router.php + process form before display

The webservers now need to send every request to router.php, which will call appropriate files.

Forms will be treated before being displayed.

common/init.php

@@ -1,17 +0,0 @@
-<?php
-
-define("CONF", parse_ini_file(__DIR__ . "/../config.ini", true, INI_SCANNER_TYPED));
-
-define("SERVICE", substr(dirname($_SERVER['PHP_SELF']), strlen(CONF['common']['prefix']) + 1));
-define("PAGE", basename($_SERVER['PHP_SELF'], '.php'));
-define("DB_PATH", CONF['common']['root_path'] . "/db/niver.db"); // Niver's SQLite database
-
-define("PLACEHOLDER_DOMAIN", "example"); // From RFC2606: Reserved Top Level DNS Names > 2. TLDs for Testing, & Documentation Examples
-define("PLACEHOLDER_IPV6", "2001:db8::3"); // From RFC3849: IPv6 Address Prefix Reserved for Documentation
-define("PLACEHOLDER_IPV4", "203.0.113.42"); // From RFC5737: IPv4 Address Blocks Reserved for Documentation
-
-foreach (array_diff(scandir(CONF['common']['root_path'] . "/fn"), array('..', '.')) as $file)
-	require CONF['common']['root_path'] . '/fn/' . $file;
-
-// Page titles definition
-require "pages.php";

fn/common.php

@@ -21,14 +21,14 @@ function serverError($msg) {
 	closeHTML();
 }
 
-// For use in pages that first display a form and then process it
-function switchToFormProcess($requireLogin = true) {
+function processForm($requireLogin = true) {
 	if (empty($_POST) AND $requireLogin AND !isset($_SESSION['username']))
 		echo '<p>Ce formulaire ne sera pas accepté car il faut <a class="auth" href="' . redirUrl('auth/login') . '">se connecter</a> avant.</p>';
 	if (empty($_POST))
-		closeHTML();
+		return false;
 	if ($requireLogin AND !isset($_SESSION['username']))
 		userError("Vous devez être connecté·e pour effectuer cette action.");
+	return true;
 }
 
 function query($action, $table, $conditions = [], $column = NULL) {
@@ -79,7 +79,7 @@ function displayIndex() { ?>
 
 function redirUrl($pageId) {
 	$currentPath = '';
-	if (SERVICE !== '') $currentPath .= SERVICE . '/';
+	if (SERVICE !== '.') $currentPath .= SERVICE . '/';
 	if (PAGE !== 'index') $currentPath .= PAGE;
 	return CONF['common']['prefix'] . "/$pageId?redir=$currentPath";
 }

common/html.php → html.php

@@ -1,7 +1,5 @@
 <?php
 
-require "init.php";
-
 // Session initialisation (with cookies)
 if (
 		isset($_COOKIE['niver-session-key']) // Resume session
@@ -39,7 +37,7 @@ if (isset($page['service']))
 echo strip_tags(TITLES['index']);
 ?></title>
 <?php
-foreach (array_diff(scandir(CONF['common']['root_path'] . "/public/css"), array('..', '.')) as $cssPath)
+foreach (array_diff(scandir(CONF['common']['root_path'] . "/css"), array('..', '.')) as $cssPath)
 	echo '		<link type="text/css" rel="stylesheet" media="screen" href="' . CONF['common']['prefix'] . '/css/' . $cssPath . '">' . "\n";
 ?>
 		<meta name="viewport" content="width=device-width, initial-scale=1">

common/pages.php → pages.php

@@ -92,9 +92,3 @@ define('DESCRIPTIONS', [
 		],
 	]
 );
-
-if (SERVICE !== '') {
-	$page['service'] = TITLES[SERVICE]['index'];
-	if (PAGE !== 'index')
-		$page['title'] = TITLES[SERVICE][PAGE];
-}

public/auth/index.php

@@ -1,5 +1 @@
-<?php require "../../common/html.php"; ?>
-
 <?php displayIndex(); ?>
-
-<?php closeHTML(); ?>

public/auth/login.php

@@ -1,4 +1,27 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm(false)) {
+	checkPasswordFormat($_POST['password']);
+
+	checkUsernameFormat($_POST['username']);
+
+	if (userExist($_POST['username']) !== true)
+		userError("Connexion impossible : ce compte n'existe pas.");
+
+	if (checkPassword($_POST['username'], $_POST['password']) !== true)
+		userError("Connexion impossible : clé de passe invalide.");
+
+	$_SESSION['username'] = $_POST['username'];
+
+	if (outdatedPasswordHash($_SESSION['username']))
+		changePassword($_SESSION['username'], $_POST['password']);
+
+	redir();
+
+	success("Connecté·e.");
+}
+
+?>
 
 <p>Pas de compte ? <a class="auth" href="register">En créer un</a></p>
 
@@ -13,26 +36,3 @@
 
 	<input type="submit">
 </form>
-
-<?php
-
-switchToFormProcess(requireLogin: false);
-
-checkPasswordFormat($_POST['password']);
-
-checkUsernameFormat($_POST['username']);
-
-if (userExist($_POST['username']) !== true)
-	userError("Connexion impossible : ce compte n'existe pas.");
-
-if (checkPassword($_POST['username'], $_POST['password']) !== true)
-	userError("Connexion impossible : clé de passe invalide.");
-
-$_SESSION['username'] = $_POST['username'];
-
-if (outdatedPasswordHash($_SESSION['username']))
-	changePassword($_SESSION['username'], $_POST['password']);
-
-redir();
-
-success("Connecté·e.");

public/auth/logout.php

@@ -1,5 +1,3 @@
-<?php require "../../common/html.php"; ?>
-
 <?php
 
 if (session_status() === PHP_SESSION_ACTIVE)

public/auth/password.php

@@ -1,4 +1,17 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	checkPasswordFormat($_POST['newPassword']);
+
+	if (checkPassword($_SESSION['username'], $_POST['currentPassword']) !== true)
+		userError("Changement impossible : clé de passe invalide.");
+
+	changePassword($_SESSION['username'], $_POST['newPassword']);
+
+	success("Clé de passe changée.");
+}
+
+?>
 
 <p>
 	Vous pouvez ici changer la clé de passe permettant d'accéder à votre compte Niver.
@@ -13,16 +26,3 @@
 
 	<input type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-checkPasswordFormat($_POST['newPassword']);
-
-if (checkPassword($_SESSION['username'], $_POST['currentPassword']) !== true)
-	userError("Changement impossible : clé de passe invalide.");
-
-changePassword($_SESSION['username'], $_POST['newPassword']);
-
-success("Clé de passe changée.");

public/auth/register.php

@@ -1,4 +1,48 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm(false)) {
+	checkPasswordFormat($_POST['password']);
+
+	checkUsernameFormat($_POST['username']);
+
+	if (userExist($_POST['username']) !== false)
+		userError("Ce nom de compte est déjà utilisé.");
+
+	// Setup SFTP directory
+	umask(0002);
+	if (mkdir(CONF['ht']['ht_path'] . "/" . $_POST['username'], 0775) !== true)
+		serverError("Can't create user directory.");
+	exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['chgrp_path'] . " " . CONF['ht']['sftpgo_group'] . " " . CONF['ht']['ht_path'] . "/" . $_POST['username'] . " --no-dereference", result_code: $code);
+	if ($code !== 0)
+		serverError("Can't change user directory group.");
+
+	// Setup Tor config directory
+	if (mkdir(CONF['ht']['tor_config_path'] . "/" . $_POST['username'], 0755) !== true)
+		serverError("Can't create Tor config directory.");
+
+	// Setup Tor keys directory
+	exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['mkdir_path'] . " --mode=0700 " . CONF['ht']['tor_keys_path'] . "/" . $_POST['username'], result_code: $code);
+	if ($code !== 0)
+		serverError("Can't create Tor keys directory.");
+
+	$db = new PDO('sqlite:' . DB_PATH);
+
+	$stmt = $db->prepare("INSERT INTO users(username, password, registration_date) VALUES(:username, :password, :registration_date)");
+
+	$stmt->bindValue(':username', $_POST['username']);
+	$stmt->bindValue(':password', hashPassword($_POST['password']));
+	$stmt->bindValue(':registration_date', date("Y-m-d H:i:s"));
+
+	$stmt->execute();
+
+	$_SESSION['username'] = $_POST['username'];
+
+	redir();
+
+	success("Compte créé.");
+}
+
+?>
 
 <p>Déjà un compte ? <a class="auth" href="login">Se connecter</a></p>
 
@@ -20,47 +64,3 @@
 
 	<input type="submit">
 </form>
-
-<?php
-
-switchToFormProcess(requireLogin: false);
-
-checkPasswordFormat($_POST['password']);
-
-checkUsernameFormat($_POST['username']);
-
-if (userExist($_POST['username']) !== false)
-	userError("Ce nom de compte est déjà utilisé.");
-
-// Setup SFTP directory
-umask(0002);
-if (mkdir(CONF['ht']['ht_path'] . "/" . $_POST['username'], 0775) !== true)
-	serverError("Can't create user directory.");
-exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['chgrp_path'] . " " . CONF['ht']['sftpgo_group'] . " " . CONF['ht']['ht_path'] . "/" . $_POST['username'] . " --no-dereference", result_code: $code);
-if ($code !== 0)
-	serverError("Can't change user directory group.");
-
-// Setup Tor config directory
-if (mkdir(CONF['ht']['tor_config_path'] . "/" . $_POST['username'], 0755) !== true)
-	serverError("Can't create Tor config directory.");
-
-// Setup Tor keys directory
-exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['mkdir_path'] . " --mode=0700 " . CONF['ht']['tor_keys_path'] . "/" . $_POST['username'], result_code: $code);
-if ($code !== 0)
-	serverError("Can't create Tor keys directory.");
-
-$db = new PDO('sqlite:' . DB_PATH);
-
-$stmt = $db->prepare("INSERT INTO users(username, password, registration_date) VALUES(:username, :password, :registration_date)");
-
-$stmt->bindValue(':username', $_POST['username']);
-$stmt->bindValue(':password', hashPassword($_POST['password']));
-$stmt->bindValue(':registration_date', date("Y-m-d H:i:s"));
-
-$stmt->execute();
-
-$_SESSION['username'] = $_POST['username'];
-
-redir();
-
-success("Compte créé.");

public/auth/unregister.php

@@ -1,49 +1,49 @@
-<?php require "../../common/html.php"; ?>
-
-<form method="post">
-	<input type="checkbox" name="delete" id="delete">
-	<label for="delete">Supprimer mon compte et toutes ses données</label>
-	<br>
-	<input type="submit">
-</form>
-
 <?php
 
-switchToFormProcess();
+if (processForm()) {
+	if (!isset($_POST['delete']))
+		userError("Il faut confirmer la suppression du compte");
 
-if (!isset($_POST['delete']))
-	userError("Il faut confirmer la suppression du compte");
+	foreach (query('select', 'registry', ['username' => $_SESSION['username']], 'domain') as $domain)
+		regDeleteDomain($domain);
 
-foreach (query('select', 'registry', ['username' => $_SESSION['username']], 'domain') as $domain)
-	regDeleteDomain($domain);
+	foreach (query('select', 'zones', ['username' => $_SESSION['username']], 'zone') as $zone)
+		nsDeleteZone($zone);
 
-foreach (query('select', 'zones', ['username' => $_SESSION['username']], 'zone') as $zone)
-	nsDeleteZone($zone);
+	foreach (query('select', 'sites', [
+		'username' => $_SESSION['username'],
+		'domain_type' => 'onion',
+		'protocol' => 'http',
+	], 'site_dir') as $dir)
+		htDeleteSite($dir, domainType: 'onion', protocol: 'http');
 
-foreach (query('select', 'sites', [
-	'username' => $_SESSION['username'],
-	'domain_type' => 'onion',
-	'protocol' => 'http',
-], 'site_dir') as $dir)
-	htDeleteSite($dir, domainType: 'onion', protocol: 'http');
+	foreach (query('select', 'sites', [
+		'username' => $_SESSION['username'],
+		'domain_type' => 'dns',
+		'protocol' => 'http',
+	], 'site_dir') as $dir)
+		htDeleteSite($dir, domainType: 'dns', protocol: 'http');
 
-foreach (query('select', 'sites', [
-	'username' => $_SESSION['username'],
-	'domain_type' => 'dns',
-	'protocol' => 'http',
-], 'site_dir') as $dir)
-	htDeleteSite($dir, domainType: 'dns', protocol: 'http');
+	exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['rm_path'] . " --recursive " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'], result_code: $code);
+	if ($code !== 0)
+		serverError("Can't remove Tor keys directory.");
 
-exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['rm_path'] . " --recursive " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'], result_code: $code);
-if ($code !== 0)
-	serverError("Can't remove Tor keys directory.");
+	removeDirectory(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username']);
 
-removeDirectory(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username']);
+	removeDirectory(CONF['ht']['ht_path'] . '/' . $_SESSION['username']);
 
-removeDirectory(CONF['ht']['ht_path'] . '/' . $_SESSION['username']);
+	query('delete', 'users', ['username' => $_SESSION['username']]);
 
-query('delete', 'users', ['username' => $_SESSION['username']]);
+	redir();
 
-redir();
+	success("Compte supprimé.");
+}
 
-success("Compte supprimé.");
+?>
+
+<form method="post">
+	<input type="checkbox" name="delete" id="delete">
+	<label for="delete">Supprimer mon compte et toutes ses données</label>
+	<br>
+	<input type="submit">
+</form>

public/ht/add-http-dns.php

@@ -1,4 +1,54 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (isset($_SESSION['username']))
+	$dirsStatuses = dirsStatuses($_SESSION['username'], "dns", "http");
+else
+	$dirsStatuses = [];
+
+if (processForm()) {
+	checkDomainFormat($_POST['domain']);
+
+	if ($dirsStatuses[$_POST['dir']] !== false)
+		userError("Wrong value for <code>dir</code>.");
+
+	if (query('select', 'sites', ['domain' => $_POST['domain']], 'domain') !== [])
+		userError("Ce domaine existe déjà sur ce service.");
+
+	$remoteAaaaRecords = array_column(dns_get_record($_POST['domain'], DNS_AAAA), 'ipv6');
+	if (array_merge(array_diff($remoteAaaaRecords, [CONF['ht']['ipv6_address']]), array_diff([CONF['ht']['ipv6_address']], $remoteAaaaRecords)) !== [])
+		userError("Ce domaine doit avoir pour enregistrement AAAA <code>" . CONF['ht']['ipv6_address'] . "</code>.");
+
+	$remoteARecords = array_column(dns_get_record($_POST['domain'], DNS_A), 'ip');
+	if (array_merge(array_diff($remoteARecords, [CONF['ht']['ipv4_address']]), array_diff([CONF['ht']['ipv4_address']], $remoteARecords)) !== [])
+		userError("Ce domaine doit avoir pour enregistrement A <code>" . CONF['ht']['ipv4_address'] . "</code>.");
+
+	addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], "dns", "http");
+
+	$nginxConf = 'server {
+	listen [::1]:' . CONF['ht']['https_port'] . ' ssl http2;
+	listen 127.0.0.1:' . CONF['ht']['https_port'] . ' ssl http2;
+	server_name ' . $_POST['domain'] . ';
+	root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . ';
+
+	ssl_certificate /etc/ssl/certs/niver.crt;
+	ssl_certificate_key /etc/ssl/private/niver.key;
+
+	include inc/ht-tls.conf;
+}
+	';
+	if (file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf", $nginxConf) === false)
+		serverError("Failed to write Nginx configuration.");
+
+	// Reload Nginx
+	exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", result_code: $code);
+	if ($code !== 0)
+		serverError("Failed to reload Nginx.");
+
+	success("Accès HTTP par domaine ajouté sur ce dossier !");
+
+}
+
+?>
 
 <p>
 	Ajouter un domaine sur un dossier de site<br>
@@ -16,13 +66,9 @@
 
 <?php
 
-if (isset($_SESSION['username'])) {
-	$dirsStatuses = dirsStatuses($_SESSION['username'], "dns", "http");
-
-	foreach ($dirsStatuses as $dir => $alreadyEnabled) {
-		$disabled = $alreadyEnabled ? " disabled=''" : "";
-		echo "		<option" . $disabled . " value='" . $dir . "'>" . $dir . "</option>";
-	}
+foreach ($dirsStatuses as $dir => $alreadyEnabled) {
+	$disabled = $alreadyEnabled ? " disabled=''" : "";
+	echo "		<option" . $disabled . " value='" . $dir . "'>" . $dir . "</option>";
 }
 
 ?>
@@ -31,47 +77,3 @@ if (isset($_SESSION['username'])) {
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-checkDomainFormat($_POST['domain']);
-
-if ($dirsStatuses[$_POST['dir']] !== false)
-	userError("Wrong value for <code>dir</code>.");
-
-if (query('select', 'sites', ['domain' => $_POST['domain']], 'domain') !== [])
-	userError("Ce domaine existe déjà sur ce service.");
-
-$remoteAaaaRecords = array_column(dns_get_record($_POST['domain'], DNS_AAAA), 'ipv6');
-if (array_merge(array_diff($remoteAaaaRecords, [CONF['ht']['ipv6_address']]), array_diff([CONF['ht']['ipv6_address']], $remoteAaaaRecords)) !== [])
-	userError("Ce domaine doit avoir pour enregistrement AAAA <code>" . CONF['ht']['ipv6_address'] . "</code>.");
-
-$remoteARecords = array_column(dns_get_record($_POST['domain'], DNS_A), 'ip');
-if (array_merge(array_diff($remoteARecords, [CONF['ht']['ipv4_address']]), array_diff([CONF['ht']['ipv4_address']], $remoteARecords)) !== [])
-	userError("Ce domaine doit avoir pour enregistrement A <code>" . CONF['ht']['ipv4_address'] . "</code>.");
-
-addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], "dns", "http");
-
-$nginxConf = 'server {
-	listen [::1]:' . CONF['ht']['https_port'] . ' ssl http2;
-	listen 127.0.0.1:' . CONF['ht']['https_port'] . ' ssl http2;
-	server_name ' . $_POST['domain'] . ';
-	root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . ';
-
-	ssl_certificate /etc/ssl/certs/niver.crt;
-	ssl_certificate_key /etc/ssl/private/niver.key;
-
-	include inc/ht-tls.conf;
-}
-';
-if (file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf", $nginxConf) === false)
-	serverError("Failed to write Nginx configuration.");
-
-// Reload Nginx
-exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", result_code: $code);
-if ($code !== 0)
-	serverError("Failed to reload Nginx.");
-
-success("Accès HTTP par domaine ajouté sur ce dossier !");

public/ht/add-http-onion.php

@@ -1,4 +1,59 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (isset($_SESSION['username']))
+	$dirsStatuses = dirsStatuses($_SESSION['username'], "onion", "http");
+else
+	$dirsStatuses = [];
+
+if (processForm()) {
+	if ($dirsStatuses[$_POST['dir']] !== false)
+		userError("Wrong value for <code>dir</code>.");
+
+	// Add Tor config
+	$torConf = "HiddenServiceDir " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'] . "/" . $_POST['dir'] . "/
+	HiddenServicePort 80 [::1]:" . CONF['ht']['internal_onion_http_port'] . "
+	";
+	if (file_put_contents(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'], $torConf) === false)
+		serverError("Failed to write new Tor configuration.");
+
+	// Reload Tor
+	exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload " . CONF['ht']['tor_service'], $output, $code);
+	if ($code !== 0)
+		serverError("Failed to reload Tor.");
+
+	// Get the address generated by Tor
+	exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['cat_path'] . ' ' . CONF['ht']['tor_keys_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . '/hostname', $output);
+	$onion = $output[0];
+	if (preg_match("/[0-9a-z]{56}\.onion/", $onion) !== 1)
+		serverError("No onion address found.");
+
+	// Store it in the database
+	addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "http");
+
+	// Add Nginx config
+	$nginxConf = 'server {
+		listen [::1]:' . CONF['ht']['internal_onion_http_port'] . ';
+		server_name ' . $onion . ';
+		root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . ';
+
+		include inc/ht-onion.conf;
+	}
+	';
+	if (file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $onion . ".conf", $nginxConf) === false)
+		serverError("Failed to write Nginx configuration.");
+
+	// Reload Nginx
+	exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", result_code: $code);
+	if ($code !== 0)
+		serverError("Failed to reload Nginx.");
+
+	// Tell the user their site address
+	success("L'adresse de votre service Onion HTTP est : <a href='http://" . $onion . "/'<code>http://" . $onion . "/</code></a>");
+}
+
+?>
+
+
 <p>
 	Ajouter un accès en .onion sur un dossier
 </p>
@@ -10,13 +65,9 @@
 
 <?php
 
-if (isset($_SESSION['username'])) {
-	$dirsStatuses = dirsStatuses($_SESSION['username'], "onion", "http");
-
-	foreach ($dirsStatuses as $dir => $alreadyEnabled) {
-		$disabled = $alreadyEnabled ? "disabled='' " : "";
-		echo "		<option " . $disabled . "value='" . $dir . "'>" . $dir . "</option>";
-	}
+foreach ($dirsStatuses as $dir => $alreadyEnabled) {
+	$disabled = $alreadyEnabled ? "disabled='' " : "";
+	echo "		<option " . $disabled . "value='" . $dir . "'>" . $dir . "</option>";
 }
 
 ?>
@@ -25,51 +76,3 @@ if (isset($_SESSION['username'])) {
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-if ($dirsStatuses[$_POST['dir']] !== false)
-	userError("Wrong value for <code>dir</code>.");
-
-// Add Tor config
-$torConf = "HiddenServiceDir " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'] . "/" . $_POST['dir'] . "/
-HiddenServicePort 80 [::1]:" . CONF['ht']['internal_onion_http_port'] . "
-";
-if (file_put_contents(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'], $torConf) === false)
-	serverError("Failed to write new Tor configuration.");
-
-// Reload Tor
-exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload " . CONF['ht']['tor_service'], $output, $code);
-if ($code !== 0)
-	serverError("Failed to reload Tor.");
-
-// Get the address generated by Tor
-exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['cat_path'] . ' ' . CONF['ht']['tor_keys_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . '/hostname', $output);
-$onion = $output[0];
-if (preg_match("/[0-9a-z]{56}\.onion/", $onion) !== 1)
-	serverError("No onion address found.");
-
-// Store it in the database
-addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "http");
-
-// Add Nginx config
-$nginxConf = 'server {
-	listen [::1]:' . CONF['ht']['internal_onion_http_port'] . ';
-	server_name ' . $onion . ';
-	root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . ';
-
-	include inc/ht-onion.conf;
-}
-';
-if (file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $onion . ".conf", $nginxConf) === false)
-	serverError("Failed to write Nginx configuration.");
-
-// Reload Nginx
-exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", result_code: $code);
-if ($code !== 0)
-	serverError("Failed to reload Nginx.");
-
-// Tell the user their site address
-success("L'adresse de votre service Onion HTTP est : <a href='http://" . $onion . "/'<code>http://" . $onion . "/</code></a>");

public/ht/del-http-dns.php

@@ -1,4 +1,20 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (isset($_SESSION['username']))
+	$dirsStatuses = dirsStatuses($_SESSION['username'], "dns", "http");
+else
+	$dirsStatuses = [];
+
+if (processForm()) {
+	if ($dirsStatuses[$_POST['dir']] !== true)
+		userError("Wrong value for <code>dir</code>.");
+
+	htDeleteSite($_POST['dir'], domainType: 'dns', protocol: 'http');
+
+	success("Accès retiré.");
+}
+
+?>
 
 <p>
 	Retirer un accès DNS et TLS d'un dossier
@@ -11,13 +27,9 @@
 
 <?php
 
-if (isset($_SESSION['username'])) {
-	$dirsStatuses = dirsStatuses($_SESSION['username'], "dns", "http");
-
-	foreach ($dirsStatuses as $dir => $alreadyEnabled) {
-		$disabled = $alreadyEnabled ? "" : "disabled='' ";
-		echo "		<option " . $disabled . "value='" . $dir . "'>" . $dir . "</option>\n";
-	}
+foreach ($dirsStatuses as $dir => $alreadyEnabled) {
+	$disabled = $alreadyEnabled ? "" : "disabled='' ";
+	echo "		<option " . $disabled . "value='" . $dir . "'>" . $dir . "</option>\n";
 }
 
 ?>
@@ -26,14 +38,3 @@ if (isset($_SESSION['username'])) {
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-if ($dirsStatuses[$_POST['dir']] !== true)
-	userError("Wrong value for <code>dir</code>.");
-
-htDeleteSite($_POST['dir'], domainType: 'dns', protocol: 'http');
-
-success("Accès retiré.");

public/ht/del-http-onion.php

@@ -1,4 +1,20 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (isset($_SESSION['username']))
+	$dirsStatuses = dirsStatuses($_SESSION['username'], "onion", "http");
+else
+	$dirsStatuses = [];
+
+if (processForm()) {
+	if ($dirsStatuses[$_POST['dir']] !== true)
+		userError("Wrong value for <code>dir</code>.");
+
+	htDeleteSite($_POST['dir'], domainType: 'onion', protocol: 'http');
+
+	success("Accès retiré.");
+}
+
+?>
 
 <p>
 	Retirer un accès Onion d'un dossier
@@ -11,13 +27,9 @@
 
 <?php
 
-if (isset($_SESSION['username'])) {
-	$dirsStatuses = dirsStatuses($_SESSION['username'], "onion", "http");
-
-	foreach ($dirsStatuses as $dir => $alreadyEnabled) {
-		$disabled = $alreadyEnabled ? "" : "disabled='' ";
-		echo "		<option " . $disabled . "value='" . $dir . "'>" . $dir . "</option>\n";
-	}
+foreach ($dirsStatuses as $dir => $alreadyEnabled) {
+	$disabled = $alreadyEnabled ? "" : "disabled='' ";
+	echo "		<option " . $disabled . "value='" . $dir . "'>" . $dir . "</option>\n";
 }
 
 ?>
@@ -26,14 +38,3 @@ if (isset($_SESSION['username'])) {
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-if ($dirsStatuses[$_POST['dir']] !== true)
-	userError("Wrong value for <code>dir</code>.");
-
-htDeleteSite($_POST['dir'], domainType: 'onion', protocol: 'http');
-
-success("Accès retiré.");

public/ht/index.php

@@ -1,5 +1,3 @@
-<?php require "../../common/html.php"; ?>
-
 <p>
 	Ce service permet d'envoyer des fichiers sur le serveur par <?= linkToDocs('sftp', 'SFTP') ?> afin de les rendre accessibles par <?= linkToDocs('http', 'HTTP') ?>.
 </p>
@@ -58,5 +56,3 @@
 		</dd>
 	</dl>
 </section>
-
-<?php closeHTML(); ?>

public/ht/le.php

@@ -1,4 +1,30 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['certbot_path'] . " certonly --dry-run --test-cert --webroot --webroot-path /srv/acme --register-unsafely-without-email --agree-tos --domain " . $_POST['domain'], $output, $returnCode);
+
+	// Abort if Certbot failed
+	if ($returnCode !== 0)
+		serverError("Certbot failed to get a Let's Encrypt certificate.");
+
+	// Replace self-signed certificate by Let's Encrypt certificate in Nginx configuration
+	$conf = file_get_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf");
+	$conf = preg_replace("#/etc/ssl/certs/niver\.crt#", "/etc/letsencrypt/live/" . $_POST['domain'] . "/fullchain.pem", $conf);
+	$conf = preg_replace("#/etc/ssl/private/niver\.key#", "/etc/letsencrypt/live/" . $_POST['domain'] . "/privkey.pem", $conf);
+	file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf", $conf);
+
+	// Reload Nginx
+	exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", $output, $returnCode);
+
+	// Abort if Nginx reload failed
+	if ($returnCode !== 0)
+		serverError("Nginx configuration reload failed.");
+
+	success("La connexion avec votre site utilise désomais un certificat TLS émis par Let's Encrypt.");
+}
+
+?>
+
 <p>
 	Installer un certificat Let's Encrypt
 </p>
@@ -20,28 +46,3 @@ if (isset($_SESSION['username'])) {
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['certbot_path'] . " certonly --dry-run --test-cert --webroot --webroot-path /srv/acme --register-unsafely-without-email --agree-tos --domain " . $_POST['domain'], $output, $returnCode);
-
-// Abort if Certbot failed
-if ($returnCode !== 0)
-	serverError("Certbot failed to get a Let's Encrypt certificate.");
-
-// Replace self-signed certificate by Let's Encrypt certificate in Nginx configuration
-$conf = file_get_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf");
-$conf = preg_replace("#/etc/ssl/certs/niver\.crt#", "/etc/letsencrypt/live/" . $_POST['domain'] . "/fullchain.pem", $conf);
-$conf = preg_replace("#/etc/ssl/private/niver\.key#", "/etc/letsencrypt/live/" . $_POST['domain'] . "/privkey.pem", $conf);
-file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf", $conf);
-
-// Reload Nginx
-exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", $output, $returnCode);
-
-// Abort if Nginx reload failed
-if ($returnCode !== 0)
-	serverError("Nginx configuration reload failed.");
-
-success("La connexion avec votre site utilise désomais un certificat TLS émis par Let's Encrypt.");

public/index.php

@@ -1,5 +1,3 @@
-<?php require "../common/html.php"; ?>
-
 <nav>
 	<dl>
 		<dt><a class="auth" href="auth/"><?= TITLES['auth']['index'] ?></a></dt>
@@ -26,5 +24,3 @@
 	<?php } ?>
 	</dl>
 </nav>
-
-<?php closeHTML(); ?>

public/ns/caa.php

@@ -1,4 +1,30 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	$values = nsParseCommonRequirements();
+
+	if (!($_POST['flag'] >= 0 AND $_POST['flag'] <= 255))
+		userError("Wrong value for <code>flag</code>.");
+
+	if (!(preg_match("/^[a-z]{1,127}$/", $_POST['tag'])))
+		userError("Wrong value for <code>tag</code>.");
+
+	if (!(preg_match("/^[a-z0-9.-]{1,255}$/", $_POST['value'])))
+		userError("Wrong value for <code>value</code>.");
+
+	knotcZoneExec($_POST['zone'], array(
+		$values['domain'],
+		$values['ttl'],
+		"CAA",
+		$_POST['flag'],
+		$_POST['tag'],
+		$_POST['value']
+	));
+
+	success("Enregistrement ajouté");
+}
+
+?>
 
 <p>
 	<?= linkToDocs('record-caa', 'Documentation du type d\'enregistrement CAA') ?>
@@ -6,7 +32,7 @@
 
 <form method="post">
 
-<?php require "../../form.ns.php"; ?>
+<?php require "form.ns.php"; ?>
 
 	<br>
 	<label for="flag">Flag</label>
@@ -23,30 +49,3 @@
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-
-$values = nsParseCommonRequirements();
-
-if (!($_POST['flag'] >= 0 AND $_POST['flag'] <= 255))
-	userError("Wrong value for <code>flag</code>.");
-
-if (!(preg_match("/^[a-z]{1,127}$/", $_POST['tag'])))
-	userError("Wrong value for <code>tag</code>.");
-
-if (!(preg_match("/^[a-z0-9.-]{1,255}$/", $_POST['value'])))
-	userError("Wrong value for <code>value</code>.");
-
-knotcZoneExec($_POST['zone'], array(
-	$values['domain'],
-	$values['ttl'],
-	"CAA",
-	$_POST['flag'],
-	$_POST['tag'],
-	$_POST['value']
-));
-
-success("Enregistrement ajouté");

public/ns/cname.php

@@ -1,11 +1,28 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	$values = nsParseCommonRequirements();
+
+	$_POST['cname'] = formatAbsoluteDomain($_POST['cname']);
+
+	knotcZoneExec($_POST['zone'], array(
+		$values['domain'],
+		$values['ttl'],
+		"CNAME",
+		$_POST['cname']
+	));
+
+	success("Enregistrement ajouté");
+}
+
+?>
 
 <p>
 	<?= linkToDocs('record-cname', 'Documentation du type d\'enregistrement CNAME') ?>
 </p>
 
 <form method="post">
-	<?php require "../../form.ns.php"; ?>
+	<?php require "form.ns.php"; ?>
 	<br>
 	<label for="cname">Nom canonique</label>
 	<br>
@@ -13,20 +30,3 @@
 	<br>
 	<input value="Procéder" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-$values = nsParseCommonRequirements();
-
-$_POST['cname'] = formatAbsoluteDomain($_POST['cname']);
-
-knotcZoneExec($_POST['zone'], array(
-	$values['domain'],
-	$values['ttl'],
-	"CNAME",
-	$_POST['cname']
-));
-
-success("Enregistrement ajouté");

public/ns/dname.php

@@ -1,11 +1,28 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	$values = nsParseCommonRequirements();
+
+	$_POST['dname'] = formatAbsoluteDomain($_POST['dname']);
+
+	knotcZoneExec($_POST['zone'], array(
+		$values['domain'],
+		$values['ttl'],
+		"DNAME",
+		$_POST['dname']
+	));
+
+	success("Enregistrement ajouté");
+}
+
+?>
 
 <p>
 	<?= linkToDocs('record-dname', 'Documentation du type d\'enregistrement DNAME') ?>
 </p>
 
 <form method="post">
-	<?php require "../../form.ns.php"; ?>
+	<?php require "form.ns.php"; ?>
 	<br>
 	<label for="dname">Nom délégué</label>
 	<br>
@@ -13,20 +30,3 @@
 	<br>
 	<input value="Procéder" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-$values = nsParseCommonRequirements();
-
-$_POST['dname'] = formatAbsoluteDomain($_POST['dname']);
-
-knotcZoneExec($_POST['zone'], array(
-	$values['domain'],
-	$values['ttl'],
-	"DNAME",
-	$_POST['dname']
-));
-
-success("Enregistrement ajouté");

public/ns/index.php

@@ -1,5 +1,3 @@
-<?php require "../../common/html.php"; ?>
-
 <?php displayIndex(); ?>
 
 <p>
@@ -12,4 +10,3 @@ foreach (CONF['ns']['servers'] as $server)
 	</ul>
 </p>
 
-<?php closeHTML(); ?>

public/ns/ip.php

@@ -1,29 +1,29 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	$values = nsParseCommonRequirements();
+
+	$record = checkIpFormat($_POST['ip']);
+
+	knotcZoneExec($_POST['zone'], array(
+		$values['domain'],
+		$values['ttl'],
+		$record,
+		$_POST['ip']
+	));
+
+	success("Enregistrement ajouté");
+}
+
+?>
 
 <p>
 	<?= linkToDocs('record-txt', 'Documentation des types d\'enregistrements A et AAAA') ?>
 </p>
 
 <form method="post">
-<?php require "../../form.ns.php"; ?>
+<?php require "form.ns.php"; ?>
 	<label for="ip">Adresse IP</label><br>
 	<input required="" pattern="^[a-f0-9:.]+$" id="ip" name="ip" minlength="7" maxlength="39" size="40" type="text" placeholder="<?= PLACEHOLDER_IPV6 ?> ou <?= PLACEHOLDER_IPV4 ?>"><br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-$values = nsParseCommonRequirements();
-
-$record = checkIpFormat($_POST['ip']);
-
-knotcZoneExec($_POST['zone'], array(
-	$values['domain'],
-	$values['ttl'],
-	$record,
-	$_POST['ip']
-));
-
-success("Enregistrement ajouté");

public/ns/loc.php

@@ -1,4 +1,77 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	$values = nsParseCommonRequirements();
+
+	if (empty($_POST['lat-min']))
+		$_POST['lat-min'] = 0;
+	if (empty($_POST['lat-sec']))
+		$_POST['lat-sec'] = 0;
+	if (empty($_POST['lon-min']))
+		$_POST['lon-min'] = 0;
+	if (empty($_POST['lon-sec']))
+		$_POST['lon-sec'] = 0;
+	if (empty($_POST['size']))
+		$_POST['size'] = 1;
+	if (empty($_POST['hp']))
+		$_POST['hp'] = 10000;
+	if (empty($_POST['vp']))
+		$_POST['vp'] = 10;
+
+	if (!($_POST['lat-deg'] >= 0 AND $_POST['lat-deg'] <= 90))
+		userError("Wrong value for <code>lat-deg</code>.");
+	if (!($_POST['lat-min'] >= 0 AND $_POST['lat-min'] <= 59))
+		userError("Wrong value for <code>lat-min</code>.");
+	if (!($_POST['lat-sec'] >= 0 AND $_POST['lat-sec'] <= 59.999))
+		userError("Wrong value for <code>lat-sec</code>.");
+
+	if ($_POST['lat-dir'] !== "N" AND $_POST['lat-dir'] !== "S")
+		userError("Wrong value for <code>lat-dir</code>.");
+
+	if (!($_POST['lon-deg'] >= 0 AND $_POST['lon-deg'] <= 180))
+		userError("Wrong value for <code>lon-deg</code>.");
+	if (!($_POST['lon-min'] >= 0 AND $_POST['lon-min'] <= 59))
+		userError("Wrong value for <code>lon-min</code>.");
+	if (!($_POST['lon-sec'] >= 0 AND $_POST['lon-sec'] <= 59.999))
+		userError("Wrong value for <code>lon-sec</code>.");
+
+	if ($_POST['lon-dir'] !== "E" AND $_POST['lon-dir'] !== "W")
+		userError("Wrong value for <code>lon-dir</code>.");
+
+	if (!($_POST['alt'] >= -100000 AND $_POST['alt'] <= 42849672.95))
+		userError("Wrong value for <code>alt</code>.");
+
+	if (!($_POST['size'] >= 0 AND $_POST['size'] <= 90000000))
+		userError("Wrong value for <code>size</code>.");
+
+	if (!($_POST['hp'] >= 0 AND $_POST['hp'] <= 90000000))
+		userError("Wrong value for <code>hp</code>.");
+
+	if (!($_POST['vp'] >= 0 AND $_POST['vp'] <= 90000000))
+		userError("Wrong value for <code>vp</code>.");
+
+	knotcZoneExec($_POST['zone'], array(
+		$values['domain'],
+		$values['ttl'],
+		"LOC",
+		$_POST['lat-deg'],
+		$_POST['lat-min'],
+		$_POST['lat-sec'],
+		$_POST['lat-dir'],
+		$_POST['lon-deg'],
+		$_POST['lon-min'],
+		$_POST['lon-sec'],
+		$_POST['lon-dir'],
+		$_POST['alt'] . 'm',
+		$_POST['size'] . 'm',
+		$_POST['hp'] . 'm',
+		$_POST['vp'] . 'm',
+	));
+
+	success("Enregistrement ajouté");
+}
+
+?>
 
 <p>
 	<?= linkToDocs('record-loc', 'Documentation du type d\'enregistrement LOC') ?>
@@ -6,7 +79,7 @@
 
 <form method="post">
 
-	<?php require "../../form.ns.php"; ?>
+	<?php require "form.ns.php"; ?>
 
 	<fieldset>
 		<legend>Latitude</legend>
@@ -82,76 +155,3 @@
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-$values = nsParseCommonRequirements();
-
-if (empty($_POST['lat-min']))
-	$_POST['lat-min'] = 0;
-if (empty($_POST['lat-sec']))
-	$_POST['lat-sec'] = 0;
-if (empty($_POST['lon-min']))
-	$_POST['lon-min'] = 0;
-if (empty($_POST['lon-sec']))
-	$_POST['lon-sec'] = 0;
-if (empty($_POST['size']))
-	$_POST['size'] = 1;
-if (empty($_POST['hp']))
-	$_POST['hp'] = 10000;
-if (empty($_POST['vp']))
-	$_POST['vp'] = 10;
-
-if (!($_POST['lat-deg'] >= 0 AND $_POST['lat-deg'] <= 90))
-	userError("Wrong value for <code>lat-deg</code>.");
-if (!($_POST['lat-min'] >= 0 AND $_POST['lat-min'] <= 59))
-	userError("Wrong value for <code>lat-min</code>.");
-if (!($_POST['lat-sec'] >= 0 AND $_POST['lat-sec'] <= 59.999))
-	userError("Wrong value for <code>lat-sec</code>.");
-
-if ($_POST['lat-dir'] !== "N" AND $_POST['lat-dir'] !== "S")
-	userError("Wrong value for <code>lat-dir</code>.");
-
-if (!($_POST['lon-deg'] >= 0 AND $_POST['lon-deg'] <= 180))
-	userError("Wrong value for <code>lon-deg</code>.");
-if (!($_POST['lon-min'] >= 0 AND $_POST['lon-min'] <= 59))
-	userError("Wrong value for <code>lon-min</code>.");
-if (!($_POST['lon-sec'] >= 0 AND $_POST['lon-sec'] <= 59.999))
-	userError("Wrong value for <code>lon-sec</code>.");
-
-if ($_POST['lon-dir'] !== "E" AND $_POST['lon-dir'] !== "W")
-	userError("Wrong value for <code>lon-dir</code>.");
-
-if (!($_POST['alt'] >= -100000 AND $_POST['alt'] <= 42849672.95))
-	userError("Wrong value for <code>alt</code>.");
-
-if (!($_POST['size'] >= 0 AND $_POST['size'] <= 90000000))
-	userError("Wrong value for <code>size</code>.");
-
-if (!($_POST['hp'] >= 0 AND $_POST['hp'] <= 90000000))
-	userError("Wrong value for <code>hp</code>.");
-
-if (!($_POST['vp'] >= 0 AND $_POST['vp'] <= 90000000))
-	userError("Wrong value for <code>vp</code>.");
-
-knotcZoneExec($_POST['zone'], array(
-	$values['domain'],
-	$values['ttl'],
-	"LOC",
-	$_POST['lat-deg'],
-	$_POST['lat-min'],
-	$_POST['lat-sec'],
-	$_POST['lat-dir'],
-	$_POST['lon-deg'],
-	$_POST['lon-min'],
-	$_POST['lon-sec'],
-	$_POST['lon-dir'],
-	$_POST['alt'] . 'm',
-	$_POST['size'] . 'm',
-	$_POST['hp'] . 'm',
-	$_POST['vp'] . 'm',
-));
-
-success("Enregistrement ajouté");

public/ns/mx.php

@@ -1,4 +1,25 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	$values = nsParseCommonRequirements();
+
+	if (!($_POST['priority'] >= 0 AND $_POST['priority'] <= 255))
+		userError("Wrong value for <code>priority</code>.");
+
+	$_POST['host'] = formatAbsoluteDomain($_POST['host']);
+
+	knotcZoneExec($_POST['zone'], array(
+		$values['domain'],
+		$values['ttl'],
+		"MX",
+		$_POST['priority'],
+		$_POST['host']
+	));
+
+	success("Enregistrement ajouté");
+}
+
+?>
 
 <p>
 	<?= linkToDocs('record-mx', 'Documentation du type d\'enregistrement MX') ?>
@@ -6,7 +27,7 @@
 
 <form method="post">
 
-<?php require "../../form.ns.php"; ?>
+<?php require "form.ns.php"; ?>
 
 	<br>
 
@@ -23,24 +44,3 @@
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-$values = nsParseCommonRequirements();
-
-if (!($_POST['priority'] >= 0 AND $_POST['priority'] <= 255))
-	userError("Wrong value for <code>priority</code>.");
-
-$_POST['host'] = formatAbsoluteDomain($_POST['host']);
-
-knotcZoneExec($_POST['zone'], array(
-	$values['domain'],
-	$values['ttl'],
-	"MX",
-	$_POST['priority'],
-	$_POST['host']
-));
-
-success("Enregistrement ajouté");

public/ns/ns.php

@@ -1,11 +1,28 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	$values = nsParseCommonRequirements();
+
+	$_POST['ns'] = formatAbsoluteDomain($_POST['ns']);
+
+	knotcZoneExec($_POST['zone'], array(
+		$values['domain'],
+		$values['ttl'],
+		"NS",
+		$_POST['ns']
+	));
+
+	success("Enregistrement ajouté");
+}
+
+?>
 
 <p>
 	<?= linkToDocs('record-ns', 'Documentation du type d\'enregistrement NS') ?>
 </p>
 
 <form method="post">
-<?php require "../../form.ns.php"; ?>
+<?php require "form.ns.php"; ?>
 	<br>
 	<label for="ns">Serveur de nom</label>
 	<br>
@@ -13,20 +30,3 @@
 	<br>
 	<input value="Procéder" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-$values = nsParseCommonRequirements();
-
-$_POST['ns'] = formatAbsoluteDomain($_POST['ns']);
-
-knotcZoneExec($_POST['zone'], array(
-	$values['domain'],
-	$values['ttl'],
-	"NS",
-	$_POST['ns']
-));
-
-success("Enregistrement ajouté");

public/ns/print.php

@@ -1,4 +1,3 @@
-<?php require "../../common/html.php"; ?>
 
 <form method="post">
 	<input type="radio" name="print" id="table" value="table" checked="">
@@ -25,20 +24,19 @@ if (isset($_SESSION['username']))
 
 <?php
 
-switchToFormProcess();
+if (processForm()) {
+	nsCheckZonePossession($_POST['zone']);
 
-nsCheckZonePossession($_POST['zone']);
+	$zoneContent = file_get_contents(CONF['ns']['knot_zones_path'] . '/' . $_POST['zone'] . 'zone');
+	if ($zoneContent === false)
+		serverError("Unable to read zone file.");
 
-$zoneContent = file_get_contents(CONF['ns']['knot_zones_path'] . '/' . $_POST['zone'] . 'zone');
-if ($zoneContent === false)
-	serverError("Unable to read zone file.");
-
-if ($_POST['print'] === 'raw') {
-	echo '<pre>' . htmlspecialchars($zoneContent) . '</pre>';
-	success();
-}
+	if ($_POST['print'] === 'raw') {
+		echo '<pre>' . htmlspecialchars($zoneContent) . '</pre>';
+		success();
+	}
 
-if ($_POST['print'] === 'table') { ?>
+	if ($_POST['print'] === 'table') { ?>
 
 <table>
 	<tr>
@@ -48,29 +46,29 @@ if ($_POST['print'] === 'table') { ?>
 		<th>Contenu</th>
 	</tr>
 <?php
-	foreach(explode("\n", $zoneContent) as $zoneLine) {
-		if (str_starts_with($zoneLine, ';')) continue; // Ignore comments
-		if (empty($zoneLine)) continue;
-		$elements = preg_split("#[\t ]+#", $zoneLine, 4);
-		if (!in_array($elements[2], ['CAA', 'A', 'AAAA', 'MX', 'NS', 'SRV', 'SSHFP', 'TLSA', 'TXT'], true)) continue; // Ignore records generated by Knot
-		echo '	<tr>';
-		foreach ($elements as $element)
-			echo '		<td>' . htmlspecialchars($element) . '</td>';
-		echo '	</tr>';
+		foreach(explode("\n", $zoneContent) as $zoneLine) {
+			if (str_starts_with($zoneLine, ';')) continue; // Ignore comments
+			if (empty($zoneLine)) continue;
+			$elements = preg_split("#[\t ]+#", $zoneLine, 4);
+			if (!in_array($elements[2], ['CAA', 'A', 'AAAA', 'MX', 'NS', 'SRV', 'SSHFP', 'TLSA', 'TXT'], true)) continue; // Ignore records generated by Knot
+			echo '	<tr>';
+			foreach ($elements as $element)
+				echo '		<td>' . htmlspecialchars($element) . '</td>';
+			echo '	</tr>';
+		}
+		echo '</table>';
 	}
-	echo '</table>';
-}
 
-if ($_POST['print'] === 'ds') {
+	if ($_POST['print'] === 'ds') {
 
-	$found = preg_match("#\n" . preg_quote($_POST['zone']) . "\s+0\s+CDS\s+([0-9]{1,5})\s+([0-9]{1,2})\s+([0-9])\s+([0-9A-F]{64})\n#", $zoneContent, $matches);
-	if ($found !== 1)
-		serverError("Unable to get public key record from zone file.");
+		$found = preg_match("#\n" . preg_quote($_POST['zone']) . "\s+0\s+CDS\s+([0-9]{1,5})\s+([0-9]{1,2})\s+([0-9])\s+([0-9A-F]{64})\n#", $zoneContent, $matches);
+		if ($found !== 1)
+			serverError("Unable to get public key record from zone file.");
 
-	$tag = $matches[1];
-	$algo = $matches[2];
-	$digestType = $matches[3];
-	$digest = $matches[4];
+		$tag = $matches[1];
+		$algo = $matches[2];
+		$digestType = $matches[3];
+		$digest = $matches[4];
 
 ?>
 
@@ -98,6 +96,6 @@ if ($_POST['print'] === 'ds') {
 </dl>
 
 <?php
-	success();
+		success();
+	}
 }
-?>

public/ns/srv.php

@@ -1,4 +1,33 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	$values = nsParseCommonRequirements();
+
+	if (!($_POST['priority'] >= 0 AND $_POST['priority'] <= 65535))
+		userError("Wrong value for <code>priority</code>.");
+
+	if (!($_POST['weight'] >= 0 AND $_POST['weight'] <= 65535))
+		userError("Wrong value for <code>weight</code>.");
+
+	if (!($_POST['port'] >= 0 AND $_POST['port'] <= 65535))
+		userError("Wrong value for <code>port</code>.");
+
+	$_POST['target'] = formatAbsoluteDomain($_POST['target']);
+
+	knotcZoneExec($_POST['zone'], array(
+		$values['domain'],
+		$values['ttl'],
+		"SRV",
+		$_POST['priority'],
+		$_POST['weight'],
+		$_POST['port'],
+		$_POST['target']
+	));
+
+	success("Enregistrement ajouté");
+}
+
+?>
 
 <p>
 	<?= linkToDocs('record-srv', 'Documentation du type d\'enregistrement SRV') ?>
@@ -6,7 +35,7 @@
 
 <form method="post">
 
-<?php require "../../form.ns.php"; ?>
+<?php require "form.ns.php"; ?>
 
 	<br>
 
@@ -35,32 +64,3 @@
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-$values = nsParseCommonRequirements();
-
-if (!($_POST['priority'] >= 0 AND $_POST['priority'] <= 65535))
-	userError("Wrong value for <code>priority</code>.");
-
-if (!($_POST['weight'] >= 0 AND $_POST['weight'] <= 65535))
-	userError("Wrong value for <code>weight</code>.");
-
-if (!($_POST['port'] >= 0 AND $_POST['port'] <= 65535))
-	userError("Wrong value for <code>port</code>.");
-
-$_POST['target'] = formatAbsoluteDomain($_POST['target']);
-
-knotcZoneExec($_POST['zone'], array(
-	$values['domain'],
-	$values['ttl'],
-	"SRV",
-	$_POST['priority'],
-	$_POST['weight'],
-	$_POST['port'],
-	$_POST['target']
-));
-
-success("Enregistrement ajouté");

public/ns/sshfp.php

@@ -1,4 +1,30 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	$values = nsParseCommonRequirements();
+
+	if (!($_POST['algo'] === "1" OR $_POST['algo'] === "3" OR $_POST['algo'] === "4"))
+		userError("Wrong value for <code>algo</code>.");
+
+	if (!($_POST['type'] === "2"))
+		userError("Wrong value for <code>type</code>.");
+
+	if (!(preg_match("/^[a-z0-9]{64}$/", $_POST['fp'])))
+		userError("Wrong value for <code>fp</code>.");
+
+	knotcZoneExec($_POST['zone'], array(
+		$values['domain'],
+		$values['ttl'],
+		"SSHFP",
+		$_POST['algo'],
+		$_POST['type'],
+		$_POST['fp']
+	));
+
+	success("Enregistrement ajouté");
+}
+
+?>
 
 <p>
 	<?= linkToDocs('record-sshfp', 'Documentation du type d\'enregistrement SSHFP') ?>
@@ -6,7 +32,7 @@
 
 <form method="post">
 
-<?php require "../../form.ns.php"; ?>
+<?php require "form.ns.php"; ?>
 
 	<br>
 
@@ -36,29 +62,3 @@
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-$values = nsParseCommonRequirements();
-
-if (!($_POST['algo'] === "1" OR $_POST['algo'] === "3" OR $_POST['algo'] === "4"))
-	userError("Wrong value for <code>algo</code>.");
-
-if (!($_POST['type'] === "2"))
-	userError("Wrong value for <code>type</code>.");
-
-if (!(preg_match("/^[a-z0-9]{64}$/", $_POST['fp'])))
-	userError("Wrong value for <code>fp</code>.");
-
-knotcZoneExec($_POST['zone'], array(
-	$values['domain'],
-	$values['ttl'],
-	"SSHFP",
-	$_POST['algo'],
-	$_POST['type'],
-	$_POST['fp']
-));
-
-success("Enregistrement ajouté");

public/ns/tlsa.php

@@ -1,4 +1,34 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	$values = nsParseCommonRequirements();
+
+	if (!($_POST['use'] >= 0 AND $_POST['use'] <= 3))
+		userError("Wrong value for <code>use</code>.");
+
+	if (!($_POST['selector'] === "0" OR $_POST['selector'] === "1"))
+		userError("Wrong value for <code>selector</code>.");
+
+	if (!($_POST['type'] >= 0 AND $_POST['type'] <= 2))
+		userError("Wrong value for <code>type</code>.");
+
+	if (!(preg_match("/^[a-zA-Z0-9.-]{1,1024}$/", $_POST['content'])))
+		userError("Wrong value for <code>content</code>.");
+
+	knotcZoneExec($_POST['zone'], array(
+		$values['domain'],
+		$values['ttl'],
+		"TLSA",
+		$_POST['use'],
+		$_POST['selector'],
+		$_POST['type'],
+		$_POST['content']
+	));
+
+	success("Enregistrement ajouté");
+}
+
+?>
 
 <p>
 	<?= linkToDocs('record-tlsa', 'Documentation du type d\'enregistrement TLSA') ?>
@@ -6,7 +36,7 @@
 
 <form method="post">
 
-<?php require "../../form.ns.php"; ?>
+<?php require "form.ns.php"; ?>
 
 	<br>
 	<label for="use">Utilisation</label>
@@ -45,33 +75,3 @@
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-$values = nsParseCommonRequirements();
-
-if (!($_POST['use'] >= 0 AND $_POST['use'] <= 3))
-	userError("Wrong value for <code>use</code>.");
-
-if (!($_POST['selector'] === "0" OR $_POST['selector'] === "1"))
-	userError("Wrong value for <code>selector</code>.");
-
-if (!($_POST['type'] >= 0 AND $_POST['type'] <= 2))
-	userError("Wrong value for <code>type</code>.");
-
-if (!(preg_match("/^[a-zA-Z0-9.-]{1,1024}$/", $_POST['content'])))
-	userError("Wrong value for <code>content</code>.");
-
-knotcZoneExec($_POST['zone'], array(
-	$values['domain'],
-	$values['ttl'],
-	"TLSA",
-	$_POST['use'],
-	$_POST['selector'],
-	$_POST['type'],
-	$_POST['content']
-));
-
-success("Enregistrement ajouté");

public/ns/txt.php

@@ -1,11 +1,29 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	$values = nsParseCommonRequirements();
+
+	if (!(preg_match("/^[a-zA-Z0-9 =:!%$+\/\()[\]_-]{5,8192}$/", $_POST['txt'])))
+		userError("Wrong value for <code>txt</code>.");
+
+	knotcZoneExec($_POST['zone'], array(
+		$values['domain'],
+		$values['ttl'],
+		"TXT",
+		"\"" . $_POST['txt'] . "\""
+	));
+
+	success("Enregistrement ajouté");
+}
+
+?>
 
 <p>
 	<?= linkToDocs('record-txt', 'Documentation du type d\'enregistrement TXT') ?>
 </p>
 
 <form method="post">
-<?php require "../../form.ns.php"; ?>
+<?php require "form.ns.php"; ?>
 	<br>
 	<label for="txt">Texte</label>
 	<br>
@@ -13,21 +31,3 @@
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-$values = nsParseCommonRequirements();
-
-if (!(preg_match("/^[a-zA-Z0-9 =:!%$+\/\()[\]_-]{5,8192}$/", $_POST['txt'])))
-	userError("Wrong value for <code>txt</code>.");
-
-knotcZoneExec($_POST['zone'], array(
-	$values['domain'],
-	$values['ttl'],
-	"TXT",
-	"\"" . $_POST['txt'] . "\""
-));
-
-success("Enregistrement ajouté");

public/ns/zone-add.php

@@ -1,46 +1,46 @@
-<?php require "../../common/html.php"; ?>
-
-<form method="post">
-	<label for="domain">Domaine</label><br>
-	<input required="" placeholder="domain.<?= PLACEHOLDER_DOMAIN ?>." id="domain" name="domain" type="text"><br>
-	<input value="Ajouter" type="submit">
-</form>
-
 <?php
 
-switchToFormProcess();
+if (processForm()) {
+	$_POST['domain'] = formatAbsoluteDomain($_POST['domain']);
 
-$_POST['domain'] = formatAbsoluteDomain($_POST['domain']);
+	if (query('select', 'zones', ['zone' => $_POST['domain']], 'zone') !== [])
+		userError("Cette zone existe déjà sur ce service.");
 
-if (query('select', 'zones', ['zone' => $_POST['domain']], 'zone') !== [])
-	userError("Cette zone existe déjà sur ce service.");
+	$remoteNsRecords = array_column(dns_get_record($_POST['domain'], DNS_NS), 'target');
+	foreach ($remoteNsRecords as $i => $remoteNsRecord)
+		$remoteNsRecords[$i] = formatAbsoluteDomain($remoteNsRecord);
+	if (array_merge(array_diff($remoteNsRecords, CONF['ns']['servers']), array_diff(CONF['ns']['servers'], $remoteNsRecords)) !== [])
+		userError("Ce domaine n'a pas les bons enregistrements NS.");
 
-$remoteNsRecords = array_column(dns_get_record($_POST['domain'], DNS_NS), 'target');
-foreach ($remoteNsRecords as $i => $remoteNsRecord)
-	$remoteNsRecords[$i] = formatAbsoluteDomain($remoteNsRecord);
-if (array_merge(array_diff($remoteNsRecords, CONF['ns']['servers']), array_diff(CONF['ns']['servers'], $remoteNsRecords)) !== [])
-	userError("Ce domaine n'a pas les bons enregistrements NS.");
+	$db = new PDO('sqlite:' . DB_PATH);
+	$stmt = $db->prepare("INSERT INTO zones(zone, username) VALUES(:zone, :username)");
 
-$db = new PDO('sqlite:' . DB_PATH);
-$stmt = $db->prepare("INSERT INTO zones(zone, username) VALUES(:zone, :username)");
+	$stmt->bindValue(':zone', $_POST['domain']);
+	$stmt->bindValue(':username', $_SESSION['username']);
 
-$stmt->bindValue(':zone', $_POST['domain']);
-$stmt->bindValue(':username', $_SESSION['username']);
+	$stmt->execute();
 
-$stmt->execute();
+	$knotZonePath = CONF['ns']['knot_zones_path'] . "/" . $_POST['domain'] . "zone";
+	$knotZone = $_POST['domain'] . ' 3600 SOA ' . CONF['ns']['servers'][0] . ' admin.niver.test. 1 21600 7200 3628800 3600' . "\n";
+	foreach (CONF['ns']['servers'] as $server)
+		$knotZone .= $_POST['domain'] . ' 86400 NS ' . $server . "\n";
+	if (is_int(file_put_contents($knotZonePath, $knotZone)) !== true)
+		serverError("Failed to write new zone file.");
+	if (chmod($knotZonePath, 0660) !== true)
+		serverError("Failed to chmod new zone file.");
 
-$knotZonePath = CONF['ns']['knot_zones_path'] . "/" . $_POST['domain'] . "zone";
-$knotZone = $_POST['domain'] . ' 3600 SOA ' . CONF['ns']['servers'][0] . ' admin.niver.test. 1 21600 7200 3628800 3600' . "\n";
-foreach (CONF['ns']['servers'] as $server)
-	$knotZone .= $_POST['domain'] . ' 86400 NS ' . $server . "\n";
-if (is_int(file_put_contents($knotZonePath, $knotZone)) !== true)
-	serverError("Failed to write new zone file.");
-if (chmod($knotZonePath, 0660) !== true)
-	serverError("Failed to chmod new zone file.");
+	knotcConfExec([
+		"set 'zone[" . $_POST['domain'] . "]'",
+		"set 'zone[" . $_POST['domain'] . "].template' 'niver-ns'",
+	]);
 
-knotcConfExec([
-	"set 'zone[" . $_POST['domain'] . "]'",
-	"set 'zone[" . $_POST['domain'] . "].template' 'niver-ns'",
-]);
+	success("La requête a été traitée.");
+}
 
-success("La requête a été traitée.");
+?>
+
+<form method="post">
+	<label for="domain">Domaine</label><br>
+	<input required="" placeholder="domain.<?= PLACEHOLDER_DOMAIN ?>." id="domain" name="domain" type="text"><br>
+	<input value="Ajouter" type="submit">
+</form>

public/ns/zone-del.php

@@ -1,4 +1,14 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	nsCheckZonePossession($_POST['zone']);
+
+	nsDeleteZone($_POST['zone']);
+
+	success("Zone effacée.");
+}
+
+?>
 
 <form method="post">
 	<label for="zone">Zone</label>
@@ -13,13 +23,3 @@ if (isset($_SESSION['username']))
 	<br>
 	<input value="Supprimer toutes les données liées à cette zone" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-nsCheckZonePossession($_POST['zone']);
-
-nsDeleteZone($_POST['zone']);
-
-success("Zone effacée.");

public/reg/ds.php

@@ -1,4 +1,44 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (isset($_SESSION['username']))
+	$domains = regListUserDomains($_SESSION['username']);
+else
+	$domains = [];
+
+if (processForm()) {
+	if (
+		($_POST['algo'] !== "8")
+		AND ($_POST['algo'] !== "13")
+		AND ($_POST['algo'] !== "14")
+		AND ($_POST['algo'] !== "15")
+		AND ($_POST['algo'] !== "16")
+	) userError("Wrong value for <code>algo</code>.");
+
+	$_POST['keytag'] = intval($_POST['keytag']);
+	if ((!preg_match("/^[0-9]{1,6}$/", $_POST['keytag'])) OR !($_POST['keytag'] >= 1) OR !($_POST['keytag'] <= 65535))
+		userError("Wrong value for <code>keytag</code>.");
+
+	if ($_POST['dt'] !== "2" AND $_POST['dt'] !== "4")
+		userError("Wrong value for <code>dt</code>.");
+
+	regCheckDomainPossession($_POST['zone']);
+
+	$action = checkAction($_POST['action']);
+
+	knotcZoneExec(CONF['reg']['registry'], array(
+		$_POST['zone'],
+		CONF['reg']['ttl'],
+		"DS",
+		$_POST['keytag'],
+		$_POST['algo'],
+		$_POST['dt'],
+		$_POST['key']
+	));
+
+	success("La requête a été envoyée à Knot");
+}
+
+?>
 
 <p>
 	Ici vous pouvez indiquer au registre l'enregistrement DS d'une zone afin de permettre de déléguer la confiance <?= linkToDocs('dnssec', 'DNSSEC') ?>.
@@ -16,12 +56,10 @@
 	<select required="" name="zone" id="zone">
 		<option value="" disabled="" selected="">---</option>
 <?php
-if (isset($_SESSION['username'])) {
-	$domains = regListUserDomains($_SESSION['username']);
 
-	foreach($domains as $domain)
-		echo "		<option value='" . $domain . "'>" . $domain . "</option>";
-}
+foreach($domains as $domain)
+	echo "		<option value='" . $domain . "'>" . $domain . "</option>";
+
 ?>
 
 	</select>
@@ -66,38 +104,3 @@ if (isset($_SESSION['username'])) {
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-if (
-	($_POST['algo'] !== "8")
-	AND ($_POST['algo'] !== "13")
-	AND ($_POST['algo'] !== "14")
-	AND ($_POST['algo'] !== "15")
-	AND ($_POST['algo'] !== "16")
-) userError("Wrong value for <code>algo</code>.");
-
-$_POST['keytag'] = intval($_POST['keytag']);
-if ((!preg_match("/^[0-9]{1,6}$/", $_POST['keytag'])) OR !($_POST['keytag'] >= 1) OR !($_POST['keytag'] <= 65535))
-	userError("Wrong value for <code>keytag</code>.");
-
-if ($_POST['dt'] !== "2" AND $_POST['dt'] !== "4")
-	userError("Wrong value for <code>dt</code>.");
-
-regCheckDomainPossession($_POST['zone']);
-
-$action = checkAction($_POST['action']);
-
-knotcZoneExec(CONF['reg']['registry'], array(
-	$_POST['zone'],
-	CONF['reg']['ttl'],
-	"DS",
-	$_POST['keytag'],
-	$_POST['algo'],
-	$_POST['dt'],
-	$_POST['key']
-));
-
-success("La requête a été envoyée à Knot");

public/reg/glue.php

@@ -1,4 +1,23 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processform()) {
+	regCheckDomainPossession($_POST['suffix']);
+
+	$domain = formatAbsoluteDomain(formatEndWithDot($_POST['subdomain']) . $_POST['suffix']);
+
+	$record = checkIpFormat($_POST['ip']);
+
+	knotcZoneExec(CONF['reg']['registry'], array(
+		$domain,
+		CONF['reg']['ttl'],
+		$record,
+		$_POST['ip']
+	));
+
+	success("Glue record ajouté");
+}
+
+?>
 
 <p>
 	<?= linkToDocs('glue-record', 'Documentation sur le glue record'); ?>
@@ -38,22 +57,3 @@ if (isset($_SESSION['username']))
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-regCheckDomainPossession($_POST['suffix']);
-
-$domain = formatAbsoluteDomain(formatEndWithDot($_POST['subdomain']) . $_POST['suffix']);
-
-$record = checkIpFormat($_POST['ip']);
-
-knotcZoneExec(CONF['reg']['registry'], array(
-	$domain,
-	CONF['reg']['ttl'],
-	$record,
-	$_POST['ip']
-));
-
-success("Glue record ajouté");

public/reg/index.php

@@ -1,9 +1,5 @@
-<?php require "../../common/html.php"; ?>
-
 <?php displayIndex(); ?>
 
 <p>
 	Ce registre permet d'obtenir un domaine se terminant par <code><?= CONF['reg']['registry'] ?></code>, par exemple <code><em>domaine</em>.<?= CONF['reg']['registry'] ?></code>.
 </p>
-
-<?php closeHTML(); ?>

public/reg/ns.php

@@ -1,4 +1,20 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	regCheckDomainPossession($_POST['domain']);
+	$_POST['ns'] = formatAbsoluteDomain($_POST['ns']);
+
+	knotcZoneExec(CONF['reg']['registry'], array(
+		$_POST['domain'],
+		CONF['reg']['ttl'],
+		"NS",
+		$_POST['ns']
+	));
+
+	success("Modification effectuée avec succès");
+}
+
+?>
 
 <p>
 	<?= linkToDocs('record-ns', 'Documentation du type d\'enregistrement NS') ?>
@@ -29,19 +45,3 @@ if (isset($_SESSION['username']))
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-regCheckDomainPossession($_POST['domain']);
-$_POST['ns'] = formatAbsoluteDomain($_POST['ns']);
-
-knotcZoneExec(CONF['reg']['registry'], array(
-	$_POST['domain'],
-	CONF['reg']['ttl'],
-	"NS",
-	$_POST['ns']
-));
-
-success("Modification effectuée avec succès");

public/reg/print.php

@@ -1,5 +1,3 @@
-<?php require "../../common/html.php"; ?>
-
 <form method="post">
 	<label for="domain">Domaine</label>
 	<select required="" name="domain" id="domain">
@@ -16,36 +14,36 @@ if (isset($_SESSION['username']))
 
 <?php
 
-switchToFormProcess();
-
-regCheckDomainPossession($_POST['domain']);
+if (processForm()) {
+	regCheckDomainPossession($_POST['domain']);
 
-$zoneContent = file_get_contents(CONF['reg']['registry_file']);
-if ($zoneContent === false)
-	serverError("Unable to read registry file.");
-
-?>
-<table>
-	<tr>
-		<th>Domaine</th>
-		<th>TTL</th>
-		<th>Type</th>
-		<th>Contenu</th>
-	</tr>
-<?php
+	$zoneContent = file_get_contents(CONF['reg']['registry_file']);
+	if ($zoneContent === false)
+		serverError("Unable to read registry file.");
 
-foreach(explode("\n", $zoneContent) as $zoneLine) {
-	if (str_starts_with($zoneLine, ';')) continue; // Ignore comments
-	if (empty($zoneLine)) continue;
-	$elements = preg_split("#[\t ]+#", $zoneLine, 4);
-	if (!str_ends_with($elements[0], $_POST['domain'])) continue; // Ignore records for other domains
-	if (!in_array($elements[2], ['A', 'AAAA', 'NS', 'DS'], true)) continue; // Ignore records generated by Knot
-	echo "	<tr>\n";
-	foreach ($elements as $element)
-		echo "		<td>" . htmlspecialchars($element) . "</td>\n";
-	echo "	</tr>\n";
+	?>
+	<table>
+		<tr>
+			<th>Domaine</th>
+			<th>TTL</th>
+			<th>Type</th>
+			<th>Contenu</th>
+		</tr>
+	<?php
+
+	foreach(explode("\n", $zoneContent) as $zoneLine) {
+		if (str_starts_with($zoneLine, ';')) continue; // Ignore comments
+		if (empty($zoneLine)) continue;
+		$elements = preg_split("#[\t ]+#", $zoneLine, 4);
+		if (!str_ends_with($elements[0], $_POST['domain'])) continue; // Ignore records for other domains
+		if (!in_array($elements[2], ['A', 'AAAA', 'NS', 'DS'], true)) continue; // Ignore records generated by Knot
+		echo "	<tr>\n";
+		foreach ($elements as $element)
+			echo "		<td>" . htmlspecialchars($element) . "</td>\n";
+		echo "	</tr>\n";
+	}
+
+	echo '</table>';
+
+	success();
 }
-
-echo '</table>';
-
-success();

public/reg/register.php

@@ -1,4 +1,27 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	if (preg_match("/" . CONF['reg']['subdomain_regex'] . "/", $_POST['subdomain']) !== 1)
+	userError("Erreur : Le nom de domaine doit être composé uniquement d'entre 4 et 63 lettres minuscules (a-z)");
+
+	$domain = formatAbsoluteDomain($_POST['subdomain'] . '.' . CONF['reg']['registry']);
+
+	if (query('select', 'registry', ['domain' => $domain], 'domain') !== [])
+		userError("Ce domaine n'est pas disponible à l'enregistrement. Il est réservé ou déjà enregistré.");
+
+	$db = new PDO('sqlite:' . DB_PATH);
+	$stmt = $db->prepare("INSERT INTO registry(domain, username, last_renewal) VALUES(:domain, :username, :last_renewal)");
+
+	$stmt->bindValue(':domain', $domain);
+	$stmt->bindValue(':username', $_SESSION['username']);
+	$stmt->bindValue(':last_renewal', date("Y-m-d H:i:s"));
+
+	$stmt->execute();
+
+	success("Domaine ajouté au registre.");
+}
+
+?>
 
 <p>
 	Enregistrer un nouveau domaine sur son compte. Ce domaine doit être composé uniquement d'au moins 4 lettres latines non accentuées (a-z).
@@ -11,26 +34,3 @@
 	<br>
 	<input value="Valider" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-if (preg_match("/" . CONF['reg']['subdomain_regex'] . "/", $_POST['subdomain']) !== 1)
-	userError("Erreur : Le nom de domaine doit être composé uniquement d'entre 4 et 63 lettres minuscules (a-z)");
-
-$domain = formatAbsoluteDomain($_POST['subdomain'] . '.' . CONF['reg']['registry']);
-
-if (query('select', 'registry', ['domain' => $domain], 'domain') !== [])
-	userError("Ce domaine n'est pas disponible à l'enregistrement. Il est réservé ou déjà enregistré.");
-
-$db = new PDO('sqlite:' . DB_PATH);
-$stmt = $db->prepare("INSERT INTO registry(domain, username, last_renewal) VALUES(:domain, :username, :last_renewal)");
-
-$stmt->bindValue(':domain', $domain);
-$stmt->bindValue(':username', $_SESSION['username']);
-$stmt->bindValue(':last_renewal', date("Y-m-d H:i:s"));
-
-$stmt->execute();
-
-success("Domaine ajouté au registre.");

public/reg/unregister.php

@@ -1,4 +1,14 @@
-<?php require "../../common/html.php"; ?>
+<?php
+
+if (processForm()) {
+	regCheckDomainPossession($_POST['domain']);
+
+	regDeleteDomain($_POST['domain']);
+
+	success("Domaine effacé du registre.");
+}
+
+?>
 
 <form method="post">
 	<label for="domain">Domaine</label>
@@ -15,13 +25,3 @@ if (isset($_SESSION['username']))
 	<br>
 	<input value="Effacer" type="submit">
 </form>
-
-<?php
-
-switchToFormProcess();
-
-regCheckDomainPossession($_POST['domain']);
-
-regDeleteDomain($_POST['domain']);
-
-success("Domaine effacé du registre.");

router.php

@@ -0,0 +1,49 @@
+<?php
+
+define("CONF", parse_ini_file(__DIR__ . "/config.ini", true, INI_SCANNER_TYPED));
+
+foreach (array_diff(scandir(CONF['common']['root_path'] . "/fn"), array('..', '.')) as $file)
+	require CONF['common']['root_path'] . '/fn/' . $file;
+
+define("DB_PATH", CONF['common']['root_path'] . "/db/niver.db");
+
+define("PLACEHOLDER_DOMAIN", "example"); // From RFC2606: Reserved Top Level DNS Names > 2. TLDs for Testing, & Documentation Examples
+define("PLACEHOLDER_IPV6", "2001:db8::3"); // From RFC3849: IPv6 Address Prefix Reserved for Documentation
+define("PLACEHOLDER_IPV4", "203.0.113.42"); // From RFC5737: IPv4 Address Blocks Reserved for Documentation
+
+if ($_SERVER['REQUEST_URI'] === '/sftpgo-auth.php')
+	return;
+
+$pageAddress = substr($_SERVER['REQUEST_URI'], strlen(CONF['common']['prefix']) + 1);
+if (strpos($pageAddress, "?") !== false) {
+	parse_str(substr($pageAddress, strpos($pageAddress, "?") + 1), $_GET);
+	$pageAddress = substr($pageAddress, 0, strpos($pageAddress, "?"));
+}
+if (substr($pageAddress, -1) === '/' OR $pageAddress === '')
+	$pageAddress .= 'index';
+define("PAGE_ADDRESS", $pageAddress);
+define("SERVICE", dirname(PAGE_ADDRESS));
+define("PAGE", basename(PAGE_ADDRESS, '.php'));
+
+require "pages.php";
+
+if (SERVICE !== '.') {
+	if (!isset(TITLES[SERVICE]['index'])) {
+		http_response_code(404);
+		exit('Page not found.');
+	}
+	$page['service'] = TITLES[SERVICE]['index'];
+	if (PAGE !== 'index') {
+		if (!isset(TITLES[SERVICE][PAGE])) {
+			http_response_code(404);
+			exit('Page not found.');
+		}
+		$page['title'] = TITLES[SERVICE][PAGE];
+	}
+}
+
+require "html.php";
+
+require "public/" . PAGE_ADDRESS . ".php";
+
+closeHtml();

sftpgo-auth.php

@@ -1,6 +1,6 @@
 <?php
 
-require "common/init.php";
+require "router.php";
 
 $authData = json_decode(file_get_contents("php://input"), true);