Better segmentation between services

2022-04-23 01:57:43 +02:00 · 2022-04-23 01:57:43 +02:00 · b1f54aa155
parent 9a2eb0a18e
commit b1f54aa155
39 changed files with 211 additions and 232 deletions
--- a/inc/auth.php
+++ b/inc/auth.php
@ -1,9 +1,51 @@
 <?php

+define("USERNAME_REGEX", "^[a-z]{4,32}$");
+define("PASSWORD_REGEX", "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])[a-zA-Z0-9]{8,1024}|.{10,1024}$");
+
+define("ORIGIN", "https://niver.test:42443");
+
+// Password storage security
+define("ALGO_PASSWORD", PASSWORD_ARGON2ID);
+define("OPTIONS_PASSWORD", array(
+	"memory_cost" => 65536,
+	"time_cost" => 24,
+	"threads" => 64,
+));
+
+function checkPasswordFormat($password) {
+	return preg_match("/" . PASSWORD_REGEX . "/", $password);
+}
+
+function checkUsernameFormat($username) {
+	return preg_match("/" . USERNAME_REGEX . "/", $username);
+}
+
 function hashPassword($password) {
 	return password_hash($password, ALGO_PASSWORD, OPTIONS_PASSWORD);
 }

+function userExist($username) {
+	$usernameArray[0] = $username;
+
+	$db = new PDO('sqlite:' . DB_PATH);
+
+	$op = $db->prepare('SELECT username FROM users WHERE username = ?');
+	$op->execute($usernameArray);
+
+	$data = $op->fetch();
+	if (isset($data['username']))
+		$dbUsername = $data['username'];
+	else
+		$dbUsername = NULL;
+
+	if (isset($dbUsername)) {
+		return true;
+	} else {
+		return false;
+	}
+}
+
 function checkPassword($username, $password) {
 	$username2[0] = $username;

@ -42,16 +84,3 @@ function changePassword($username, $password) {

 	$stmt->execute();
 }
-
-function antiCSRF() {
-
-	if (!isset($_SERVER['HTTP_SEC_FETCH_SITE']) AND !isset($_SERVER['HTTP_ORIGIN']))
-		exit("ERROR: Browser sent neither Sec-Fetch-Site nor Origin HTTP headers, so anti-CSRF verification can't be done.");
-
-	if (isset($_SERVER['HTTP_ORIGIN']) AND $_SERVER['HTTP_ORIGIN'] !== ORIGIN)
-		exit("ERROR: Anti-CSRF verification failed");
-
-	if (isset($_SERVER['HTTP_SEC_FETCH_SITE']) AND $_SERVER['HTTP_SEC_FETCH_SITE'] !== "same-origin")
-		exit("ERROR: Anti-CSRF verification failed");
-
-}
--- a/common/bottom.php
+++ b/common/bottom.php
--- a/common/pages.php
+++ b/common/pages.php
--- a/common/top.php
+++ b/common/top.php
@ -1,17 +1,25 @@
 <?php

-require "const.php";
-// Functions usefull everywhere
-require "all.php";
-require "format.php";
-// Service-specific functions
-require "ht.php";
-//require "ns.php";
-require "reg.php";
-require "auth.php";
+define("DOMAIN_EXAMPLE", "example"); // From RFC2606: Reserved Top Level DNS Names > 2. TLDs for Testing, & Documentation Examples
+define("NIVER_TEMPLATE_PATH", "/usr/local/share/niver"); // Templates directory (nginx, knot...)
+define("PREFIX", ""); // Prefix in URL, if any
+define("ROOT_PATH", "/srv/php/niver" . PREFIX); // niver-php directory
+define("SERVICE", substr(dirname($_SERVER['PHP_SELF']), strlen(PREFIX) + 1));
+define("PAGE", basename($_SERVER['PHP_SELF'], '.php'));
+define("DB_PATH", ROOT_PATH . "/db/niver.db"); // Niver's SQLite database
+
+// Service-specific functions and constants
+if (SERVICE !== "")
+	require ROOT_PATH . "/" . SERVICE . ".php";
+
 // Page titles definition
 require "pages.php";

+function antiCSRF() {
+	if (!isset($_SERVER['HTTP_SEC_FETCH_SITE']) OR $_SERVER['HTTP_SEC_FETCH_SITE'] !== "same-origin")
+		exit("ERROR: Anti-CSRF verification failed ! (Wrong or unset Sec-Fetch-Site HTTP header)");
+}
+
 // Session initialisation (with cookies)
 if (
 		isset($_COOKIE['niver']) // Resume session
@ -38,6 +46,24 @@ if (

 // Less > CSS compilation

+// Color scheme
+define("THEME", array(
+	// Displayed on light theme
+	'darkRegColor' => "#D100D1",
+	'darkNsColor' => "#006DFF",
+	'darkHtColor' => "#008768",
+	'darkAuthColor' => "#EE0000",
+
+	// Displayed on dark theme
+	'lightRegColor' => "#FF50FF",
+	'lightNsColor' => "#00FFFF",
+	'lightHtColor' => "#FFFF00",
+	'lightAuthColor' => "#00FF00",
+
+	'lightColor' => '#FFFFFF',
+	'darkColor' => '#000000',
+));
+
 require_once ROOT_PATH . "/lessphp/lib/Less/Autoloader.php";
 Less_Autoloader::register();

--- a/inc/format.php
+++ b/inc/format.php
@ -1,5 +1,13 @@
 <?php

+// This file is used by 'ns' and 'reg'
+
+// Example IP adresses (for placeholders)
+define("IPV6_EXAMPLE", "2001:db8::3"); // See RFC3849: IPv6 Address Prefix Reserved for Documentation
+define("IPV4_EXAMPLE", "203.0.113.42"); // See RFC5737: IPv4 Address Blocks Reserved for Documentation
+
+define("KNOTC_PATH", "/usr/sbin/knotc");
+
 function checkIpFormat($ip) {
 	if (!filter_var($ip, FILTER_VALIDATE_IP))
 		exit("ERROR: wrong IP address");
@ -15,16 +23,11 @@ function checkAbsoluteDomainFormat($domain) {
 		exit("ERROR: wrong domain");
 }

-function checkDomainFormat($domain) {
-	// If the domain must end without a dot
-	if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match("/^([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}$/", $domain))
-		exit("ERROR: wrong domain");
-}
-
-function checkPasswordFormat($password) {
-	return preg_match("/" . PASSWORD_REGEX . "/", $password);
-}
-
-function checkUsernameFormat($username) {
-	return preg_match("/" . USERNAME_REGEX . "/", $username);
+function checkAction($action) {
+	if ($action === "delete")
+		return "un";
+	else if ($action === "add")
+		return "";
+	else
+		exit("ERROR: wrong value for action");
 }
--- a/inc/form/form.ns.php
+++ b/inc/form/form.ns.php
--- a/inc/ht.php
+++ b/inc/ht.php
@ -1,5 +1,38 @@
 <?php

+// Public IP adresses (shown on the interface)
+define("IPV6_ADDRESS", "::1");
+define("IPV4_ADDRESS", "127.0.0.1");
+
+define("HTTPS_PORT", "42443");
+define("INTERNAL_ONION_HTTP_PORT", "9080");
+
+define("HT_PATH", "/srv/ht");
+define("MANIVER_PATH", "/usr/local/bin/maniver");
+define("SUDO_PATH", "/usr/bin/sudo");
+define("LS_PATH", "/usr/bin/ls");
+define("NGINX_CONFIG_PATH", "/etc/nginx/ht"); // Nginx configuration directory
+define("TOR_CONFIG_PATH", "/etc/tor/instances/niver/torrc"); // Tor configuration file
+define("TOR_KEYS_PATH", "/var/lib/tor-instances/niver/keys"); // Tor keys directory
+
+function checkDomainFormat($domain) {
+	// If the domain must end without a dot
+	if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match("/^([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}$/", $domain))
+		exit("ERROR: wrong domain");
+}
+
+function addNiverLog($message, $outputLines, $returnCode = false) {
+	$logs = "\n" . date("Y-m-d H:i:s") . " " . $message . "\n";
+	if ($returnCode !== false)
+		$logs = $logs . "Return code: " . $returnCode . "\n";
+	else
+		$logs = $logs . "No return code logged\n";
+	foreach ($outputLines as $outputLine) {
+		$logs = $logs . " " .	$outputLine . "\n";
+	}
+	file_put_contents(NIVER_PATH . "/niver.log", $logs, FILE_APPEND);
+}
+
 function listFsDirs($username) {
 	exec(LS_PATH . " --format=single-column -d " . HT_PATH . "/" . $username . "/ht/*/", $absoluteDirs);
 	$relativeDirs = false;
--- a/inc/all.php
+++ b/inc/all.php
@ -1,47 +0,0 @@
-<?php
-
-function addNiverLog($message, $outputLines, $returnCode = false) {
-	$logs = "\n" . date("Y-m-d H:i:s") . " " . $message . "\n";
-	if ($returnCode !== false)
-		$logs = $logs . "Return code: " . $returnCode . "\n";
-	else
-		$logs = $logs . "No return code logged\n";
-	foreach ($outputLines as $outputLine) {
-		$logs = $logs . " " .	$outputLine . "\n";
-	}
-	file_put_contents(ROOT_PATH . "/niver.log", $logs, FILE_APPEND);
-}
-
-function appendLog($log) {
-	file_put_contents(ROOT_PATH . "/niver.log", date("Y-m-d H:i:s") . var_dump($log) . "\n", FILE_APPEND);
-}
-
-function checkAction($action) {
-	if ($action === "delete")
-		return "un";
-	else if ($action === "add")
-		return "";
-	else
-		exit("ERROR: wrong value for action");
-}
-
-function userExist($username) {
-	$usernameArray[0] = $username;
-
-	$db = new PDO('sqlite:' . DB_PATH);
-
-	$op = $db->prepare('SELECT username FROM users WHERE username = ?');
-	$op->execute($usernameArray);
-
-	$data = $op->fetch();
-	if (isset($data['username']))
-		$dbUsername = $data['username'];
-	else
-		$dbUsername = NULL;
-
-	if (isset($dbUsername)) {
-		return true;
-	} else {
-		return false;
-	}
-}
--- a/inc/const.php
+++ b/inc/const.php
@ -1,76 +0,0 @@
-<?php
-
-// --- Constants definitions ---
-
-// Public IP adresses (shown on the interface)
-define("IPV6_ADDRESS", "::1");
-define("IPV4_ADDRESS", "127.0.0.1");
-
-define("HTTPS_PORT", "42443");
-define("INTERNAL_ONION_HTTP_PORT", "9080");
-
-define("ORIGIN", "https://niver.test:42443");
-define("REGISTRY", "niver.test.");
-
-// Example IP adresses (for placeholders)
-define("IPV6_EXAMPLE", "2001:db8::3"); // See RFC3849: IPv6 Address Prefix Reserved for Documentation
-define("IPV4_EXAMPLE", "203.0.113.42"); // See RFC5737: IPv4 Address Blocks Reserved for Documentation
-define("DOMAIN_EXAMPLE", "example"); // From RFC2606: Reserved Top Level DNS Names > 2. TLDs for Testing, & Documentation Examples
-
-// Custom Niver paths
-define("PREFIX", ""); // Prefix in URL, if any
-define("ROOT_PATH", "/var/www/niver" . PREFIX); // Niver's directory
-define("SERVICE", substr(dirname($_SERVER['PHP_SELF']), strlen(PREFIX) + 1));
-define("PAGE", basename($_SERVER['PHP_SELF'], '.php'));
-define("DB_PATH", ROOT_PATH . "/db/niver.db"); // Niver's SQLite database
-define("NIVER_TEMPLATE_PATH", "/usr/local/share/niver"); // Templates directory (nginx, knot...)
-define("MANIVER_PATH", "/usr/local/bin/maniver"); // Executable file
-define("HT_PATH", "/srv/ht"); // The mountpoint of the hypertext storage partition (that will be accessed over SFTP)
-// Nginx
-define("NGINX_CONFIG_PATH", "/etc/nginx/ht"); // Nginx configuration directory
-// Tor
-define("TOR_CONFIG_PATH", "/etc/tor/instances/niver/torrc"); // Tor configuration file
-define("TOR_KEYS_PATH", "/var/lib/tor-instances/niver/keys"); // Tor keys directory
-// Knot
-define("KNOT_ZONES_PATH", "/srv/ns"); // Knot zones directory
-// Executable files (you can get the full path of a command with $ which <command>)
-define("KNOTC_PATH", "/usr/sbin/knotc");
-define("KEYMGR_PATH", "/usr/sbin/keymgr");
-define("SUDO_PATH", "/usr/bin/sudo");
-define("LS_PATH", "/usr/bin/ls");
-
-// Both frontend and backend regexes
-define("USERNAME_REGEX", "^[a-z]{4,32}$");
-define("PASSWORD_REGEX", "^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])[a-zA-Z0-9]{8,1024}|.{10,1024}$");
-define("SUBDOMAIN_REGEX", "^[a-z]{4,63}$");
-
-// Password storage security
-define("ALGO_PASSWORD", PASSWORD_ARGON2ID);
-define("OPTIONS_PASSWORD", array(
-	"memory_cost" => 65536,
-	"time_cost" => 24,
-	"threads" => 64,
-));
-
-// Color scheme
-define("THEME", array(
-	// Displayed on light theme
-	'darkRegColor' => "#D100D1",
-	'darkNsColor' => "#006DFF",
-	'darkHtColor' => "#008768",
-	'darkAuthColor' => "#EE0000",
-
-	// Displayed on dark theme
-	'lightRegColor' => "#FF50FF",
-	'lightNsColor' => "#00FFFF",
-	'lightHtColor' => "#FFFF00",
-	'lightAuthColor' => "#00FF00",
-
-	'lightColor' => '#FFFFFF',
-	'darkColor' => '#000000',
-));
-
-// Public suffixes
-define("SUFFIXES", array(
-	REGISTRY,
-));
--- a/inc/ns.php
+++ b/inc/ns.php
@ -1,5 +1,10 @@
 <?php

+require "dns.php";
+
+define("KNOT_ZONES_PATH", "/srv/ns");
+define("KEYMGR_PATH", "/usr/sbin/keymgr");
+
 function nsCommonRequirements() {
 	if (isset($_POST['action'])
 		AND isset($_POST['zone'])
--- a/public/auth/index.php
+++ b/public/auth/index.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <?php if (isset($_SESSION['username'])) { ?>

@ -14,4 +14,4 @@
 	<a class="authButton" href="login">Se connecter</a>
 <?php } ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/auth/login.php
+++ b/public/auth/login.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <form method="post">
 	<label for="username">Identifiant</label><br>
@ -29,18 +29,17 @@ if (isset($_POST['username']) AND isset($_POST['password'])) {
 	if (checkPassword($_POST['username'], $_POST['password'])) {

 		$_SESSION['username'] = htmlspecialchars($_POST['username']);
-		$_SESSION['sftp_enabled'] = sftpStatus($_SESSION['username']);

 		if (outdatedPasswordHash($_SESSION['username']))
 			changePassword($_SESSION['username'], $_POST['password']);

 		if (isset($_GET['redir'])) {
 			if (preg_match("/^[0-9a-z\/-]+$/", $_GET['redir']))
-				header('Location: ' . PREFIX . "/" . $_GET['redir']);
+				header("Location: " . PREFIX . "/" . $_GET['redir']);
 			else
 				exit("ERROR : Wrong character in redir argument");
 		} else {
-			header('Location: ' . PREFIX);
+			header("Location: " . PREFIX . "/");
 		}
 		exit;
 	} else {
@ -51,4 +50,4 @@ if (isset($_POST['username']) AND isset($_POST['password'])) {

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/auth/logout.php
+++ b/public/auth/logout.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <?php
 session_destroy();
@ -7,4 +7,4 @@ header('Location: ' . PREFIX . '/auth/');
 exit;
 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/auth/password.php
+++ b/public/auth/password.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <p>
 	Vous pouvez ici changer le mot de passe permettant d'accéder à votre compte Niver.
@ -45,4 +45,4 @@ if (isset($_SESSION['username']) AND isset($_POST['newPassword']) AND isset($_PO

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/auth/register.php
+++ b/public/auth/register.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <?php

@ -70,4 +70,4 @@ if (isset($_POST['username']) AND isset($_POST['password'])) {

 Déjà un compte ? <a class="authButton" href="login">Se connecter</a>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ht/http-onion.php
+++ b/public/ht/http-onion.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>
 <p>
 	Ajouter un accès en .onion sur un dossier
 </p>
@ -96,4 +96,4 @@ if (isset($_POST['dir']) AND isset($_SESSION['username'])) {

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ht/https-domain.php
+++ b/public/ht/https-domain.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <p>
 	Ajouter un domaine sur un dossier de site<br>
@ -81,4 +81,4 @@ if (isset($_POST['domain']) AND isset($_POST['dir']) AND isset($_SESSION['userna

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ht/index.php
+++ b/public/ht/index.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <dl>
 	<dt><a class="htButton" href="sftp">Gérer l'accès SFTP</a></dt>
@ -19,4 +19,4 @@
 	</dd>
 </dl>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ht/le.php
+++ b/public/ht/le.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>
 <p>
 	Installer un certificat Let's Encrypt
 </p>
@ -52,4 +52,4 @@ if (isset($_POST['domain']) AND isset($_SESSION['username'])) {

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ht/sftp.php
+++ b/public/ht/sftp.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <?php
 if ($_SESSION['sftp_enabled'] == false) { ?>
@ -166,4 +166,4 @@ if ($_SESSION['sftp_enabled'] == false) { ?>
 }
 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/index.php
+++ b/public/index.php
@ -1,9 +1,9 @@
-<?php require "../inc/top.php"; ?>
+<?php require "../common/top.php"; ?>

 <dl>
-	<dt><a class="regButton" href="reg/">Registre <code><?= REGISTRY ?></code></a></dt>
+	<dt><a class="regButton" href="reg/">Registre</code></a></dt>
 	<dd>
-		Demander l'attribution d'un sous-domaine de <code><?= REGISTRY ?></code>
+		Demander l'attribution d'un sous-domaine</code>
 	</dd>
 	<dt><a class="nsButton" href="ns/">Serveurs de noms</a></dt>
 	<dd>
@ -19,4 +19,4 @@
 	</dd>
 </dl>

-<?php require "../inc/bottom.php"; ?>
+<?php require "../common/bottom.php"; ?>
--- a/public/ns/caa.php
+++ b/public/ns/caa.php
@ -1,8 +1,8 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <form method="post">

-	<?php require "../../inc/form/form.ns.php""; ?>
+	<?php require "../../form.ns.php"; ?>

 	<br>
 	<label for="flag">Flag</label>
@ -49,4 +49,4 @@ if (nsCommonRequirements()

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ns/dnssec.php
+++ b/public/ns/dnssec.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 Afin d'activer DNSSEC, vous devez indiquer un enregistrement DS à la zone parente.

@ -72,4 +72,4 @@ if (isset($_POST['zone']) AND isset($_SESSION['username'])) {

 <?php } ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ns/index.php
+++ b/public/ns/index.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <dl>
 	<dt><a class="nsButton" href="zone">Gérer ses zones</a></dt>
@ -58,4 +58,4 @@
 	</dd>-->
 </dl>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ns/ip.php
+++ b/public/ns/ip.php
@ -1,15 +1,12 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <p>
 	Ici vous pouvez ajouter ou enlever des adresses IP dans une zone déjà enregistrée sur le serveur de noms de Niver
 	<br>Le format IPv4 (<code>A</code>) ou IPv6 (<code>AAAA</code>) sera détecté automatiquement.
-	<br>Si vous souhaitez utiliser un service d'hébergement hypertexte de Niver, voici les adresses à renseigner :
-	<br>IPv4 : <code><?= IPV4_ADDRESS ?></code>
-	<br>IPv6 : <code><?= IPV6_ADDRESS ?></code>
 </p>

 <form method="post">
-	<?php require "../../inc/form/form.ns.php""; ?>
+	<?php require "../../form.ns.php"; ?>
 	<label for="ip">Adresse IP</label><br>
 	<input required="" pattern="^[a-f0-9:.]+$" id="ip" name="ip" minlength="7" maxlength="39" size="40" type="text" placeholder="<?= IPV6_EXAMPLE ?> ou <?= IPV4_EXAMPLE ?>"><br>
 	<input value="Valider" type="submit">
@ -40,4 +37,4 @@ if (nsCommonRequirements()

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ns/loc.php
+++ b/public/ns/loc.php
@ -1,8 +1,8 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <form method="post">

-	<?php require "../../inc/form/form.ns.php""; ?>
+	<?php require "../../form.ns.php"; ?>

 	<br>
 	<label for="flag">Flag</label>
@ -49,4 +49,4 @@ if (nsCommonRequirements()

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ns/mx.php
+++ b/public/ns/mx.php
@ -1,8 +1,8 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <form method="post">

-	<?php require "../../inc/form/form.ns.php""; ?>
+	<?php require "../../form.ns.php"; ?>

 	<br>

@ -42,4 +42,4 @@ if (nsCommonRequirements()

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ns/ns.php
+++ b/public/ns/ns.php
@ -1,7 +1,7 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <form method="post">
-	<?php require "../../inc/form/form.ns.php""; ?>
+	<?php require "../../form.ns.php"; ?>
 	<br>
 	<label for="ns">Serveur de nom</label>
 	<br>
@ -27,4 +27,4 @@ if (nsCommonRequirements()

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ns/srv.php
+++ b/public/ns/srv.php
@ -1,8 +1,8 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <form method="post">

-	<?php require "../../inc/form/form.ns.php""; ?>
+	<?php require "../../form.ns.php"; ?>

 	<br>

@ -62,4 +62,4 @@ if (nsCommonRequirements()

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ns/sshfp.php
+++ b/public/ns/sshfp.php
@ -1,8 +1,8 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <form method="post">

-	<?php require "../../inc/form/form.ns.php""; ?>
+	<?php require "../../form.ns.php"; ?>

 	<br>

@ -59,4 +59,4 @@ if (nsCommonRequirements()

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ns/tlsa.php
+++ b/public/ns/tlsa.php
@ -1,8 +1,8 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <form method="post">

-	<?php require "../../inc/form/form.ns.php""; ?>
+	<?php require "../../form.ns.php"; ?>

 	<br>
 	<label for="use">Utilisation</label>
@ -75,4 +75,4 @@ if (nsCommonRequirements()

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ns/txt.php
+++ b/public/ns/txt.php
@ -1,7 +1,7 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <form method="post">
-	<?php require "../../inc/form/form.ns.php""; ?>
+	<?php require "../../form.ns.php"; ?>
 	<br>
 	<label for="txt">Texte</label>
 	<br>
@ -28,4 +28,4 @@ if (nsCommonRequirements()

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/ns/zone.php
+++ b/public/ns/zone.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <form method="post">
 	<h2>Ajouter une zone</h2>
@ -71,7 +71,7 @@ if (isset($_POST['zone']) AND isset($_SESSION['username'])) {

 	// Remove from Knot configuration
 	exec(KNOTC_PATH . " conf-begin");
-	exec(KNOTC_PATH . " conf-unset 'zone[" . $_POST['domain'] . "]'");
+	exec(KNOTC_PATH . " conf-unset 'zone[" . $_POST['zone'] . "]'");
 	exec(KNOTC_PATH . " conf-commit");

 	// Remove from Niver's database
@ -88,4 +88,4 @@ if (isset($_POST['zone']) AND isset($_SESSION['username'])) {

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/reg/ds.php
+++ b/public/reg/ds.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <form method="post">
 	<label for="action">Action</label>
@ -104,4 +104,4 @@ if (isset($_POST['zone']) AND isset($_POST['keytag']) AND isset($_POST['algo'])

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/reg/glue.php
+++ b/public/reg/glue.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <form method="post">
 	<label for="action">Action</label>
@ -76,4 +76,4 @@ if (isset($_POST['action']) AND isset($_POST['subdomain']) AND isset($_POST['suf

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/reg/index.php
+++ b/public/reg/index.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <dl>
 	<dt><a class="regButton" href="register">Enregistrer un nouveau domaine</a></dt>
@ -19,4 +19,4 @@
 	</dd>
 </dl>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/reg/ns.php
+++ b/public/reg/ns.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 <form method="post">
 	<label for="action">Action</label>
@ -48,13 +48,13 @@ if (isset($_POST['domain']) AND isset($_POST['action']) AND isset($_POST['ns'])
 	exec(KNOTC_PATH . " zone-begin " . $suffix, $output);
 	exec(KNOTC_PATH . " zone-" . $action . "set " . $suffix . " " . $_POST['domain'] . " 86400 IN NS " . $_POST['ns'], $output);
 	exec(KNOTC_PATH . " zone-commit " . $suffix, $output);
+	$error = false;
 	foreach ($output as $line) {
 		if ($line !== "OK") {
 			$error = true;
 		}
 	}
 	if ($error) {
-		appendLog($output);
 		echo "An ERROR occured!";
 	} else {
 		echo "Modification effectuée avec succès";
@ -63,4 +63,4 @@ if (isset($_POST['domain']) AND isset($_POST['action']) AND isset($_POST['ns'])

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/public/reg/register.php
+++ b/public/reg/register.php
@ -1,4 +1,4 @@
-<?php require "../../inc/top.php"; ?>
+<?php require "../../common/top.php"; ?>

 Enregistrer la possession d'un domaine sur son compte.<br>
 Ce domaine doit être composé uniquement d'au moins 4 lettres latines non accentuées.
@ -64,4 +64,4 @@ if (isset($_POST['subdomain']) AND isset($_POST['suffix']) AND isset($_SESSION['

 ?>

-<?php require "../../inc/bottom.php"; ?>
+<?php require "../../common/bottom.php"; ?>
--- a/inc/reg.php
+++ b/inc/reg.php
@ -1,5 +1,15 @@
 <?php

+require "dns.php";
+
+define("SUBDOMAIN_REGEX", "^[a-z]{4,63}$");
+
+define("REGISTRY", "niver.test.");
+
+define("SUFFIXES", array(
+	REGISTRY,
+));
+
 function regGetUpperDomain($domain) {
 	// Remove anything before the first dot and the first dot itself
 	return preg_replace("/^[^.]+\./", "", $domain);