From addc652fd4a521639024ebb6b58ff9d6607c595e Mon Sep 17 00:00:00 2001
From: clk <clk@teuto.net>
Date: Wed, 29 Jun 2022 15:21:45 +0200
Subject: [PATCH 1/3] Fixed Wrong DNS Validation #6357

---
 interface/web/dns/dns_edit_base.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/interface/web/dns/dns_edit_base.php b/interface/web/dns/dns_edit_base.php
index 61c08f6576..09de290a79 100644
--- a/interface/web/dns/dns_edit_base.php
+++ b/interface/web/dns/dns_edit_base.php
@@ -41,6 +41,10 @@ $app->load('tform_actions');
 class dns_page_action extends tform_actions {
 
 	protected function checkDuplicate() {
+                global $app;
+                // If a CNAME RR is present at a node, no other data should be present
+                $tmp = $app->db->queryOneRecord("SELECT count(dns_rr.id) as number FROM dns_rr LEFT JOIN dns_soa ON dns_rr.zone = dns_soa.id WHERE (type = 'CNAME' AND ( name = SUBSTRING_INDEX(?, ".", 1) or name = ? or name = concat(?,".",dns_soa.origin) ) AND zone = ? and id != ?)", $this->dataRecord["name"],  $this->dataRecord["name"], $this->dataRecord["name"], $this->dataRecord["zone"], $this->id);
+                if($tmp['number'] > 0) return true;
 		return false;
 	}
 
-- 
GitLab


From e9290ac9b5abc2632c9a2eea133eb56f9b5471ab Mon Sep 17 00:00:00 2001
From: clk <clk@teuto.net>
Date: Wed, 29 Jun 2022 16:19:43 +0200
Subject: [PATCH 2/3] Fixed check

---
 interface/web/dns/dns_edit_base.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/interface/web/dns/dns_edit_base.php b/interface/web/dns/dns_edit_base.php
index 09de290a79..28dbb8fc68 100644
--- a/interface/web/dns/dns_edit_base.php
+++ b/interface/web/dns/dns_edit_base.php
@@ -42,8 +42,8 @@ class dns_page_action extends tform_actions {
 
 	protected function checkDuplicate() {
                 global $app;
-                // If a CNAME RR is present at a node, no other data should be present
-                $tmp = $app->db->queryOneRecord("SELECT count(dns_rr.id) as number FROM dns_rr LEFT JOIN dns_soa ON dns_rr.zone = dns_soa.id WHERE (type = 'CNAME' AND ( name = SUBSTRING_INDEX(?, ".", 1) or name = ? or name = concat(?,".",dns_soa.origin) ) AND zone = ? and id != ?)", $this->dataRecord["name"],  $this->dataRecord["name"], $this->dataRecord["name"], $this->dataRecord["zone"], $this->id);
+		// If a CNAME RR is present at a node, no other data should be present
+                $tmp = $app->db->queryOneRecord("SELECT count(dns_rr.id) as number FROM dns_rr LEFT JOIN dns_soa ON dns_rr.zone = dns_soa.id WHERE (type = 'CNAME' AND ( name = replace(?, concat('.', dns_soa.origin), '') or name = ? or name = concat(?,'.',dns_soa.origin) ) AND zone = ? and dns_rr.id != ?)", $this->dataRecord["name"], $this->dataRecord["name"], $this->dataRecord["name"], $this->dataRecord["zone"], $this->id;
                 if($tmp['number'] > 0) return true;
 		return false;
 	}
-- 
GitLab


From 332c1f5c68761f985c795575d5db01b2a4bdb091 Mon Sep 17 00:00:00 2001
From: Thom <thom@amsterdamtech.nl>
Date: Wed, 7 Sep 2022 08:40:40 +0000
Subject: [PATCH 3/3] Apply 1 suggestion(s) to 1 file(s)

---
 interface/web/dns/dns_edit_base.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/interface/web/dns/dns_edit_base.php b/interface/web/dns/dns_edit_base.php
index 28dbb8fc68..3d15ec1d86 100644
--- a/interface/web/dns/dns_edit_base.php
+++ b/interface/web/dns/dns_edit_base.php
@@ -43,7 +43,7 @@ class dns_page_action extends tform_actions {
 	protected function checkDuplicate() {
                 global $app;
 		// If a CNAME RR is present at a node, no other data should be present
-                $tmp = $app->db->queryOneRecord("SELECT count(dns_rr.id) as number FROM dns_rr LEFT JOIN dns_soa ON dns_rr.zone = dns_soa.id WHERE (type = 'CNAME' AND ( name = replace(?, concat('.', dns_soa.origin), '') or name = ? or name = concat(?,'.',dns_soa.origin) ) AND zone = ? and dns_rr.id != ?)", $this->dataRecord["name"], $this->dataRecord["name"], $this->dataRecord["name"], $this->dataRecord["zone"], $this->id;
+                $tmp = $app->db->queryOneRecord("SELECT count(dns_rr.id) as number FROM dns_rr LEFT JOIN dns_soa ON dns_rr.zone = dns_soa.id WHERE (type = 'CNAME' AND ( name = replace(?, concat('.', dns_soa.origin), '') or name = ? or name = concat(?,'.',dns_soa.origin) ) AND zone = ? and dns_rr.id != ?)", $this->dataRecord["name"], $this->dataRecord["name"], $this->dataRecord["name"], $this->dataRecord["zone"], $this->id);
                 if($tmp['number'] > 0) return true;
 		return false;
 	}
-- 
GitLab