servnest/pages/ns/edit.php

<?php

if (processForm() AND isset($_POST['zone-content'])) { // Update zone
	nsCheckZonePossession($_POST['zone']);

	// Get current SOA record
	$current_zone_content = file_get_contents(CONF['ns']['knot_zones_path'] . '/' . $_POST['zone'] . 'zone');
	if ($current_zone_content === false)
		output(500, 'Unable to read zone file.');
	if (preg_match('/^(?<soa>' . preg_quote($_POST['zone']) . '[\t ]+[0-9]{1,16}[\t ]+SOA[\t ]+.+)$/m', $current_zone_content, $matches) !== 1)
		output(500, 'Unable to get current serial from zone file.');

	// Generate new zone content
	$new_zone_content = $matches['soa'] . LF;
	if (strlen($_POST['zone-content']) > ZONE_MAX_CHARACTERS)
		output(403, 'La zone n\'est pas autorisée à dépasser ' . ZONE_MAX_CHARACTERS . ' caractères.');
	foreach (explode("\r\n", $_POST['zone-content']) as $line) {
		if ($line === '') continue;
		if (preg_match('/^(?<domain>[a-z0-9@._-]+)(?:[\t ]+(?<ttl>[0-9]{1,16}))?(?:[\t ]+IN)?[\t ]+(?<type>[A-Z]{1,16})[\t ]+(?<value>.+)$/', $line, $matches) !== 1)
			output(403, 'La zone est mal formatée (selon Niver).');
		if (in_array($matches['type'], ALLOWED_TYPES, true) !== true)
			output(403, 'Le type <code>' . $matches['type'] . '</code> n\'est pas autorisé.');
		if ($matches['ttl'] !== '' AND $matches['ttl'] < MIN_TTL)
			output(403, 'Les TTLs inférieurs à ' . MIN_TTL . ' secondes ne sont pas autorisés.');
		if ($matches['ttl'] !== '' AND $matches['ttl'] > MAX_TTL)
			output(403, 'Les TTLs supérieurs à ' . MAX_TTL . ' secondes ne sont pas autorisés.');
		$new_zone_content .= $matches['domain'] . ' ' . (($matches['ttl'] === '') ? DEFAULT_TTL : $matches['ttl']) . ' ' . $matches['type'] . ' ' . $matches['value'] . LF;
	}

	// Send the zone content to kzonecheck's stdin
	$process = proc_open(CONF['ns']['kzonecheck_path'] . ' --origin ' . $_POST['zone'] . ' --dnssec off -', [0 => ['pipe', 'r']], $pipes);
	if (is_resource($process) !== true)
		output(500, 'Can\'t spawn kzonecheck.');
	fwrite($pipes[0], $new_zone_content);
	fclose($pipes[0]);
	if (proc_close($process) !== 0)
		output(403, 'Le contenu de zone envoyé n\'est pas valide (selon <code>kzonecheck</code>).');

	ratelimit();

	exec(CONF['dns']['knotc_path'] . ' --blocking --timeout 10 zone-freeze ' . $_POST['zone'], $output, $return_code);
	if ($return_code !== 0)
		output(500, 'Failed to freeze zone file.', $output);

	exec(CONF['dns']['knotc_path'] . ' --blocking --timeout 10 zone-flush ' . $_POST['zone'], $output, $return_code);
	if ($return_code !== 0)
		output(500, 'Failed to flush zone file.', $output);

	if (file_put_contents(CONF['ns']['knot_zones_path'] . '/' . $_POST['zone'] . 'zone', $new_zone_content) === false)
		output(500, 'Failed to write zone file.');

	exec(CONF['dns']['knotc_path'] . ' --blocking --timeout 10 zone-reload ' . $_POST['zone'], $output, $return_code);
	if ($return_code !== 0)
		output(500, 'Failed to reload zone file.', $output);

	exec(CONF['dns']['knotc_path'] . ' --blocking --timeout 10 zone-thaw ' . $_POST['zone'], $output, $return_code);
	if ($return_code !== 0)
		output(500, 'Failed to thaw zone file.', $output);

	usleep(1000000);

	output(200, 'La zone a été mise à jour.');
}

?>

<form method="post">
	<label for="zone">Zone à modifier</label>
	<br>
	<select required="" name="zone" id="zone">
		<option value="" disabled="" selected="">-</option>
<?php
if (isset($_SESSION['username']))
	foreach (nsListUserZones($_SESSION['username']) as $zone)
		echo '		<option value="' . $zone . '">' . $zone . '</option>' . LF;
?>
	</select>
	<br>
	<input type="submit" value="Afficher">
</form>

<?php

if (processForm()) { // Display zone
	nsCheckZonePossession($_POST['zone']);

	$zone_content = file_get_contents(CONF['ns']['knot_zones_path'] . '/' . $_POST['zone'] . 'zone');
	if ($zone_content === false)
		output(500, 'Unable to read zone file.');

	$displayed_zone_content = '';
	foreach(explode(LF, $zone_content) as $zone_line) {
		if (empty($zone_line) OR str_starts_with($zone_line, ';'))
			continue;
		if (preg_match('/^(?:(?:[a-z0-9_-]{1,63}\.){1,127})?' . preg_quote($_POST['zone'], '/') . '[\t ]+[0-9]{1,8}[\t ]+(?<type>[A-Z]{1,16})[\t ]+.+$/', $zone_line, $matches)) {
			if (in_array($matches['type'], ALLOWED_TYPES, true) !== true)
				continue;
			$displayed_zone_content .= $zone_line . LF;
		}
	}
	$displayed_zone_content .= LF;

?>
<form method="post">
	<input type="hidden" name="zone" value="<?= $_POST['zone'] ?>">

	<label for="zone-content">Nouveau contenu de la zone <code><strong><?= $_POST['zone'] ?></strong></code></label>
	<textarea id="zone-content" name="zone-content" wrap="off" rows="<?= substr_count($displayed_zone_content, LF) + 1 ?>"><?= htmlspecialchars($displayed_zone_content) ?></textarea>
	<br>
	<input type="submit" value="Remplacer">
</form>

<?php

}

global $final_message;
displayFinalMessage();

?>

<h2>Valeurs par défaut</h2>

<p>Si le TTL est omis, il sera définit à <code><?= DEFAULT_TTL ?></code> secondes.</p>

<p>La précision de la classe (<code>IN</code>) est facultative.</p>

<h2>Valeurs autorisées</h2>

<p>La zone n'est pas autorisée à dépasser <?= ZONE_MAX_CHARACTERS ?> caractères.</p>

<p>Les TTLs ne sont autorisés qu'entre <code><?= MIN_TTL ?></code> et <code><?= MAX_TTL ?></code> secondes.</p>

<p>Les seuls types dont l'édition est autorisée sont :</p>

<ul>
<?php
	foreach (ALLOWED_TYPES as $allowed_type)
		echo '	<li><code>' . $allowed_type . '</code></li>';

?>
</ul>