClass('has-error')) {
error++;
$(this).parent().addClass('has-error');
}
});
return error<=0;
}
function recreateTable(data) {
$('#table-records>tbody').empty();
$.each(data, function(index,item) {
$('<tr></tr>').appendTo('#table-records>tbody')
.append('<td>' + item.id + '</td>')
@ -117,40 +97,30 @@ function recreateTable(data) {
.append('<td><span class="glyphicon glyphicon-pencil cursor-pointer"></span></td>')
.append('<td><span class="glyphicon glyphicon-trash cursor-pointer"></span></td>')
.append('<td><span class="glyphicon glyphicon-share cursor-pointer"></span></td>');
});
$('#table-records>tbody>tr>td>span.glyphicon-trash').click(trashClicked);
$('#table-records>tbody>tr>td>span.glyphicon-pencil').click(editClicked);
$('#table-records>tbody>tr>td>span.glyphicon-share').click(remoteClicked);
}
function requestRecordData() {
var restrictions = {
csrfToken: $('#csrfToken').text()
};
restrictions.sort = sort;
var searchName = $('#searchName').val();
if(searchName.length > 0) {
restrictions.name = searchName;
}
var searchType = $('#searchType').val();
if(searchType != null && searchType.length > 0) {
restrictions.type = searchType;
}
var searchContent = $('#searchContent').val();
if(searchContent.length > 0) {
restrictions.content = searchContent;
}
restrictions.action = "getRecords";
restrictions.domain = location.hash.substring(1);
$.post(
"api/edit-master.php",
JSON.stringify(restrictions),
@ -160,15 +130,12 @@ function requestRecordData() {
"json"
);
}
function requestSoaData() {
var data = {
action: "getSoa",
csrfToken: $('#csrfToken').text()
};
data.domain = location.hash.substring(1);
$.post(
"api/edit-master.php",
JSON.stringify(data),
@ -183,15 +150,12 @@ function requestSoaData() {
"json"
);
}
function requestSerial() {
var data = {
action: "getSerial",
csrfToken: $('#csrfToken').text()
};
data.domain = location.hash.substring(1);
$.post(
"api/edit-master.php",
JSON.stringify(data),
@ -201,22 +165,18 @@ function requestSerial() {
"json"
);
}
function saveSoaData() {
var data = {
action: "saveSoa",
csrfToken: $('#csrfToken').text()
};
data.domain = location.hash.substring(1);
data.primary = $('#soa-primary').val();
data.email = $('#soa-mail').val();
data.refresh = $('#soa-refresh').val();
data.retry = $('#soa-retry').val();
data.expire = $('#soa-expire').val();
data.ttl = $('#soa-ttl').val();
$.post(
"api/edit-master.php",
JSON.stringify(data),
@ -226,11 +186,9 @@ function saveSoaData() {
"json"
);
}
function editClicked() {
var tableCells = $(this).parent().parent().children('td');
var tableRow = $(this).parent().parent();
var valueExtractRegex = new RegExp('\.?' + domainName + "$");
var valueName = tableCells.eq(1).text();
valueName = valueName.replace(valueExtractRegex, "");
@ -238,47 +196,34 @@ function editClicked() {
var inputGroupName = $('<div class="input-group"></div>').appendTo(tableCells.eq(1));
$('<input type="text" class="form-control input-sm" data-regex="^([^.]+\.)*[^.]*$">').appendTo(inputGroupName).val(valueName);
$('<span class="input-group-addon"></span>').appendTo(inputGroupName).text("." + domainName);
var valueType = tableCells.eq(2).text();
tableCells.eq(2).empty();
$('<select class="form-control select-narrow-70"></select>').appendTo(tableCells.eq(2)).select2({
data: recordTypes
}).val(valueType).trigger("change");
var valueContent = tableCells.eq(3).text();
tableCells.eq(3).empty();
$('<input type="text" class="form-control input-sm" data-regex="^.+$">').appendTo(tableCells.eq(3)).val(valueContent);
var valuePrio = tableCells.eq(4).text();
tableCells.eq(4).empty();
$('<input type="text" class="form-control input-sm" size="1" data-regex="^[0-9]+$">').appendTo(tableCells.eq(4)).val(valuePrio);
var valueTtl = tableCells.eq(5).text();
tableCells.eq(5).empty();
$('<input type="text" class="form-control input-sm" size="3" data-regex="^[0-9]+$">').appendTo(tableCells.eq(5)).val(valueTtl);
tableCells.eq(6).remove();
tableCells.eq(7).remove();
tableCells.eq(8).remove();
$(tableRow).append('<td colspan="3"><button class="btn btn-primary btn-sm">Save</button></td>');
$(tableRow).find('button').click(saveRecord);
enableFilter(false);
$(tableRow).find("input").bind("paste keyup change", regexValidate);
}
function saveRecord() {
var tableRow = $(this).parent().parent();
if(!validateLine.call(this)) {
shake($(this));
return;
}
var data = {
id: tableRow.children('td').eq(0).text(),
name: tableRow.children('td').eq(1).find('input').val(),
@ -290,31 +235,25 @@ function saveRecord() {
domain: location.hash.substring(1),
csrfToken: $('#csrfToken').text()
};
if(data.name.length > 0) {
data.name = data.name + "." + domainName;
} else {
data.name = domainName;
}
tableRow.children('td').eq(0).empty().text(data.id);
tableRow.children('td').eq(1).empty().text(data.name);
tableRow.children('td').eq(2).empty().text(data.type);
tableRow.children('td').eq(3).empty().text(data.content);
tableRow.children('td').eq(4).empty().text(data.prio);
tableRow.children('td').eq(5).empty().text(data.ttl);
tableRow.children('td').eq(6).remove();
tableRow.append('<td><span class="glyphicon glyphicon-pencil cursor-pointer"></span></td>')
.append('<td><span class="glyphicon glyphicon-trash cursor-pointer"></span></td>')
.append('<td><span class="glyphicon glyphicon-share cursor-pointer"></span></td>');
tableRow.find('span.glyphicon-trash').click(trashClicked);
tableRow.find('span.glyphicon-pencil').click(editClicked);
tableRow.find('span.glyphicon-share').click(remoteClicked);
enableFilter(true);
$.post(
"api/edit-master.php",
JSON.stringify(data),
@ -324,19 +263,15 @@ function saveRecord() {
"json"
);
}
function addRecord() {
if(!validateLine.call(this)) {
shake($('#addButton'));
return;
}
var prio = $('#addPrio').val();
if(prio.length === 0) prio = 0;
var ttl = $('#addTtl').val();
if(ttl.length === 0) ttl = 86400;
var data = {
type: $('#addType').val(),
content: $('#addContent').val(),
@ -346,13 +281,11 @@ function addRecord() {
domain: location.hash.substring(1),
csrfToken: $('#csrfToken').text()
};
if($('#addName').val().length > 0) {
data.name = $('#addName').val() + "." + domainName;
} else {
data.name = domainName;
}
$.post(
"api/edit-master.php",
JSON.stringify(data),
@ -367,12 +300,10 @@ function addRecord() {
.append('<td><span class="glyphicon glyphicon-pencil cursor-pointer"></span></td>')
.append('<td><span class="glyphicon glyphicon-trash cursor-pointer"></span></td>')
.append('<td><span class="glyphicon glyphicon-share cursor-pointer"></span></td>');
$('#table-records>tbody>tr').last().find('span.glyphicon-pencil').click(editClicked);
$('#table-records>tbody>tr').last().find('span.glyphicon-trash').click(trashClicked);
$('#table-records>tbody>tr').last().find('span.glyphicon-share').click(remoteClicked);
requestSerial();
$('#addName').val("");
$('#addType').val("A").change();
$('#addContent').val("");
@ -382,7 +313,6 @@ function addRecord() {
"json"
);
}
function trashClicked() {
var data = {
id: $(this).parent().parent().children().eq(0).text(),
@ -390,9 +320,7 @@ function trashClicked() {
action: "removeRecord",
csrfToken: $('#csrfToken').text()
};
var lineAffected = $(this).parent().parent();
$.post(
"api/edit-master.php",
JSON.stringify(data),
@ -403,14 +331,12 @@ function trashClicked() {
"json"
);
}
function requestDomainName() {
var data = {
action: "getDomainName",
domain: location.hash.substring(1),
csrfToken: $('#csrfToken').text()
};
$.post(
"api/edit-master.php",
JSON.stringify(data),
@ -423,7 +349,6 @@ function requestDomainName() {
"json"
);
}
function enableFilter(enable) {
if(enable) {
$('#searchName').prop("disabled", false);
@ -435,7 +360,6 @@ function enableFilter(enable) {
$('#searchContent').prop("disabled", true);
}
}
function regexValidate() {
var regex = new RegExp($(this).attr('data-regex'));
if(!regex.test($(this).val())) {
@ -444,7 +368,6 @@ function regexValidate() {
$(this).parent().removeClass("has-error");
}
}
function validateLine() {
$(this).parent().parent().find('input[data-regex]').change();
var errors = 0;
@ -453,27 +376,21 @@ function validateLine() {
errors++;
}
});
return errors <= 0;
}
function remoteClicked() {
var recordId = $(this).parent().siblings().eq(0).text();
location.assign("edit-remote.php#" + recordId);
}
function shake(element){
var interval = 50;
var distance = 5;
var times = 6;
$(element).css('position','relative');
for(var iter=0;iter<(times+1);iter++){
$(element).animate({
left:((iter%2===0 ? distance : distance*-1))
},interval);
}
$(element).animate({ left: 0},interval);
}

40
js/edit-remote.js
View file

@ -13,7 +13,6 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
$(document).ready(function() {
$('#data-password-password2').bind("paste keyup change", function() {
if($('#data-password-password').val() != $('#data-password-password2').val()) {
@ -22,32 +21,26 @@ $(document).ready(function() {
$(this).parent().removeClass("has-error");
}
});
$('#button-add-password').click(function() {
resetFields();
$('#data-password').show();
$('#data-key').hide();
$('#data-password-confirm').unbind().click(addPassword);
});
$('#button-add-key').click(function() {
resetFields();
$('#data-key').show();
$('#data-password').hide();
$('#data-key-confirm').unbind().click(addKey);
});
$('#data-password-cancel').click(function() {
$('#data-password').hide();
});
$('#data-key-cancel').click(function() {
$('#data-key').hide();
});
requestPermissions();
});
function regexValidate() {
var regex = new RegExp($(this).attr('data-regex'));
if(!regex.test($(this).val())) {
@ -56,10 +49,8 @@ function regexValidate() {
$(this).parent().removeClass("has-error");
}
}
function createTable(data) {
$('#permissions tbody').empty();
$.each(data, function(index,item) {
$('<tr></tr>').appendTo('#permissions tbody')
.append('<td>' + item.id + '</td>')
@ -68,18 +59,15 @@ function createTable(data) {
.append('<td><span class="glyphicon glyphicon-pencil cursor-pointer"></span></td>')
.append('<td><span class="glyphicon glyphicon-trash cursor-pointer"></span></td>');
});
$('#permissions tbody span.glyphicon-trash').click(deletePermission);
$('#permissions tbody span.glyphicon-pencil').click(prepareEdit);
}
function requestPermissions() {
var data = {
action: "getPermissions",
csrfToken: $('#csrfToken').text(),
record: location.hash.substring(1)
};
$.post(
"api/edit-remote.php",
JSON.stringify(data),
@ -89,7 +77,6 @@ function requestPermissions() {
"json"
);
}
function resetFields() {
$('#info-dialogs input').val("");
$('#info-dialogs textarea').val("");
@ -99,14 +86,12 @@ function resetFields() {
$('#data-password-confirm').text("Add");
$('#data-key-confirm').text("Add");
}
function addPassword() {
if($('#data-password-password').val() != $('#data-password-password2').val() || $('#data-password-password').val().length <= 0) {
$('#data-password-password2').parent().addClass("has-error");
shake($('#data-password-confirm'));
return;
}
var data = {
csrfToken: $('#csrfToken').text(),
action: "addPassword",
@ -114,7 +99,6 @@ function addPassword() {
password: $('#data-password-password').val(),
record: location.hash.substring(1)
};
$.post(
"api/edit-remote.php",
JSON.stringify(data),
@ -125,14 +109,12 @@ function addPassword() {
"json"
);
}
function addKey() {
if($('#data-key-key').val().length <= 0) {
$('#data-key-key').parent().addClass("has-error");
shake($('#data-key-confirm'));
return;
}
var data = {
csrfToken: $('#csrfToken').text(),
action: "addKey",
@ -140,7 +122,6 @@ function addKey() {
key: $('#data-key-key').val(),
record: location.hash.substring(1)
};
$.post(
"api/edit-remote.php",
JSON.stringify(data),
@ -151,7 +132,6 @@ function addKey() {
"json"
);
}
function deletePermission() {
var data = {
csrfToken: $('#csrfToken').text(),
@ -159,7 +139,6 @@ function deletePermission() {
permission: $(this).parent().siblings().eq(0).text(),
record: location.hash.substring(1)
};
$.post(
"api/edit-remote.php",
JSON.stringify(data),
@ -169,7 +148,6 @@ function deletePermission() {
"json"
);
}
function prepareEdit() {
var type = $(this).parent().siblings().eq(2).text();
if(type === "password") {
@ -177,32 +155,25 @@ function prepareEdit() {
$('#data-password').show();
$('#data-key').hide();
$('#data-password-confirm').unbind().click(changePassword);
$('#data-password-password').attr("placeholder", "(Unchanged)");
$('#data-password-password2').attr("placeholder", "(Unchanged)");
$('#data-password-confirm').text("Change");
$('#data-password-description').val($(this).parent().siblings().eq(1).text());
$('#data-password-confirm').data("permission-id", $(this).parent().siblings().eq(0).text());
} else if(type === "key") {
resetFields();
$('#data-key').show();
$('#data-password').hide();
$('#data-key-confirm').unbind().click(changeKey);
$('#data-key-confirm').text("Change");
$('#data-key-description').val($(this).parent().siblings().eq(1).text());
$('#data-key-confirm').data("permission-id", $(this).parent().siblings().eq(0).text());
var data = {
csrfToken: $('#csrfToken').text(),
action: "getKey",
permission: $(this).parent().siblings().eq(0).text(),
record: location.hash.substring(1)
};
$.post(
"api/edit-remote.php",
JSON.stringify(data),
@ -213,13 +184,11 @@ function prepareEdit() {
);
}
}
function changePassword() {
if($('#data-password-password').val() != $('#data-password-password2').val()) {
$('#data-password-password2').parent().addClass("has-error");
return;
}
var data = {
csrfToken: $('#csrfToken').text(),
action: "changePassword",
@ -227,11 +196,9 @@ function changePassword() {
record: location.hash.substring(1),
permission: $('#data-password-confirm').data("permission-id")
};
if($('#data-password-password').val().length >= 0) {
data.password = $('#data-password-password').val();
}
$.post(
"api/edit-remote.php",
JSON.stringify(data),
@ -242,13 +209,11 @@ function changePassword() {
"json"
);
}
function changeKey() {
if($('#data-key-key').val().length <= 0) {
$('#data-key-key').parent().addClass("has-error");
return;
}
var data = {
csrfToken: $('#csrfToken').text(),
action: "changeKey",
@ -257,7 +222,6 @@ function changeKey() {
record: location.hash.substring(1),
permission: $('#data-key-confirm').data("permission-id")
};
$.post(
"api/edit-remote.php",
JSON.stringify(data),
@ -268,19 +232,15 @@ function changeKey() {
"json"
);
}
function shake(element){
var interval = 50;
var distance = 5;
var times = 6;
$(element).css('position','relative');
for(var iter=0;iter<(times+1);iter++){
$(element).animate({
left:((iter%2===0 ? distance : distance*-1))
},interval);
}
$(element).animate({ left: 0},interval);
}

37
js/edit-user.js
View file

@ -13,25 +13,19 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
$(document).ready(function() {
$('#user-button-add').click(function(evt){
evt.preventDefault();
if(location.hash.substring(1) == "new") {
addUser();
} else {
saveUserChanges();
}
});
$('form input#user-name').bind("paste keyup change", regexValidate);
$('#user-password').unbind().bind("paste keyup change", function() {
$('#user-password').parent().removeClass("has-error");
});
$('#user-password2').unbind().bind("paste keyup change", function() {
if($('#user-password').val() != $('#user-password2').val()) {
$('#user-password2').parent().addClass("has-error");
@ -39,11 +33,9 @@ $(document).ready(function() {
$('#user-password2').parent().removeClass("has-error");
}
});
$('#user-type').select2({
minimumResultsForSearch: Infinity
});
//Prepare for new user
if(location.hash.substring(1) == "new") {
$('#heading').text("Add user");
@ -55,7 +47,6 @@ $(document).ready(function() {
requestPermissions();
$('#permissions').removeClass("defaulthidden");
}
$('#permissions select#selectAdd').select2({
ajax: {
url: "api/edit-user.php",
@ -80,10 +71,8 @@ $(document).ready(function() {
placeholder: "Search...",
minimumInputLength: 1
});
$('#btnAddPermissions').click(addPermissions);
});
function regexValidate() {
var regex = new RegExp($(this).attr('data-regex'));
if(!regex.test($(this).val())) {
@ -92,16 +81,13 @@ function regexValidate() {
$(this).parent().removeClass("has-error");
}
}
function addUser() {
$('form input').change();
if($('#user-password').val().length <= 0) {
$('#user-password').parent().addClass("has-error");
$('#user-password2').parent().addClass("has-error");
shake($('#user-button-add'));
}
if($('#user-name').parent().hasClass("has-error")) {
shake($('#user-button-add'));
return;
@ -110,7 +96,6 @@ function addUser() {
shake($('#user-button-add'));
return;
}
var data = {
name: $('#user-name').val(),
password: $('#user-password').val(),
@ -118,7 +103,6 @@ function addUser() {
action: "addUser",
csrfToken: $('#csrfToken').text()
};
$.post(
"api/edit-user.php",
JSON.stringify(data),
@ -129,14 +113,12 @@ function addUser() {
"json"
);
}
function getUserData() {
var data = {
id: location.hash.substring(1),
action: "getUserData",
csrfToken: $('#csrfToken').text()
};
$.post(
"api/edit-user.php",
JSON.stringify(data),
@ -147,9 +129,7 @@ function getUserData() {
"json"
);
}
function saveUserChanges() {
if($('#user-name').parent().hasClass("has-error")) {
shake($('#user-button-add'));
return;
@ -158,7 +138,6 @@ function saveUserChanges() {
shake($('#user-button-add'));
return;
}
var data = {
id: location.hash.substring(1),
name: $('#user-name').val(),
@ -166,11 +145,9 @@ function saveUserChanges() {
action: "saveUserChanges",
csrfToken: $('#csrfToken').text()
};
if($('#user-password').val().length > 0) {
data.password = $('#user-password').val();
}
$.post(
"api/edit-user.php",
JSON.stringify(data),
@ -178,14 +155,12 @@ function saveUserChanges() {
"json"
);
}
function requestPermissions() {
var data = {
id: location.hash.substring(1),
action: "getPermissions",
csrfToken: $('#csrfToken').text()
};
$.post(
"api/edit-user.php",
JSON.stringify(data),
@ -195,20 +170,16 @@ function requestPermissions() {
"json"
);
}
function createTable(data) {
$('#permissions table>tbody').empty();
$.each(data, function(index,item) {
$('<tr></tr>').appendTo('#permissions table>tbody')
.append('<td>' + item.name + '</td>')
.append('<td><span class="glyphicon glyphicon-remove cursor-pointer"></span></td>')
.data("id", item.id);
});
$('#permissions table>tbody>tr>td>span.glyphicon-remove').click(removePermission);
}
function removePermission() {
var data = {
domainId: $(this).parent().parent().data("id"),
@ -216,9 +187,7 @@ function removePermission() {
action: "removePermission",
csrfToken: $('#csrfToken').text()
};
var lineToRemove = $(this).parent().parent();
$.post(
"api/edit-user.php",
JSON.stringify(data),
@ -228,7 +197,6 @@ function removePermission() {
"json"
);
}
function addPermissions() {
var data = {
action: "addPermissions",
@ -236,7 +204,6 @@ function addPermissions() {
domains: $('#permissions select#selectAdd').val(),
csrfToken: $('#csrfToken').text()
}
$.post(
"api/edit-user.php",
JSON.stringify(data),
@ -247,19 +214,15 @@ function addPermissions() {
"json"
);
}
function shake(element){
var interval = 50;
var distance = 5;
var times = 6;
$(element).css('position','relative');
for(var iter=0;iter<(times+1);iter++){
$(element).animate({
left:((iter%2===0 ? distance : distance*-1))
},interval);
}
$(element).animate({ left: 0},interval);
}

6
js/index.js
View file

@ -13,18 +13,13 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
$(document).ready(function() {
$('#buttonSubmit').click(function(event) {
event.preventDefault();
$('#alertLoginFailed').slideUp(300);
var data = {};
data.user=$('#inputUser').val();
data.password=$('#inputPassword').val();
$.post(
"api/index.php",
JSON.stringify(data),
@ -37,6 +32,5 @@ $(document).ready(function() {
},
"json"
);
});
});

11
js/install.js
View file

@ -13,14 +13,11 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
$(document).ready(function() {
$('#buttonInstall').click(function(evt){
evt.preventDefault();
checkSettings();
});
$('#dbType').change(function() {
if($(this).val() == 'mysql') {
$('#dbPort').val(3306);
@ -28,7 +25,6 @@ $(document).ready(function() {
$('#dbPort').val(5432);
}
});
$('#adminPassword2').bind("change keyup paste", function() {
if($('#adminPassword').val() == $('#adminPassword2').val()) {
$(this).parent().removeClass("has-error");
@ -37,21 +33,16 @@ $(document).ready(function() {
}
})
});
function checkSettings() {
if($('#adminPassword').val() != $('#adminPassword2').val()) {
$('#adminPassword2').parent().addClass("has-error");
}
if($('#adminPassword').val().length <= 0) {
$('#adminPassword').parent().addClass("has-error");
}
if($('#adminName').val().length <= 0) {
$('#adminName').parent().addClass("has-error");
}
var data = {
host: $('#dbHost').val(),
user: $('#dbUser').val(),
@ -62,7 +53,6 @@ function checkSettings() {
userPassword: $('#adminPassword').val(),
type: $('#dbType').val()
};
$.post(
"api/install.php",
JSON.stringify(data),
@ -77,4 +67,3 @@ function checkSettings() {
"json"
);
}

12
js/password.js
View file

@ -13,18 +13,14 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
$(document).ready(function() {
$('#saveChanges').click(function(evt){
evt.preventDefault();
savePassword();
});
$('#user-password').unbind().bind("paste keyup change", function() {
$('#user-password').parent().removeClass("has-error");
});
$('#user-password2').unbind().bind("paste keyup change", function() {
if($('#user-password').val() != $('#user-password2').val()) {
$('#user-password2').parent().addClass("has-error");
@ -33,9 +29,7 @@ $(document).ready(function() {
}
});
});
function savePassword() {
if($('#user-password').val().length <= 0) {
$('#user-password').parent().addClass("has-error");
$('#user-password2').parent().addClass("has-error");
@ -44,13 +38,11 @@ function savePassword() {
shake($('#saveChanges'));
return;
}
var data = {
password: $('#user-password').val(),
action: "changePassword",
csrfToken: $('#csrfToken').text()
};
$.post(
"api/password.php",
JSON.stringify(data),
@ -61,19 +53,15 @@ function savePassword() {
"json"
);
}
function shake(element){
var interval = 50;
var distance = 5;
var times = 6;
$(element).css('position','relative');
for(var iter=0;iter<(times+1);iter++){
$(element).animate({
left:((iter%2===0 ? distance : distance*-1))
},interval);
}
$(element).animate({ left: 0},interval);
}

6
js/upgrade.js
View file

@ -13,20 +13,16 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
$(document).ready(function() {
$('#button-start').click(function() {
$('#row-button-start').hide();
requestVersions();
});
});
function requestVersions() {
var data = {
action: "getVersions"
};
$.post(
"api/upgrade.php",
JSON.stringify(data),
@ -37,12 +33,10 @@ function requestVersions() {
"json"
);
}
function requestUpdate() {
var data = {
action: "requestUpgrade"
};
$.post(
"api/upgrade.php",
JSON.stringify(data),

24
js/users.js
View file

@ -13,15 +13,12 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
var sort = {
field: "",
order: 1
}
$(document).ready(function() {
requestData();
$('#table-users>thead>tr>td span').click(function() {
var field = $(this).siblings('strong').text().toLowerCase();
if(sort.field == field) {
@ -32,46 +29,36 @@ $(document).ready(function() {
sort.order = 1;
}
$('#table-users>thead>tr>td span').removeClass("glyphicon-sort-by-attributes glyphicon-sort-by-attributes-alt");
if(sort.field == field) {
if(sort.order == 1) $(this).addClass("glyphicon-sort-by-attributes");
else $(this).addClass("glyphicon-sort-by-attributes-alt");
}
requestData();
});
$('#searchName').bind("paste keyup", function() {
requestData();
});
$('#searchType').change(function() {
requestData();
});
$('#searchType').select2({
minimumResultsForSearch: Infinity
});
});
function requestData() {
var restrictions = {
csrfToken: $('#csrfToken').text()
};
restrictions.sort = sort;
var searchName = $('#searchName').val();
if(searchName.length > 0) {
restrictions.name = searchName;
}
var searchType = $('#searchType').val();
if(searchType != "none") {
restrictions.type = searchType;
}
restrictions.action = "getUsers";
$.post(
"api/users.php",
JSON.stringify(restrictions),
@ -81,54 +68,43 @@ function requestData() {
"json"
);
}
function recreateTable(data) {
$('#table-users>tbody').empty();
$.each(data, function(index,item) {
$('<tr></tr>').appendTo('#table-users>tbody')
.append('<td>' + item.id + '</td>')
.append('<td>' + item.name + '</td>')
.append('<td>' + item.type + '</td>')
.append('<td><span class="glyphicon glyphicon-trash cursor-pointer"></span></td>');
});
$('#table-users>tbody>tr>td:not(:last-child)').click(function() {
var id = $(this).parent().children('td').first().text();
location.assign('edit-user.php#' + id);
});
$('#table-users>tbody>tr>td>span.glyphicon-trash').click(function() {
$(this).parent().parent().unbind();
deleteDomain.call(this);
});
}
function deleteDomain() {
var deleteId = $(this).parent().parent().children('td').eq(0).text();
var deleteName = $(this).parent().parent().children('td').eq(1).text();
var rowToRemove = $(this).parent().parent();
$('#userToDelete').text(deleteName);
$('#deleteConfirm #buttonDelete').click(function() {
deleteUserWithId(deleteId, function() {
$('#deleteConfirm').modal("hide");
$(rowToRemove).remove();
});
});
$('#deleteConfirm').modal();
}
function deleteUserWithId(id, callback) {
var data = {
action: "deleteUser",
id: id,
csrfToken: $('#csrfToken').text()
};
$.post(
"api/users.php",
JSON.stringify(data),

5
lib/checkversion.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,11 +14,9 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
function getExpectedVersion() {
return 4;
}
function checkVersion($db) {
if(getVersion($db) == getExpectedVersion()) {
return true;
@ -27,7 +24,6 @@ function checkVersion($db) {
return false;
}
}
function getVersion($db) {
$stmt = $db->prepare("SELECT value FROM options WHERE name='schema_version' LIMIT 1");
$stmt->execute();
@ -35,6 +31,5 @@ function getVersion($db) {
if (!$version) {
$version = 0;
}
return $version;
}

2
lib/database.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,7 +14,6 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
try {
$db = new PDO($config['db_type'].":dbname=".$config['db_name'].";host=".$config['db_host'].";port=".strval($config['db_port']), $config['db_user'], $config['db_password']);
}

2
lib/headers.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,5 +14,4 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
Header("Content-Security-Policy: default-src 'self';");

4
lib/session.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,10 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
session_start();
if(
!isset($_SESSION['id']) ||
!isset($_SESSION['secret']) ||

7
lib/soa-mail.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,21 +14,15 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
function soa_to_mail($soa) {
$tmp = preg_replace('/([^\\\\])\\./', '\\1@', $soa, 1);
$tmp = preg_replace('/\\\\\\./', ".", $tmp);
$tmp = preg_replace('/\\.$/', "", $tmp);
return $tmp;
}
function mail_to_soa($mail) {
$parts = explode("@", $mail);
$parts[0] = str_replace(".", "\.", $parts[0]);
$parts[] = "";
return implode(".", $parts);
}

15
lib/update-serial.php
View file

@ -1,5 +1,4 @@
<?php
/*
* Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
*
@ -15,25 +14,17 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
function update_serial($db, $domainId) {
$db->beginTransaction();
$stmt = $db->prepare("SELECT content FROM records WHERE type='SOA' AND domain_id=:domain_id LIMIT 1");
$stmt->bindValue(':domain_id', $domainId, PDO::PARAM_INT);
$stmt->execute();
$content = $stmt->fetchColumn();
$content = explode(" ", $content);
$serial = $content[2];
$currentSerialDate = (int)($serial / 100);
$currentSerialSequence = $serial % 100;
$currentDate = (int)date("Ymd");
if($currentDate != $currentSerialDate) {
$newSerial = $currentDate . "00";
} else {
@ -41,17 +32,11 @@ function update_serial($db, $domainId) {
$newSerialSequence = str_pad($newSerialSequence, 2, "0", STR_PAD_LEFT);
$newSerial = $currentDate . "" . $newSerialSequence;
}
$content[2] = $newSerial;
$newsoa = implode(" ", $content);
$stmt = $db->prepare("UPDATE records SET content=:content WHERE type='SOA' AND domain_id=:domain_id");
$stmt->bindValue(':content', $newsoa, PDO::PARAM_STR);
$stmt->bindValue(':domain_id', $domainId, PDO::PARAM_INT);
$stmt->execute();
$db->commit();
}

7
logout.php
View file

@ -1,13 +1,10 @@
<!DOCTYPE html>
<!--
Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@ -25,11 +22,9 @@ limitations under the License.
<title>PDNS Manager</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="include/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<link href="include/bootstrap/css/bootstrap-theme.min.css" rel="stylesheet">
<link href="include/custom.css" rel="stylesheet">
<script src="include/jquery.js"></script>
<script src="include/bootstrap/js/bootstrap.min.js"></script>
</head>
@ -41,7 +36,6 @@ limitations under the License.
</ul>
</div>
</nav>
<div class="container">
<div class="row vspacer-60"></div>
<div class="row">
@ -53,4 +47,3 @@ limitations under the License.
</div>
</body>
</html>

2
make-release.sh
View file

@ -1,5 +1,3 @@
#!/bin/bash
mkdir -p releases/
tar -czf releases/pdns-manager-$( git describe | cut -c 2- ).tar.gz *.php LICENSE lib/ js/ include/ api/ config/config-default.php

12
password.php
View file

@ -1,13 +1,10 @@
<!DOCTYPE html>
<!--
Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@ -23,17 +20,14 @@ limitations under the License.
<title>PDNS Manager - Password</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="include/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<link href="include/bootstrap/css/bootstrap-theme.min.css" rel="stylesheet">
<link href="include/select2/select2.min.css" rel="stylesheet">
<link href="include/select2/select2-bootstrap.min.css" rel="stylesheet">
<link href="include/custom.css" rel="stylesheet">
<script src="include/jquery.js"></script>
<script src="include/bootstrap/js/bootstrap.min.js"></script>
<script src="include/select2/select2.min.js"></script>
<script src="js/password.js"></script>
</head>
<body>
@ -50,13 +44,10 @@ limitations under the License.
</ul>
</div>
</nav>
<div class="container">
<row>
<h2 id="heading">Change password</h2>
</row>
<row>
<div class="col-md-3">
<form>
@ -72,10 +63,7 @@ limitations under the License.
</form>
</div>
</row>
</div>
<?php echo '<span class="hidden" id="csrfToken">' . $_SESSION['csrfToken'] . '</span>'; ?>
</body>
</html>

17
upgrade.php
View file

@ -1,13 +1,10 @@
<!DOCTYPE html>
<!--
Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@ -19,7 +16,6 @@ limitations under the License.
require_once 'config/config-default.php';
require_once 'lib/database.php';
require_once 'lib/checkversion.php';
if(checkVersion($db)) {
Header("Location: index.php");
}
@ -29,14 +25,11 @@ limitations under the License.
<title>PDNS Manager - Upgrade</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="include/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<link href="include/bootstrap/css/bootstrap-theme.min.css" rel="stylesheet">
<link href="include/custom.css" rel="stylesheet">
<script src="include/jquery.js"></script>
<script src="include/bootstrap/js/bootstrap.min.js"></script>
<script src="js/upgrade.js"></script>
</head>
<body>
@ -50,34 +43,24 @@ limitations under the License.
</ul>
</div>
</nav>
<div class="container">
<row>
<h2>Upgrade PDNS Manager</h2>
</row>
<row>
An upgrade for your PDNS Manager database is available and must be installed!
</row>
<div class="row vspacer-20"></div>
<div class="col-md-6">
<row class="row" id="row-button-start">
<button id="button-start" class="btn btn-primary">Start</button>
</row>
<row class="row" id="status">
</row>
<row class="row defaulthidden" id="row-button-home">
<a href="index.php" class="btn btn-primary">Login</a>
</row>
</div>
</div>
</body>
</html>

10
users.php
View file

@ -1,13 +1,10 @@
<!DOCTYPE html>
<!--
Copyright 2016 Lukas Metzger <developer@lukas-metzger.com>.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@ -23,17 +20,14 @@ limitations under the License.
<title>PDNS Manager - Users</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="include/bootstrap/css/bootstrap.min.css" rel="stylesheet">
<link href="include/bootstrap/css/bootstrap-theme.min.css" rel="stylesheet">
<link href="include/select2/select2.min.css" rel="stylesheet">
<link href="include/select2/select2-bootstrap.min.css" rel="stylesheet">
<link href="include/custom.css" rel="stylesheet">
<script src="include/jquery.js"></script>
<script src="include/bootstrap/js/bootstrap.min.js"></script>
<script src="include/select2/select2.min.js"></script>
<script src="js/users.js"></script>
</head>
<body>
@ -50,7 +44,6 @@ limitations under the License.
</ul>
</div>
</nav>
<div class="container">
<table class="table table-hover" id="table-users">
<thead>
@ -82,12 +75,9 @@ limitations under the License.
</thead>
<tbody class="cursor-pointer">
</tbody>
</table>
<a class="btn btn-success" href="edit-user.php#new">Add</a>
</div>
<div class="modal fade" id="deleteConfirm" tabindex="-1" role="dialog">
<div class="modal-dialog" role="document">
<div class="modal-content">