Commit e65960b9 authored by A. Täffner's avatar A. Täffner

did accidentally overwrite previous implmeentation of SPF

This one also sets type SPF as well as two records within DNS as of RFC4408
Hop that's okay?
parent 13b62b96
<?php
/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
Copyright (c) 2014, Florian Schaal, info@schaal-24.de
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
......@@ -40,10 +40,226 @@ $tform_def_file = "form/dns_spf.tform.php";
require_once '../../lib/config.inc.php';
require_once '../../lib/app.inc.php';
require_once './dns_edit_base.php';
//* Check permissions for module
$app->auth->check_module_permissions('dns');
// Loading classes
class page_action extends dns_page_action {
$app->uses('tpl,tform,tform_actions,validate_dns');
$app->load('tform_actions');
class page_action extends tform_actions {
function onShowNew() {
global $app, $conf;
// we will check only users, not admins
if($_SESSION["s"]["user"]["typ"] == 'user') {
// Get the limits of the client
$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
// Check if the user may add another mailbox.
if($client["limit_dns_record"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_rr WHERE sys_groupid = ?", $client_group_id);
if($tmp["number"] >= $client["limit_dns_record"]) {
$app->error($app->tform->wordbook["limit_dns_record_txt"]);
}
}
}
parent::onShowNew();
}
function onShowEnd() {
global $app, $conf;
$zone = $app->functions->intval($_GET['zone']);
//* check for an existing spf-record
$sql = "SELECT data, active FROM dns_rr WHERE data LIKE 'v=spf1%' AND zone = ? AND " . $app->tform->getAuthSQL('r');
$rec = $app->db->queryOneRecord($sql, $zone);
if ( isset($rec) && !empty($rec) ) {
$this->id = 1;
$old_data = strtolower($rec['data']);
$app->tpl->setVar("data", $old_data);
if ($rec['active'] == 'Y') $app->tpl->setVar("active", "CHECKED"); else $app->tpl->setVar("active", "UNCHECKED");
$spf_hostname = '';
$spf_ip = '';
$spf_domain = '';
$spf_mechanism = '';
// browse through data
$temp = explode(' ', $old_data);
foreach ($temp as $part) {
if ($part == 'a') $app->tpl->setVar("spf_a_active", "CHECKED");
if ($part == 'mx') $app->tpl->setVar("spf_mx_active", "CHECKED");
if (preg_match("/^ip(4|6):/", $part)) $spf_ip .= str_replace(array('ip4:','ip6:'), '', $part) . ' ';
if (preg_match("/^a:/", $part)) $spf_hostname .= str_replace('a:', '', $part) . ' ';
if (preg_match("/^\\??include/", $part)) $spf_domain .= str_replace(array('include:', '?'), '', $part) . ' ';
}
unset($temp);
$spf_ip = rtrim($spf_ip);
$spf_hostname = rtrim($spf_hostname);
$spf_domain = rtrim($spf_domain);
$spf_mechanism = substr($rec['data'], -4, 1);
}
//set html-values
$app->tpl->setVar("spf_ip", $spf_ip);
$app->tpl->setVar("spf_hostname", $spf_hostname);
$app->tpl->setVar("spf_domain", $spf_domain);
//create spf-mechanism-list
$spf_mechanism_value = array(
'+' => 'spf_mechanism_pass_txt',
'-' => 'spf_mechanism_fail_txt',
'~' => 'spf_mechanism_softfail_txt',
'?' => 'spf_mechanism_neutral_txt'
);
$spf_mechanism_list='';
foreach($spf_mechanism_value as $value => $txt) {
$selected = @($spf_mechanism == $value)?' selected':'';
$spf_mechanism_list .= "<option value='$value'$selected>".$app->tform->wordbook[$txt]."</option>\r\n";
}
$app->tpl->setVar('spf_mechanism', $spf_mechanism_list);
parent::onShowEnd();
}
function onSubmit() {
global $app, $conf;
// Get the parent soa record of the domain
$soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $app->functions->intval($_POST["zone"]));
// Check if Domain belongs to user
if($soa["id"] != $_POST["zone"]) $app->tform->errorMessage .= $app->tform->wordbook["no_zone_perm"];
// Check the client limits, if user is not the admin
if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin
// Get the limits of the client
$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
// Check if the user may add another mailbox.
if($this->id == 0 && $client["limit_dns_record"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_rr WHERE sys_groupid = ?", $client_group_id);
if($tmp["number"] >= $client["limit_dns_record"]) {
$app->error($app->tform->wordbook["limit_dns_record_txt"]);
}
}
} // end if user is not admin
//create spf-record
if (!empty($this->dataRecord['spf_mx'])) {
$spf_record[] = 'mx';
}
if (!empty($this->dataRecord['spf_a'])) {
$spf_record[] = 'a';
}
$spf_ip = trim($this->dataRecord['spf_ip']);
if (!empty($spf_ip)) {
$rec = split(' ', $spf_ip);
foreach ($rec as $ip) {
$temp_ip = explode('/', $ip);
if (filter_var($temp_ip[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
$temp = 'ip4:' . $temp_ip[0];
if (isset($temp_ip[1])) $temp .= '/' . $temp_ip[1];
$spf_record[] = $temp;
unset($temp);
}
elseif (filter_var($temp_ip[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
$temp = 'ip6:' . $temp_ip[0];
if (isset($temp_ip[1])) $temp .= '/' . $temp_ip[1];
$spf_record[] = $temp;
unset($temp);
}
else {
if (isset($app->tform->errorMessage )) $app->tform->errorMessage = '<br/>' . $app->tform->errorMessage;
$app->tform->errorMessage .= $app->tform->wordbook["spf_invalid_ip_txt"]. $temp_ip[0];
if (isset( $temp_ip[1])) $app->tform->errorMessage .= "/".$temp_ip[1];
}
}
}
$spf_hostname = trim($this->dataRecord['spf_hostname']);
if (!empty($spf_hostname)) {
$rec = split(' ', $spf_hostname);
foreach ($rec as $hostname) {
if (preg_match('/^[a-zA-Z0-9\\.\\-\\*]{0,64}$/', $hostname))
$spf_record[] = 'a:' . $hostname;
else {
if (isset($app->tform->errorMessage )) $app->tform->errorMessage .= '<br/>' . $app->tform->wordbook["spf_invalid_hostname_txt"]. $hostname;
$app->tform->errorMessage .= $app->tform->wordbook["spf_invalid_hostname_txt"]. $hostname;
}
}
unset($rec);
}
$spf_domain = trim($this->dataRecord['spf_domain']);
if (!empty($spf_domain)) {
$rec = split(' ', $spf_domain);
foreach ($rec as $domain) {
if (preg_match('/^[_a-zA-Z0-9\\.\\-\\*]{0,64}$/', $domain))
$spf_record[] = 'include:' . $domain;
else {
if (isset($app->tform->errorMessage )) $app->tform->errorMessage .= '<br/>' . $app->tform->wordbook["spf_invalid_domain_txt"]. $domain;
$app->tform->errorMessage .= $app->tform->wordbook["spf_invalid_domain_txt"]. $domain;
}
}
}
$temp = implode(' ', $spf_record);unset($spf_record);
if (!empty($temp))
$this->dataRecord['data'] = 'v=spf1 ' . $temp . ' ' . $this->dataRecord['spf_mechanism'] . 'all';
else $this->dataRecord['data'] = 'v=spf1 ' . $this->dataRecord['spf_mechanism'] . 'all';
unset($temp);
$this->dataRecord['name'] = $soa['origin'];
if (isset($this->dataRecord['active'])) $this->dataRecord['active'] = 'Y';
// Set the server ID of the rr record to the same server ID as the parent record.
$this->dataRecord["server_id"] = $soa["server_id"];
// Update the serial number and timestamp of the RR record
$soa = $app->db->queryOneRecord("SELECT serial FROM dns_rr WHERE id = ?", $this->id);
$this->dataRecord["serial"] = $app->validate_dns->increase_serial($soa["serial"]);
$this->dataRecord["stamp"] = date('Y-m-d H:i:s');
// always update an existing entry
$check=$app->db->queryOneRecord("SELECT * FROM dns_rr WHERE zone = ? AND type = ? AND data LIKE 'v=spf1%' AND name = ?", $this->dataRecord["zone"], $this->dataRecord["type"], $this->dataRecord['name']);
$this->id = $check['id'];
if (!isset($this->dataRecord['active'])) $this->dataRecord['active'] = 'N';
parent::onSubmit();
}
function onAfterInsert() {
global $app, $conf;
//* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record
$soa = $app->db->queryOneRecord("SELECT sys_groupid,serial FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $app->functions->intval($this->dataRecord["zone"]));
$app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id);
//* Update the serial number of the SOA record
$soa_id = $app->functions->intval($_POST["zone"]);
$serial = $app->validate_dns->increase_serial($soa["serial"]);
$app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id);
}
function onAfterUpdate() {
global $app, $conf;
//* Update the serial number of the SOA record
$soa = $app->db->queryOneRecord("SELECT serial FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $app->functions->intval($this->dataRecord["zone"]));
$soa_id = $app->functions->intval($_POST["zone"]);
$serial = $app->validate_dns->increase_serial($soa["serial"]);
$app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id);
}
}
......
......@@ -105,17 +105,21 @@ $form["tabs"]['dns'] = array (
'data' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'validators' => array (
0 => array (
'type' => 'NOTEMPTY',
'errmsg'=> 'data_error_empty'
),
),
'default' => '',
'value' => '',
'width' => '30',
'maxlength' => '255'
),
/*
'aux' => array (
'datatype' => 'INTEGER',
'formtype' => 'TEXT',
'default' => '0',
'value' => '',
'width' => '10',
'maxlength' => '10'
),
*/
'ttl' => array (
'datatype' => 'INTEGER',
'formtype' => 'TEXT',
......@@ -132,7 +136,6 @@ $form["tabs"]['dns'] = array (
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
'default' => 'Y',
'value' => array(0 => 'N', 1 => 'Y')
),
'stamp' => array (
'datatype' => 'VARCHAR',
......@@ -151,15 +154,11 @@ $form["tabs"]['dns'] = array (
'maxlength' => '10'
),
//#################################
// ENDE Datatable fields
// End Datatable fields
//#################################
)
);
if($_SESSION["s"]["user"]["typ"] == 'admin') {
unset($form["tabs"]['dns']['fields']['data']['validators']);
$form["tabs"]['dns']['fields']['data']['validators'][0]['type'] = 'NOTEMPTY';
$form["tabs"]['dns']['fields']['data']['validators'][0]['errmsg'] = 'data_error_empty';
$form["tabs"]['dns']['fields']['data']['maxlength'] = 512;
}
?>
<?php
$wb['server_id_txt'] = 'Server';
$wb['zone_txt'] = 'Zone';
$wb['name_txt'] = 'Hostname';
$wb['type_txt'] = 'Typ';
$wb['data_txt'] = 'Daten';
$wb['data_txt'] = 'SPF Record';
$wb['spf_mechanism_txt'] = 'SPF Mechanismus';
$wb['spf_mechanism_pass_txt'] = 'Pass - Mails von anderen Sendern zulassen';
$wb['spf_mechanism_fail_txt'] = 'Fail - Mails von anderen Sendern abweisen';
$wb['spf_mechanism_softfail_txt'] = 'SoftFail - Mails von anderen Sendern zulassen aber markieren';
$wb['spf_mechanism_neutral_txt'] = 'Neutral - nichts unternehmen';
$wb['spf_mx_txt'] = 'Von allen MX-Servern dürfen Mails für diese Domain verschicken';
$wb['spf_a_txt'] = 'Von allen eingetragenen IP-Adressen dürfen Mails für diese Domain verschickt werden';
$wb['spf_ip_txt'] = '(Zusätzliche) IP-Adressen im CIDR Format, die Mails für diese Domain verschicken dürfen';
$wb['spf_ip_note_txt'] = '(mehrere IPs mit Leerzeichen trennen)';
$wb['spf_invalid_ip_txt'] = 'Ungültige IP-Adresse';
$wb['spf_hostname_txt'] = '(Zusätzliche) Hostnamen, die für diese Domain Mails verschicken dürfen oder als Relay arbeiten.';
$wb['spf_hostname_note_txt'] = '(mehrere Hostnamen mit Leerzeichen trennen)';
$wb['spf_invalid_hostname_txt'] = 'Ungültiger Hostname';
$wb['spf_domain_txt'] = 'Zusätzliche Domains, die Mails verschicken dürfen oder als Relay arbeiten';
$wb['spf_domain_note_txt'] = '(mehrerer Domains mit Leerzeichen trennen)';
$wb['spf_invalid_domain_txt'] = 'Ungültiger Domainname';
$wb['ttl_txt'] = 'TTL';
$wb['active_txt'] = 'Aktiv';
$wb["record_exists_txt"] = 'DNS-Eintrag existiert bereits';
$wb['ttl_range_error'] = 'Min. TTL time ist 60 Sekunden.';
$wb['limit_dns_record_txt'] = 'Die maximale Anzahl an DNS Einträgen für Ihr Konto wurde erreicht.';
$wb['no_zone_perm'] = 'Sie haben nicht die Berechtigung, einen Eintrag zu dieser DNS Zone hinzuzufügen.';
$wb['name_error_empty'] = 'Der Hostname ist leer.';
$wb['name_error_regex'] = 'Der Hostname hat das falsche Format.';
$wb['data_error_empty'] = 'Text ist leer';
$wb['data_error_regex'] = 'Textformat ungültig';
$wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
$wb['info_txt'] = 'Im Nameserver wird zusätzlich ein identischer TXT-Record angelegt. Ihnen wird jedoch nur der SPF-Record angezeigt und auch nur ein Record berechnet.';
?>
<?php
$wb["server_id_txt"] = 'Server';
$wb["zone_txt"] = 'Zone';
$wb["name_txt"] = 'Hostname';
$wb["type_txt"] = 'type';
$wb["data_txt"] = 'Daten';
$wb['data_txt'] = 'SPF-Record';
$wb['spf_mechanism_txt'] = 'SPF Mechanism';
$wb['spf_mechanism_pass_txt'] = 'Pass - allow mail from other senders';
$wb['spf_mechanism_fail_txt'] = 'Fail - reject mail from other senders';
$wb['spf_mechanism_softfail_txt'] = 'SoftFail - allow mail from other senders but mark the email';
$wb['spf_mechanism_neutral_txt'] = 'Neutral - do nothing';
$wb['spf_mx_txt'] = 'Allow servers listed as MX to send email for this domain';
$wb['spf_a_txt'] = 'Allow current IP address of the domain to send email for this domain';
$wb['spf_ip_txt'] = 'Additional IP addresses in CIDR format that deliver or relay mail for this domain';
$wb['spf_ip_note_txt'] = '(Sepearate IPs with whitespaces)';
$wb['spf_invalid_ip_txt'] = 'Invalid IP-address';
$wb['spf_hostname_txt'] = 'Any other server hostname that may deliver or relay mail for this domain';
$wb['spf_hostname_note_txt'] = '(Sepearate hostnames with whitespaces)';
$wb['spf_invalid_hostname_txt'] = 'Invalid hostname';
$wb['spf_domain_txt'] = 'Any domains that may deliver or relay mail for this domain';
$wb['spf_domain_note_txt'] = '(Sepearate domains with whitespaces)';
$wb['spf_invalid_domain_txt'] = 'Invalid domainname';
$wb["ttl_txt"] = 'TTL';
$wb["active_txt"] = 'Active';
$wb["record_exists_txt"] = 'DNS-Record already exists';
$wb["limit_dns_record_txt"] = 'The max. number of DNS records for your account is reached.';
$wb["no_zone_perm"] = 'You do not have the permission to add a record to this DNS zone.';
$wb["name_error_empty"] = 'The hostname is empty.';
$wb["name_error_regex"] = 'The hostname has the wrong format.';
$wb["data_error_empty"] = 'Text empty';
$wb["data_error_regex"] = 'Text format invalid';
$wb['ttl_range_error'] = 'Min. TTL time is 60 seconds.';
$wb['info_txt'] = 'This will also create an identic TXT record within the nameserver. You will only see the SPF record and you will also only be charged for one record.';
?>
......@@ -5,28 +5,58 @@
<div class="form-group">
<label for="name" class="col-sm-3 control-label">{tmpl_var name='name_txt'}</label>
<div class="col-sm-9"><input type="text" name="name" id="name" value="{tmpl_var name='name'}" class="form-control" /></div></div>
<div class="form-group">
<label for="data" class="col-sm-3 control-label">{tmpl_var name='data_txt'}</label>
<div class="col-sm-9"><input type="text" name="data" id="data" value="{tmpl_var name='data'}" class="form-control" /></div></div>
<div class="col-sm-9"><input type="text" name="data" id="data" value="{tmpl_var name='data'}" readonly class="form-control" /></div></div>
<div class="form-group">
<label for="spf_mechanism" class="col-sm-3 control-label">{tmpl_var name='spf_mechanism_txt'}</label>
<div class="col-sm-9"><select name="spf_mechanism" id="spf_mechanism" class="form-control">
{tmpl_var name='spf_mechanism'}
</select></div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label">{tmpl_var name='spf_mx_txt'}</label>
<div class="col-sm-9"><input type="checkbox" value="1" id="spf_mx" name="spf_mx" {tmpl_var name = 'spf_mx_active'} /></div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label">{tmpl_var name='spf_a_txt'}</label>
<div class="col-sm-9"><input type="checkbox" value="1" id="spf_a" name="spf_a" {tmpl_var name = 'spf_a_active'} /></div>
</div>
<div class="form-group">
<label for="spf_ip" class="col-sm-3 control-label">{tmpl_var name='spf_ip_txt'}</label>
<div class="col-sm-6"><input type="text" name="spf_ip" id="spf_ip" value="{tmpl_var name='spf_ip'}" class="form-control" /></div><div class="col-sm-3 input-sm">
{tmpl_var name='spf_ip_note_txt'}
</div></div>
<div class="form-group">
<label for="spf_hostname" class="col-sm-3 control-label">{tmpl_var name='spf_hostname_txt'}</label>
<div class="col-sm-6"><input type="text" name="spf_hostname" id="spf_hostname" value="{tmpl_var name='spf_hostname'}" class="form-control" /></div><div class="col-sm-3 input-sm">
{tmpl_var name='spf_hostname_note_txt'}
</div></div>
<div class="form-group">
<label for="spf_domain" class="col-sm-3 control-label">{tmpl_var name='spf_domain_txt'}</label>
<div class="col-sm-6"><input type="text" name="spf_domain" id="spf_domain" value="{tmpl_var name='spf_domain'}" class="form-control" /></div><div class="col-sm-3 input-sm">
{tmpl_var name='spf_domain_note_txt'}
</div></div>
<div class="form-group">
<label for="ttl" class="col-sm-3 control-label">{tmpl_var name='ttl_txt'}</label>
<div class="col-sm-9"><input type="text" name="ttl" id="ttl" value="{tmpl_var name='ttl'}" class="form-control" /></div></div>
<div class="form-group">
<label class="col-sm-3 control-label">{tmpl_var name='active_txt'}</label>
<div class="col-sm-9">
{tmpl_var name='active'}<br />{tmpl_var name='info_txt'}
<div class="col-sm-9">
{tmpl_var name='active'}
</div>
</div>
<input type="hidden" name="id" value="{tmpl_var name='id'}">
<input type="hidden" name="zone" value="{tmpl_var name='zone'}">
<input type="hidden" name="zone" value="{tmpl_var name='zone'}" id="zone">
<input type="hidden" name="type" value="{tmpl_var name='type'}">
<input type="hidden" name="name" value="{tmpl_var name='name'}">
</div>
<div class="clear"><div class="right">
<button class="btn btn-default formbutton-success" type="button" value="{tmpl_var name='btn_save_txt'}" data-submit-form="pageForm" data-form-action="dns/dns_spf_edit.php">{tmpl_var name='btn_save_txt'}</button>
<button class="btn btn-default formbutton-default" type="button" value="{tmpl_var name='btn_cancel_txt'}" data-load-content="dns/dns_soa_edit.php?id={tmpl_var name='zone'}">{tmpl_var name='btn_cancel_txt'}</button>
</div></div>
\ No newline at end of file
</div></div>
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment