Commit b8f4cacc authored by Marius Burkard's avatar Marius Burkard

Merge branch 'dns-dnssec' into 'stable-3.1'

DNSSEC-Implementation for BIND-Users (Including TLSA for DANE)

This implements DNSSEC on a full automatic base. Whenever a zone gets added, changed or deleted it will be signed (or in case of deletion the keys get deleted) This adds full dnssec capabilities to the system.

Hints:
- DNSKEY-Records are not visible within ISPConfig as they get added by a script by the server cron.
- If there is low available entropy (<400 bits) new keys will not generate. In this case the zonefile (which was never signed before) stays unsigned until next change of soa or any rr in that zone. IF a key exists zone files will always be signed.
- I recommend installing haveged - especially on VMs - which raises available entropy by a huge amount of bits
- only de and en language included.
- DNSSEC can be switched on/off on a per zone base and is only available for primary zones (of course).
- Zone-Transfers will transfer the signed zone if DNSSEC is enabled for the originating zone

The scripts have been tested on my productive 3.0 server for about 4 weeks as well as a functional test for any scenarios I thought about in my 3.1 testing environment.

More info (older version): https://www.howtoforge.com/community/threads/bit-hacky-implementation-of-dnssec-patch-and-tlsa-dane.71829/

ANOTHER HINT: Currently the New zone Wizard is not working. This also happens in latest ISPC master branch so I ignored that and filed a bug report: http://bugtracker.ispconfig.org/index.php?do=details&task_id=4069


//Edit:
One more note: I left the wizard/templates unchanged as it is buggy at the moment. Providing a checkbox to switch dnssec_wanted between Y and N is up to you here. Should not be too complicated though...

See merge request !269
parents ab0d78da ecb8fc2c
......@@ -13,6 +13,9 @@ Installer
--------------------------------------
- Add a function to let a server join a existing installation.
- Add Package haveged to requirements (at least if entropy is low) as it raises available entropy significantly which is very needed for DNSSEC Key-generation
If it is not installed and entropy is low generating dnssec-keys lasts minutes (and would time out the server thus is not done) and new signing keys are not generated.
If there are no keys the zones can not be signed and will only be availableas a unsigned copy.
Uninstaller
--------------------------------------
......@@ -80,6 +83,7 @@ Remoting framework
Interface
--------------------------------------
- Enhance the paging in lists (e.g. like this: [1 2 3 4 ... 10])
- DNS: Add Checkbox to switch dnssec_wanted between Y and N to templates and/or wizard. I recommend doing it in the wizard though.
General tasks
--------------------------------------
......
......@@ -1469,6 +1469,27 @@ class installer_base {
}
//** writes bind configuration files
public function process_bind_file($configfile, $target='/', $absolute=false) {
global $conf;
if ($absolute) $full_file_name = $target.$configfile;
else $full_file_name = $conf['ispconfig_install_dir'].$target.$configfile;
//* Backup exiting file
if(is_file($full_file_name)) {
copy($full_file_name, $config_dir.$configfile.'~');
}
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_ispconfig_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
$content = str_replace('{ispconfig_install_dir}', $conf['ispconfig_install_dir'], $content);
$content = str_replace('{dnssec_conffile}', $conf['ispconfig_install_dir'].'/server/scripts/dnssec-config.sh', $content);
wf($full_file_name, $content);
}
public function configure_bind() {
global $conf;
......@@ -1487,7 +1508,9 @@ class installer_base {
chown($content, $conf['bind']['bind_user']);
chgrp($content, $conf['bind']['bind_group']);
chmod($content, 02770);
//* Install scripts for dnssec implementation
$this->process_bind_file('named.conf.options', '/etc/bind/', true); //TODO replace hardcoded path
}
......
......@@ -203,3 +203,13 @@ CREATE TABLE `ftp_traffic` (
ALTER TABLE `mail_forwarding` ADD COLUMN `allow_send_as` ENUM('n','y') NOT NULL DEFAULT 'n' AFTER `active`;
UPDATE `mail_forwarding` SET `allow_send_as` = 'y' WHERE `type` = 'alias';
--- DNSSEC-Implementation by dark alex
--- TODO: Review and resolve conflicts if more has been done in that column
ALTER TABLE `dns_rr` CHANGE COLUMN `type` `type` ENUM('A','AAAA','ALIAS','CNAME','DS','HINFO','LOC','MX','NAPTR','NS','PTR','RP','SRV','TXT','TLSA','DNSKEY') NULL DEFAULT NULL AFTER `name`;
ALTER TABLE `dns_soa`
ADD COLUMN `dnssec_initialized` ENUM('Y','N') NOT NULL DEFAULT 'N',
ADD COLUMN `dnssec_wanted` ENUM('Y','N') NOT NULL DEFAULT 'N',
ADD COLUMN `dnssec_last_signed` BIGINT NOT NULL DEFAULT '0',
ADD COLUMN `dnssec_info` TEXT NULL;
\ No newline at end of file
......@@ -478,7 +478,7 @@ CREATE TABLE `dns_rr` (
`server_id` int(11) NOT NULL default '1',
`zone` int(11) unsigned NOT NULL DEFAULT '0',
`name` varchar(255) NOT NULL DEFAULT '',
`type` enum('A','AAAA','ALIAS','CNAME','HINFO','MX','NAPTR','NS','PTR','RP','SRV','TXT') default NULL,
`type` enum('A','AAAA','ALIAS','CNAME','DS','HINFO','LOC','MX','NAPTR','NS','PTR','RP','SRV','TXT','TLSA','DNSKEY') default NULL,
`data` TEXT NOT NULL DEFAULT '',
`aux` int(11) unsigned NOT NULL default '0',
`ttl` int(11) unsigned NOT NULL default '3600',
......@@ -539,6 +539,10 @@ CREATE TABLE `dns_soa` (
`xfer` varchar(255) NOT NULL DEFAULT '',
`also_notify` varchar(255) default NULL,
`update_acl` varchar(255) default NULL,
`dnssec_initialized` ENUM('Y','N') NOT NULL DEFAULT 'N',
`dnssec_wanted` ENUM('Y','N') NOT NULL DEFAULT 'N',
`dnssec_last_signed` BIGINT NOT NULL DEFAULT '0',
`dnssec_info` TEXT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `origin` (`origin`),
KEY `active` (`active`)
......
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys. See https://www.isc.org/bind-keys
//========================================================================
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
<?php
/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/******************************************
* Begin Form configuration
******************************************/
$tform_def_file = "form/dns_ds.tform.php";
/******************************************
* End Form configuration
******************************************/
require_once '../../lib/config.inc.php';
require_once '../../lib/app.inc.php';
require_once './dns_edit_base.php';
// Loading classes
class page_action extends dns_page_action {
}
$page = new page_action;
$page->onLoad();
?>
<?php
/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/******************************************
* Begin Form configuration
******************************************/
$tform_def_file = "form/dns_loc.tform.php";
/******************************************
* End Form configuration
******************************************/
require_once '../../lib/config.inc.php';
require_once '../../lib/app.inc.php';
require_once './dns_edit_base.php';
// Loading classes
class page_action extends dns_page_action {
}
$page = new page_action;
$page->onLoad();
?>
<?php
/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/******************************************
* Begin Form configuration
******************************************/
$tform_def_file = "form/dns_tlsa.tform.php";
/******************************************
* End Form configuration
******************************************/
require_once '../../lib/config.inc.php';
require_once '../../lib/app.inc.php';
//* Check permissions for module
$app->auth->check_module_permissions('dns');
// Loading classes
$app->uses('tpl,tform,tform_actions,validate_dns');
$app->load('tform_actions');
class page_action extends tform_actions {
function onShowNew() {
global $app, $conf;
// we will check only users, not admins
if($_SESSION["s"]["user"]["typ"] == 'user') {
// Get the limits of the client
$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
// Check if the user may add another mailbox.
if($client["limit_dns_record"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_rr WHERE sys_groupid = $client_group_id");
if($tmp["number"] >= $client["limit_dns_record"]) {
$app->error($app->tform->wordbook["limit_dns_record_txt"]);
}
}
}
parent::onShowNew();
}
function onSubmit() {
global $app, $conf;
// Get the parent soa record of the domain
$soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = '".$app->functions->intval($_POST["zone"])."' AND ".$app->tform->getAuthSQL('r'));
// Check if Domain belongs to user
if($soa["id"] != $_POST["zone"]) $app->tform->errorMessage .= $app->tform->wordbook["no_zone_perm"];
// Check the client limits, if user is not the admin
if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin
// Get the limits of the client
$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
// Check if the user may add another mailbox.
if($this->id == 0 && $client["limit_dns_record"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_rr WHERE sys_groupid = $client_group_id");
if($tmp["number"] >= $client["limit_dns_record"]) {
$app->error($app->tform->wordbook["limit_dns_record_txt"]);
}
}
} // end if user is not admin
// Set the server ID of the rr record to the same server ID as the parent record.
$this->dataRecord["server_id"] = $soa["server_id"];
// Update the serial number and timestamp of the RR record
$soa = $app->db->queryOneRecord("SELECT serial FROM dns_rr WHERE id = ".$this->id);
$this->dataRecord["serial"] = $app->validate_dns->increase_serial($soa["serial"]);
$this->dataRecord["stamp"] = date('Y-m-d H:i:s');
parent::onSubmit();
}
function onInsert() {
global $app, $conf;
// Check if record is existing already
$duplicate_tlsa = $app->db->queryOneRecord("SELECT * FROM dns_rr WHERE zone = ".$app->functions->intval($this->dataRecord["zone"])." AND name = '".$app->db->quote($this->dataRecord["name"])."' AND type = '".$app->db->quote($this->dataRecord["type"])."' AND data = '".$app->db->quote($this->dataRecord["data"])."' AND ".$app->tform->getAuthSQL('r'));
if(is_array($duplicate_tlsa) && !empty($duplicate_tlsa)) $app->error($app->tform->wordbook["duplicate_tlsa_record_txt"]);
parent::onInsert();
}
function onUpdate() {
global $app, $conf;
// Check if record is existing already
$duplicate_tlsa = $app->db->queryOneRecord("SELECT * FROM dns_rr WHERE zone = ".$app->functions->intval($this->dataRecord["zone"])." AND name = '".$app->db->quote($this->dataRecord["name"])."' AND type = '".$app->db->quote($this->dataRecord["type"])."' AND data = '".$app->db->quote($this->dataRecord["data"])."' AND id != ".$app->functions->intval($this->dataRecord["id"])." AND ".$app->tform->getAuthSQL('r'));
if(is_array($duplicate_tlsa) && !empty($duplicate_tlsa)) $app->error($app->tform->wordbook["duplicate_tlsa_record_txt"]);
parent::onUpdate();
}
function onAfterInsert() {
global $app, $conf;
//* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record
$soa = $app->db->queryOneRecord("SELECT sys_groupid,serial FROM dns_soa WHERE id = '".$app->functions->intval($this->dataRecord["zone"])."' AND ".$app->tform->getAuthSQL('r'));
$app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id);
//* Update the serial number of the SOA record
$soa_id = $app->functions->intval($_POST["zone"]);
$serial = $app->validate_dns->increase_serial($soa["serial"]);
$app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id);
}
function onAfterUpdate() {
global $app, $conf;
//* Update the serial number of the SOA record
$soa = $app->db->queryOneRecord("SELECT serial FROM dns_soa WHERE id = '".$app->functions->intval($this->dataRecord["zone"])."' AND ".$app->tform->getAuthSQL('r'));
$soa_id = $app->functions->intval($_POST["zone"]);
$serial = $app->validate_dns->increase_serial($soa["serial"]);
$app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id);
}
}
$page = new page_action;
$page->onLoad();
?>
<?php
/*
Form Definition
Tabledefinition
Datatypes:
- INTEGER (Forces the input to Int)
- DOUBLE
- CURRENCY (Formats the values to currency notation)
- VARCHAR (no format check, maxlength: 255)
- TEXT (no format check)
- DATE (Dateformat, automatic conversion to timestamps)
Formtype:
- TEXT (Textfield)
- TEXTAREA (Textarea)
- PASSWORD (Password textfield, input is not shown when edited)
- SELECT (Select option field)
- RADIO
- CHECKBOX
- CHECKBOXARRAY
- FILE
VALUE:
- Wert oder Array
Hint:
The ID field of the database table is not part of the datafield definition.
The ID field must be always auto incement (int or bigint).
*/
global $app;
$form["title"] = "DNS DS Record";
$form["description"] = "";
$form["name"] = "dns_ds";
$form["action"] = "dns_ds_edit.php";
$form["db_table"] = "dns_rr";
$form["db_table_idx"] = "id";
$form["db_history"] = "yes";
$form["tab_default"] = "dns";
$form["list_default"] = "dns_a_list.php";
$form["auth"] = 'yes'; // yes / no
$form["auth_preset"]["userid"] = 0; // 0 = id of the user, > 0 id must match with id of current user
$form["auth_preset"]["groupid"] = 0; // 0 = default groupid of the user, > 0 id must match with groupid of current user
$form["auth_preset"]["perm_user"] = 'riud'; //r = read, i = insert, u = update, d = delete
$form["auth_preset"]["perm_group"] = 'riud'; //r = read, i = insert, u = update, d = delete
$form["auth_preset"]["perm_other"] = ''; //r = read, i = insert, u = update, d = delete
$form["tabs"]['dns'] = array (
'title' => "DNS DS",
'width' => 100,
'template' => "templates/dns_ds_edit.htm",
'fields' => array (
//#################################
// Begin Datatable fields
//#################################
'server_id' => array (
'datatype' => 'INTEGER',
'formtype' => 'SELECT',
'default' => '',
'value' => '',
'width' => '30',
'maxlength' => '255'
),
'zone' => array (
'datatype' => 'INTEGER',
'formtype' => 'TEXT',
'default' => @$app->functions->intval($_REQUEST["zone"]),
'value' => '',
'width' => '30',
'maxlength' => '255'
),
'name' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array( 0 => array( 'event' => 'SAVE',
'type' => 'IDNTOASCII'),
1 => array( 'event' => 'SHOW',
'type' => 'IDNTOUTF8'),
2 => array( 'event' => 'SAVE',
'type' => 'TOLOWER')
),
'validators' => array ( 0 => array ( 'type' => 'REGEX',
'regex' => '/^[a-zA-Z0-9\.\-\_]{0,255}$/',
'errmsg'=> 'name_error_regex'),
),
'default' => '',
'value' => '',
'width' => '30',
'maxlength' => '255'
),
'type' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'default' => 'DS',
'value' => '',
'width' => '5',
'maxlength' => '5'
),
'data' => array ( //TODO Regex validation does not take place obviously - why ever...
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'validators' => array (
0 => array (
'type' => 'REGEX',
'regex' => "/^\d{1,5}\s\d{1,2}\s\d{1,2}\s.+$/",
'errmsg'=> 'invalid_type_ds'
)
),
'default' => '',
'value' => '',
'width' => '30',
'maxlength' => '255'
),
'ttl' => array (
'datatype' => 'INTEGER',
'formtype' => 'TEXT',
'validators' => array ( 0 => array ( 'type' => 'RANGE',
'range' => '60:',
'errmsg'=> 'ttl_range_error'),
),
'default' => '3600',
'value' => '',
'width' => '10',
'maxlength' => '10'
),
'active' => array (
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
'default' => 'Y',
'value' => array(0 => 'N', 1 => 'Y')
),
'stamp' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'default' => '',
'value' => '',
'width' => '30',
'maxlength' => '255'
),
'serial' => array (
'datatype' => 'INTEGER',
'formtype' => 'TEXT',
'default' => '',
'value' => '',
'width' => '10',
'maxlength' => '10'
),
//#################################
// ENDE Datatable fields
//#################################
)
);
if($_SESSION["s"]["user"]["typ"] == 'admin') {
unset($form["tabs"]['dns']['fields']['data']['validators']);
$form["tabs"]['dns']['fields']['data']['validators'][0]['type'] = 'NOTEMPTY';
$form["tabs"]['dns']['fields']['data']['validators'][0]['errmsg'] = 'data_error_empty';
$form["tabs"]['dns']['fields']['data']['maxlength'] = 512;
}
?>
<?php
/*
Form Definition
Tabledefinition
Datatypes:
- INTEGER (Forces the input to Int)
- DOUBLE
- CURRENCY (Formats the values to currency notation)
- VARCHAR (no format check, maxlength: 255)
- TEXT (no format check)
- DATE (Dateformat, automatic conversion to timestamps)
Formtype:
- TEXT (Textfield)
- TEXTAREA (Textarea)
- PASSWORD (Password textfield, input is not shown when edited)
- SELECT (Select option field)
- RADIO
- CHECKBOX
- CHECKBOXARRAY
- FILE
VALUE:
- Wert oder Array
Hint:
The ID field of the database table is not part of the datafield definition.
The ID field must be always auto incement (int or bigint).
*/
global $app;
$form["title"] = "DNS LOC Record";
$form["description"] = "";
$form["name"] = "dns_loc";
$form["action"] = "dns_loc_edit.php";
$form["db_table"] = "dns_rr";
$form["db_table_idx"] = "id";
$form["db_history"] = "yes";
$form["tab_default"] = "dns";
$form["list_default"] = "dns_a_list.php";
$form["auth"] = 'yes'; // yes / no
$form["auth_preset"]["userid"] = 0; // 0 = id of the user, > 0 id must match with id of current user
$form["auth_preset"]["groupid"] = 0; // 0 = default groupid of the user, > 0 id must match with groupid of current user
$form["auth_preset"]["perm_user"] = 'riud'; //r = read, i = insert, u = update, d = delete
$form["auth_preset"]["perm_group"] = 'riud'; //r = read, i = insert, u = update, d = delete
$form["auth_preset"]["perm_other"] = ''; //r = read, i = insert, u = update, d = delete
$form["tabs"]['dns'] = array (
'title' => "DNS LOC",
'width' => 100,
'template' => "templates/dns_loc_edit.htm",
'fields' => array (
//#################################
// Begin Datatable fields
//#################################
'server_id' => array (
'datatype' => 'INTEGER',
'formtype' => 'SELECT',
'default' => '',
'value' => '',
'width' => '30',
'maxlength' => '255'
),
'zone' => array (
'datatype' => 'INTEGER',
'formtype' => 'TEXT',
'default' => @$app->functions->intval($_REQUEST["zone"]),
'value' => '',
'width' => '30',
'maxlength' => '255'
),
'name' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array( 0 => array( 'event' => 'SAVE',
'type' => 'IDNTOASCII'),
1 => array( 'event' => 'SHOW',
'type' => 'IDNTOUTF8'),
2 => array( 'event' => 'SAVE',
'type' => 'TOLOWER')
),
'validators' => array ( 0 => array ( 'type' => 'REGEX',
'regex' => '/^[a-zA-Z0-9\.\-\_]{0,255}$/',
'errmsg'=> 'name_error_regex'),
),
'default' => '',
'value' => '',
'width' => '30',
'maxlength' => '255'
),
'type' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'default' => 'LOC',
'value' => '',
'width' => '5',
'maxlength' => '5'
),
'data' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'validators' => array (
0 => array (
'type' => 'NOTEMPTY',
'errmsg'=> 'data_error_empty'
),
//TODO Regex check... I guess I had an error in this regex as I'm not used to RegEx. Further the check did never actually take place...
// 1 => array (
// 'type' => 'REGEX',
// 'regex' => "/^(\d+\s)(\d+\s)?(\d+\s)?[NS]{1}\s(\d\s)(\d+\s)?(\d+\s)?[EW]{1}(\s\d+m?)(\s\d+m?)?(\s\d+m?)?(\s\d+m?)?$/s",
// 'errmsg'=> 'invalid_type_dkim'
// ),
),
'default' => '',
'value' => '',
'width' => '30',
'maxlength' => '255'
),
'ttl' => array (
'datatype' => 'INTEGER',
'formtype' => 'TEXT',
'validators' => array ( 0 => array ( 'type' => 'RANGE',
'range' => '60:',
'errmsg'=> 'ttl_range_error'),
),
'default' => '3600',
'value' => '',
'width' => '10',
'maxlength' => '10'
),
'active' => array (
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
'default' => 'Y',
'value' => array(0 => 'N', 1 => 'Y')
),
'stamp' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'default' => '',
'value' => '',
'width' => '30',
'maxlength' => '255'