servnest
/
servnest
1
1
Fork 0
Code Issues 4 Pull Requests Releases Wiki Activity

router.php + process form before display 

The webservers now need to send every request to router.php, which will call appropriate files.

Forms will be treated before being displayed.
This commit is contained in:
Miraty 2022-09-01 04:21:17 +02:00
parent 7a35ebccc5
commit e3af4c946d
44 changed files with 899 additions and 890 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
common/init.php
View File

@ -1,17 +0,0 @@
<?php
define("CONF", parse_ini_file(__DIR__ . "/../config.ini", true, INI_SCANNER_TYPED));
define("SERVICE", substr(dirname($_SERVER['PHP_SELF']), strlen(CONF['common']['prefix']) + 1));
define("PAGE", basename($_SERVER['PHP_SELF'], '.php'));
define("DB_PATH", CONF['common']['root_path'] . "/db/niver.db"); // Niver's SQLite database
define("PLACEHOLDER_DOMAIN", "example"); // From RFC2606: Reserved Top Level DNS Names > 2. TLDs for Testing, & Documentation Examples
define("PLACEHOLDER_IPV6", "2001:db8::3"); // From RFC3849: IPv6 Address Prefix Reserved for Documentation
define("PLACEHOLDER_IPV4", "203.0.113.42"); // From RFC5737: IPv4 Address Blocks Reserved for Documentation
foreach (array_diff(scandir(CONF['common']['root_path'] . "/fn"), array('..', '.')) as $file)
require CONF['common']['root_path'] . '/fn/' . $file;
// Page titles definition
require "pages.php";

0
public/css/clr.css → css/clr.css
View File

0
public/css/form.css → css/form.css
View File

0
public/css/main.css → css/main.css
View File

8
fn/common.php
View File

@ -21,14 +21,14 @@ function serverError($msg) {
closeHTML(); closeHTML();
} }
// For use in pages that first display a form and then process it function processForm($requireLogin = true) {
function switchToFormProcess($requireLogin = true) {
if (empty($_POST) AND $requireLogin AND !isset($_SESSION['username'])) if (empty($_POST) AND $requireLogin AND !isset($_SESSION['username']))
echo '<p>Ce formulaire ne sera pas accepté car il faut <a class="auth" href="' . redirUrl('auth/login') . '">se connecter</a> avant.</p>'; echo '<p>Ce formulaire ne sera pas accepté car il faut <a class="auth" href="' . redirUrl('auth/login') . '">se connecter</a> avant.</p>';
if (empty($_POST)) if (empty($_POST))
closeHTML(); return false;
if ($requireLogin AND !isset($_SESSION['username'])) if ($requireLogin AND !isset($_SESSION['username']))
userError("Vous devez être connecté·e pour effectuer cette action."); userError("Vous devez être connecté·e pour effectuer cette action.");
return true;
} }
function query($action, $table, $conditions = [], $column = NULL) { function query($action, $table, $conditions = [], $column = NULL) {
@ -79,7 +79,7 @@ function displayIndex() { ?>
function redirUrl($pageId) { function redirUrl($pageId) {
$currentPath = ''; $currentPath = '';
if (SERVICE !== '') $currentPath .= SERVICE . '/'; if (SERVICE !== '.') $currentPath .= SERVICE . '/';
if (PAGE !== 'index') $currentPath .= PAGE; if (PAGE !== 'index') $currentPath .= PAGE;
return CONF['common']['prefix'] . "/$pageId?redir=$currentPath"; return CONF['common']['prefix'] . "/$pageId?redir=$currentPath";
} }

4
common/html.php → html.php
View File

@ -1,7 +1,5 @@
<?php <?php
require "init.php";
// Session initialisation (with cookies) // Session initialisation (with cookies)
if ( if (
isset($_COOKIE['niver-session-key']) // Resume session isset($_COOKIE['niver-session-key']) // Resume session
@ -39,7 +37,7 @@ if (isset($page['service']))
echo strip_tags(TITLES['index']); echo strip_tags(TITLES['index']);
?></title> ?></title>
<?php <?php
foreach (array_diff(scandir(CONF['common']['root_path'] . "/public/css"), array('..', '.')) as $cssPath) foreach (array_diff(scandir(CONF['common']['root_path'] . "/css"), array('..', '.')) as $cssPath)
echo ' <link type="text/css" rel="stylesheet" media="screen" href="' . CONF['common']['prefix'] . '/css/' . $cssPath . '">' . "\n"; echo ' <link type="text/css" rel="stylesheet" media="screen" href="' . CONF['common']['prefix'] . '/css/' . $cssPath . '">' . "\n";
?> ?>
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">

6
common/pages.php → pages.php
View File

@ -92,9 +92,3 @@ define('DESCRIPTIONS', [
], ],
] ]
); );
if (SERVICE !== '') {
$page['service'] = TITLES[SERVICE]['index'];
if (PAGE !== 'index')
$page['title'] = TITLES[SERVICE][PAGE];
}

4
public/auth/index.php
View File

@ -1,5 +1 @@
<?php require "../../common/html.php"; ?>
<?php displayIndex(); ?> <?php displayIndex(); ?>
<?php closeHTML(); ?>

48
public/auth/login.php
View File

@ -1,4 +1,27 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm(false)) {
checkPasswordFormat($_POST['password']);
checkUsernameFormat($_POST['username']);
if (userExist($_POST['username']) !== true)
userError("Connexion impossible : ce compte n'existe pas.");
if (checkPassword($_POST['username'], $_POST['password']) !== true)
userError("Connexion impossible : clé de passe invalide.");
$_SESSION['username'] = $_POST['username'];
if (outdatedPasswordHash($_SESSION['username']))
changePassword($_SESSION['username'], $_POST['password']);
redir();
success("Connecté·e.");
}
?>
<p>Pas de compte ? <a class="auth" href="register">En créer un</a></p> <p>Pas de compte ? <a class="auth" href="register">En créer un</a></p>
@ -13,26 +36,3 @@
<input type="submit"> <input type="submit">
</form> </form>
<?php
switchToFormProcess(requireLogin: false);
checkPasswordFormat($_POST['password']);
checkUsernameFormat($_POST['username']);
if (userExist($_POST['username']) !== true)
userError("Connexion impossible : ce compte n'existe pas.");
if (checkPassword($_POST['username'], $_POST['password']) !== true)
userError("Connexion impossible : clé de passe invalide.");
$_SESSION['username'] = $_POST['username'];
if (outdatedPasswordHash($_SESSION['username']))
changePassword($_SESSION['username'], $_POST['password']);
redir();
success("Connecté·e.");

2
public/auth/logout.php
View File

@ -1,5 +1,3 @@
<?php require "../../common/html.php"; ?>
<?php <?php
if (session_status() === PHP_SESSION_ACTIVE) if (session_status() === PHP_SESSION_ACTIVE)

28
public/auth/password.php
View File

@ -1,4 +1,17 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
checkPasswordFormat($_POST['newPassword']);
if (checkPassword($_SESSION['username'], $_POST['currentPassword']) !== true)
userError("Changement impossible : clé de passe invalide.");
changePassword($_SESSION['username'], $_POST['newPassword']);
success("Clé de passe changée.");
}
?>
<p> <p>
Vous pouvez ici changer la clé de passe permettant d'accéder à votre compte Niver. Vous pouvez ici changer la clé de passe permettant d'accéder à votre compte Niver.
@ -13,16 +26,3 @@
<input type="submit"> <input type="submit">
</form> </form>
<?php
switchToFormProcess();
checkPasswordFormat($_POST['newPassword']);
if (checkPassword($_SESSION['username'], $_POST['currentPassword']) !== true)
userError("Changement impossible : clé de passe invalide.");
changePassword($_SESSION['username'], $_POST['newPassword']);
success("Clé de passe changée.");

90
public/auth/register.php
View File

@ -1,4 +1,48 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm(false)) {
checkPasswordFormat($_POST['password']);
checkUsernameFormat($_POST['username']);
if (userExist($_POST['username']) !== false)
userError("Ce nom de compte est déjà utilisé.");
// Setup SFTP directory
umask(0002);
if (mkdir(CONF['ht']['ht_path'] . "/" . $_POST['username'], 0775) !== true)
serverError("Can't create user directory.");
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['chgrp_path'] . " " . CONF['ht']['sftpgo_group'] . " " . CONF['ht']['ht_path'] . "/" . $_POST['username'] . " --no-dereference", result_code: $code);
if ($code !== 0)
serverError("Can't change user directory group.");
// Setup Tor config directory
if (mkdir(CONF['ht']['tor_config_path'] . "/" . $_POST['username'], 0755) !== true)
serverError("Can't create Tor config directory.");
// Setup Tor keys directory
exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['mkdir_path'] . " --mode=0700 " . CONF['ht']['tor_keys_path'] . "/" . $_POST['username'], result_code: $code);
if ($code !== 0)
serverError("Can't create Tor keys directory.");
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("INSERT INTO users(username, password, registration_date) VALUES(:username, :password, :registration_date)");
$stmt->bindValue(':username', $_POST['username']);
$stmt->bindValue(':password', hashPassword($_POST['password']));
$stmt->bindValue(':registration_date', date("Y-m-d H:i:s"));
$stmt->execute();
$_SESSION['username'] = $_POST['username'];
redir();
success("Compte créé.");
}
?>
<p>Déjà un compte ? <a class="auth" href="login">Se connecter</a></p> <p>Déjà un compte ? <a class="auth" href="login">Se connecter</a></p>
@ -20,47 +64,3 @@
<input type="submit"> <input type="submit">
</form> </form>
<?php
switchToFormProcess(requireLogin: false);
checkPasswordFormat($_POST['password']);
checkUsernameFormat($_POST['username']);
if (userExist($_POST['username']) !== false)
userError("Ce nom de compte est déjà utilisé.");
// Setup SFTP directory
umask(0002);
if (mkdir(CONF['ht']['ht_path'] . "/" . $_POST['username'], 0775) !== true)
serverError("Can't create user directory.");
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['chgrp_path'] . " " . CONF['ht']['sftpgo_group'] . " " . CONF['ht']['ht_path'] . "/" . $_POST['username'] . " --no-dereference", result_code: $code);
if ($code !== 0)
serverError("Can't change user directory group.");
// Setup Tor config directory
if (mkdir(CONF['ht']['tor_config_path'] . "/" . $_POST['username'], 0755) !== true)
serverError("Can't create Tor config directory.");
// Setup Tor keys directory
exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['mkdir_path'] . " --mode=0700 " . CONF['ht']['tor_keys_path'] . "/" . $_POST['username'], result_code: $code);
if ($code !== 0)
serverError("Can't create Tor keys directory.");
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("INSERT INTO users(username, password, registration_date) VALUES(:username, :password, :registration_date)");
$stmt->bindValue(':username', $_POST['username']);
$stmt->bindValue(':password', hashPassword($_POST['password']));
$stmt->bindValue(':registration_date', date("Y-m-d H:i:s"));
$stmt->execute();
$_SESSION['username'] = $_POST['username'];
redir();
success("Compte créé.");

84
public/auth/unregister.php
View File

@ -1,4 +1,45 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
if (!isset($_POST['delete']))
userError("Il faut confirmer la suppression du compte");
foreach (query('select', 'registry', ['username' => $_SESSION['username']], 'domain') as $domain)
regDeleteDomain($domain);
foreach (query('select', 'zones', ['username' => $_SESSION['username']], 'zone') as $zone)
nsDeleteZone($zone);
foreach (query('select', 'sites', [
'username' => $_SESSION['username'],
'domain_type' => 'onion',
'protocol' => 'http',
], 'site_dir') as $dir)
htDeleteSite($dir, domainType: 'onion', protocol: 'http');
foreach (query('select', 'sites', [
'username' => $_SESSION['username'],
'domain_type' => 'dns',
'protocol' => 'http',
], 'site_dir') as $dir)
htDeleteSite($dir, domainType: 'dns', protocol: 'http');
exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['rm_path'] . " --recursive " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'], result_code: $code);
if ($code !== 0)
serverError("Can't remove Tor keys directory.");
removeDirectory(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username']);
removeDirectory(CONF['ht']['ht_path'] . '/' . $_SESSION['username']);
query('delete', 'users', ['username' => $_SESSION['username']]);
redir();
success("Compte supprimé.");
}
?>
<form method="post"> <form method="post">
<input type="checkbox" name="delete" id="delete"> <input type="checkbox" name="delete" id="delete">
@ -6,44 +47,3 @@
<br> <br>
<input type="submit"> <input type="submit">
</form> </form>
<?php
switchToFormProcess();
if (!isset($_POST['delete']))
userError("Il faut confirmer la suppression du compte");
foreach (query('select', 'registry', ['username' => $_SESSION['username']], 'domain') as $domain)
regDeleteDomain($domain);
foreach (query('select', 'zones', ['username' => $_SESSION['username']], 'zone') as $zone)
nsDeleteZone($zone);
foreach (query('select', 'sites', [
'username' => $_SESSION['username'],
'domain_type' => 'onion',
'protocol' => 'http',
], 'site_dir') as $dir)
htDeleteSite($dir, domainType: 'onion', protocol: 'http');
foreach (query('select', 'sites', [
'username' => $_SESSION['username'],
'domain_type' => 'dns',
'protocol' => 'http',
], 'site_dir') as $dir)
htDeleteSite($dir, domainType: 'dns', protocol: 'http');
exec(CONF['ht']['sudo_path'] . " -u " . CONF['ht']['tor_user'] . " " . CONF['ht']['rm_path'] . " --recursive " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'], result_code: $code);
if ($code !== 0)
serverError("Can't remove Tor keys directory.");
removeDirectory(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username']);
removeDirectory(CONF['ht']['ht_path'] . '/' . $_SESSION['username']);
query('delete', 'users', ['username' => $_SESSION['username']]);
redir();
success("Compte supprimé.");

106
public/ht/add-http-dns.php
View File

@ -1,4 +1,54 @@
<?php require "../../common/html.php"; ?> <?php
if (isset($_SESSION['username']))
$dirsStatuses = dirsStatuses($_SESSION['username'], "dns", "http");
else
$dirsStatuses = [];
if (processForm()) {
checkDomainFormat($_POST['domain']);
if ($dirsStatuses[$_POST['dir']] !== false)
userError("Wrong value for <code>dir</code>.");
if (query('select', 'sites', ['domain' => $_POST['domain']], 'domain') !== [])
userError("Ce domaine existe déjà sur ce service.");
$remoteAaaaRecords = array_column(dns_get_record($_POST['domain'], DNS_AAAA), 'ipv6');
if (array_merge(array_diff($remoteAaaaRecords, [CONF['ht']['ipv6_address']]), array_diff([CONF['ht']['ipv6_address']], $remoteAaaaRecords)) !== [])
userError("Ce domaine doit avoir pour enregistrement AAAA <code>" . CONF['ht']['ipv6_address'] . "</code>.");
$remoteARecords = array_column(dns_get_record($_POST['domain'], DNS_A), 'ip');
if (array_merge(array_diff($remoteARecords, [CONF['ht']['ipv4_address']]), array_diff([CONF['ht']['ipv4_address']], $remoteARecords)) !== [])
userError("Ce domaine doit avoir pour enregistrement A <code>" . CONF['ht']['ipv4_address'] . "</code>.");
addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], "dns", "http");
$nginxConf = 'server {
listen [::1]:' . CONF['ht']['https_port'] . ' ssl http2;
listen 127.0.0.1:' . CONF['ht']['https_port'] . ' ssl http2;
server_name ' . $_POST['domain'] . ';
root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . ';
ssl_certificate /etc/ssl/certs/niver.crt;
ssl_certificate_key /etc/ssl/private/niver.key;
include inc/ht-tls.conf;
}
';
if (file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf", $nginxConf) === false)
serverError("Failed to write Nginx configuration.");
// Reload Nginx
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", result_code: $code);
if ($code !== 0)
serverError("Failed to reload Nginx.");
success("Accès HTTP par domaine ajouté sur ce dossier !");
}
?>
<p> <p>
Ajouter un domaine sur un dossier de site<br> Ajouter un domaine sur un dossier de site<br>
@ -16,13 +66,9 @@
<?php <?php
if (isset($_SESSION['username'])) { foreach ($dirsStatuses as $dir => $alreadyEnabled) {
$dirsStatuses = dirsStatuses($_SESSION['username'], "dns", "http"); $disabled = $alreadyEnabled ? " disabled=''" : "";
echo " <option" . $disabled . " value='" . $dir . "'>" . $dir . "</option>";
foreach ($dirsStatuses as $dir => $alreadyEnabled) {
$disabled = $alreadyEnabled ? " disabled=''" : "";
echo " <option" . $disabled . " value='" . $dir . "'>" . $dir . "</option>";
}
} }
?> ?>
@ -31,47 +77,3 @@ if (isset($_SESSION['username'])) {
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
checkDomainFormat($_POST['domain']);
if ($dirsStatuses[$_POST['dir']] !== false)
userError("Wrong value for <code>dir</code>.");
if (query('select', 'sites', ['domain' => $_POST['domain']], 'domain') !== [])
userError("Ce domaine existe déjà sur ce service.");
$remoteAaaaRecords = array_column(dns_get_record($_POST['domain'], DNS_AAAA), 'ipv6');
if (array_merge(array_diff($remoteAaaaRecords, [CONF['ht']['ipv6_address']]), array_diff([CONF['ht']['ipv6_address']], $remoteAaaaRecords)) !== [])
userError("Ce domaine doit avoir pour enregistrement AAAA <code>" . CONF['ht']['ipv6_address'] . "</code>.");
$remoteARecords = array_column(dns_get_record($_POST['domain'], DNS_A), 'ip');
if (array_merge(array_diff($remoteARecords, [CONF['ht']['ipv4_address']]), array_diff([CONF['ht']['ipv4_address']], $remoteARecords)) !== [])
userError("Ce domaine doit avoir pour enregistrement A <code>" . CONF['ht']['ipv4_address'] . "</code>.");
addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], "dns", "http");
$nginxConf = 'server {
listen [::1]:' . CONF['ht']['https_port'] . ' ssl http2;
listen 127.0.0.1:' . CONF['ht']['https_port'] . ' ssl http2;
server_name ' . $_POST['domain'] . ';
root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . ';
ssl_certificate /etc/ssl/certs/niver.crt;
ssl_certificate_key /etc/ssl/private/niver.key;
include inc/ht-tls.conf;
}
';
if (file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf", $nginxConf) === false)
serverError("Failed to write Nginx configuration.");
// Reload Nginx
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", result_code: $code);
if ($code !== 0)
serverError("Failed to reload Nginx.");
success("Accès HTTP par domaine ajouté sur ce dossier !");

115
public/ht/add-http-onion.php
View File

@ -1,4 +1,59 @@
<?php require "../../common/html.php"; ?> <?php
if (isset($_SESSION['username']))
$dirsStatuses = dirsStatuses($_SESSION['username'], "onion", "http");
else
$dirsStatuses = [];
if (processForm()) {
if ($dirsStatuses[$_POST['dir']] !== false)
userError("Wrong value for <code>dir</code>.");
// Add Tor config
$torConf = "HiddenServiceDir " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'] . "/" . $_POST['dir'] . "/
HiddenServicePort 80 [::1]:" . CONF['ht']['internal_onion_http_port'] . "
";
if (file_put_contents(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'], $torConf) === false)
serverError("Failed to write new Tor configuration.");
// Reload Tor
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload " . CONF['ht']['tor_service'], $output, $code);
if ($code !== 0)
serverError("Failed to reload Tor.");
// Get the address generated by Tor
exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['cat_path'] . ' ' . CONF['ht']['tor_keys_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . '/hostname', $output);
$onion = $output[0];
if (preg_match("/[0-9a-z]{56}\.onion/", $onion) !== 1)
serverError("No onion address found.");
// Store it in the database
addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "http");
// Add Nginx config
$nginxConf = 'server {
listen [::1]:' . CONF['ht']['internal_onion_http_port'] . ';
server_name ' . $onion . ';
root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . ';
include inc/ht-onion.conf;
}
';
if (file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $onion . ".conf", $nginxConf) === false)
serverError("Failed to write Nginx configuration.");
// Reload Nginx
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", result_code: $code);
if ($code !== 0)
serverError("Failed to reload Nginx.");
// Tell the user their site address
success("L'adresse de votre service Onion HTTP est : <a href='http://" . $onion . "/'<code>http://" . $onion . "/</code></a>");
}
?>
<p> <p>
Ajouter un accès en .onion sur un dossier Ajouter un accès en .onion sur un dossier
</p> </p>
@ -10,13 +65,9 @@
<?php <?php
if (isset($_SESSION['username'])) { foreach ($dirsStatuses as $dir => $alreadyEnabled) {
$dirsStatuses = dirsStatuses($_SESSION['username'], "onion", "http"); $disabled = $alreadyEnabled ? "disabled='' " : "";
echo " <option " . $disabled . "value='" . $dir . "'>" . $dir . "</option>";
foreach ($dirsStatuses as $dir => $alreadyEnabled) {
$disabled = $alreadyEnabled ? "disabled='' " : "";
echo " <option " . $disabled . "value='" . $dir . "'>" . $dir . "</option>";
}
} }
?> ?>
@ -25,51 +76,3 @@ if (isset($_SESSION['username'])) {
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
if ($dirsStatuses[$_POST['dir']] !== false)
userError("Wrong value for <code>dir</code>.");
// Add Tor config
$torConf = "HiddenServiceDir " . CONF['ht']['tor_keys_path'] . "/" . $_SESSION['username'] . "/" . $_POST['dir'] . "/
HiddenServicePort 80 [::1]:" . CONF['ht']['internal_onion_http_port'] . "
";
if (file_put_contents(CONF['ht']['tor_config_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'], $torConf) === false)
serverError("Failed to write new Tor configuration.");
// Reload Tor
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload " . CONF['ht']['tor_service'], $output, $code);
if ($code !== 0)
serverError("Failed to reload Tor.");
// Get the address generated by Tor
exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['cat_path'] . ' ' . CONF['ht']['tor_keys_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . '/hostname', $output);
$onion = $output[0];
if (preg_match("/[0-9a-z]{56}\.onion/", $onion) !== 1)
serverError("No onion address found.");
// Store it in the database
addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "http");
// Add Nginx config
$nginxConf = 'server {
listen [::1]:' . CONF['ht']['internal_onion_http_port'] . ';
server_name ' . $onion . ';
root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['username'] . '/' . $_POST['dir'] . ';
include inc/ht-onion.conf;
}
';
if (file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $onion . ".conf", $nginxConf) === false)
serverError("Failed to write Nginx configuration.");
// Reload Nginx
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", result_code: $code);
if ($code !== 0)
serverError("Failed to reload Nginx.");
// Tell the user their site address
success("L'adresse de votre service Onion HTTP est : <a href='http://" . $onion . "/'<code>http://" . $onion . "/</code></a>");

39
public/ht/del-http-dns.php
View File

@ -1,4 +1,20 @@
<?php require "../../common/html.php"; ?> <?php
if (isset($_SESSION['username']))
$dirsStatuses = dirsStatuses($_SESSION['username'], "dns", "http");
else
$dirsStatuses = [];
if (processForm()) {
if ($dirsStatuses[$_POST['dir']] !== true)
userError("Wrong value for <code>dir</code>.");
htDeleteSite($_POST['dir'], domainType: 'dns', protocol: 'http');
success("Accès retiré.");
}
?>
<p> <p>
Retirer un accès DNS et TLS d'un dossier Retirer un accès DNS et TLS d'un dossier
@ -11,13 +27,9 @@
<?php <?php
if (isset($_SESSION['username'])) { foreach ($dirsStatuses as $dir => $alreadyEnabled) {
$dirsStatuses = dirsStatuses($_SESSION['username'], "dns", "http"); $disabled = $alreadyEnabled ? "" : "disabled='' ";
echo " <option " . $disabled . "value='" . $dir . "'>" . $dir . "</option>\n";
foreach ($dirsStatuses as $dir => $alreadyEnabled) {
$disabled = $alreadyEnabled ? "" : "disabled='' ";
echo " <option " . $disabled . "value='" . $dir . "'>" . $dir . "</option>\n";
}
} }
?> ?>
@ -26,14 +38,3 @@ if (isset($_SESSION['username'])) {
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
if ($dirsStatuses[$_POST['dir']] !== true)
userError("Wrong value for <code>dir</code>.");
htDeleteSite($_POST['dir'], domainType: 'dns', protocol: 'http');
success("Accès retiré.");

39
public/ht/del-http-onion.php
View File

@ -1,4 +1,20 @@
<?php require "../../common/html.php"; ?> <?php
if (isset($_SESSION['username']))
$dirsStatuses = dirsStatuses($_SESSION['username'], "onion", "http");
else
$dirsStatuses = [];
if (processForm()) {
if ($dirsStatuses[$_POST['dir']] !== true)
userError("Wrong value for <code>dir</code>.");
htDeleteSite($_POST['dir'], domainType: 'onion', protocol: 'http');
success("Accès retiré.");
}
?>
<p> <p>
Retirer un accès Onion d'un dossier Retirer un accès Onion d'un dossier
@ -11,13 +27,9 @@
<?php <?php
if (isset($_SESSION['username'])) { foreach ($dirsStatuses as $dir => $alreadyEnabled) {
$dirsStatuses = dirsStatuses($_SESSION['username'], "onion", "http"); $disabled = $alreadyEnabled ? "" : "disabled='' ";
echo " <option " . $disabled . "value='" . $dir . "'>" . $dir . "</option>\n";
foreach ($dirsStatuses as $dir => $alreadyEnabled) {
$disabled = $alreadyEnabled ? "" : "disabled='' ";
echo " <option " . $disabled . "value='" . $dir . "'>" . $dir . "</option>\n";
}
} }
?> ?>
@ -26,14 +38,3 @@ if (isset($_SESSION['username'])) {
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
if ($dirsStatuses[$_POST['dir']] !== true)
userError("Wrong value for <code>dir</code>.");
htDeleteSite($_POST['dir'], domainType: 'onion', protocol: 'http');
success("Accès retiré.");

4
public/ht/index.php
View File

@ -1,5 +1,3 @@
<?php require "../../common/html.php"; ?>
<p> <p>
Ce service permet d'envoyer des fichiers sur le serveur par <?= linkToDocs('sftp', 'SFTP') ?> afin de les rendre accessibles par <?= linkToDocs('http', 'HTTP') ?>. Ce service permet d'envoyer des fichiers sur le serveur par <?= linkToDocs('sftp', 'SFTP') ?> afin de les rendre accessibles par <?= linkToDocs('http', 'HTTP') ?>.
</p> </p>
@ -58,5 +56,3 @@
</dd> </dd>
</dl> </dl>
</section> </section>
<?php closeHTML(); ?>

53
public/ht/le.php
View File

@ -1,4 +1,30 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['certbot_path'] . " certonly --dry-run --test-cert --webroot --webroot-path /srv/acme --register-unsafely-without-email --agree-tos --domain " . $_POST['domain'], $output, $returnCode);
// Abort if Certbot failed
if ($returnCode !== 0)
serverError("Certbot failed to get a Let's Encrypt certificate.");
// Replace self-signed certificate by Let's Encrypt certificate in Nginx configuration
$conf = file_get_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf");
$conf = preg_replace("#/etc/ssl/certs/niver\.crt#", "/etc/letsencrypt/live/" . $_POST['domain'] . "/fullchain.pem", $conf);
$conf = preg_replace("#/etc/ssl/private/niver\.key#", "/etc/letsencrypt/live/" . $_POST['domain'] . "/privkey.pem", $conf);
file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf", $conf);
// Reload Nginx
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", $output, $returnCode);
// Abort if Nginx reload failed
if ($returnCode !== 0)
serverError("Nginx configuration reload failed.");
success("La connexion avec votre site utilise désomais un certificat TLS émis par Let's Encrypt.");
}
?>
<p> <p>
Installer un certificat Let's Encrypt Installer un certificat Let's Encrypt
</p> </p>
@ -20,28 +46,3 @@ if (isset($_SESSION['username'])) {
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['certbot_path'] . " certonly --dry-run --test-cert --webroot --webroot-path /srv/acme --register-unsafely-without-email --agree-tos --domain " . $_POST['domain'], $output, $returnCode);
// Abort if Certbot failed
if ($returnCode !== 0)
serverError("Certbot failed to get a Let's Encrypt certificate.");
// Replace self-signed certificate by Let's Encrypt certificate in Nginx configuration
$conf = file_get_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf");
$conf = preg_replace("#/etc/ssl/certs/niver\.crt#", "/etc/letsencrypt/live/" . $_POST['domain'] . "/fullchain.pem", $conf);
$conf = preg_replace("#/etc/ssl/private/niver\.key#", "/etc/letsencrypt/live/" . $_POST['domain'] . "/privkey.pem", $conf);
file_put_contents(CONF['ht']['nginx_config_path'] . "/" . $_POST['domain'] . ".conf", $conf);
// Reload Nginx
exec(CONF['ht']['sudo_path'] . " " . CONF['ht']['systemctl_path'] . " reload nginx", $output, $returnCode);
// Abort if Nginx reload failed
if ($returnCode !== 0)
serverError("Nginx configuration reload failed.");
success("La connexion avec votre site utilise désomais un certificat TLS émis par Let's Encrypt.");

4
public/index.php
View File

@ -1,5 +1,3 @@
<?php require "../common/html.php"; ?>
<nav> <nav>
<dl> <dl>
<dt><a class="auth" href="auth/"><?= TITLES['auth']['index'] ?></a></dt> <dt><a class="auth" href="auth/"><?= TITLES['auth']['index'] ?></a></dt>
@ -26,5 +24,3 @@
<?php } ?> <?php } ?>
</dl> </dl>
</nav> </nav>
<?php closeHTML(); ?>

57
public/ns/caa.php
View File

@ -1,4 +1,30 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
$values = nsParseCommonRequirements();
if (!($_POST['flag'] >= 0 AND $_POST['flag'] <= 255))
userError("Wrong value for <code>flag</code>.");
if (!(preg_match("/^[a-z]{1,127}$/", $_POST['tag'])))
userError("Wrong value for <code>tag</code>.");
if (!(preg_match("/^[a-z0-9.-]{1,255}$/", $_POST['value'])))
userError("Wrong value for <code>value</code>.");
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"CAA",
$_POST['flag'],
$_POST['tag'],
$_POST['value']
));
success("Enregistrement ajouté");
}
?>
<p> <p>
<?= linkToDocs('record-caa', 'Documentation du type d\'enregistrement CAA') ?> <?= linkToDocs('record-caa', 'Documentation du type d\'enregistrement CAA') ?>
@ -6,7 +32,7 @@
<form method="post"> <form method="post">
<?php require "../../form.ns.php"; ?> <?php require "form.ns.php"; ?>
<br> <br>
<label for="flag">Flag</label> <label for="flag">Flag</label>
@ -23,30 +49,3 @@
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
$values = nsParseCommonRequirements();
if (!($_POST['flag'] >= 0 AND $_POST['flag'] <= 255))
userError("Wrong value for <code>flag</code>.");
if (!(preg_match("/^[a-z]{1,127}$/", $_POST['tag'])))
userError("Wrong value for <code>tag</code>.");
if (!(preg_match("/^[a-z0-9.-]{1,255}$/", $_POST['value'])))
userError("Wrong value for <code>value</code>.");
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"CAA",
$_POST['flag'],
$_POST['tag'],
$_POST['value']
));
success("Enregistrement ajouté");

38
public/ns/cname.php
View File

@ -1,11 +1,28 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
$values = nsParseCommonRequirements();
$_POST['cname'] = formatAbsoluteDomain($_POST['cname']);
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"CNAME",
$_POST['cname']
));
success("Enregistrement ajouté");
}
?>
<p> <p>
<?= linkToDocs('record-cname', 'Documentation du type d\'enregistrement CNAME') ?> <?= linkToDocs('record-cname', 'Documentation du type d\'enregistrement CNAME') ?>
</p> </p>
<form method="post"> <form method="post">
<?php require "../../form.ns.php"; ?> <?php require "form.ns.php"; ?>
<br> <br>
<label for="cname">Nom canonique</label> <label for="cname">Nom canonique</label>
<br> <br>
@ -13,20 +30,3 @@
<br> <br>
<input value="Procéder" type="submit"> <input value="Procéder" type="submit">
</form> </form>
<?php
switchToFormProcess();
$values = nsParseCommonRequirements();
$_POST['cname'] = formatAbsoluteDomain($_POST['cname']);
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"CNAME",
$_POST['cname']
));
success("Enregistrement ajouté");

38
public/ns/dname.php
View File

@ -1,11 +1,28 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
$values = nsParseCommonRequirements();
$_POST['dname'] = formatAbsoluteDomain($_POST['dname']);
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"DNAME",
$_POST['dname']
));
success("Enregistrement ajouté");
}
?>
<p> <p>
<?= linkToDocs('record-dname', 'Documentation du type d\'enregistrement DNAME') ?> <?= linkToDocs('record-dname', 'Documentation du type d\'enregistrement DNAME') ?>
</p> </p>
<form method="post"> <form method="post">
<?php require "../../form.ns.php"; ?> <?php require "form.ns.php"; ?>
<br> <br>
<label for="dname">Nom délégué</label> <label for="dname">Nom délégué</label>
<br> <br>
@ -13,20 +30,3 @@
<br> <br>
<input value="Procéder" type="submit"> <input value="Procéder" type="submit">
</form> </form>
<?php
switchToFormProcess();
$values = nsParseCommonRequirements();
$_POST['dname'] = formatAbsoluteDomain($_POST['dname']);
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"DNAME",
$_POST['dname']
));
success("Enregistrement ajouté");

3
public/ns/index.php
View File

@ -1,5 +1,3 @@
<?php require "../../common/html.php"; ?>
<?php displayIndex(); ?> <?php displayIndex(); ?>
<p> <p>
@ -12,4 +10,3 @@ foreach (CONF['ns']['servers'] as $server)
</ul> </ul>
</p> </p>
<?php closeHTML(); ?>

38
public/ns/ip.php
View File

@ -1,29 +1,29 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
$values = nsParseCommonRequirements();
$record = checkIpFormat($_POST['ip']);
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
$record,
$_POST['ip']
));
success("Enregistrement ajouté");
}
?>
<p> <p>
<?= linkToDocs('record-txt', 'Documentation des types d\'enregistrements A et AAAA') ?> <?= linkToDocs('record-txt', 'Documentation des types d\'enregistrements A et AAAA') ?>
</p> </p>
<form method="post"> <form method="post">
<?php require "../../form.ns.php"; ?> <?php require "form.ns.php"; ?>
<label for="ip">Adresse IP</label><br> <label for="ip">Adresse IP</label><br>
<input required="" pattern="^[a-f0-9:.]+$" id="ip" name="ip" minlength="7" maxlength="39" size="40" type="text" placeholder="<?= PLACEHOLDER_IPV6 ?> ou <?= PLACEHOLDER_IPV4 ?>"><br> <input required="" pattern="^[a-f0-9:.]+$" id="ip" name="ip" minlength="7" maxlength="39" size="40" type="text" placeholder="<?= PLACEHOLDER_IPV6 ?> ou <?= PLACEHOLDER_IPV4 ?>"><br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
$values = nsParseCommonRequirements();
$record = checkIpFormat($_POST['ip']);
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
$record,
$_POST['ip']
));
success("Enregistrement ajouté");

150
public/ns/loc.php
View File

@ -1,4 +1,77 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
$values = nsParseCommonRequirements();
if (empty($_POST['lat-min']))
$_POST['lat-min'] = 0;
if (empty($_POST['lat-sec']))
$_POST['lat-sec'] = 0;
if (empty($_POST['lon-min']))
$_POST['lon-min'] = 0;
if (empty($_POST['lon-sec']))
$_POST['lon-sec'] = 0;
if (empty($_POST['size']))
$_POST['size'] = 1;
if (empty($_POST['hp']))
$_POST['hp'] = 10000;
if (empty($_POST['vp']))
$_POST['vp'] = 10;
if (!($_POST['lat-deg'] >= 0 AND $_POST['lat-deg'] <= 90))
userError("Wrong value for <code>lat-deg</code>.");
if (!($_POST['lat-min'] >= 0 AND $_POST['lat-min'] <= 59))
userError("Wrong value for <code>lat-min</code>.");
if (!($_POST['lat-sec'] >= 0 AND $_POST['lat-sec'] <= 59.999))
userError("Wrong value for <code>lat-sec</code>.");
if ($_POST['lat-dir'] !== "N" AND $_POST['lat-dir'] !== "S")
userError("Wrong value for <code>lat-dir</code>.");
if (!($_POST['lon-deg'] >= 0 AND $_POST['lon-deg'] <= 180))
userError("Wrong value for <code>lon-deg</code>.");
if (!($_POST['lon-min'] >= 0 AND $_POST['lon-min'] <= 59))
userError("Wrong value for <code>lon-min</code>.");
if (!($_POST['lon-sec'] >= 0 AND $_POST['lon-sec'] <= 59.999))
userError("Wrong value for <code>lon-sec</code>.");
if ($_POST['lon-dir'] !== "E" AND $_POST['lon-dir'] !== "W")
userError("Wrong value for <code>lon-dir</code>.");
if (!($_POST['alt'] >= -100000 AND $_POST['alt'] <= 42849672.95))
userError("Wrong value for <code>alt</code>.");
if (!($_POST['size'] >= 0 AND $_POST['size'] <= 90000000))
userError("Wrong value for <code>size</code>.");
if (!($_POST['hp'] >= 0 AND $_POST['hp'] <= 90000000))
userError("Wrong value for <code>hp</code>.");
if (!($_POST['vp'] >= 0 AND $_POST['vp'] <= 90000000))
userError("Wrong value for <code>vp</code>.");
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"LOC",
$_POST['lat-deg'],
$_POST['lat-min'],
$_POST['lat-sec'],
$_POST['lat-dir'],
$_POST['lon-deg'],
$_POST['lon-min'],
$_POST['lon-sec'],
$_POST['lon-dir'],
$_POST['alt'] . 'm',
$_POST['size'] . 'm',
$_POST['hp'] . 'm',
$_POST['vp'] . 'm',
));
success("Enregistrement ajouté");
}
?>
<p> <p>
<?= linkToDocs('record-loc', 'Documentation du type d\'enregistrement LOC') ?> <?= linkToDocs('record-loc', 'Documentation du type d\'enregistrement LOC') ?>
@ -6,7 +79,7 @@
<form method="post"> <form method="post">
<?php require "../../form.ns.php"; ?> <?php require "form.ns.php"; ?>
<fieldset> <fieldset>
<legend>Latitude</legend> <legend>Latitude</legend>
@ -82,76 +155,3 @@
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
$values = nsParseCommonRequirements();
if (empty($_POST['lat-min']))
$_POST['lat-min'] = 0;
if (empty($_POST['lat-sec']))
$_POST['lat-sec'] = 0;
if (empty($_POST['lon-min']))
$_POST['lon-min'] = 0;
if (empty($_POST['lon-sec']))
$_POST['lon-sec'] = 0;
if (empty($_POST['size']))
$_POST['size'] = 1;
if (empty($_POST['hp']))
$_POST['hp'] = 10000;
if (empty($_POST['vp']))
$_POST['vp'] = 10;
if (!($_POST['lat-deg'] >= 0 AND $_POST['lat-deg'] <= 90))
userError("Wrong value for <code>lat-deg</code>.");
if (!($_POST['lat-min'] >= 0 AND $_POST['lat-min'] <= 59))
userError("Wrong value for <code>lat-min</code>.");
if (!($_POST['lat-sec'] >= 0 AND $_POST['lat-sec'] <= 59.999))
userError("Wrong value for <code>lat-sec</code>.");
if ($_POST['lat-dir'] !== "N" AND $_POST['lat-dir'] !== "S")
userError("Wrong value for <code>lat-dir</code>.");
if (!($_POST['lon-deg'] >= 0 AND $_POST['lon-deg'] <= 180))
userError("Wrong value for <code>lon-deg</code>.");
if (!($_POST['lon-min'] >= 0 AND $_POST['lon-min'] <= 59))
userError("Wrong value for <code>lon-min</code>.");
if (!($_POST['lon-sec'] >= 0 AND $_POST['lon-sec'] <= 59.999))
userError("Wrong value for <code>lon-sec</code>.");
if ($_POST['lon-dir'] !== "E" AND $_POST['lon-dir'] !== "W")
userError("Wrong value for <code>lon-dir</code>.");
if (!($_POST['alt'] >= -100000 AND $_POST['alt'] <= 42849672.95))
userError("Wrong value for <code>alt</code>.");
if (!($_POST['size'] >= 0 AND $_POST['size'] <= 90000000))
userError("Wrong value for <code>size</code>.");
if (!($_POST['hp'] >= 0 AND $_POST['hp'] <= 90000000))
userError("Wrong value for <code>hp</code>.");
if (!($_POST['vp'] >= 0 AND $_POST['vp'] <= 90000000))
userError("Wrong value for <code>vp</code>.");
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"LOC",
$_POST['lat-deg'],
$_POST['lat-min'],
$_POST['lat-sec'],
$_POST['lat-dir'],
$_POST['lon-deg'],
$_POST['lon-min'],
$_POST['lon-sec'],
$_POST['lon-dir'],
$_POST['alt'] . 'm',
$_POST['size'] . 'm',
$_POST['hp'] . 'm',
$_POST['vp'] . 'm',
));
success("Enregistrement ajouté");

46
public/ns/mx.php
View File

@ -1,4 +1,25 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
$values = nsParseCommonRequirements();
if (!($_POST['priority'] >= 0 AND $_POST['priority'] <= 255))
userError("Wrong value for <code>priority</code>.");
$_POST['host'] = formatAbsoluteDomain($_POST['host']);
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"MX",
$_POST['priority'],
$_POST['host']
));
success("Enregistrement ajouté");
}
?>
<p> <p>
<?= linkToDocs('record-mx', 'Documentation du type d\'enregistrement MX') ?> <?= linkToDocs('record-mx', 'Documentation du type d\'enregistrement MX') ?>
@ -6,7 +27,7 @@
<form method="post"> <form method="post">
<?php require "../../form.ns.php"; ?> <?php require "form.ns.php"; ?>
<br> <br>
@ -23,24 +44,3 @@
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
$values = nsParseCommonRequirements();
if (!($_POST['priority'] >= 0 AND $_POST['priority'] <= 255))
userError("Wrong value for <code>priority</code>.");
$_POST['host'] = formatAbsoluteDomain($_POST['host']);
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"MX",
$_POST['priority'],
$_POST['host']
));
success("Enregistrement ajouté");

38
public/ns/ns.php
View File

@ -1,11 +1,28 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
$values = nsParseCommonRequirements();
$_POST['ns'] = formatAbsoluteDomain($_POST['ns']);
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"NS",
$_POST['ns']
));
success("Enregistrement ajouté");
}
?>
<p> <p>
<?= linkToDocs('record-ns', 'Documentation du type d\'enregistrement NS') ?> <?= linkToDocs('record-ns', 'Documentation du type d\'enregistrement NS') ?>
</p> </p>
<form method="post"> <form method="post">
<?php require "../../form.ns.php"; ?> <?php require "form.ns.php"; ?>
<br> <br>
<label for="ns">Serveur de nom</label> <label for="ns">Serveur de nom</label>
<br> <br>
@ -13,20 +30,3 @@
<br> <br>
<input value="Procéder" type="submit"> <input value="Procéder" type="submit">
</form> </form>
<?php
switchToFormProcess();
$values = nsParseCommonRequirements();
$_POST['ns'] = formatAbsoluteDomain($_POST['ns']);
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"NS",
$_POST['ns']
));
success("Enregistrement ajouté");

64
public/ns/print.php
View File

@ -1,4 +1,3 @@
<?php require "../../common/html.php"; ?>
<form method="post"> <form method="post">
<input type="radio" name="print" id="table" value="table" checked=""> <input type="radio" name="print" id="table" value="table" checked="">
@ -25,20 +24,19 @@ if (isset($_SESSION['username']))
<?php <?php
switchToFormProcess(); if (processForm()) {
nsCheckZonePossession($_POST['zone']);
nsCheckZonePossession($_POST['zone']); $zoneContent = file_get_contents(CONF['ns']['knot_zones_path'] . '/' . $_POST['zone'] . 'zone');
if ($zoneContent === false)
serverError("Unable to read zone file.");
$zoneContent = file_get_contents(CONF['ns']['knot_zones_path'] . '/' . $_POST['zone'] . 'zone'); if ($_POST['print'] === 'raw') {
if ($zoneContent === false) echo '<pre>' . htmlspecialchars($zoneContent) . '</pre>';
serverError("Unable to read zone file."); success();
}
if ($_POST['print'] === 'raw') { if ($_POST['print'] === 'table') { ?>
echo '<pre>' . htmlspecialchars($zoneContent) . '</pre>';
success();
}
if ($_POST['print'] === 'table') { ?>
<table> <table>
<tr> <tr>
@ -48,29 +46,29 @@ if ($_POST['print'] === 'table') { ?>
<th>Contenu</th> <th>Contenu</th>
</tr> </tr>
<?php <?php
foreach(explode("\n", $zoneContent) as $zoneLine) { foreach(explode("\n", $zoneContent) as $zoneLine) {
if (str_starts_with($zoneLine, ';')) continue; // Ignore comments if (str_starts_with($zoneLine, ';')) continue; // Ignore comments
if (empty($zoneLine)) continue; if (empty($zoneLine)) continue;
$elements = preg_split("#[\t ]+#", $zoneLine, 4); $elements = preg_split("#[\t ]+#", $zoneLine, 4);
if (!in_array($elements[2], ['CAA', 'A', 'AAAA', 'MX', 'NS', 'SRV', 'SSHFP', 'TLSA', 'TXT'], true)) continue; // Ignore records generated by Knot if (!in_array($elements[2], ['CAA', 'A', 'AAAA', 'MX', 'NS', 'SRV', 'SSHFP', 'TLSA', 'TXT'], true)) continue; // Ignore records generated by Knot
echo ' <tr>'; echo ' <tr>';
foreach ($elements as $element) foreach ($elements as $element)
echo ' <td>' . htmlspecialchars($element) . '</td>'; echo ' <td>' . htmlspecialchars($element) . '</td>';
echo ' </tr>'; echo ' </tr>';
}
echo '</table>';
} }
echo '</table>';
}
if ($_POST['print'] === 'ds') { if ($_POST['print'] === 'ds') {
$found = preg_match("#\n" . preg_quote($_POST['zone']) . "\s+0\s+CDS\s+([0-9]{1,5})\s+([0-9]{1,2})\s+([0-9])\s+([0-9A-F]{64})\n#", $zoneContent, $matches); $found = preg_match("#\n" . preg_quote($_POST['zone']) . "\s+0\s+CDS\s+([0-9]{1,5})\s+([0-9]{1,2})\s+([0-9])\s+([0-9A-F]{64})\n#", $zoneContent, $matches);
if ($found !== 1) if ($found !== 1)
serverError("Unable to get public key record from zone file."); serverError("Unable to get public key record from zone file.");
$tag = $matches[1]; $tag = $matches[1];
$algo = $matches[2]; $algo = $matches[2];
$digestType = $matches[3]; $digestType = $matches[3];
$digest = $matches[4]; $digest = $matches[4];
?> ?>
@ -98,6 +96,6 @@ if ($_POST['print'] === 'ds') {
</dl> </dl>
<?php <?php
success(); success();
}
} }
?>

62
public/ns/srv.php
View File

@ -1,4 +1,33 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
$values = nsParseCommonRequirements();
if (!($_POST['priority'] >= 0 AND $_POST['priority'] <= 65535))
userError("Wrong value for <code>priority</code>.");
if (!($_POST['weight'] >= 0 AND $_POST['weight'] <= 65535))
userError("Wrong value for <code>weight</code>.");
if (!($_POST['port'] >= 0 AND $_POST['port'] <= 65535))
userError("Wrong value for <code>port</code>.");
$_POST['target'] = formatAbsoluteDomain($_POST['target']);
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"SRV",
$_POST['priority'],
$_POST['weight'],
$_POST['port'],
$_POST['target']
));
success("Enregistrement ajouté");
}
?>
<p> <p>
<?= linkToDocs('record-srv', 'Documentation du type d\'enregistrement SRV') ?> <?= linkToDocs('record-srv', 'Documentation du type d\'enregistrement SRV') ?>
@ -6,7 +35,7 @@
<form method="post"> <form method="post">
<?php require "../../form.ns.php"; ?> <?php require "form.ns.php"; ?>
<br> <br>
@ -35,32 +64,3 @@
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
$values = nsParseCommonRequirements();
if (!($_POST['priority'] >= 0 AND $_POST['priority'] <= 65535))
userError("Wrong value for <code>priority</code>.");
if (!($_POST['weight'] >= 0 AND $_POST['weight'] <= 65535))
userError("Wrong value for <code>weight</code>.");
if (!($_POST['port'] >= 0 AND $_POST['port'] <= 65535))
userError("Wrong value for <code>port</code>.");
$_POST['target'] = formatAbsoluteDomain($_POST['target']);
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"SRV",
$_POST['priority'],
$_POST['weight'],
$_POST['port'],
$_POST['target']
));
success("Enregistrement ajouté");

56
public/ns/sshfp.php
View File

@ -1,4 +1,30 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
$values = nsParseCommonRequirements();
if (!($_POST['algo'] === "1" OR $_POST['algo'] === "3" OR $_POST['algo'] === "4"))
userError("Wrong value for <code>algo</code>.");
if (!($_POST['type'] === "2"))
userError("Wrong value for <code>type</code>.");
if (!(preg_match("/^[a-z0-9]{64}$/", $_POST['fp'])))
userError("Wrong value for <code>fp</code>.");
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"SSHFP",
$_POST['algo'],
$_POST['type'],
$_POST['fp']
));
success("Enregistrement ajouté");
}
?>
<p> <p>
<?= linkToDocs('record-sshfp', 'Documentation du type d\'enregistrement SSHFP') ?> <?= linkToDocs('record-sshfp', 'Documentation du type d\'enregistrement SSHFP') ?>
@ -6,7 +32,7 @@
<form method="post"> <form method="post">
<?php require "../../form.ns.php"; ?> <?php require "form.ns.php"; ?>
<br> <br>
@ -36,29 +62,3 @@
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
$values = nsParseCommonRequirements();
if (!($_POST['algo'] === "1" OR $_POST['algo'] === "3" OR $_POST['algo'] === "4"))
userError("Wrong value for <code>algo</code>.");
if (!($_POST['type'] === "2"))
userError("Wrong value for <code>type</code>.");
if (!(preg_match("/^[a-z0-9]{64}$/", $_POST['fp'])))
userError("Wrong value for <code>fp</code>.");
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"SSHFP",
$_POST['algo'],
$_POST['type'],
$_POST['fp']
));
success("Enregistrement ajouté");

64
public/ns/tlsa.php
View File

@ -1,4 +1,34 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
$values = nsParseCommonRequirements();
if (!($_POST['use'] >= 0 AND $_POST['use'] <= 3))
userError("Wrong value for <code>use</code>.");
if (!($_POST['selector'] === "0" OR $_POST['selector'] === "1"))
userError("Wrong value for <code>selector</code>.");
if (!($_POST['type'] >= 0 AND $_POST['type'] <= 2))
userError("Wrong value for <code>type</code>.");
if (!(preg_match("/^[a-zA-Z0-9.-]{1,1024}$/", $_POST['content'])))
userError("Wrong value for <code>content</code>.");
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"TLSA",
$_POST['use'],
$_POST['selector'],
$_POST['type'],
$_POST['content']
));
success("Enregistrement ajouté");
}
?>
<p> <p>
<?= linkToDocs('record-tlsa', 'Documentation du type d\'enregistrement TLSA') ?> <?= linkToDocs('record-tlsa', 'Documentation du type d\'enregistrement TLSA') ?>
@ -6,7 +36,7 @@
<form method="post"> <form method="post">
<?php require "../../form.ns.php"; ?> <?php require "form.ns.php"; ?>
<br> <br>
<label for="use">Utilisation</label> <label for="use">Utilisation</label>
@ -45,33 +75,3 @@
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
$values = nsParseCommonRequirements();
if (!($_POST['use'] >= 0 AND $_POST['use'] <= 3))
userError("Wrong value for <code>use</code>.");
if (!($_POST['selector'] === "0" OR $_POST['selector'] === "1"))
userError("Wrong value for <code>selector</code>.");
if (!($_POST['type'] >= 0 AND $_POST['type'] <= 2))
userError("Wrong value for <code>type</code>.");
if (!(preg_match("/^[a-zA-Z0-9.-]{1,1024}$/", $_POST['content'])))
userError("Wrong value for <code>content</code>.");
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"TLSA",
$_POST['use'],
$_POST['selector'],
$_POST['type'],
$_POST['content']
));
success("Enregistrement ajouté");

40
public/ns/txt.php
View File

@ -1,11 +1,29 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
$values = nsParseCommonRequirements();
if (!(preg_match("/^[a-zA-Z0-9 =:!%$+\/\()[\]_-]{5,8192}$/", $_POST['txt'])))
userError("Wrong value for <code>txt</code>.");
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"TXT",
"\"" . $_POST['txt'] . "\""
));
success("Enregistrement ajouté");
}
?>
<p> <p>
<?= linkToDocs('record-txt', 'Documentation du type d\'enregistrement TXT') ?> <?= linkToDocs('record-txt', 'Documentation du type d\'enregistrement TXT') ?>
</p> </p>
<form method="post"> <form method="post">
<?php require "../../form.ns.php"; ?> <?php require "form.ns.php"; ?>
<br> <br>
<label for="txt">Texte</label> <label for="txt">Texte</label>
<br> <br>
@ -13,21 +31,3 @@
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
$values = nsParseCommonRequirements();
if (!(preg_match("/^[a-zA-Z0-9 =:!%$+\/\()[\]_-]{5,8192}$/", $_POST['txt'])))
userError("Wrong value for <code>txt</code>.");
knotcZoneExec($_POST['zone'], array(
$values['domain'],
$values['ttl'],
"TXT",
"\"" . $_POST['txt'] . "\""
));
success("Enregistrement ajouté");

80
public/ns/zone-add.php
View File

@ -1,46 +1,46 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
$_POST['domain'] = formatAbsoluteDomain($_POST['domain']);
if (query('select', 'zones', ['zone' => $_POST['domain']], 'zone') !== [])
userError("Cette zone existe déjà sur ce service.");
$remoteNsRecords = array_column(dns_get_record($_POST['domain'], DNS_NS), 'target');
foreach ($remoteNsRecords as $i => $remoteNsRecord)
$remoteNsRecords[$i] = formatAbsoluteDomain($remoteNsRecord);
if (array_merge(array_diff($remoteNsRecords, CONF['ns']['servers']), array_diff(CONF['ns']['servers'], $remoteNsRecords)) !== [])
userError("Ce domaine n'a pas les bons enregistrements NS.");
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("INSERT INTO zones(zone, username) VALUES(:zone, :username)");
$stmt->bindValue(':zone', $_POST['domain']);
$stmt->bindValue(':username', $_SESSION['username']);
$stmt->execute();
$knotZonePath = CONF['ns']['knot_zones_path'] . "/" . $_POST['domain'] . "zone";
$knotZone = $_POST['domain'] . ' 3600 SOA ' . CONF['ns']['servers'][0] . ' admin.niver.test. 1 21600 7200 3628800 3600' . "\n";
foreach (CONF['ns']['servers'] as $server)
$knotZone .= $_POST['domain'] . ' 86400 NS ' . $server . "\n";
if (is_int(file_put_contents($knotZonePath, $knotZone)) !== true)
serverError("Failed to write new zone file.");
if (chmod($knotZonePath, 0660) !== true)
serverError("Failed to chmod new zone file.");
knotcConfExec([
"set 'zone[" . $_POST['domain'] . "]'",
"set 'zone[" . $_POST['domain'] . "].template' 'niver-ns'",
]);
success("La requête a été traitée.");
}
?>
<form method="post"> <form method="post">
<label for="domain">Domaine</label><br> <label for="domain">Domaine</label><br>
<input required="" placeholder="domain.<?= PLACEHOLDER_DOMAIN ?>." id="domain" name="domain" type="text"><br> <input required="" placeholder="domain.<?= PLACEHOLDER_DOMAIN ?>." id="domain" name="domain" type="text"><br>
<input value="Ajouter" type="submit"> <input value="Ajouter" type="submit">
</form> </form>
<?php
switchToFormProcess();
$_POST['domain'] = formatAbsoluteDomain($_POST['domain']);
if (query('select', 'zones', ['zone' => $_POST['domain']], 'zone') !== [])
userError("Cette zone existe déjà sur ce service.");
$remoteNsRecords = array_column(dns_get_record($_POST['domain'], DNS_NS), 'target');
foreach ($remoteNsRecords as $i => $remoteNsRecord)
$remoteNsRecords[$i] = formatAbsoluteDomain($remoteNsRecord);
if (array_merge(array_diff($remoteNsRecords, CONF['ns']['servers']), array_diff(CONF['ns']['servers'], $remoteNsRecords)) !== [])
userError("Ce domaine n'a pas les bons enregistrements NS.");
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("INSERT INTO zones(zone, username) VALUES(:zone, :username)");
$stmt->bindValue(':zone', $_POST['domain']);
$stmt->bindValue(':username', $_SESSION['username']);
$stmt->execute();
$knotZonePath = CONF['ns']['knot_zones_path'] . "/" . $_POST['domain'] . "zone";
$knotZone = $_POST['domain'] . ' 3600 SOA ' . CONF['ns']['servers'][0] . ' admin.niver.test. 1 21600 7200 3628800 3600' . "\n";
foreach (CONF['ns']['servers'] as $server)
$knotZone .= $_POST['domain'] . ' 86400 NS ' . $server . "\n";
if (is_int(file_put_contents($knotZonePath, $knotZone)) !== true)
serverError("Failed to write new zone file.");
if (chmod($knotZonePath, 0660) !== true)
serverError("Failed to chmod new zone file.");
knotcConfExec([
"set 'zone[" . $_POST['domain'] . "]'",
"set 'zone[" . $_POST['domain'] . "].template' 'niver-ns'",
]);
success("La requête a été traitée.");

22
public/ns/zone-del.php
View File

@ -1,4 +1,14 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
nsCheckZonePossession($_POST['zone']);
nsDeleteZone($_POST['zone']);
success("Zone effacée.");
}
?>
<form method="post"> <form method="post">
<label for="zone">Zone</label> <label for="zone">Zone</label>
@ -13,13 +23,3 @@ if (isset($_SESSION['username']))
<br> <br>
<input value="Supprimer toutes les données liées à cette zone" type="submit"> <input value="Supprimer toutes les données liées à cette zone" type="submit">
</form> </form>
<?php
switchToFormProcess();
nsCheckZonePossession($_POST['zone']);
nsDeleteZone($_POST['zone']);
success("Zone effacée.");

85
public/reg/ds.php
View File

@ -1,4 +1,44 @@
<?php require "../../common/html.php"; ?> <?php
if (isset($_SESSION['username']))
$domains = regListUserDomains($_SESSION['username']);
else
$domains = [];
if (processForm()) {
if (
($_POST['algo'] !== "8")
AND ($_POST['algo'] !== "13")
AND ($_POST['algo'] !== "14")
AND ($_POST['algo'] !== "15")
AND ($_POST['algo'] !== "16")
) userError("Wrong value for <code>algo</code>.");
$_POST['keytag'] = intval($_POST['keytag']);
if ((!preg_match("/^[0-9]{1,6}$/", $_POST['keytag'])) OR !($_POST['keytag'] >= 1) OR !($_POST['keytag'] <= 65535))
userError("Wrong value for <code>keytag</code>.");
if ($_POST['dt'] !== "2" AND $_POST['dt'] !== "4")
userError("Wrong value for <code>dt</code>.");
regCheckDomainPossession($_POST['zone']);
$action = checkAction($_POST['action']);
knotcZoneExec(CONF['reg']['registry'], array(
$_POST['zone'],
CONF['reg']['ttl'],
"DS",
$_POST['keytag'],
$_POST['algo'],
$_POST['dt'],
$_POST['key']
));
success("La requête a été envoyée à Knot");
}
?>
<p> <p>
Ici vous pouvez indiquer au registre l'enregistrement DS d'une zone afin de permettre de déléguer la confiance <?= linkToDocs('dnssec', 'DNSSEC') ?>. Ici vous pouvez indiquer au registre l'enregistrement DS d'une zone afin de permettre de déléguer la confiance <?= linkToDocs('dnssec', 'DNSSEC') ?>.
@ -16,12 +56,10 @@
<select required="" name="zone" id="zone"> <select required="" name="zone" id="zone">
<option value="" disabled="" selected="">---</option> <option value="" disabled="" selected="">---</option>
<?php <?php
if (isset($_SESSION['username'])) {
$domains = regListUserDomains($_SESSION['username']);
foreach($domains as $domain) foreach($domains as $domain)
echo " <option value='" . $domain . "'>" . $domain . "</option>"; echo " <option value='" . $domain . "'>" . $domain . "</option>";
}
?> ?>
</select> </select>
@ -66,38 +104,3 @@ if (isset($_SESSION['username'])) {
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
if (
($_POST['algo'] !== "8")
AND ($_POST['algo'] !== "13")
AND ($_POST['algo'] !== "14")
AND ($_POST['algo'] !== "15")
AND ($_POST['algo'] !== "16")
) userError("Wrong value for <code>algo</code>.");
$_POST['keytag'] = intval($_POST['keytag']);
if ((!preg_match("/^[0-9]{1,6}$/", $_POST['keytag'])) OR !($_POST['keytag'] >= 1) OR !($_POST['keytag'] <= 65535))
userError("Wrong value for <code>keytag</code>.");
if ($_POST['dt'] !== "2" AND $_POST['dt'] !== "4")
userError("Wrong value for <code>dt</code>.");
regCheckDomainPossession($_POST['zone']);
$action = checkAction($_POST['action']);
knotcZoneExec(CONF['reg']['registry'], array(
$_POST['zone'],
CONF['reg']['ttl'],
"DS",
$_POST['keytag'],
$_POST['algo'],
$_POST['dt'],
$_POST['key']
));
success("La requête a été envoyée à Knot");

40
public/reg/glue.php
View File

@ -1,4 +1,23 @@
<?php require "../../common/html.php"; ?> <?php
if (processform()) {
regCheckDomainPossession($_POST['suffix']);
$domain = formatAbsoluteDomain(formatEndWithDot($_POST['subdomain']) . $_POST['suffix']);
$record = checkIpFormat($_POST['ip']);
knotcZoneExec(CONF['reg']['registry'], array(
$domain,
CONF['reg']['ttl'],
$record,
$_POST['ip']
));
success("Glue record ajouté");
}
?>
<p> <p>
<?= linkToDocs('glue-record', 'Documentation sur le glue record'); ?> <?= linkToDocs('glue-record', 'Documentation sur le glue record'); ?>
@ -38,22 +57,3 @@ if (isset($_SESSION['username']))
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
regCheckDomainPossession($_POST['suffix']);
$domain = formatAbsoluteDomain(formatEndWithDot($_POST['subdomain']) . $_POST['suffix']);
$record = checkIpFormat($_POST['ip']);
knotcZoneExec(CONF['reg']['registry'], array(
$domain,
CONF['reg']['ttl'],
$record,
$_POST['ip']
));
success("Glue record ajouté");

4
public/reg/index.php
View File

@ -1,9 +1,5 @@
<?php require "../../common/html.php"; ?>
<?php displayIndex(); ?> <?php displayIndex(); ?>
<p> <p>
Ce registre permet d'obtenir un domaine se terminant par <code><?= CONF['reg']['registry'] ?></code>, par exemple <code><em>domaine</em>.<?= CONF['reg']['registry'] ?></code>. Ce registre permet d'obtenir un domaine se terminant par <code><?= CONF['reg']['registry'] ?></code>, par exemple <code><em>domaine</em>.<?= CONF['reg']['registry'] ?></code>.
</p> </p>
<?php closeHTML(); ?>

34
public/reg/ns.php
View File

@ -1,4 +1,20 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
regCheckDomainPossession($_POST['domain']);
$_POST['ns'] = formatAbsoluteDomain($_POST['ns']);
knotcZoneExec(CONF['reg']['registry'], array(
$_POST['domain'],
CONF['reg']['ttl'],
"NS",
$_POST['ns']
));
success("Modification effectuée avec succès");
}
?>
<p> <p>
<?= linkToDocs('record-ns', 'Documentation du type d\'enregistrement NS') ?> <?= linkToDocs('record-ns', 'Documentation du type d\'enregistrement NS') ?>
@ -29,19 +45,3 @@ if (isset($_SESSION['username']))
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
regCheckDomainPossession($_POST['domain']);
$_POST['ns'] = formatAbsoluteDomain($_POST['ns']);
knotcZoneExec(CONF['reg']['registry'], array(
$_POST['domain'],
CONF['reg']['ttl'],
"NS",
$_POST['ns']
));
success("Modification effectuée avec succès");

58
public/reg/print.php
View File

@ -1,5 +1,3 @@
<?php require "../../common/html.php"; ?>
<form method="post"> <form method="post">
<label for="domain">Domaine</label> <label for="domain">Domaine</label>
<select required="" name="domain" id="domain"> <select required="" name="domain" id="domain">
@ -16,36 +14,36 @@ if (isset($_SESSION['username']))
<?php <?php
switchToFormProcess(); if (processForm()) {
regCheckDomainPossession($_POST['domain']);
regCheckDomainPossession($_POST['domain']); $zoneContent = file_get_contents(CONF['reg']['registry_file']);
if ($zoneContent === false)
serverError("Unable to read registry file.");
$zoneContent = file_get_contents(CONF['reg']['registry_file']); ?>
if ($zoneContent === false) <table>
serverError("Unable to read registry file."); <tr>
<th>Domaine</th>
<th>TTL</th>
<th>Type</th>
<th>Contenu</th>
</tr>
<?php
?> foreach(explode("\n", $zoneContent) as $zoneLine) {
<table> if (str_starts_with($zoneLine, ';')) continue; // Ignore comments
<tr> if (empty($zoneLine)) continue;
<th>Domaine</th> $elements = preg_split("#[\t ]+#", $zoneLine, 4);
<th>TTL</th> if (!str_ends_with($elements[0], $_POST['domain'])) continue; // Ignore records for other domains
<th>Type</th> if (!in_array($elements[2], ['A', 'AAAA', 'NS', 'DS'], true)) continue; // Ignore records generated by Knot
<th>Contenu</th> echo " <tr>\n";
</tr> foreach ($elements as $element)
<?php echo " <td>" . htmlspecialchars($element) . "</td>\n";
echo " </tr>\n";
}
foreach(explode("\n", $zoneContent) as $zoneLine) { echo '</table>';
if (str_starts_with($zoneLine, ';')) continue; // Ignore comments
if (empty($zoneLine)) continue; success();
$elements = preg_split("#[\t ]+#", $zoneLine, 4);
if (!str_ends_with($elements[0], $_POST['domain'])) continue; // Ignore records for other domains
if (!in_array($elements[2], ['A', 'AAAA', 'NS', 'DS'], true)) continue; // Ignore records generated by Knot
echo " <tr>\n";
foreach ($elements as $element)
echo " <td>" . htmlspecialchars($element) . "</td>\n";
echo " </tr>\n";
} }
echo '</table>';
success();

48
public/reg/register.php
View File

@ -1,4 +1,27 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
if (preg_match("/" . CONF['reg']['subdomain_regex'] . "/", $_POST['subdomain']) !== 1)
userError("Erreur : Le nom de domaine doit être composé uniquement d'entre 4 et 63 lettres minuscules (a-z)");
$domain = formatAbsoluteDomain($_POST['subdomain'] . '.' . CONF['reg']['registry']);
if (query('select', 'registry', ['domain' => $domain], 'domain') !== [])
userError("Ce domaine n'est pas disponible à l'enregistrement. Il est réservé ou déjà enregistré.");
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("INSERT INTO registry(domain, username, last_renewal) VALUES(:domain, :username, :last_renewal)");
$stmt->bindValue(':domain', $domain);
$stmt->bindValue(':username', $_SESSION['username']);
$stmt->bindValue(':last_renewal', date("Y-m-d H:i:s"));
$stmt->execute();
success("Domaine ajouté au registre.");
}
?>
<p> <p>
Enregistrer un nouveau domaine sur son compte. Ce domaine doit être composé uniquement d'au moins 4 lettres latines non accentuées (a-z). Enregistrer un nouveau domaine sur son compte. Ce domaine doit être composé uniquement d'au moins 4 lettres latines non accentuées (a-z).
@ -11,26 +34,3 @@
<br> <br>
<input value="Valider" type="submit"> <input value="Valider" type="submit">
</form> </form>
<?php
switchToFormProcess();
if (preg_match("/" . CONF['reg']['subdomain_regex'] . "/", $_POST['subdomain']) !== 1)
userError("Erreur : Le nom de domaine doit être composé uniquement d'entre 4 et 63 lettres minuscules (a-z)");
$domain = formatAbsoluteDomain($_POST['subdomain'] . '.' . CONF['reg']['registry']);
if (query('select', 'registry', ['domain' => $domain], 'domain') !== [])
userError("Ce domaine n'est pas disponible à l'enregistrement. Il est réservé ou déjà enregistré.");
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("INSERT INTO registry(domain, username, last_renewal) VALUES(:domain, :username, :last_renewal)");
$stmt->bindValue(':domain', $domain);
$stmt->bindValue(':username', $_SESSION['username']);
$stmt->bindValue(':last_renewal', date("Y-m-d H:i:s"));
$stmt->execute();
success("Domaine ajouté au registre.");

22
public/reg/unregister.php
View File

@ -1,4 +1,14 @@
<?php require "../../common/html.php"; ?> <?php
if (processForm()) {
regCheckDomainPossession($_POST['domain']);
regDeleteDomain($_POST['domain']);
success("Domaine effacé du registre.");
}
?>
<form method="post"> <form method="post">
<label for="domain">Domaine</label> <label for="domain">Domaine</label>
@ -15,13 +25,3 @@ if (isset($_SESSION['username']))
<br> <br>
<input value="Effacer" type="submit"> <input value="Effacer" type="submit">
</form> </form>
<?php
switchToFormProcess();
regCheckDomainPossession($_POST['domain']);
regDeleteDomain($_POST['domain']);
success("Domaine effacé du registre.");

49
router.php Normal file
View File

@ -0,0 +1,49 @@
<?php
define("CONF", parse_ini_file(__DIR__ . "/config.ini", true, INI_SCANNER_TYPED));
foreach (array_diff(scandir(CONF['common']['root_path'] . "/fn"), array('..', '.')) as $file)
require CONF['common']['root_path'] . '/fn/' . $file;
define("DB_PATH", CONF['common']['root_path'] . "/db/niver.db");
define("PLACEHOLDER_DOMAIN", "example"); // From RFC2606: Reserved Top Level DNS Names > 2. TLDs for Testing, & Documentation Examples
define("PLACEHOLDER_IPV6", "2001:db8::3"); // From RFC3849: IPv6 Address Prefix Reserved for Documentation
define("PLACEHOLDER_IPV4", "203.0.113.42"); // From RFC5737: IPv4 Address Blocks Reserved for Documentation
if ($_SERVER['REQUEST_URI'] === '/sftpgo-auth.php')
return;
$pageAddress = substr($_SERVER['REQUEST_URI'], strlen(CONF['common']['prefix']) + 1);
if (strpos($pageAddress, "?") !== false) {
parse_str(substr($pageAddress, strpos($pageAddress, "?") + 1), $_GET);
$pageAddress = substr($pageAddress, 0, strpos($pageAddress, "?"));
}
if (substr($pageAddress, -1) === '/' OR $pageAddress === '')
$pageAddress .= 'index';
define("PAGE_ADDRESS", $pageAddress);
define("SERVICE", dirname(PAGE_ADDRESS));
define("PAGE", basename(PAGE_ADDRESS, '.php'));
require "pages.php";
if (SERVICE !== '.') {
if (!isset(TITLES[SERVICE]['index'])) {
http_response_code(404);
exit('Page not found.');
}
$page['service'] = TITLES[SERVICE]['index'];
if (PAGE !== 'index') {
if (!isset(TITLES[SERVICE][PAGE])) {
http_response_code(404);
exit('Page not found.');
}
$page['title'] = TITLES[SERVICE][PAGE];
}
}
require "html.php";
require "public/" . PAGE_ADDRESS . ".php";
closeHtml();

2
sftpgo-auth.php
View File

@ -1,6 +1,6 @@
<?php <?php
require "common/init.php"; require "router.php";
$authData = json_decode(file_get_contents("php://input"), true); $authData = json_decode(file_get_contents("php://input"), true);