diff --git a/fn/auth.php b/fn/auth.php index 07c7418..2856b6c 100644 --- a/fn/auth.php +++ b/fn/auth.php @@ -16,12 +16,12 @@ define("OPTIONS_PASSWORD", array( function checkPasswordFormat($password) { if (preg_match("/" . PASSWORD_REGEX . "/u", $password) !== 1) - userError("Password malformed."); + output(403, 'Password malformed.'); } function checkUsernameFormat($username) { if (preg_match("/" . USERNAME_REGEX . "/u", $username) !== 1) - userError("Username malformed."); + output(403, 'Username malformed.'); } function hashPassword($password) { diff --git a/fn/common.php b/fn/common.php index 161c624..b9fc5db 100644 --- a/fn/common.php +++ b/fn/common.php @@ -2,27 +2,19 @@ $final_message = null; -function success($msg = '') { +function output($code, $msg = '') { global $final_message; - if ($msg !== '') - $final_message = "
\n"; -} - -// When the user requests something unexpected -function userError($msg) { - global $final_message; - $final_message = "\n"; - http_response_code(403); - executePage(); -} - -// When the system did something unexpected -function serverError($msg) { - global $final_message; - $final_message = "\n"; - http_response_code(500); - error_log("Niver internal error: " . strip_tags($msg)); - executePage(); + $shortCode = $code / 100 % 10; + $final_message = match ($shortCode) { + 2 => ($msg === '') ? '' : "\n", + 4 => "\n", + 5 => "\n", + }; + http_response_code($code); + if ($shortCode === 5) + error_log("Niver internal error: " . strip_tags($msg)); + if ($code !== 200) + executePage(); } function processForm($requireLogin = true) { @@ -33,7 +25,7 @@ function processForm($requireLogin = true) { if (empty($_POST)) return false; if ($requireLogin AND !isset($_SESSION['username'])) - userError("Vous devez être connecté·e pour effectuer cette action."); + output(403, 'Vous devez être connecté·e pour effectuer cette action.'); return true; } @@ -119,11 +111,12 @@ function redirUrl($pageId) { function redir() { if (isset($_GET['redir'])) { if (preg_match('/^[0-9a-z\/-]{0,128}$/', $_GET['redir']) !== 1) - userError("Wrong character inredir
.");
+ output(403, 'Wrong character in redir
.');
header('Location: ' . CONF['common']['prefix'] . '/' . $_GET['redir']);
} else {
header('Location: ' . CONF['common']['prefix'] . '/');
}
+ exit();
}
// PHP rmdir() only works on empty directories
@@ -133,7 +126,7 @@ function removeDirectory($dir) {
foreach ($files as $file)
$file->isDir() && !$file->isLink() ? rmdir($file->getPathname()) : unlink($file->getPathname());
if (rmdir($dir) !== true)
- serverError("Unable to remove directory.");
+ output(500, 'Unable to remove directory.');
}
function equalArrays($a, $b) {
diff --git a/fn/dns.php b/fn/dns.php
index b0deb2c..1d58f3d 100644
--- a/fn/dns.php
+++ b/fn/dns.php
@@ -3,20 +3,20 @@
function knotcConfExec($cmds) {
exec(CONF['dns']['knotc_path'] . " conf-begin", $output['begin'], $code['begin']);
if ($code['begin'] !== 0)
- serverError("knotcConfExec: knotc
failed with exit code " . $code['begin'] . ": " . $output['begin'][0] . ".");
+ output(500, 'knotcConfExec: knotc
failed with exit code ' . $code['begin'] . ': ' . $output['begin'][0] . '.');
foreach ($cmds as $cmd) {
exec(CONF['dns']['knotc_path'] . " conf-" . $cmd, $output['op'], $code['op']);
if ($code['op'] !== 0) {
exec(CONF['dns']['knotc_path'] . " conf-abort");
- serverError("knotcConfExec: knotc
failed with exit code " . $code['op'] . ": " . $output['op'][0] . ".");
+ output(500, 'knotcConfExec: knotc
failed with exit code ' . $code['op'] . ': ' . $output['op'][0] . '.');
}
}
exec(CONF['dns']['knotc_path'] . " conf-commit", $output['commit'], $code['commit']);
if ($code['commit'] !== 0) {
exec(CONF['dns']['knotc_path'] . " conf-abort");
- serverError("knotcConfExec: knotc
failed with exit code " . $code['commit'] . ": " . $output['commit'][0] . ".");
+ output(500, 'knotcConfExec: knotc
failed with exit code ' . $code['commit'] . ': ' . $output['commit'][0] . '.');
}
}
@@ -25,18 +25,18 @@ function knotcZoneExec($zone, $cmd) {
exec(CONF['dns']['knotc_path'] . " zone-begin " . $zone, $output['begin'], $code['begin']);
if ($code['begin'] !== 0)
- serverError("knotcZoneExec: knotc
failed with exit code " . $code['begin'] . ": " . $output['begin'][0] . ".");
+ output(500, 'knotcZoneExec: knotc
failed with exit code ' . $code['begin'] . ': ' . $output['begin'][0] . '.');
exec(CONF['dns']['knotc_path'] . " zone-" . $action . "set " . $zone . " " . implode(" ", $cmd), $output['op'], $code['op']);
if ($code['op'] !== 0) {
exec(CONF['dns']['knotc_path'] . " zone-abort " . $zone);
- serverError("knotcZoneExec: knotc
failed with exit code " . $code['op'] . ": " . $output['op'][0] . ".");
+ output(500, 'knotcZoneExec: knotc
failed with exit code ' . $code['op'] . ': ' . $output['op'][0] . '.');
}
exec(CONF['dns']['knotc_path'] . " zone-commit " . $zone, $output['commit'], $code['commit']);
if ($code['commit'] !== 0) {
exec(CONF['dns']['knotc_path'] . " zone-abort " . $zone);
- serverError("knotcZoneExec: knotc
failed with exit code " . $code['commit'] . ": " . $output['commit'][0] . ".");
+ output(500, 'knotcZoneExec: knotc
failed with exit code ' . $code['commit'] . ': ' . $output['commit'][0] . '.');
}
}
@@ -45,13 +45,13 @@ function checkIpFormat($ip) {
return "A";
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
return "AAAA";
- userError("IP address malformed.");
+ output(403, 'IP address malformed.');
}
function checkAbsoluteDomainFormat($domain) {
// If the domain must end with a dot
if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match("/^([a-z0-9_-]{1,63}\.){2,127}$/", $domain))
- userError("Domain malformed.");
+ output(403, 'Domain malformed.');
}
function formatEndWithDot($str) {
@@ -70,6 +70,6 @@ function checkAction($action) {
return match ($action) {
'add' => '',
'delete' => 'un',
- default => userError("Wrong value for action."),
+ default => output(403, 'Wrong value for action.'),
};
}
diff --git a/fn/ht.php b/fn/ht.php
index 0869500..27f5a59 100644
--- a/fn/ht.php
+++ b/fn/ht.php
@@ -3,7 +3,7 @@
function checkDomainFormat($domain) {
// If the domain must end without a dot
if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match("/^([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}$/", $domain))
- userError("Domain malformed.");
+ output(403, 'Domain malformed.');
}
function formatDomain($domain) {
@@ -49,17 +49,17 @@ function htDeleteSite($dir, $domainType, $protocol) {
if ($domainType === 'onion') {
// Delete Tor config
if (unlink(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username'] . '/' . $dir) !== true)
- serverError("Failed to delete Tor configuration.");
+ output(500, 'Failed to delete Tor configuration.');
// Reload Tor
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload " . CONF['ht']['tor_service'], $output, $code);
if ($code !== 0)
- serverError("Failed to reload Tor.");
+ output(500, 'Failed to reload Tor.');
// Delete Tor keys
exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['rm_path'] . ' --recursive ' . CONF['ht']['tor_keys_path'] . '/' . $_SESSION['username'] . '/' . $dir, $output, $code);
if ($code !== 0)
- serverError("Failed to delete Tor keys.");
+ output(500, 'Failed to delete Tor keys.');
}
// Delete Nginx config
@@ -70,18 +70,18 @@ function htDeleteSite($dir, $domainType, $protocol) {
'site_dir' => $dir,
], 'domain')[0];
if (unlink(CONF['ht']['nginx_config_path'] . '/' . $domain . '.conf') !== true)
- serverError("Failed to delete Nginx configuration.");
+ output(500, 'Failed to delete Nginx configuration.');
// Reload Nginx
exec(CONF['ht']['sudo_path'] . ' ' . CONF['ht']['systemctl_path'] . ' reload nginx', result_code: $code);
if ($code !== 0)
- serverError("Failed to reload Nginx.");
+ output(500, 'Failed to reload Nginx.');
if ($domainType === 'dns') {
// Delete Let's Encrypt certificate
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['certbot_path'] . " delete --quiet --cert-name " . $domain, $output, $code);
if ($code !== 0)
- serverError("Certbot failed to delete the Let's Encrypt certificate.");
+ output(500, 'Certbot failed to delete the Let\'s Encrypt certificate.');
}
// Delete from database
diff --git a/fn/ns.php b/fn/ns.php
index 378d612..15dd637 100644
--- a/fn/ns.php
+++ b/fn/ns.php
@@ -20,7 +20,7 @@ function nsParseCommonRequirements() {
$values['ttl'] = $_POST['ttl-value'] * $_POST['ttl-multiplier'];
if (!($values['ttl'] >= 300 AND $values['ttl'] <= 432000))
- userError("Le TTL doit être compris entre 5 minutes et 5 jours (entre 300 et 432000 secondes).");
+ output(403, 'Le TTL doit être compris entre 5 minutes et 5 jours (entre 300 et 432000 secondes).');
return $values;
}
@@ -33,7 +33,7 @@ function nsCheckZonePossession($zone) {
checkAbsoluteDomainFormat($zone);
if (!in_array($zone, query('select', 'zones', ['username' => $_SESSION['username']], 'zone'), true))
- userError("You don't own this zone on the nameserver.");
+ output(403, 'You don\'t own this zone on the nameserver.');
}
function nsDeleteZone($zone) {
@@ -42,7 +42,7 @@ function nsDeleteZone($zone) {
// Remove Knot zone file
if(unlink(CONF['ns']['knot_zones_path'] . '/' . $zone . 'zone') !== true)
- serverError("Failed to remove Knot zone file.");
+ output(500, 'Failed to remove Knot zone file.');
// Remove Knot related data
exec(CONF['dns']['knotc_path'] . " zone-purge " . $zone);
diff --git a/fn/reg.php b/fn/reg.php
index 1a755e1..53359a3 100644
--- a/fn/reg.php
+++ b/fn/reg.php
@@ -6,17 +6,17 @@ function regListUserDomains($username) {
function regCheckDomainPossession($domain) {
if (in_array($domain, regListUserDomains($_SESSION['username']), true) !== true)
- userError("You don't own this domain.");
+ output(403, 'You don\'t own this domain.');
}
function regDeleteDomain($domain) {
// Delete domain from registry file
$regFile = file_get_contents(CONF['reg']['registry_file']);
if ($regFile === false)
- serverError("Failed to read current registry File.");
+ output(500, 'Failed to read current registry File.');
$regFile = preg_replace("#[^\n]{0,1024}" . $domain . " {0,1024}[^\n]{0,1024}\n#", "", $regFile);
if (file_put_contents(CONF['reg']['registry_file'], $regFile) === false)
- serverError("Failed to write new registry file.");
+ output(500, 'Failed to write new registry file.');
// Delete from Niver's database
query('delete', 'registry', [
diff --git a/pages/auth/login.php b/pages/auth/login.php
index 47f51a9..fd23469 100644
--- a/pages/auth/login.php
+++ b/pages/auth/login.php
@@ -6,10 +6,10 @@ if (processForm(false)) {
checkUsernameFormat($_POST['username']);
if (userExist($_POST['username']) !== true)
- userError("Connexion impossible : ce compte n'existe pas.");
+ output(403, 'Connexion impossible : ce compte n\'existe pas.');
if (checkPassword($_POST['username'], $_POST['password']) !== true)
- userError("Connexion impossible : clé de passe invalide.");
+ output(403, 'Connexion impossible : clé de passe invalide.');
$_SESSION['username'] = $_POST['username'];
@@ -17,8 +17,6 @@ if (processForm(false)) {
changePassword($_SESSION['username'], $_POST['password']);
redir();
-
- success("Connecté·e.");
}
?>
diff --git a/pages/auth/logout.php b/pages/auth/logout.php
index 20673f6..3ceb61a 100644
--- a/pages/auth/logout.php
+++ b/pages/auth/logout.php
@@ -5,4 +5,3 @@ if (session_status() === PHP_SESSION_ACTIVE)
header('Clear-Site-Data: "*"');
redir();
-success("Déconnecté·e.");
diff --git a/pages/auth/password.php b/pages/auth/password.php
index 081e687..5ff0526 100644
--- a/pages/auth/password.php
+++ b/pages/auth/password.php
@@ -4,11 +4,11 @@ if (processForm()) {
checkPasswordFormat($_POST['newPassword']);
if (checkPassword($_SESSION['username'], $_POST['currentPassword']) !== true)
- userError("Changement impossible : clé de passe invalide.");
+ output(403, 'Changement impossible : clé de passe invalide.');
changePassword($_SESSION['username'], $_POST['newPassword']);
- success("Clé de passe changée.");
+ output(200, 'Clé de passe changée.');
}
?>
diff --git a/pages/auth/register.php b/pages/auth/register.php
index 936bfde..9ecce6f 100644
--- a/pages/auth/register.php
+++ b/pages/auth/register.php
@@ -6,24 +6,24 @@ if (processForm(false)) {
checkUsernameFormat($_POST['username']);
if (userExist($_POST['username']) !== false)
- userError("Ce nom de compte est déjà utilisé.");
+ output(403, 'Ce nom de compte est déjà utilisé.');
// Setup SFTP directory
umask(0002);
if (mkdir(CONF['ht']['ht_path'] . "/" . $_POST['username'], 0775) !== true)
- serverError("Can't create user directory.");
+ output(500, 'Can\'t create user directory.');
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['chgrp_path'] . " " . CONF['ht']['sftpgo_group'] . " " . CONF['ht']['ht_path'] . "/" . $_POST['username'] . " --no-dereference", result_code: $code);
if ($code !== 0)
- serverError("Can't change user directory group.");
+ output(500, 'Can\'t change user directory group.');
// Setup Tor config directory
if (mkdir(CONF['ht']['tor_config_path'] . "/" . $_POST['username'], 0755) !== true)
- serverError("Can't create Tor config directory.");
+ output(500, 'Can\'t create Tor config directory.');
// Setup Tor keys directory
exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['mkdir_path'] . " --mode=0700 " . CONF['ht']['tor_keys_path'] . "/" . $_POST['username'], result_code: $code);
if ($code !== 0)
- serverError("Can't create Tor keys directory.");
+ output(500, 'Can\'t create Tor keys directory.');
insert('users', [
'username' => $_POST['username'],
@@ -34,8 +34,6 @@ if (processForm(false)) {
$_SESSION['username'] = $_POST['username'];
redir();
-
- success("Compte créé.");
}
?>
diff --git a/pages/auth/unregister.php b/pages/auth/unregister.php
index a819355..2543ef7 100644
--- a/pages/auth/unregister.php
+++ b/pages/auth/unregister.php
@@ -2,7 +2,7 @@
if (processForm()) {
if (!isset($_POST['delete']))
- userError("Il faut confirmer la suppression du compte");
+ output(403, 'Il faut confirmer la suppression du compte');
foreach (query('select', 'registry', ['username' => $_SESSION['username']], 'domain') as $domain)
regDeleteDomain($domain);
@@ -26,19 +26,19 @@ if (processForm()) {
exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['rm_path'] . " --recursive " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'], result_code: $code);
if ($code !== 0)
- serverError("Can't remove Tor keys directory.");
+ output(500, 'Can\'t remove Tor keys directory.');
removeDirectory(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username']);
exec(CONF['ht']['sudo_path'] . ' ' . CONF['ht']['rm_path'] . ' --recursive ' . CONF['ht']['ht_path'] . '/' . $_SESSION['username'], result_code: $code);
if ($code !== 0)
- serverError("Can't remove user's directory.");
+ output(500, 'Can\'t remove user\'s directory.');
query('delete', 'users', ['username' => $_SESSION['username']]);
require "logout.php";
- success("Compte supprimé.");
+ output(200, 'Compte supprimé.');
}
?>
diff --git a/pages/ht/add-http-dns.php b/pages/ht/add-http-dns.php
index 5a27f3e..8833bf7 100644
--- a/pages/ht/add-http-dns.php
+++ b/pages/ht/add-http-dns.php
@@ -9,28 +9,28 @@ if (processForm()) {
$_POST['domain'] = formatDomain($_POST['domain']);
if ($dirsStatuses[$_POST['dir']] !== false)
- userError("Wrong value for dir
.");
+ output(403, 'Wrong value for dir
.');
if (query('select', 'sites', ['domain' => $_POST['domain']], 'domain') !== [])
- userError("Ce domaine existe déjà sur ce service.");
+ output(403, 'Ce domaine existe déjà sur ce service.');
$remoteAaaaRecords = dns_get_record($_POST['domain'], DNS_AAAA);
if (is_array($remoteAaaaRecords) !== true)
- userError("Ce domaine n'existe pas.");
+ output(403, 'Ce domaine n\'existe pas.');
if (equalArrays([CONF['ht']['ipv6_address']], array_column($remoteAaaaRecords, 'ipv6')) !== true)
- userError("Ce domaine doit avoir pour unique enregistrement AAAA " . CONF['ht']['ipv6_address'] . "
.");
+ output(403, 'Ce domaine doit avoir pour unique enregistrement AAAA ' . CONF['ht']['ipv6_address'] . '
.');
$remoteARecords = dns_get_record($_POST['domain'], DNS_A);
if (is_array($remoteARecords) !== true)
- userError("Ce domaine n'existe pas.");
+ output(403, 'Ce domaine n\'existe pas.');
if (equalArrays([CONF['ht']['ipv4_address']], array_column($remoteARecords, 'ip')) !== true)
- userError("Ce domaine doit avoir pour unique enregistrement A " . CONF['ht']['ipv4_address'] . "
.");
+ output(403, 'Ce domaine doit avoir pour unique enregistrement A ' . CONF['ht']['ipv4_address'] . '
.');
addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], "dns", "http");
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['certbot_path'] . " certonly --quiet" . (CONF['ht']['letsencrypt_use_production'] ? '' : ' --test-cert') . " --key-type rsa --rsa-key-size 3072 --webroot --webroot-path /srv/niver/acme --domain " . $_POST['domain'], $output, $returnCode);
if ($returnCode !== 0)
- serverError("Certbot failed to get a Let's Encrypt certificate.");
+ output(500, 'Certbot failed to get a Let\'s Encrypt certificate.');
$nginxConf = 'server {
listen [' . CONF['ht']['ipv6_listen_address'] . ']:' . CONF['ht']['https_port'] . ' ssl http2;
@@ -45,14 +45,14 @@ if (processForm()) {
}
';
if (file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf", $nginxConf) === false)
- serverError("Failed to write Nginx configuration.");
+ output(500, 'Failed to write Nginx configuration.');
// Reload Nginx
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", result_code: $code);
if ($code !== 0)
- serverError("Failed to reload Nginx.");
+ output(500, 'Failed to reload Nginx.');
- success("Accès HTTP par domaine ajouté sur ce dossier !");
+ output(200, 'Accès HTTP par domaine ajouté sur ce dossier !');
}
?>
diff --git a/pages/ht/add-http-onion.php b/pages/ht/add-http-onion.php
index a7c39c7..be7ca24 100644
--- a/pages/ht/add-http-onion.php
+++ b/pages/ht/add-http-onion.php
@@ -7,25 +7,25 @@ else
if (processForm()) {
if ($dirsStatuses[$_POST['dir']] !== false)
- userError("Wrong value for dir
.");
+ output(403, 'Wrong value for dir
.');
// Add Tor config
$torConf = "HiddenServiceDir " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'] . "/" . $_POST['dir'] . "/
HiddenServicePort 80 [::1]:" . CONF['ht']['internal_onion_http_port'] . "
";
if (file_put_contents(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'], $torConf) === false)
- serverError("Failed to write new Tor configuration.");
+ output(500, 'Failed to write new Tor configuration.');
// Reload Tor
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload " . CONF['ht']['tor_service'], $output, $code);
if ($code !== 0)
- serverError("Failed to reload Tor.");
+ output(500, 'Failed to reload Tor.');
// Get the address generated by Tor
exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['cat_path'] . ' ' . CONF['ht']['tor_keys_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . '/hostname', $output);
$onion = $output[0];
if (preg_match("/[0-9a-z]{56}\.onion/", $onion) !== 1)
- serverError("No onion address found.");
+ output(500, 'No onion address found.');
// Store it in the database
addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "http");
@@ -40,15 +40,15 @@ if (processForm()) {
}
';
if (file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $onion . ".conf", $nginxConf) === false)
- serverError("Failed to write Nginx configuration.");
+ output(500, 'Failed to write Nginx configuration.');
// Reload Nginx
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", result_code: $code);
if ($code !== 0)
- serverError("Failed to reload Nginx.");
+ output(500, 'Failed to reload Nginx.');
// Tell the user their site address
- success("L'adresse de votre service Onion HTTP est : http://" . $onion . "/");
+ output(200, 'L\'adresse de votre service Onion HTTP est : http://' . $onion . '/
');
}
?>
diff --git a/pages/ht/del-http-dns.php b/pages/ht/del-http-dns.php
index 69943a2..24944e3 100644
--- a/pages/ht/del-http-dns.php
+++ b/pages/ht/del-http-dns.php
@@ -7,11 +7,11 @@ else
if (processForm()) {
if ($dirsStatuses[$_POST['dir']] !== true)
- userError("Wrong value for dir
.");
+ output(403, 'Wrong value for dir
.');
htDeleteSite($_POST['dir'], domainType: 'dns', protocol: 'http');
- success("Accès retiré.");
+ output(200, 'Accès retiré.');
}
?>
diff --git a/pages/ht/del-http-onion.php b/pages/ht/del-http-onion.php
index a29ec25..d67082a 100644
--- a/pages/ht/del-http-onion.php
+++ b/pages/ht/del-http-onion.php
@@ -7,11 +7,11 @@ else
if (processForm()) {
if ($dirsStatuses[$_POST['dir']] !== true)
- userError("Wrong value for dir
.");
+ output(403, 'Wrong value for dir
.');
htDeleteSite($_POST['dir'], domainType: 'onion', protocol: 'http');
- success("Accès retiré.");
+ output(200, 'Accès retiré.');
}
?>
diff --git a/pages/ns/caa.php b/pages/ns/caa.php
index 81dbb93..f6a99a5 100644
--- a/pages/ns/caa.php
+++ b/pages/ns/caa.php
@@ -4,13 +4,13 @@ if (processForm()) {
$values = nsParseCommonRequirements();
if (!($_POST['flag'] >= 0 AND $_POST['flag'] <= 255))
- userError("Wrong value for flag
.");
+ output(403, 'Wrong value for flag
.');
if (!(preg_match("/^[a-z]{1,127}$/", $_POST['tag'])))
- userError("Wrong value for tag
.");
+ output(403, 'Wrong value for tag
.');
if (!(preg_match("/^[a-z0-9.-]{1,255}$/", $_POST['value'])))
- userError("Wrong value for value
.");
+ output(403, 'Wrong value for value
.');
knotcZoneExec($_POST['zone'], array(
$values['domain'],
@@ -21,7 +21,7 @@ if (processForm()) {
$_POST['value']
));
- success("Enregistrement ajouté");
+ output(200, 'Enregistrement ajouté');
}
?>
diff --git a/pages/ns/cname.php b/pages/ns/cname.php
index 78a0a1d..4326af7 100644
--- a/pages/ns/cname.php
+++ b/pages/ns/cname.php
@@ -12,7 +12,7 @@ if (processForm()) {
$_POST['cname']
));
- success("Enregistrement ajouté");
+ output(200, 'Enregistrement ajouté');
}
?>
diff --git a/pages/ns/dname.php b/pages/ns/dname.php
index ae2ed42..105aaf1 100644
--- a/pages/ns/dname.php
+++ b/pages/ns/dname.php
@@ -12,7 +12,7 @@ if (processForm()) {
$_POST['dname']
));
- success("Enregistrement ajouté");
+ output(200, 'Enregistrement ajouté');
}
?>
diff --git a/pages/ns/ip.php b/pages/ns/ip.php
index 613af2e..c536490 100644
--- a/pages/ns/ip.php
+++ b/pages/ns/ip.php
@@ -12,7 +12,7 @@ if (processForm()) {
$_POST['ip']
));
- success("Enregistrement ajouté");
+ output(200, 'Enregistrement ajouté');
}
?>
diff --git a/pages/ns/loc.php b/pages/ns/loc.php
index d139a5c..fa78b7b 100644
--- a/pages/ns/loc.php
+++ b/pages/ns/loc.php
@@ -19,36 +19,36 @@ if (processForm()) {
$_POST['vp'] = 10;
if (!($_POST['lat-deg'] >= 0 AND $_POST['lat-deg'] <= 90))
- userError("Wrong value for lat-deg
.");
+ output(403, 'Wrong value for lat-deg
.');
if (!($_POST['lat-min'] >= 0 AND $_POST['lat-min'] <= 59))
- userError("Wrong value for lat-min
.");
+ output(403, 'Wrong value for lat-min
.');
if (!($_POST['lat-sec'] >= 0 AND $_POST['lat-sec'] <= 59.999))
- userError("Wrong value for lat-sec
.");
+ output(403, 'Wrong value for lat-sec
.');
if ($_POST['lat-dir'] !== "N" AND $_POST['lat-dir'] !== "S")
- userError("Wrong value for lat-dir
.");
+ output(403, 'Wrong value for lat-dir
.');
if (!($_POST['lon-deg'] >= 0 AND $_POST['lon-deg'] <= 180))
- userError("Wrong value for lon-deg
.");
+ output(403, 'Wrong value for lon-deg
.');
if (!($_POST['lon-min'] >= 0 AND $_POST['lon-min'] <= 59))
- userError("Wrong value for lon-min
.");
+ output(403, 'Wrong value for lon-min
.');
if (!($_POST['lon-sec'] >= 0 AND $_POST['lon-sec'] <= 59.999))
- userError("Wrong value for lon-sec
.");
+ output(403, 'Wrong value for lon-sec
.');
if ($_POST['lon-dir'] !== "E" AND $_POST['lon-dir'] !== "W")
- userError("Wrong value for lon-dir
.");
+ output(403, 'Wrong value for lon-dir
.');
if (!($_POST['alt'] >= -100000 AND $_POST['alt'] <= 42849672.95))
- userError("Wrong value for alt
.");
+ output(403, 'Wrong value for alt
.');
if (!($_POST['size'] >= 0 AND $_POST['size'] <= 90000000))
- userError("Wrong value for size
.");
+ output(403, 'Wrong value for size
.');
if (!($_POST['hp'] >= 0 AND $_POST['hp'] <= 90000000))
- userError("Wrong value for hp
.");
+ output(403, 'Wrong value for hp
.');
if (!($_POST['vp'] >= 0 AND $_POST['vp'] <= 90000000))
- userError("Wrong value for vp
.");
+ output(403, 'Wrong value for vp
.');
knotcZoneExec($_POST['zone'], array(
$values['domain'],
@@ -68,7 +68,7 @@ if (processForm()) {
$_POST['vp'] . 'm',
));
- success("Enregistrement ajouté");
+ output(200, 'Enregistrement ajouté');
}
?>
diff --git a/pages/ns/mx.php b/pages/ns/mx.php
index 0b0a502..baac8bb 100644
--- a/pages/ns/mx.php
+++ b/pages/ns/mx.php
@@ -4,7 +4,7 @@ if (processForm()) {
$values = nsParseCommonRequirements();
if (!($_POST['priority'] >= 0 AND $_POST['priority'] <= 255))
- userError("Wrong value for priority
.");
+ output(403, 'Wrong value for priority
.');
$_POST['host'] = formatAbsoluteDomain($_POST['host']);
@@ -16,7 +16,7 @@ if (processForm()) {
$_POST['host']
));
- success("Enregistrement ajouté");
+ output(200, 'Enregistrement ajouté');
}
?>
diff --git a/pages/ns/ns.php b/pages/ns/ns.php
index 1889deb..82c2bf4 100644
--- a/pages/ns/ns.php
+++ b/pages/ns/ns.php
@@ -12,7 +12,7 @@ if (processForm()) {
$_POST['ns']
));
- success("Enregistrement ajouté");
+ output(200, 'Enregistrement ajouté');
}
?>
diff --git a/pages/ns/print.php b/pages/ns/print.php
index 728bb2c..727caa0 100644
--- a/pages/ns/print.php
+++ b/pages/ns/print.php
@@ -29,11 +29,11 @@ if (processForm()) {
$zoneContent = file_get_contents(CONF['ns']['knot_zones_path'] . '/' . $_POST['zone'] . 'zone');
if ($zoneContent === false)
- serverError("Unable to read zone file.");
+ output(500, 'Unable to read zone file.');
if ($_POST['print'] === 'raw') {
echo '' . htmlspecialchars($zoneContent) . ''; - success(); + output(200); } if ($_POST['print'] === 'table') { ?> @@ -63,7 +63,7 @@ if (processForm()) { $found = preg_match("#\n" . preg_quote($_POST['zone']) . "\s+0\s+CDS\s+([0-9]{1,5})\s+([0-9]{1,2})\s+([0-9])\s+([0-9A-F]{64})\n#", $zoneContent, $matches); if ($found !== 1) - serverError("Unable to get public key record from zone file."); + output(500, 'Unable to get public key record from zone file.'); $tag = $matches[1]; $algo = $matches[2]; @@ -96,6 +96,6 @@ if (processForm()) { = 0 AND $_POST['priority'] <= 65535)) - userError("Wrong value for
priority
.");
+ output(403, 'Wrong value for priority
.');
if (!($_POST['weight'] >= 0 AND $_POST['weight'] <= 65535))
- userError("Wrong value for weight
.");
+ output(403, 'Wrong value for weight
.');
if (!($_POST['port'] >= 0 AND $_POST['port'] <= 65535))
- userError("Wrong value for port
.");
+ output(403, 'Wrong value for port
.');
$_POST['target'] = formatAbsoluteDomain($_POST['target']);
@@ -24,7 +24,7 @@ if (processForm()) {
$_POST['target']
));
- success("Enregistrement ajouté");
+ output(200, 'Enregistrement ajouté');
}
?>
diff --git a/pages/ns/sshfp.php b/pages/ns/sshfp.php
index a048981..06adf2c 100644
--- a/pages/ns/sshfp.php
+++ b/pages/ns/sshfp.php
@@ -4,13 +4,13 @@ if (processForm()) {
$values = nsParseCommonRequirements();
if (!($_POST['algo'] === "1" OR $_POST['algo'] === "3" OR $_POST['algo'] === "4"))
- userError("Wrong value for algo
.");
+ output(403, 'Wrong value for algo
.');
if (!($_POST['type'] === "2"))
- userError("Wrong value for type
.");
+ output(403, 'Wrong value for type
.');
if (!(preg_match("/^[a-z0-9]{64}$/", $_POST['fp'])))
- userError("Wrong value for fp
.");
+ output(403, 'Wrong value for fp
.');
knotcZoneExec($_POST['zone'], array(
$values['domain'],
@@ -21,7 +21,7 @@ if (processForm()) {
$_POST['fp']
));
- success("Enregistrement ajouté");
+ output(200, 'Enregistrement ajouté');
}
?>
diff --git a/pages/ns/tlsa.php b/pages/ns/tlsa.php
index 3ba9ee2..532f20e 100644
--- a/pages/ns/tlsa.php
+++ b/pages/ns/tlsa.php
@@ -4,16 +4,16 @@ if (processForm()) {
$values = nsParseCommonRequirements();
if (!($_POST['use'] >= 0 AND $_POST['use'] <= 3))
- userError("Wrong value for use
.");
+ output(403, 'Wrong value for use
.');
if (!($_POST['selector'] === "0" OR $_POST['selector'] === "1"))
- userError("Wrong value for selector
.");
+ output(403, 'Wrong value for selector
.');
if (!($_POST['type'] >= 0 AND $_POST['type'] <= 2))
- userError("Wrong value for type
.");
+ output(403, 'Wrong value for type
.');
if (!(preg_match("/^[a-zA-Z0-9.-]{1,1024}$/", $_POST['content'])))
- userError("Wrong value for content
.");
+ output(403, 'Wrong value for content
.');
knotcZoneExec($_POST['zone'], array(
$values['domain'],
@@ -25,7 +25,7 @@ if (processForm()) {
$_POST['content']
));
- success("Enregistrement ajouté");
+ output(200, 'Enregistrement ajouté');
}
?>
diff --git a/pages/ns/txt.php b/pages/ns/txt.php
index 13e1afd..dd98b20 100644
--- a/pages/ns/txt.php
+++ b/pages/ns/txt.php
@@ -4,7 +4,7 @@ if (processForm()) {
$values = nsParseCommonRequirements();
if (!(preg_match("/^[a-zA-Z0-9 =:!%$+\/\()[\]_-]{5,8192}$/", $_POST['txt'])))
- userError("Wrong value for txt
.");
+ output(403, 'Wrong value for txt
.');
knotcZoneExec($_POST['zone'], array(
$values['domain'],
@@ -13,7 +13,7 @@ if (processForm()) {
"\"" . $_POST['txt'] . "\""
));
- success("Enregistrement ajouté");
+ output(200, 'Enregistrement ajouté');
}
?>
diff --git a/pages/ns/zone-add.php b/pages/ns/zone-add.php
index a3bb6c8..503f355 100644
--- a/pages/ns/zone-add.php
+++ b/pages/ns/zone-add.php
@@ -4,7 +4,7 @@ if (processForm()) {
$_POST['domain'] = formatAbsoluteDomain($_POST['domain']);
if (query('select', 'zones', ['zone' => $_POST['domain']], 'zone') !== [])
- userError("Cette zone existe déjà sur ce service.");
+ output(403, 'Cette zone existe déjà sur ce service.');
exec(CONF['ns']['kdig_path'] . " " . ltrim(strstr($_POST['domain'], '.'), '.') . " NS +short", $parentAuthoritatives);
foreach ($parentAuthoritatives as $parentAuthoritative)
@@ -12,7 +12,7 @@ if (processForm()) {
exec(CONF['ns']['kdig_path'] . " " . $_POST['domain'] . " NS @" . $parentAuthoritatives[0], $results);
preg_match_all('/' . preg_quote($_POST['domain'], '/') . '[\t ]+[0-9]{1,8}[\t ]+IN[\t ]+NS[\t ]+(.+)\n/', implode("\n", $results), $matches);
if (equalArrays(CONF['ns']['servers'], $matches[1]) !== true)
- userError("Les serveurs ayant autorité dans cette zone indiqués par la zone parente ne sont pas ceux de Niver.");
+ output(403, 'Les serveurs ayant autorité dans cette zone indiqués par la zone parente ne sont pas ceux de Niver.');
insert('zones', [
'zone' => $_POST['domain'],
@@ -24,16 +24,16 @@ if (processForm()) {
foreach (CONF['ns']['servers'] as $server)
$knotZone .= $_POST['domain'] . ' 86400 NS ' . $server . "\n";
if (is_int(file_put_contents($knotZonePath, $knotZone)) !== true)
- serverError("Failed to write new zone file.");
+ output(500, 'Failed to write new zone file.');
if (chmod($knotZonePath, 0660) !== true)
- serverError("Failed to chmod new zone file.");
+ output(500, 'Failed to chmod new zone file.');
knotcConfExec([
"set 'zone[" . $_POST['domain'] . "]'",
"set 'zone[" . $_POST['domain'] . "].template' 'niver-ns'",
]);
- success("La requête a été traitée.");
+ output(200, 'La requête a été traitée.');
}
?>
diff --git a/pages/ns/zone-del.php b/pages/ns/zone-del.php
index c099c73..359944d 100644
--- a/pages/ns/zone-del.php
+++ b/pages/ns/zone-del.php
@@ -5,7 +5,7 @@ if (processForm()) {
nsDeleteZone($_POST['zone']);
- success("Zone effacée.");
+ output(200, 'Zone effacée.');
}
?>
diff --git a/pages/reg/ds.php b/pages/reg/ds.php
index b5197d3..bc5100c 100644
--- a/pages/reg/ds.php
+++ b/pages/reg/ds.php
@@ -12,14 +12,14 @@ if (processForm()) {
AND ($_POST['algo'] !== "14")
AND ($_POST['algo'] !== "15")
AND ($_POST['algo'] !== "16")
- ) userError("Wrong value for algo
.");
+ ) output(403, 'Wrong value for algo
.');
$_POST['keytag'] = intval($_POST['keytag']);
if ((!preg_match("/^[0-9]{1,6}$/", $_POST['keytag'])) OR !($_POST['keytag'] >= 1) OR !($_POST['keytag'] <= 65535))
- userError("Wrong value for keytag
.");
+ output(403, 'Wrong value for keytag
.');
if ($_POST['dt'] !== "2" AND $_POST['dt'] !== "4")
- userError("Wrong value for dt
.");
+ output(403, 'Wrong value for dt
.');
regCheckDomainPossession($_POST['zone']);
@@ -35,7 +35,7 @@ if (processForm()) {
$_POST['key']
));
- success("La requête a été envoyée à Knot");
+ output(200, 'La requête a été envoyée à Knot');
}
?>
diff --git a/pages/reg/glue.php b/pages/reg/glue.php
index d7d05d1..7505c5a 100644
--- a/pages/reg/glue.php
+++ b/pages/reg/glue.php
@@ -14,7 +14,7 @@ if (processForm()) {
$_POST['ip']
));
- success("Glue record ajouté");
+ output(200, 'Glue record ajouté');
}
?>
diff --git a/pages/reg/ns.php b/pages/reg/ns.php
index fd8ffc4..c207436 100644
--- a/pages/reg/ns.php
+++ b/pages/reg/ns.php
@@ -11,7 +11,7 @@ if (processForm()) {
$_POST['ns']
));
- success("Modification effectuée avec succès");
+ output(200, 'Modification effectuée avec succès');
}
?>
diff --git a/pages/reg/print.php b/pages/reg/print.php
index 268e382..1e8e4fb 100644
--- a/pages/reg/print.php
+++ b/pages/reg/print.php
@@ -19,7 +19,7 @@ if (processForm()) {
$zoneContent = file_get_contents(CONF['reg']['registry_file']);
if ($zoneContent === false)
- serverError("Unable to read registry file.");
+ output(500, 'Unable to read registry file.');
?>
Sec-Fetch-Site
HTTP header)");
+ output(403, 'Anti-CSRF verification failed ! (Wrong or unset Sec-Fetch-Site
HTTP header)');
function executePage() {
require "pages/" . PAGE_ADDRESS . ".php";