diff --git a/common/init.php b/common/init.php deleted file mode 100644 index 00e4295..0000000 --- a/common/init.php +++ /dev/null @@ -1,17 +0,0 @@ - 2. TLDs for Testing, & Documentation Examples -define("PLACEHOLDER_IPV6", "2001:db8::3"); // From RFC3849: IPv6 Address Prefix Reserved for Documentation -define("PLACEHOLDER_IPV4", "203.0.113.42"); // From RFC5737: IPv4 Address Blocks Reserved for Documentation - -foreach (array_diff(scandir(CONF['common']['root_path'] . "/fn"), array('..', '.')) as $file) - require CONF['common']['root_path'] . '/fn/' . $file; - -// Page titles definition -require "pages.php"; diff --git a/public/css/clr.css b/css/clr.css similarity index 100% rename from public/css/clr.css rename to css/clr.css diff --git a/public/css/form.css b/css/form.css similarity index 100% rename from public/css/form.css rename to css/form.css diff --git a/public/css/main.css b/css/main.css similarity index 100% rename from public/css/main.css rename to css/main.css diff --git a/fn/common.php b/fn/common.php index 3382de8..bb92a2c 100644 --- a/fn/common.php +++ b/fn/common.php @@ -21,14 +21,14 @@ function serverError($msg) { closeHTML(); } -// For use in pages that first display a form and then process it -function switchToFormProcess($requireLogin = true) { +function processForm($requireLogin = true) { if (empty($_POST) AND $requireLogin AND !isset($_SESSION['username'])) echo '
Ce formulaire ne sera pas accepté car il faut se connecter avant.
'; if (empty($_POST)) - closeHTML(); + return false; if ($requireLogin AND !isset($_SESSION['username'])) userError("Vous devez être connecté·e pour effectuer cette action."); + return true; } function query($action, $table, $conditions = [], $column = NULL) { @@ -79,7 +79,7 @@ function displayIndex() { ?> function redirUrl($pageId) { $currentPath = ''; - if (SERVICE !== '') $currentPath .= SERVICE . '/'; + if (SERVICE !== '.') $currentPath .= SERVICE . '/'; if (PAGE !== 'index') $currentPath .= PAGE; return CONF['common']['prefix'] . "/$pageId?redir=$currentPath"; } diff --git a/common/html.php b/html.php similarity index 95% rename from common/html.php rename to html.php index 18dfc94..647e1d4 100644 --- a/common/html.php +++ b/html.php @@ -1,7 +1,5 @@ ' . "\n"; ?> diff --git a/common/pages.php b/pages.php similarity index 97% rename from common/pages.php rename to pages.php index 3ed649f..a0a5f06 100644 --- a/common/pages.php +++ b/pages.php @@ -92,9 +92,3 @@ define('DESCRIPTIONS', [ ], ] ); - -if (SERVICE !== '') { - $page['service'] = TITLES[SERVICE]['index']; - if (PAGE !== 'index') - $page['title'] = TITLES[SERVICE][PAGE]; -} diff --git a/public/auth/index.php b/public/auth/index.php index 1742386..7aa456b 100644 --- a/public/auth/index.php +++ b/public/auth/index.php @@ -1,5 +1 @@ - - - - diff --git a/public/auth/login.php b/public/auth/login.php index 539f08e..47f51a9 100644 --- a/public/auth/login.php +++ b/public/auth/login.php @@ -1,4 +1,27 @@ - +Pas de compte ? En créer un
@@ -13,26 +36,3 @@ - - - +Vous pouvez ici changer la clé de passe permettant d'accéder à votre compte Niver. @@ -13,16 +26,3 @@ - - +prepare("INSERT INTO users(username, password, registration_date) VALUES(:username, :password, :registration_date)"); + + $stmt->bindValue(':username', $_POST['username']); + $stmt->bindValue(':password', hashPassword($_POST['password'])); + $stmt->bindValue(':registration_date', date("Y-m-d H:i:s")); + + $stmt->execute(); + + $_SESSION['username'] = $_POST['username']; + + redir(); + + success("Compte créé."); +} + +?>
Déjà un compte ? Se connecter
@@ -20,47 +64,3 @@ - -prepare("INSERT INTO users(username, password, registration_date) VALUES(:username, :password, :registration_date)"); - -$stmt->bindValue(':username', $_POST['username']); -$stmt->bindValue(':password', hashPassword($_POST['password'])); -$stmt->bindValue(':registration_date', date("Y-m-d H:i:s")); - -$stmt->execute(); - -$_SESSION['username'] = $_POST['username']; - -redir(); - -success("Compte créé."); diff --git a/public/auth/unregister.php b/public/auth/unregister.php index 3115941..7baa737 100644 --- a/public/auth/unregister.php +++ b/public/auth/unregister.php @@ -1,4 +1,45 @@ - + $_SESSION['username']], 'domain') as $domain) + regDeleteDomain($domain); + + foreach (query('select', 'zones', ['username' => $_SESSION['username']], 'zone') as $zone) + nsDeleteZone($zone); + + foreach (query('select', 'sites', [ + 'username' => $_SESSION['username'], + 'domain_type' => 'onion', + 'protocol' => 'http', + ], 'site_dir') as $dir) + htDeleteSite($dir, domainType: 'onion', protocol: 'http'); + + foreach (query('select', 'sites', [ + 'username' => $_SESSION['username'], + 'domain_type' => 'dns', + 'protocol' => 'http', + ], 'site_dir') as $dir) + htDeleteSite($dir, domainType: 'dns', protocol: 'http'); + + exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['rm_path'] . " --recursive " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'], result_code: $code); + if ($code !== 0) + serverError("Can't remove Tor keys directory."); + + removeDirectory(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username']); + + removeDirectory(CONF['ht']['ht_path'] . '/' . $_SESSION['username']); + + query('delete', 'users', ['username' => $_SESSION['username']]); + + redir(); + + success("Compte supprimé."); +} + +?> - - $_SESSION['username']], 'domain') as $domain) - regDeleteDomain($domain); - -foreach (query('select', 'zones', ['username' => $_SESSION['username']], 'zone') as $zone) - nsDeleteZone($zone); - -foreach (query('select', 'sites', [ - 'username' => $_SESSION['username'], - 'domain_type' => 'onion', - 'protocol' => 'http', -], 'site_dir') as $dir) - htDeleteSite($dir, domainType: 'onion', protocol: 'http'); - -foreach (query('select', 'sites', [ - 'username' => $_SESSION['username'], - 'domain_type' => 'dns', - 'protocol' => 'http', -], 'site_dir') as $dir) - htDeleteSite($dir, domainType: 'dns', protocol: 'http'); - -exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['rm_path'] . " --recursive " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'], result_code: $code); -if ($code !== 0) - serverError("Can't remove Tor keys directory."); - -removeDirectory(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username']); - -removeDirectory(CONF['ht']['ht_path'] . '/' . $_SESSION['username']); - -query('delete', 'users', ['username' => $_SESSION['username']]); - -redir(); - -success("Compte supprimé."); diff --git a/public/ht/add-http-dns.php b/public/ht/add-http-dns.php index 2d7d3be..d857eec 100644 --- a/public/ht/add-http-dns.php +++ b/public/ht/add-http-dns.php @@ -1,4 +1,54 @@ - +dir."); + + if (query('select', 'sites', ['domain' => $_POST['domain']], 'domain') !== []) + userError("Ce domaine existe déjà sur ce service."); + + $remoteAaaaRecords = array_column(dns_get_record($_POST['domain'], DNS_AAAA), 'ipv6'); + if (array_merge(array_diff($remoteAaaaRecords, [CONF['ht']['ipv6_address']]), array_diff([CONF['ht']['ipv6_address']], $remoteAaaaRecords)) !== []) + userError("Ce domaine doit avoir pour enregistrement AAAA" . CONF['ht']['ipv6_address'] . "
.");
+
+ $remoteARecords = array_column(dns_get_record($_POST['domain'], DNS_A), 'ip');
+ if (array_merge(array_diff($remoteARecords, [CONF['ht']['ipv4_address']]), array_diff([CONF['ht']['ipv4_address']], $remoteARecords)) !== [])
+ userError("Ce domaine doit avoir pour enregistrement A " . CONF['ht']['ipv4_address'] . "
.");
+
+ addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], "dns", "http");
+
+ $nginxConf = 'server {
+ listen [::1]:' . CONF['ht']['https_port'] . ' ssl http2;
+ listen 127.0.0.1:' . CONF['ht']['https_port'] . ' ssl http2;
+ server_name ' . $_POST['domain'] . ';
+ root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . ';
+
+ ssl_certificate /etc/ssl/certs/niver.crt;
+ ssl_certificate_key /etc/ssl/private/niver.key;
+
+ include inc/ht-tls.conf;
+}
+ ';
+ if (file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf", $nginxConf) === false)
+ serverError("Failed to write Nginx configuration.");
+
+ // Reload Nginx
+ exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", result_code: $code);
+ if ($code !== 0)
+ serverError("Failed to reload Nginx.");
+
+ success("Accès HTTP par domaine ajouté sur ce dossier !");
+
+}
+
+?>
Ajouter un domaine sur un dossier de site
@@ -16,13 +66,9 @@
$alreadyEnabled) {
- $disabled = $alreadyEnabled ? " disabled=''" : "";
- echo " ";
- }
+foreach ($dirsStatuses as $dir => $alreadyEnabled) {
+ $disabled = $alreadyEnabled ? " disabled=''" : "";
+ echo " ";
}
?>
@@ -31,47 +77,3 @@ if (isset($_SESSION['username'])) {
-
-dir.");
-
-if (query('select', 'sites', ['domain' => $_POST['domain']], 'domain') !== [])
- userError("Ce domaine existe déjà sur ce service.");
-
-$remoteAaaaRecords = array_column(dns_get_record($_POST['domain'], DNS_AAAA), 'ipv6');
-if (array_merge(array_diff($remoteAaaaRecords, [CONF['ht']['ipv6_address']]), array_diff([CONF['ht']['ipv6_address']], $remoteAaaaRecords)) !== [])
- userError("Ce domaine doit avoir pour enregistrement AAAA " . CONF['ht']['ipv6_address'] . "
.");
-
-$remoteARecords = array_column(dns_get_record($_POST['domain'], DNS_A), 'ip');
-if (array_merge(array_diff($remoteARecords, [CONF['ht']['ipv4_address']]), array_diff([CONF['ht']['ipv4_address']], $remoteARecords)) !== [])
- userError("Ce domaine doit avoir pour enregistrement A " . CONF['ht']['ipv4_address'] . "
.");
-
-addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], "dns", "http");
-
-$nginxConf = 'server {
- listen [::1]:' . CONF['ht']['https_port'] . ' ssl http2;
- listen 127.0.0.1:' . CONF['ht']['https_port'] . ' ssl http2;
- server_name ' . $_POST['domain'] . ';
- root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . ';
-
- ssl_certificate /etc/ssl/certs/niver.crt;
- ssl_certificate_key /etc/ssl/private/niver.key;
-
- include inc/ht-tls.conf;
-}
-';
-if (file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf", $nginxConf) === false)
- serverError("Failed to write Nginx configuration.");
-
-// Reload Nginx
-exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", result_code: $code);
-if ($code !== 0)
- serverError("Failed to reload Nginx.");
-
-success("Accès HTTP par domaine ajouté sur ce dossier !");
diff --git a/public/ht/add-http-onion.php b/public/ht/add-http-onion.php
index f03b99c..a7c39c7 100644
--- a/public/ht/add-http-onion.php
+++ b/public/ht/add-http-onion.php
@@ -1,4 +1,59 @@
-
+dir.");
+
+ // Add Tor config
+ $torConf = "HiddenServiceDir " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'] . "/" . $_POST['dir'] . "/
+ HiddenServicePort 80 [::1]:" . CONF['ht']['internal_onion_http_port'] . "
+ ";
+ if (file_put_contents(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'], $torConf) === false)
+ serverError("Failed to write new Tor configuration.");
+
+ // Reload Tor
+ exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload " . CONF['ht']['tor_service'], $output, $code);
+ if ($code !== 0)
+ serverError("Failed to reload Tor.");
+
+ // Get the address generated by Tor
+ exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['cat_path'] . ' ' . CONF['ht']['tor_keys_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . '/hostname', $output);
+ $onion = $output[0];
+ if (preg_match("/[0-9a-z]{56}\.onion/", $onion) !== 1)
+ serverError("No onion address found.");
+
+ // Store it in the database
+ addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "http");
+
+ // Add Nginx config
+ $nginxConf = 'server {
+ listen [::1]:' . CONF['ht']['internal_onion_http_port'] . ';
+ server_name ' . $onion . ';
+ root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . ';
+
+ include inc/ht-onion.conf;
+ }
+ ';
+ if (file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $onion . ".conf", $nginxConf) === false)
+ serverError("Failed to write Nginx configuration.");
+
+ // Reload Nginx
+ exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", result_code: $code);
+ if ($code !== 0)
+ serverError("Failed to reload Nginx.");
+
+ // Tell the user their site address
+ success("L'adresse de votre service Onion HTTP est : http://" . $onion . "/");
+}
+
+?>
+
+
Ajouter un accès en .onion sur un dossier
@@ -10,13 +65,9 @@ $alreadyEnabled) { - $disabled = $alreadyEnabled ? "disabled='' " : ""; - echo " "; - } +foreach ($dirsStatuses as $dir => $alreadyEnabled) { + $disabled = $alreadyEnabled ? "disabled='' " : ""; + echo " "; } ?> @@ -25,51 +76,3 @@ if (isset($_SESSION['username'])) {
Retirer un accès DNS et TLS d'un dossier
@@ -11,13 +27,9 @@
$alreadyEnabled) {
- $disabled = $alreadyEnabled ? "" : "disabled='' ";
- echo " \n";
- }
+foreach ($dirsStatuses as $dir => $alreadyEnabled) {
+ $disabled = $alreadyEnabled ? "" : "disabled='' ";
+ echo " \n";
}
?>
@@ -26,14 +38,3 @@ if (isset($_SESSION['username'])) {
-
-dir.");
-
-htDeleteSite($_POST['dir'], domainType: 'dns', protocol: 'http');
-
-success("Accès retiré.");
diff --git a/public/ht/del-http-onion.php b/public/ht/del-http-onion.php
index 7ed6222..a29ec25 100644
--- a/public/ht/del-http-onion.php
+++ b/public/ht/del-http-onion.php
@@ -1,4 +1,20 @@
-
+dir.");
+
+ htDeleteSite($_POST['dir'], domainType: 'onion', protocol: 'http');
+
+ success("Accès retiré.");
+}
+
+?>
Retirer un accès Onion d'un dossier
@@ -11,13 +27,9 @@
$alreadyEnabled) {
- $disabled = $alreadyEnabled ? "" : "disabled='' ";
- echo " \n";
- }
+foreach ($dirsStatuses as $dir => $alreadyEnabled) {
+ $disabled = $alreadyEnabled ? "" : "disabled='' ";
+ echo " \n";
}
?>
@@ -26,14 +38,3 @@ if (isset($_SESSION['username'])) {
-
-dir.");
-
-htDeleteSite($_POST['dir'], domainType: 'onion', protocol: 'http');
-
-success("Accès retiré.");
diff --git a/public/ht/index.php b/public/ht/index.php
index 4f2a1e3..9e83817 100644
--- a/public/ht/index.php
+++ b/public/ht/index.php
@@ -1,5 +1,3 @@
-
-
Ce service permet d'envoyer des fichiers sur le serveur par = linkToDocs('sftp', 'SFTP') ?> afin de les rendre accessibles par = linkToDocs('http', 'HTTP') ?>.
@@ -58,5 +56,3 @@ - - diff --git a/public/ht/le.php b/public/ht/le.php index 536be22..b3214d9 100644 --- a/public/ht/le.php +++ b/public/ht/le.php @@ -1,4 +1,30 @@ - + +Installer un certificat Let's Encrypt
@@ -20,28 +46,3 @@ if (isset($_SESSION['username'])) {flag
.");
+
+ if (!(preg_match("/^[a-z]{1,127}$/", $_POST['tag'])))
+ userError("Wrong value for tag
.");
+
+ if (!(preg_match("/^[a-z0-9.-]{1,255}$/", $_POST['value'])))
+ userError("Wrong value for value
.");
+
+ knotcZoneExec($_POST['zone'], array(
+ $values['domain'],
+ $values['ttl'],
+ "CAA",
+ $_POST['flag'],
+ $_POST['tag'],
+ $_POST['value']
+ ));
+
+ success("Enregistrement ajouté");
+}
+
+?>
= linkToDocs('record-caa', 'Documentation du type d\'enregistrement CAA') ?> @@ -6,7 +32,7 @@
- -= 0 AND $_POST['flag'] <= 255)) - userError("Wrong value forflag
.");
-
-if (!(preg_match("/^[a-z]{1,127}$/", $_POST['tag'])))
- userError("Wrong value for tag
.");
-
-if (!(preg_match("/^[a-z0-9.-]{1,255}$/", $_POST['value'])))
- userError("Wrong value for value
.");
-
-knotcZoneExec($_POST['zone'], array(
- $values['domain'],
- $values['ttl'],
- "CAA",
- $_POST['flag'],
- $_POST['tag'],
- $_POST['value']
-));
-
-success("Enregistrement ajouté");
diff --git a/public/ns/cname.php b/public/ns/cname.php
index 854ed49..78a0a1d 100644
--- a/public/ns/cname.php
+++ b/public/ns/cname.php
@@ -1,11 +1,28 @@
-
+
= linkToDocs('record-cname', 'Documentation du type d\'enregistrement CNAME') ?>
- - += linkToDocs('record-dname', 'Documentation du type d\'enregistrement DNAME') ?>
- - -@@ -12,4 +10,3 @@ foreach (CONF['ns']['servers'] as $server)
- diff --git a/public/ns/ip.php b/public/ns/ip.php index 6e43065..467ae41 100644 --- a/public/ns/ip.php +++ b/public/ns/ip.php @@ -1,29 +1,29 @@ - += linkToDocs('record-txt', 'Documentation des types d\'enregistrements A et AAAA') ?>
- - += 0 AND $_POST['lat-deg'] <= 90)) + userError("Wrong value forlat-deg
.");
+ if (!($_POST['lat-min'] >= 0 AND $_POST['lat-min'] <= 59))
+ userError("Wrong value for lat-min
.");
+ if (!($_POST['lat-sec'] >= 0 AND $_POST['lat-sec'] <= 59.999))
+ userError("Wrong value for lat-sec
.");
+
+ if ($_POST['lat-dir'] !== "N" AND $_POST['lat-dir'] !== "S")
+ userError("Wrong value for lat-dir
.");
+
+ if (!($_POST['lon-deg'] >= 0 AND $_POST['lon-deg'] <= 180))
+ userError("Wrong value for lon-deg
.");
+ if (!($_POST['lon-min'] >= 0 AND $_POST['lon-min'] <= 59))
+ userError("Wrong value for lon-min
.");
+ if (!($_POST['lon-sec'] >= 0 AND $_POST['lon-sec'] <= 59.999))
+ userError("Wrong value for lon-sec
.");
+
+ if ($_POST['lon-dir'] !== "E" AND $_POST['lon-dir'] !== "W")
+ userError("Wrong value for lon-dir
.");
+
+ if (!($_POST['alt'] >= -100000 AND $_POST['alt'] <= 42849672.95))
+ userError("Wrong value for alt
.");
+
+ if (!($_POST['size'] >= 0 AND $_POST['size'] <= 90000000))
+ userError("Wrong value for size
.");
+
+ if (!($_POST['hp'] >= 0 AND $_POST['hp'] <= 90000000))
+ userError("Wrong value for hp
.");
+
+ if (!($_POST['vp'] >= 0 AND $_POST['vp'] <= 90000000))
+ userError("Wrong value for vp
.");
+
+ knotcZoneExec($_POST['zone'], array(
+ $values['domain'],
+ $values['ttl'],
+ "LOC",
+ $_POST['lat-deg'],
+ $_POST['lat-min'],
+ $_POST['lat-sec'],
+ $_POST['lat-dir'],
+ $_POST['lon-deg'],
+ $_POST['lon-min'],
+ $_POST['lon-sec'],
+ $_POST['lon-dir'],
+ $_POST['alt'] . 'm',
+ $_POST['size'] . 'm',
+ $_POST['hp'] . 'm',
+ $_POST['vp'] . 'm',
+ ));
+
+ success("Enregistrement ajouté");
+}
+
+?>
= linkToDocs('record-loc', 'Documentation du type d\'enregistrement LOC') ?> @@ -6,7 +79,7 @@
- -= 0 AND $_POST['lat-deg'] <= 90)) - userError("Wrong value forlat-deg
.");
-if (!($_POST['lat-min'] >= 0 AND $_POST['lat-min'] <= 59))
- userError("Wrong value for lat-min
.");
-if (!($_POST['lat-sec'] >= 0 AND $_POST['lat-sec'] <= 59.999))
- userError("Wrong value for lat-sec
.");
-
-if ($_POST['lat-dir'] !== "N" AND $_POST['lat-dir'] !== "S")
- userError("Wrong value for lat-dir
.");
-
-if (!($_POST['lon-deg'] >= 0 AND $_POST['lon-deg'] <= 180))
- userError("Wrong value for lon-deg
.");
-if (!($_POST['lon-min'] >= 0 AND $_POST['lon-min'] <= 59))
- userError("Wrong value for lon-min
.");
-if (!($_POST['lon-sec'] >= 0 AND $_POST['lon-sec'] <= 59.999))
- userError("Wrong value for lon-sec
.");
-
-if ($_POST['lon-dir'] !== "E" AND $_POST['lon-dir'] !== "W")
- userError("Wrong value for lon-dir
.");
-
-if (!($_POST['alt'] >= -100000 AND $_POST['alt'] <= 42849672.95))
- userError("Wrong value for alt
.");
-
-if (!($_POST['size'] >= 0 AND $_POST['size'] <= 90000000))
- userError("Wrong value for size
.");
-
-if (!($_POST['hp'] >= 0 AND $_POST['hp'] <= 90000000))
- userError("Wrong value for hp
.");
-
-if (!($_POST['vp'] >= 0 AND $_POST['vp'] <= 90000000))
- userError("Wrong value for vp
.");
-
-knotcZoneExec($_POST['zone'], array(
- $values['domain'],
- $values['ttl'],
- "LOC",
- $_POST['lat-deg'],
- $_POST['lat-min'],
- $_POST['lat-sec'],
- $_POST['lat-dir'],
- $_POST['lon-deg'],
- $_POST['lon-min'],
- $_POST['lon-sec'],
- $_POST['lon-dir'],
- $_POST['alt'] . 'm',
- $_POST['size'] . 'm',
- $_POST['hp'] . 'm',
- $_POST['vp'] . 'm',
-));
-
-success("Enregistrement ajouté");
diff --git a/public/ns/mx.php b/public/ns/mx.php
index af36074..0b0a502 100644
--- a/public/ns/mx.php
+++ b/public/ns/mx.php
@@ -1,4 +1,25 @@
-
+= 0 AND $_POST['priority'] <= 255))
+ userError("Wrong value for priority
.");
+
+ $_POST['host'] = formatAbsoluteDomain($_POST['host']);
+
+ knotcZoneExec($_POST['zone'], array(
+ $values['domain'],
+ $values['ttl'],
+ "MX",
+ $_POST['priority'],
+ $_POST['host']
+ ));
+
+ success("Enregistrement ajouté");
+}
+
+?>
= linkToDocs('record-mx', 'Documentation du type d\'enregistrement MX') ?> @@ -6,7 +27,7 @@
- -= 0 AND $_POST['priority'] <= 255)) - userError("Wrong value forpriority
.");
-
-$_POST['host'] = formatAbsoluteDomain($_POST['host']);
-
-knotcZoneExec($_POST['zone'], array(
- $values['domain'],
- $values['ttl'],
- "MX",
- $_POST['priority'],
- $_POST['host']
-));
-
-success("Enregistrement ajouté");
diff --git a/public/ns/ns.php b/public/ns/ns.php
index 2cf4d63..1889deb 100644
--- a/public/ns/ns.php
+++ b/public/ns/ns.php
@@ -1,11 +1,28 @@
-
+
= linkToDocs('record-ns', 'Documentation du type d\'enregistrement NS') ?>
- - - -= 0 AND $_POST['priority'] <= 65535)) - userError("Wrong value forpriority
.");
-
-if (!($_POST['weight'] >= 0 AND $_POST['weight'] <= 65535))
- userError("Wrong value for weight
.");
-
-if (!($_POST['port'] >= 0 AND $_POST['port'] <= 65535))
- userError("Wrong value for port
.");
-
-$_POST['target'] = formatAbsoluteDomain($_POST['target']);
-
-knotcZoneExec($_POST['zone'], array(
- $values['domain'],
- $values['ttl'],
- "SRV",
- $_POST['priority'],
- $_POST['weight'],
- $_POST['port'],
- $_POST['target']
-));
-
-success("Enregistrement ajouté");
diff --git a/public/ns/sshfp.php b/public/ns/sshfp.php
index 028d597..a048981 100644
--- a/public/ns/sshfp.php
+++ b/public/ns/sshfp.php
@@ -1,4 +1,30 @@
-
+algo.");
+
+ if (!($_POST['type'] === "2"))
+ userError("Wrong value for type
.");
+
+ if (!(preg_match("/^[a-z0-9]{64}$/", $_POST['fp'])))
+ userError("Wrong value for fp
.");
+
+ knotcZoneExec($_POST['zone'], array(
+ $values['domain'],
+ $values['ttl'],
+ "SSHFP",
+ $_POST['algo'],
+ $_POST['type'],
+ $_POST['fp']
+ ));
+
+ success("Enregistrement ajouté");
+}
+
+?>
= linkToDocs('record-sshfp', 'Documentation du type d\'enregistrement SSHFP') ?> @@ -6,7 +32,7 @@
- -algo."); - -if (!($_POST['type'] === "2")) - userError("Wrong value fortype
.");
-
-if (!(preg_match("/^[a-z0-9]{64}$/", $_POST['fp'])))
- userError("Wrong value for fp
.");
-
-knotcZoneExec($_POST['zone'], array(
- $values['domain'],
- $values['ttl'],
- "SSHFP",
- $_POST['algo'],
- $_POST['type'],
- $_POST['fp']
-));
-
-success("Enregistrement ajouté");
diff --git a/public/ns/tlsa.php b/public/ns/tlsa.php
index 11da4ab..3ba9ee2 100644
--- a/public/ns/tlsa.php
+++ b/public/ns/tlsa.php
@@ -1,4 +1,34 @@
-
+= 0 AND $_POST['use'] <= 3))
+ userError("Wrong value for use
.");
+
+ if (!($_POST['selector'] === "0" OR $_POST['selector'] === "1"))
+ userError("Wrong value for selector
.");
+
+ if (!($_POST['type'] >= 0 AND $_POST['type'] <= 2))
+ userError("Wrong value for type
.");
+
+ if (!(preg_match("/^[a-zA-Z0-9.-]{1,1024}$/", $_POST['content'])))
+ userError("Wrong value for content
.");
+
+ knotcZoneExec($_POST['zone'], array(
+ $values['domain'],
+ $values['ttl'],
+ "TLSA",
+ $_POST['use'],
+ $_POST['selector'],
+ $_POST['type'],
+ $_POST['content']
+ ));
+
+ success("Enregistrement ajouté");
+}
+
+?>
= linkToDocs('record-tlsa', 'Documentation du type d\'enregistrement TLSA') ?> @@ -6,7 +36,7 @@
- -= 0 AND $_POST['use'] <= 3)) - userError("Wrong value foruse
.");
-
-if (!($_POST['selector'] === "0" OR $_POST['selector'] === "1"))
- userError("Wrong value for selector
.");
-
-if (!($_POST['type'] >= 0 AND $_POST['type'] <= 2))
- userError("Wrong value for type
.");
-
-if (!(preg_match("/^[a-zA-Z0-9.-]{1,1024}$/", $_POST['content'])))
- userError("Wrong value for content
.");
-
-knotcZoneExec($_POST['zone'], array(
- $values['domain'],
- $values['ttl'],
- "TLSA",
- $_POST['use'],
- $_POST['selector'],
- $_POST['type'],
- $_POST['content']
-));
-
-success("Enregistrement ajouté");
diff --git a/public/ns/txt.php b/public/ns/txt.php
index 871687d..13e1afd 100644
--- a/public/ns/txt.php
+++ b/public/ns/txt.php
@@ -1,11 +1,29 @@
-
+txt.");
+
+ knotcZoneExec($_POST['zone'], array(
+ $values['domain'],
+ $values['ttl'],
+ "TXT",
+ "\"" . $_POST['txt'] . "\""
+ ));
+
+ success("Enregistrement ajouté");
+}
+
+?>
= linkToDocs('record-txt', 'Documentation du type d\'enregistrement TXT') ?>
- -txt."); - -knotcZoneExec($_POST['zone'], array( - $values['domain'], - $values['ttl'], - "TXT", - "\"" . $_POST['txt'] . "\"" -)); - -success("Enregistrement ajouté"); diff --git a/public/ns/zone-add.php b/public/ns/zone-add.php index 8caaa38..52f1d40 100644 --- a/public/ns/zone-add.php +++ b/public/ns/zone-add.php @@ -1,46 +1,46 @@ - + $_POST['domain']], 'zone') !== []) + userError("Cette zone existe déjà sur ce service."); + + $remoteNsRecords = array_column(dns_get_record($_POST['domain'], DNS_NS), 'target'); + foreach ($remoteNsRecords as $i => $remoteNsRecord) + $remoteNsRecords[$i] = formatAbsoluteDomain($remoteNsRecord); + if (array_merge(array_diff($remoteNsRecords, CONF['ns']['servers']), array_diff(CONF['ns']['servers'], $remoteNsRecords)) !== []) + userError("Ce domaine n'a pas les bons enregistrements NS."); + + $db = new PDO('sqlite:' . DB_PATH); + $stmt = $db->prepare("INSERT INTO zones(zone, username) VALUES(:zone, :username)"); + + $stmt->bindValue(':zone', $_POST['domain']); + $stmt->bindValue(':username', $_SESSION['username']); + + $stmt->execute(); + + $knotZonePath = CONF['ns']['knot_zones_path'] . "/" . $_POST['domain'] . "zone"; + $knotZone = $_POST['domain'] . ' 3600 SOA ' . CONF['ns']['servers'][0] . ' admin.niver.test. 1 21600 7200 3628800 3600' . "\n"; + foreach (CONF['ns']['servers'] as $server) + $knotZone .= $_POST['domain'] . ' 86400 NS ' . $server . "\n"; + if (is_int(file_put_contents($knotZonePath, $knotZone)) !== true) + serverError("Failed to write new zone file."); + if (chmod($knotZonePath, 0660) !== true) + serverError("Failed to chmod new zone file."); + + knotcConfExec([ + "set 'zone[" . $_POST['domain'] . "]'", + "set 'zone[" . $_POST['domain'] . "].template' 'niver-ns'", + ]); + + success("La requête a été traitée."); +} + +?> - - $_POST['domain']], 'zone') !== []) - userError("Cette zone existe déjà sur ce service."); - -$remoteNsRecords = array_column(dns_get_record($_POST['domain'], DNS_NS), 'target'); -foreach ($remoteNsRecords as $i => $remoteNsRecord) - $remoteNsRecords[$i] = formatAbsoluteDomain($remoteNsRecord); -if (array_merge(array_diff($remoteNsRecords, CONF['ns']['servers']), array_diff(CONF['ns']['servers'], $remoteNsRecords)) !== []) - userError("Ce domaine n'a pas les bons enregistrements NS."); - -$db = new PDO('sqlite:' . DB_PATH); -$stmt = $db->prepare("INSERT INTO zones(zone, username) VALUES(:zone, :username)"); - -$stmt->bindValue(':zone', $_POST['domain']); -$stmt->bindValue(':username', $_SESSION['username']); - -$stmt->execute(); - -$knotZonePath = CONF['ns']['knot_zones_path'] . "/" . $_POST['domain'] . "zone"; -$knotZone = $_POST['domain'] . ' 3600 SOA ' . CONF['ns']['servers'][0] . ' admin.niver.test. 1 21600 7200 3628800 3600' . "\n"; -foreach (CONF['ns']['servers'] as $server) - $knotZone .= $_POST['domain'] . ' 86400 NS ' . $server . "\n"; -if (is_int(file_put_contents($knotZonePath, $knotZone)) !== true) - serverError("Failed to write new zone file."); -if (chmod($knotZonePath, 0660) !== true) - serverError("Failed to chmod new zone file."); - -knotcConfExec([ - "set 'zone[" . $_POST['domain'] . "]'", - "set 'zone[" . $_POST['domain'] . "].template' 'niver-ns'", -]); - -success("La requête a été traitée."); diff --git a/public/ns/zone-del.php b/public/ns/zone-del.php index 32d8d37..c099c73 100644 --- a/public/ns/zone-del.php +++ b/public/ns/zone-del.php @@ -1,4 +1,14 @@ - + - - +algo."); + + $_POST['keytag'] = intval($_POST['keytag']); + if ((!preg_match("/^[0-9]{1,6}$/", $_POST['keytag'])) OR !($_POST['keytag'] >= 1) OR !($_POST['keytag'] <= 65535)) + userError("Wrong value forkeytag
.");
+
+ if ($_POST['dt'] !== "2" AND $_POST['dt'] !== "4")
+ userError("Wrong value for dt
.");
+
+ regCheckDomainPossession($_POST['zone']);
+
+ $action = checkAction($_POST['action']);
+
+ knotcZoneExec(CONF['reg']['registry'], array(
+ $_POST['zone'],
+ CONF['reg']['ttl'],
+ "DS",
+ $_POST['keytag'],
+ $_POST['algo'],
+ $_POST['dt'],
+ $_POST['key']
+ ));
+
+ success("La requête a été envoyée à Knot");
+}
+
+?>
Ici vous pouvez indiquer au registre l'enregistrement DS d'une zone afin de permettre de déléguer la confiance = linkToDocs('dnssec', 'DNSSEC') ?>.
@@ -16,12 +56,10 @@
@@ -66,38 +104,3 @@ if (isset($_SESSION['username'])) {
-
-algo.");
-
-$_POST['keytag'] = intval($_POST['keytag']);
-if ((!preg_match("/^[0-9]{1,6}$/", $_POST['keytag'])) OR !($_POST['keytag'] >= 1) OR !($_POST['keytag'] <= 65535))
- userError("Wrong value for keytag
.");
-
-if ($_POST['dt'] !== "2" AND $_POST['dt'] !== "4")
- userError("Wrong value for dt
.");
-
-regCheckDomainPossession($_POST['zone']);
-
-$action = checkAction($_POST['action']);
-
-knotcZoneExec(CONF['reg']['registry'], array(
- $_POST['zone'],
- CONF['reg']['ttl'],
- "DS",
- $_POST['keytag'],
- $_POST['algo'],
- $_POST['dt'],
- $_POST['key']
-));
-
-success("La requête a été envoyée à Knot");
diff --git a/public/reg/glue.php b/public/reg/glue.php
index edd7d8d..47e2852 100644
--- a/public/reg/glue.php
+++ b/public/reg/glue.php
@@ -1,4 +1,23 @@
-
+
= linkToDocs('glue-record', 'Documentation sur le glue record'); ?>
@@ -38,22 +57,3 @@ if (isset($_SESSION['username']))
-
-
-
Ce registre permet d'obtenir un domaine se terminant par = CONF['reg']['registry'] ?>
, par exemple domaine.= CONF['reg']['registry'] ?>
.
= linkToDocs('record-ns', 'Documentation du type d\'enregistrement NS') ?>
@@ -29,19 +45,3 @@ if (isset($_SESSION['username']))
-
-
-