Ajout de fonctions pour la validation (fn.inc.php)

2021-02-08 12:57:32 +01:00 · 2021-02-08 12:57:32 +01:00 · f4950c9af0
parent 345f7ff879
commit f4950c9af0
24 changed files with 396 additions and 249 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+css/ 
--- a/auth/index.php
+++ b/auth/index.php
@ -5,9 +5,9 @@
 <?php } else { ?>
  Vous devez être authentifié·e pour utiliser Niver
  <br>
-  <a href="register.php">Créer un compte</a>
+  <a class="authButton" href="register.php">Créer un compte</a>
  <br>
-  <a href="login.php">Se connecter</a>
+  <a class="authButton" href="login.php">Se connecter</a>
 <?php } ?>


--- a/auth/login.php
+++ b/auth/login.php
@ -10,7 +10,7 @@
      <input type="submit">
    </form>

-    Pas de compte ? <a href="register.php">En créer un</a>
+    Pas de compte ? <a class="authButton" href="register.php">En créer un</a>

    <?php

--- a/auth/register.php
+++ b/auth/register.php
@ -10,7 +10,7 @@
      <input type="submit">
    </form>

-    Déjà un compte ? <a href="login.php">Se connecter</a>
+    Déjà un compte ? <a class="authButton" href="login.php">Se connecter</a>

    <?php

--- a/bottom.inc.php
+++ b/bottom.inc.php
@ -1,17 +1,19 @@
 <?php
 if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
-  exit("This file can't be executed directly.");
+  exit("This file is meant to be included.");
 ?>
    <br>
    <br>
    <footer>
      <small>
      <?php if (isset($_SESSION['username'])) {
-        echo "Connecté·e en tant que " . $_SESSION['username'] . "<br><a href='" . $prefixURL . "/auth/logout.php'>Se déconnecter</a>";
+        echo "Connecté·e en tant que " . $_SESSION['username'] . "<br><a class='authButton' href='" . $prefixURL . "/auth/logout.php'>Se déconnecter</a>";
      } else { ?>
        Vous n'êtes pas connecté·e à un compte Niver
      <?php } ?>
      </small>
    </footer>
+
  </body>
+
 </html>
--- a/db.inc.php
+++ b/db.inc.php
@ -1,6 +1,7 @@
 <?php
 if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
-  exit("This file can't be executed directly.");
+  exit("This file is meant to be included.");
+
 function setupDB() {
  try {
    $db = new PDO('sqlite:/var/www/nic/db/auth.db');
--- a/db/auth.db
+++ b/db/auth.db
--- a/fn.inc.php
+++ b/fn.inc.php
@ -0,0 +1,57 @@
+<?php
+if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
+  exit("This file is meant to be included.");
+
+function checkDomainValidity($domain) {
+  if (!filter_var($domain, FILTER_VALIDATE_DOMAIN))
+    exit("Erreur : ce domaine n'est pas valide !");
+}
+
+function nsCheckZonePossession($zone) {
+  checkDomainValidity($zone);
+
+  $db = new PDO('sqlite:' . DB_PATH);
+  $username[0] = $_SESSION['username'];
+
+  $req = $db->prepare('SELECT zone FROM zones WHERE username = ?');
+  $req->execute($username);
+
+  $domain = $req->fetch()['zone'];
+
+  while ($domain != NULL) {
+    if ($domain == $zone) {
+      $owned = true;
+      break;
+    }
+    $domain = $req->fetch()['zone'];
+  }
+
+  if (!$owned)
+    exit("Erreur : Vous ne possédez pas ce domaine sur le serveur de noms !");
+
+}
+
+function nicCheckDomainPossession($submittedDomain) {
+  checkDomainValidity($submittedDomain);
+
+  $db = new PDO('sqlite:' . DB_PATH);
+  $username[0] = $_SESSION['username'];
+
+  $req = $db->prepare('SELECT domain FROM registry WHERE username = ?');
+  $req->execute($username);
+
+  $dbDomain = $req->fetch()['domain'];
+
+  $owned = false;
+  while ($dbDomain != NULL) {
+    if ($dbDomain == $submittedDomain) {
+      $owned = true;
+      break;
+    }
+    $dbDomain = $req->fetch()['domain'];
+  }
+
+  if (!$owned)
+    exit("Erreur : Vous ne possédez pas ce domaine sur le registre !");
+
+}
--- a/ht/domain.php
+++ b/ht/domain.php
@ -1,15 +1,18 @@
 <?php require "../top.inc.php"; ?>
    <p>
-      Ajouter un domaine sur un dossier de site
+      Ajouter un domaine sur un dossier de site<br>
+      Le domaine doit pointer vers ces adresses IP :<br>
+      IPv4 : 45.13.104.169<br>
+      IPv6 : 2a0b:cbc0:1103:2::106f
    </p>

    <form method="post">
-      <label for="domain">Domaine sur lequel répondre :</label><br>
-      <input id="domain" name="domain" type="text"/><br>
-      <label for="dir">Dossier ciblé :</label><br>
-      <input id="dir" name="dir" type="text"/><br>
+      <label for="domain">Domaine sur lequel répondre</label><br>
+      <input required="" placeholder="site.atope.art" id="domain" name="domain" type="text"><br>
+      <label for="dir">Dossier ciblé</label><br>
+      <input required="" placeholder="monsite" id="dir" name="dir" type="text"><br>

-      <input type="submit"/>
+      <input type="submit">
    </form>

    <?php
--- a/ht/index.php
+++ b/ht/index.php
@ -1,5 +1,10 @@
 <?php require "../top.inc.php"; ?>
-
+    <a class="htButton" href="onion.php">Ajouter un accès en .onion sur un dossier</a>
+    <br>
+    <a class="htButton" href="domain.php">Ajouter un accès par domaine sur un dossier</a>
+    <br>
+    <a class="htButton" href="le.php">Installer un certificat Let's Encrypt sur un domaine</a>
+    <br><br>
    Vous pouvez vous connecter avec <code>sftp <?= $_SESSION['username'] ?>@serveur</code> et téléverser votre site dans <code>/hyper/&nbsp;nom de votre site&nbsp;</code>.
    <br><br>
    Voici les SHA256 des clés publiques su serveur :
@ -13,11 +18,4 @@

    <br><br>N'acceptez pas la connexion si elles ne correspondent pas !

-    <br><br>
-    <a href="onion.php">Ajouter un accès en .onion sur un dossier</a>
-    <br>
-    <a href="domain.php">Ajouter un accès par domaine sur un dossier</a>
-    <br>
-    <a href="le.php">Installer un certificat Let's Encrypt sur un domaine</a>
-
 <?php require "../bottom.inc.php"; ?>
--- a/ht/le.php
+++ b/ht/le.php
@ -4,10 +4,10 @@
    </p>

    <form method="post">
-      <label for="domain">Domaine sur lequel installer le certificat :</label><br>
-      <input id="domain" name="domain" type="text"/><br>
+      <label for="domain">Domaine sur lequel installer le certificat</label><br>
+      <input required="" placeholder="site.atope.art" id="domain" name="domain" type="text"><br>

-      <input type="submit"/>
+      <input type="submit">
    </form>

    <?php
--- a/index.php
+++ b/index.php
@ -3,8 +3,6 @@
 <h2><a class="nicButton" href="nic">Registre atope.art</a></h2>

 Demander l'attribution d'un sous-domaine d'atope.art
-<br>
-<a class="nicButton" href="nic">&gt; Enregistrer un domaine</a>

 <h2><a class="nsButton" href="ns">Serveurs de noms</a></h2>

--- a/less/buttons.less
+++ b/less/buttons.less
@ -1,10 +1,12 @@
-
 .button {
  border-width: 4px;
  border-style: solid;
  text-decoration: none;
  border-radius: 20px;
-  padding: 8px;
+  padding: 8px 12px 8px 12px;
+  margin: 10px;
+  margin-left: 0px;
+  display: inline-block;
 }

 .htButton {
@ -13,6 +15,9 @@
  color: @htColor;
  &:hover {
    background-color: @htColor;
+    &::selection {
+      color: @htColor;
+    }
  }
  &::selection {
    background-color: @htColor;
@ -25,6 +30,9 @@
  color: @nicColor;
  &:hover {
    background-color: @nicColor;
+    &::selection {
+      color: @nicColor;
+    }
  }
  &::selection {
    background-color: @nicColor;
@ -37,6 +45,9 @@
  color: @nsColor;
  &:hover {
    background-color: @nsColor;
+    &::selection {
+      color: @nsColor;
+    }
  }
  &::selection {
    background-color: @nsColor;
@ -49,20 +60,29 @@
  color: @authColor;
  &:hover {
    background-color: @authColor;
+    &::selection {
+      color: @authColor;
+    }
  }
  &::selection {
    background-color: @authColor;
  }
 }

-@media (prefers-color-scheme: light) {
+@media @light {
  .htButton:hover, .nicButton:hover, .nsButton:hover, .authButton:hover {
-    color: @color1;
+    color: @lightColor;
+    &::selection {
+      background-color: @lightColor;
+    }
  }
 }

-@media (prefers-color-scheme: dark) {
+@media @dark {
  .htButton:hover, .nicButton:hover, .nsButton:hover, .authButton:hover {
-    color: @color2;
+    color: @darkColor;
+    &::selection {
+      background-color: @darkColor;
+    }
  }
 }
--- a/less/form.less
+++ b/less/form.less
@ -1,4 +1,3 @@
-
 form {
  margin-left: 50px;
  margin-right: 50px;
@ -29,12 +28,36 @@ input, select {
    padding: 8px;
  }

+  @media @light {
+    background-color: @lightColor;
+    color: @darkColor;
+    border-color: @darkColor;
+  }
+
+  @media @dark {
+    background-color: @darkColor;
+    color: @lightColor;
+    border-color: @lightColor;
+  }
+
 }

 input[type=submit] {
  margin: 22px;
 }

+#password {
+  width: 24ch;
+}
+
+#username {
+  width: 16ch;
+}
+
+#keytag {
+  width: 7ch;
+}
+
 input:invalid+span:after {
  content: '✖';
  padding-left: 10px;
@ -48,20 +71,3 @@ input:valid+span:after {
 label {
  padding-top: 10px;
 }
-
-@media (prefers-color-scheme: light) {
-  input, select {
-    background-color: @color1;
-    color: @color2;
-    border-color: @color2;
-  }
-}
-
-@media (prefers-color-scheme: dark) {
-
-  input, select {
-    background-color: @color2;
-    color: @color1;
-    border-color: @color1;
-  }
-}
--- a/less/main.less
+++ b/less/main.less
@ -1,6 +1,13 @@
-@fontSize: 26px;
+@fontSize: 30px;
+
+@light: ~"(prefers-color-scheme: light)";
+@dark: ~"(prefers-color-scheme: dark)";

 html {
+  margin: 0px;
+}
+
+body {
  font-family: system-ui;
  font-size: @fontSize;
  margin-left: 20%;
@ -12,6 +19,13 @@ html {

 }

+nav {
+  display: inline-block;
+  margin-left: 20px;
+  margin-right: 20px;
+}
+
+
 footer {
  margin-left: 20%;
  margin-right: 20%;
@ -25,30 +39,54 @@ header {
  text-align: center;
 }

+h2 {
+  margin: 0px;
+  padding: 0px;
+}
+
 a {
  color: @mainColor;
+  ::selection {
+
+  }
 }

-@media (prefers-color-scheme: light) {
+@media @light {
  html {
-    background-color: @color1;
-    color: @color2;
+    background-color: @lightColor;
+    color: @darkColor;
  }

  ::selection {
-    background-color: @color2;
-    color: @color1;
+    background-color: @darkColor;
+    color: @lightColor;
  }
 }

-@media (prefers-color-scheme: dark) {
+@media @dark {
  html {
-    background-color: @color2;
-    color: @color1;
+    background-color: @darkColor;
+    color: @lightColor;
  }

  ::selection {
-    background-color: @color1;
-    color: @color2;
+    background-color: @lightColor;
+    color: @darkColor;
  }
 }
+
+/*
+.prideFlag {
+  bottom: 0px;
+  margin: 0px;
+  margin-bottom: 12px;
+  border-color: red;
+	background-color: rgba(0, 0, 0, 0);
+	background-image: linear-gradient(to right, rgb(52, 0, 60) 0%, rgb(52, 0, 60) 17%, rgb(0, 40, 137) 17%, rgb(0, 40, 137) 33%, rgb(15, 81, 33) 33%, rgb(15, 81, 33) 50%, rgb(189, 179, 61) 50%, rgb(189, 179, 61) 66%, rgb(169, 105, 34) 66%, rgb(169, 105, 34) 83%, rgb(117, 0, 0) 83%, rgb(117, 0, 0) 100%);
+	border: 0;
+	height: 16px;
+	background: #087F28;
+  background: linear-gradient(to right, #740D85 0%, #740D85 17%, #064DFE 17%, #064DFE 33%, #087F28 33%, #087F28 50%, #FEEC1A 50%, #FEEC1A 66%, #FE8B0B 66%, #FE8B0B 83%, #E20706 83%, #E20706 100% );
+  width: 100%;
+}
+*/
--- a/nic/ds.php
+++ b/nic/ds.php
@ -79,35 +79,15 @@

        if (filter_var($_POST['keytag'], FILTER_VALIDATE_INT) AND $_POST['keytag'] >= 1 AND $_POST['keytag'] <= 65535) {
          if ($_POST['dt'] == "2" OR $_POST['dt'] == "4") {
-            if (filter_var($_POST['zone'], FILTER_VALIDATE_DOMAIN)) {
-              $db = new PDO('sqlite:' . $dbPath);
-              $username[0] = $_SESSION['username'];
-
-              var_dump($username);
-
-              $req = $db->prepare('SELECT zone FROM zones WHERE username = ?');
-              $req->execute($username);
-
-              $domain = $req->fetch()['zone'];
-
-              while ($domain != NULL) {
-                if ($domain == $_POST['zone']) {
-                  $owned = true;
-                  break;
-                }
-                $domain = $req->fetch()['zone'];
-              }
-
-              if (isset($owned) AND $owned) {
-                echo "Cette zone vous appartient.";
-              } else {
-                exit("You don't own this zone");
-              }
-            } else {
-              exit("This zone is not a domain");
-            }
-
+            checkDomainValidity($_POST['zone']);
+            nsCheckZonePossession($_POST['zone']);
+            nicCheckDomainPossession($_POST['zone']);

+            exec("knotc zone-begin atope.art");
+            exec("knotc zone-set atope.art " . $_POST['zone'] . " 3600 DS " . $_POST['keytag'] . " " . $_POST['algo'] . " " . $_POST['dt'] . " " . $_POST['key']);
+            exec("knotc zone-commit atope.art");
+            //secure.example.   DS      tag=12345 alg=3 digest_type=1 <foofoo>
+            echo "La requête a été envoyée à Knot";

          } else {
            exit("Incorrect value for dt");
--- a/nic/index.php
+++ b/nic/index.php
@ -2,12 +2,12 @@
    <p>
      Ce site a pour but de permettre la création de sous-domaines d'atope.art par n'importe qui.
      <br>
-      <a href="register.php">Enregitrer un nouveau nom de domaine</a>
+      <a class="nicButton" href="register.php">Enregitrer un nouveau nom de domaine</a>
      <br>
-      <a href="ns.php">NS (Name Server)</a>
+      <a class="nicButton" href="ns.php">NS (Name Server)</a>
      <br>
-      <a href="glue.php">Glue Record</a>
+      <a class="nicButton" href="glue.php">Glue Record</a>
      <br>
-      <a href="ds.php">DS (Delegation Signer)</a>
+      <a class="nicButton" href="ds.php">DS (Delegation Signer)</a>
    </p>
 <?php include "../bottom.inc.php"; ?>
--- a/nic/ns.php
+++ b/nic/ns.php
@ -1,25 +1,61 @@
 <?php include "../top.inc.php"; ?>

-    <form method="POST" action="ns.php">
-      <label for="subdomain">Domaine :</label>
+    <form method="post">
+      <label for="action">Action</label>
+      <select name="action" id="action">
+          <option value="add">Ajouter</option>
+          <option value="delete">Retirer</option>
+      </select>
      <br>
-      <input id="subdomain" placeholder="nic" name="subdomain" type="text">.atope.art
+      <label for="domain">Domaine</label>
      <br>
-      <label for="ns">Serveur de nom :</label>
+      <select required="" name="domain" id="domain">
+        <option value="" disabled="" selected="">---</option>
+
+        <?php
+        $db = new PDO('sqlite:' . DB_PATH);
+        $username[0] = $_SESSION['username'];
+
+        var_dump($username);
+
+        $req = $db->prepare('SELECT domain FROM registry WHERE username = ?');
+        $req->execute($username);
+
+        $domain = $req->fetch()['domain'];
+
+        while ($domain != NULL) {
+          echo "<option value='" . $domain . "'>" . $domain . "</option>";
+          $domain = $req->fetch()['domain'];
+        }
+
+         ?>
+      </select>
      <br>
-      <input id="ns" placeholder="ns1.atope.art" name="ns" type="text">
+      <label for="ns">Serveur de nom</label>
+      <br>
+      <input id="ns" placeholder="ns1.atope.art." name="ns" type="text">
      <br>
      <input type="submit">
    </form>

    <?php

-    if (isset($_POST['subdomain']) AND isset($_POST['ns']) AND isset($_SESSION['username'])) {
+    if (isset($_POST['domain']) AND isset($_POST['action']) AND isset($_POST['ns']) AND isset($_SESSION['username'])) {

-      $db = new PDO('sqlite:' . $dbPath);
+      nicCheckDomainPossession($_POST['domain']);
+      checkDomainValidity($_POST['ns']);
+
+      if ($_POST['action'] == "delete")
+        $action = "un";
+      else if ($_POST['action'] == "add")
+        $action = "";
+      else
+        exit("Erreur : valeur invalide pour action");
+
+      $db = new PDO('sqlite:' . DB_PATH);
      $stmt = $db->prepare("INSERT INTO registry(domain, username, last_renewal) VALUES(:domain, :username, :last_renewal)");
      $username = $_SESSION['username'];
-      $domain = $_POST['subdomain'] . ".atope.art.";
+      $domain = $_POST['domain'];
      $time = time();
      // Bind parameters to statement variables
      $stmt->bindParam(':domain', $domain);
@ -29,7 +65,7 @@
      $stmt->execute();

      exec("knotc zone-begin atope.art");
-      exec("knotc zone-set atope.art " . $_POST['subdomain'] . ".atope.art. 200 IN NS " . $_POST['ns'] . ".");
+      exec("knotc zone-" . $action . "set atope.art " . $_POST['domain'] . " 3600 IN NS " . $_POST['ns']);
      exec("knotc zone-commit atope.art");
      echo "Modifications appliquées";
    } else {
--- a/nic/register.php
+++ b/nic/register.php
@ -1,167 +1,174 @@
 <?php include "../top.inc.php"; ?>

-    Enregistrer un nouveau domaine
+    Enregistrer la possession d'un domaine sur son compte

    <form method="post">
      <label for="subdomain">Domaine</label>
      <br>
-      <input id="subdomain" required="" placeholder="nic" name="subdomain" type="text">
+      <input id="subdomain" pattern="[a-z]{4,63}" required="" placeholder="nic" name="subdomain" type="text">.atope.art.
+      <!--
      <select required="" name="suffix">
-        <option selected="" value=".niv.re">.niv.re</option>
+        <option selected="" value=".atope.art.">.atope.art.</option>

        <optgroup label="Organisations">
-          <option value=".asso.niv.re">.asso.niv.re</option>
-          <option value=".org.niv.re">.org.niv.re</option>
+          <option value=".asso.atope.art.">.asso.atope.art.</option>
+          <option value=".org.atope.art.">.org.atope.art.</option>
        </optgroup>
        <optgroup label="Personnels">
-          <option value=".perso.niv.re">.perso.niv.re</option>
-          <option value=".blog.niv.re">.blog.niv.re</option>
-          <option value=".me.niv.re">.me.niv.re</option>
+          <option value=".perso.atope.art.">.perso.atope.art.</option>
+          <option value=".blog.atope.art.">.blog.atope.art.</option>
+          <option value=".me.atope.art.">.me.atope.art.</option>
        </optgroup>
        <optgroup label="Connaissance">
-          <option value=".edu.niv.re">.edu.niv.re</option>
-          <option value=".info.niv.re">.info.niv.re</option>
-          <option value=".wiki.niv.re">.wiki.niv.re</option>
+          <option value=".edu.atope.art.">.edu.atope.art.</option>
+          <option value=".info.atope.art.">.info.atope.art.</option>
+          <option value=".wiki.atope.art.">.wiki.atope.art.</option>
        </optgroup>
        <optgroup label="Politique">
-          <option value=".pol.niv.re">.pol.niv.re</option>
-          <option value=".libre.niv.re">.libre.niv.re</option>
-          <option value=".fem.niv.re">.fem.niv.re</option>
-          <option value=".eco.niv.re">.eco.niv.re</option>
-          <option value=".veg.niv.re">.veg.niv.re</option>
-          <option value=".anar.niv.re">.anar.niv.re</option>
-          <option value=".ancom.niv.re">.ancom.niv.re</option>
-          <option value=".acab.niv.re">.acab.niv.re</option>
-          <option value=".handi.niv.re">.handi.niv.re</option>
+          <option value=".pol.atope.art.">.pol.atope.art.</option>
+          <option value=".libre.atope.art.">.libre.atope.art.</option>
+          <option value=".fem.atope.art.">.fem.atope.art.</option>
+          <option value=".eco.atope.art.">.eco.atope.art.</option>
+          <option value=".veg.atope.art.">.veg.atope.art.</option>
+          <option value=".anar.atope.art.">.anar.atope.art.</option>
+          <option value=".ancom.atope.art.">.ancom.atope.art.</option>
+          <option value=".acab.atope.art.">.acab.atope.art.</option>
+          <option value=".handi.atope.art.">.handi.atope.art.</option>
        </optgroup>
        <optgroup label="LGBT+">
-          <option value=".queer.niv.re">.queer.niv.re</option>
-          <option value=".gay.niv.re">.gay.niv.re</option>
-          <option value=".enby.niv.re">.enby.niv.re</option>
-          <option value=".trans.niv.re">.trans.niv.re</option>
+          <option value=".queer.atope.art.">.queer.atope.art.</option>
+          <option value=".gay.atope.art.">.gay.atope.art.</option>
+          <option value=".enby.atope.art.">.enby.atope.art.</option>
+          <option value=".trans.atope.art.">.trans.atope.art.</option>
        </optgroup>
        <optgroup label="Technologie">
-          <option value=".net.niv.re">.net.niv.re</option>
-          <option value=".tech.niv.re">.tech.niv.re</option>
-          <option value=".io.niv.re">.io.niv.re</option>
-          <option value=".sec.niv.re">.sec.niv.re</option>
-          <option value=".cyber.niv.re">.cyber.niv.re</option>
-          <option value=".dev.niv.re">.dev.niv.re</option>
-          <option value=".geek.niv.re">.geek.niv.re</option>
-          <option value=".fs.niv.re">.fs.niv.re</option>
-          <option value=".ht.niv.re">.ht.niv.re</option>
-          <option value=".hyper.niv.re">.hyper.niv.re</option>
-          <option value=".git.niv.re">.git.niv.re</option>
-          <option value=".forge.niv.re">.forge.niv.re</option>
-          <option value=".code.niv.re">.code.niv.re</option>
-          <option value=".lab.niv.re">.lab.niv.re</option>
-          <option value=".labs.niv.re">.labs.niv.re</option>
-          <option value=".gemini.niv.re">.gemini.niv.re</option>
-          <option value=".gmi.niv.re">.gmi.niv.re</option>
-          <option value=".mail.niv.re">.mail.niv.re</option>
-          <option value=".ynh.niv.re">.ynh.niv.re</option>
-          <option value=".yuno.niv.re">.yuno.niv.re</option>
+          <option value=".net.atope.art.">.net.atope.art.</option>
+          <option value=".tech.atope.art.">.tech.atope.art.</option>
+          <option value=".io.atope.art.">.io.atope.art.</option>
+          <option value=".sec.atope.art.">.sec.atope.art.</option>
+          <option value=".cyber.atope.art.">.cyber.atope.art.</option>
+          <option value=".dev.atope.art.">.dev.atope.art.</option>
+          <option value=".geek.atope.art.">.geek.atope.art.</option>
+          <option value=".fs.atope.art.">.fs.atope.art.</option>
+          <option value=".ht.atope.art.">.ht.atope.art.</option>
+          <option value=".hyper.atope.art.">.hyper.atope.art.</option>
+          <option value=".git.atope.art.">.git.atope.art.</option>
+          <option value=".forge.atope.art.">.forge.atope.art.</option>
+          <option value=".code.atope.art.">.code.atope.art.</option>
+          <option value=".lab.atope.art.">.lab.atope.art.</option>
+          <option value=".labs.atope.art.">.labs.atope.art.</option>
+          <option value=".gemini.atope.art.">.gemini.atope.art.</option>
+          <option value=".gmi.atope.art.">.gmi.atope.art.</option>
+          <option value=".mail.atope.art.">.mail.atope.art.</option>
+          <option value=".ynh.atope.art.">.ynh.atope.art.</option>
+          <option value=".yuno.atope.art.">.yuno.atope.art.</option>
        </optgroup>
        <optgroup label="Fédiverse">
-          <option value=".fed.niv.re">.fed.niv.re</option>
-          <option value=".fedi.niv.re">.fedi.niv.re</option>
-          <option value=".soc.niv.re">.soc.niv.re</option>
-          <option value=".masto.niv.re">.masto.niv.re</option>
-          <option value=".plero.niv.re">.plero.niv.re</option>
-          <option value=".pix.niv.re">.pix.niv.re</option>
-          <option value=".mobi.niv.re">.mobi.niv.re</option>
+          <option value=".fed.atope.art.">.fed.atope.art.</option>
+          <option value=".fedi.atope.art.">.fedi.atope.art.</option>
+          <option value=".soc.atope.art.">.soc.atope.art.</option>
+          <option value=".masto.atope.art.">.masto.atope.art.</option>
+          <option value=".plero.atope.art.">.plero.atope.art.</option>
+          <option value=".pix.atope.art.">.pix.atope.art.</option>
+          <option value=".mobi.atope.art.">.mobi.atope.art.</option>
        </optgroup>
        <optgroup label="Sciences">
-          <option value=".sci.niv.re">.sci.niv.re</option>
-          <option value=".bio.niv.re">.bio.niv.re</option>
-          <option value=".draw.niv.re">.draw.niv.re</option>
-          <option value=".ink.niv.re">.ink.niv.re</option>
-          <option value=".audio.niv.re">.audio.niv.re</option>
+          <option value=".sci.atope.art.">.sci.atope.art.</option>
+          <option value=".bio.atope.art.">.bio.atope.art.</option>
+          <option value=".draw.atope.art.">.draw.atope.art.</option>
+          <option value=".ink.atope.art.">.ink.atope.art.</option>
+          <option value=".audio.atope.art.">.audio.atope.art.</option>
        </optgroup>
        <optgroup label="Arts">
-          <option value=".art.niv.re">.art.niv.re</option>
-          <option value=".music.niv.re">.music.niv.re</option>
-          <option value=".video.niv.re">.video.niv.re</option>
-          <option value=".draw.niv.re">.draw.niv.re</option>
-          <option value=".audio.niv.re">.audio.niv.re</option>
+          <option value=".art.atope.art.">.art.atope.art.</option>
+          <option value=".music.atope.art.">.music.atope.art.</option>
+          <option value=".video.atope.art.">.video.atope.art.</option>
+          <option value=".draw.atope.art.">.draw.atope.art.</option>
+          <option value=".audio.atope.art.">.audio.atope.art.</option>
        </optgroup>
        <optgroup label="Neurodiversité">
-          <option value=".na.niv.re">.na.niv.re</option>
-          <option value=".psy.niv.re">.psy.niv.re</option>
-          <option value=".neuro.niv.re">.neuro.niv.re</option>
-          <option value=".autism.niv.re">.autism.niv.re</option>
-          <option value=".plural.niv.re">.plural.niv.re</option>
+          <option value=".na.atope.art.">.na.atope.art.</option>
+          <option value=".psy.atope.art.">.psy.atope.art.</option>
+          <option value=".neuro.atope.art.">.neuro.atope.art.</option>
+          <option value=".autism.atope.art.">.autism.atope.art.</option>
+          <option value=".plural.atope.art.">.plural.atope.art.</option>
        </optgroup>
        <optgroup label="Couleurs">
-          <option value=".blue.niv.re">.blue.niv.re</option>
-          <option value=".red.niv.re">.red.niv.re</option>
-          <option value=".pink.niv.re">.pink.niv.re</option>
-          <option value=".green.niv.re">.green.niv.re</option>
-          <option value=".black.niv.re">.black.niv.re</option>
+          <option value=".blue.atope.art.">.blue.atope.art.</option>
+          <option value=".red.atope.art.">.red.atope.art.</option>
+          <option value=".pink.atope.art.">.pink.atope.art.</option>
+          <option value=".green.atope.art.">.green.atope.art.</option>
+          <option value=".black.atope.art.">.black.atope.art.</option>
        </optgroup>
        <optgroup label="Communauté">
-          <option value=".city.niv.re">.city.niv.re</option>
-          <option value=".town.niv.re">.town.niv.re</option>
-          <option value=".cafe.niv.re">.cafe.niv.re</option>
-          <option value=".home.niv.re">.home.niv.re</option>
-          <option value=".forum.niv.re">.forum.niv.re</option>
+          <option value=".city.atope.art.">.city.atope.art.</option>
+          <option value=".town.atope.art.">.town.atope.art.</option>
+          <option value=".cafe.atope.art.">.cafe.atope.art.</option>
+          <option value=".home.atope.art.">.home.atope.art.</option>
+          <option value=".forum.atope.art.">.forum.atope.art.</option>
        </optgroup>
        <optgroup label="Divers">
-          <option value=".dream.niv.re">.dream.niv.re</option>
-          <option value=".space.niv.re">.space.niv.re</option>
-          <option value=".forest.niv.re">.forest.niv.re</option>
-          <option value=".rain.niv.re">.rain.niv.re</option>
-          <option value=".snow.niv.re">.snow.niv.re</option>
-          <option value=".sun.niv.re">.sun.niv.re</option>
-          <option value=".earth.niv.re">.earth.niv.re</option>
-          <option value=".world.niv.re">.world.niv.re</option>
-          <option value=".soft.niv.re">.soft.niv.re</option>
-          <option value=".cute.niv.re">.cute.niv.re</option>
+          <option value=".dream.atope.art.">.dream.atope.art.</option>
+          <option value=".space.atope.art.">.space.atope.art.</option>
+          <option value=".forest.atope.art.">.forest.atope.art.</option>
+          <option value=".rain.atope.art.">.rain.atope.art.</option>
+          <option value=".snow.atope.art.">.snow.atope.art.</option>
+          <option value=".sun.atope.art.">.sun.atope.art.</option>
+          <option value=".earth.atope.art.">.earth.atope.art.</option>
+          <option value=".world.atope.art.">.world.atope.art.</option>
+          <option value=".soft.atope.art.">.soft.atope.art.</option>
+          <option value=".cute.atope.art.">.cute.atope.art.</option>
+          <option value=".cutie.atope.art.">.cutie.atope.art.</option>
        </optgroup>

-
-
      </select>

+      -->
+      <br>
      <input type="submit">
    </form>

    <?php

    if (isset($_POST['subdomain']) AND isset($_SESSION['username'])) {
-      $domain = $_POST['subdomain'] . ".niv.re.";
-      if (filter_var($domain, FILTER_VALIDATE_DOMAIN)) {
+      if (preg_match("#[a-z]{4,63}#", $_POST['subdomain'])) {
+        $domain = $_POST['subdomain'] . ".atope.art.";
+        if (filter_var($domain, FILTER_VALIDATE_DOMAIN)) {

-        $domainArray[0] = $domain;
+          $domainArray[0] = $domain;

-        $db = new PDO('sqlite:' . $dbPath);
-
-        $req = $db->prepare('SELECT domain FROM registry WHERE domain = ?');
-        $req->execute($domainArray);
-
-        $domainFound = $req->fetch()['domain'];
-
-        if (isset($domainFound)) {
-          echo "Le domaine " . $domainFound . " est déjà utilisé.";
-        } else {
          $db = new PDO('sqlite:' . $dbPath);
-          $stmt = $db->prepare("INSERT INTO registry(domain, username, last_renewal) VALUES(:domain, :username, :last_renewal)");
-          $username = $_SESSION['username'];

-          $time = time();
+          $req = $db->prepare('SELECT domain FROM registry WHERE domain = ?');
+          $req->execute($domainArray);

-          $stmt->bindParam(':domain', $domain);
-          $stmt->bindParam(':username', $username);
-          $stmt->bindParam(':last_renewal', $time);
+          $domainFound = $req->fetch()['domain'];

-          $stmt->execute();
+          if (isset($domainFound)) {
+            echo "Le domaine " . $domainFound . " est déjà utilisé.";
+          } else {
+            $db = new PDO('sqlite:' . $dbPath);
+            $stmt = $db->prepare("INSERT INTO registry(domain, username, last_renewal) VALUES(:domain, :username, :last_renewal)");
+            $username = $_SESSION['username'];

-          echo "Nouveau domaine enregistré";
+            $time = time();
+
+            $stmt->bindParam(':domain', $domain);
+            $stmt->bindParam(':username', $username);
+            $stmt->bindParam(':last_renewal', $time);
+
+            $stmt->execute();
+
+            echo "Nouveau domaine enregistré";
+          }
+
+        } else {
+          echo "Erreur : Nom de domaine invalide";
        }
-
      } else {
-        echo "Erreur : Nom de domaine invalide";
+        echo "Erreur : Le nom de domaine doit être composé d'entre 4 et 63 lettres minuscules (a-z)";
      }
+
    } else {
      echo "Rien n'a été appliqué lors du dernier chargement.";
    }
--- a/ns/index.php
+++ b/ns/index.php
@ -2,12 +2,11 @@
    <p>
      Utiliser ns1.atope.art comme serveur de noms sur ses domaines
      <br>
-      <a href="zone.php">Ajouter une zone</a>
+      <a class="nsButton" href="zone.php">Ajouter une zone</a>
      <br>
-      <a href="dnssec.php">Obtenir les enregistrements DS d'une zone</a>
+      <a class="nsButton" href="dnssec.php">Obtenir les enregistrements DS d'une zone</a>
      <br>
-      <a href="ip.php">Ajouter un enregistrement A ou AAAA à une zone</a>
-
+      <a class="nsButton" href="ip.php">Ajouter un enregistrement A ou AAAA à une zone</a>
    </p>

 <?php require "../bottom.inc.php"; ?>
--- a/ns/ip.php
+++ b/ns/ip.php
@ -39,7 +39,7 @@
      </select>
      <br>
      <label for="domain">Domaine</label><br>
-      <input id="domain" name="domain" type="text" placeholder="www.monsite.atope.art"><br>
+      <input id="domain" name="domain" type="text" placeholder="www.domaine."><br>
      <label for="ttl"><abbr title="Time To Live">TTL</abbr></label><br>
      <input id="ttl" list="ttls" name="ttl" size="10" type="number" min="600" max="604800" value="3600" placeholder="3600"><br>
      <datalist id="ttls">
@ -50,7 +50,7 @@
        <option value="604800">
      </datalist>
      <label for="ip">IP</label><br>
-      <input id="ip" name="ip" minlength="7" maxlength="39" size="40" type="text" placeholder="2a0b:cbc0:1103:2::106f"><br>
+      <input id="ip" name="ip" minlength="7" maxlength="39" size="40" type="text" placeholder="2a0b:cbc0:1103:2::106f ou 45.13.104.169"><br>
      <input value="Valider" type="submit">
    </form>

@ -82,7 +82,7 @@
        }

        exec("knotc zone-begin " . $_POST['zone']);
-        exec("knotc zone-" . $action . "set " . $_POST['zone'] . " " . $_POST['domain'] . ". 900 IN " . $record . " " . $_POST['ip']);
+        exec("knotc zone-" . $action . "set " . $_POST['zone'] . " " . $_POST['domain'] . " 900 IN " . $record . " " . $_POST['ip']);
        exec("knotc zone-commit " . $_POST['zone']);

        echo "Opération effectuée";
--- a/ns/zone.php
+++ b/ns/zone.php
@ -1,41 +1,37 @@
 <?php require "../top.inc.php"; ?>
    <p>
-      Ici vous pouvez ajouter une zone sur le serveur ns1.atope.art
+      Ici vous pouvez ajouter une zone sur le serveur ns1.atope.art.
    </p>

    <form method="post">
      <label for="domain">Domaine</label><br>
-      <input placeholder="niver.atope.art" id="domain" name="domain" type="text"/><br>
-      <input type="submit"/>
+      <input required="" placeholder="niver.atope.art." id="domain" name="domain" type="text"><br>
+      <input type="submit">
    </form>

    <?php

    if (isset($_POST['domain']) AND isset($_SESSION['username'])) {
-      if (filter_var($_POST['domain'], FILTER_VALIDATE_DOMAIN)) {
-        $db = new PDO('sqlite:' . $dbPath);
-        $stmt = $db->prepare("INSERT INTO zones(zone, username) VALUES(:zone, :username)");
-        // Bind parameters to statement variables
-        $stmt->bindParam(':zone', $_POST['domain']);
-        $stmt->bindParam(':username', $_SESSION['username']);

-        $stmt->execute();
+      checkDomainValidity($_POST['domain']);

-        exec("cp /var/lib/knot/zones/template /var/lib/knot/zones/" . $_POST['domain'] . ".zone");
-        exec("sed -i 's/maison.atope.art/" . $_POST['domain'] . "/g' /var/lib/knot/zones/" . $_POST['domain'] . ".zone");
+      $db = new PDO('sqlite:' . DB_PATH);
+      $stmt = $db->prepare("INSERT INTO zones(zone, username) VALUES(:zone, :username)");

-        exec("knotc conf-begin");
-        exec("knotc conf-set 'zone[" . $_POST['domain'] . "]'");
-        exec("knotc conf-set 'zone[" . $_POST['domain'] . "].file' '" . $_POST['domain'] . ".zone'");
-        exec("knotc conf-commit");
-        echo "Formulaire traité !!";
+      $stmt->bindParam(':zone', $_POST['domain']);
+      $stmt->bindParam(':username', $_SESSION['username']);

-      } else {
-        echo "Erreur : Le domaine n'est pas valide";
-      }
+      $stmt->execute();
+
+      exec("cp /var/lib/knot/zones/template /var/lib/knot/zones/" . $_POST['domain'] . "zone");
+      exec("sed -i 's/maison.atope.art./" . $_POST['domain'] . "/g' /var/lib/knot/zones/" . $_POST['domain'] . "zone");
+
+      exec("knotc conf-begin");
+      exec("knotc conf-set 'zone[" . $_POST['domain'] . "]'");
+      exec("knotc conf-set 'zone[" . $_POST['domain'] . "].file' '" . $_POST['domain'] . "zone'");
+      exec("knotc conf-commit");
+      echo "La requête a été traitée.";

-    } else {
-      echo "Rien n'a été reçu lors du dernière chargement";
    }


--- a/pages.inc.php
+++ b/pages.inc.php
@ -1,4 +1,6 @@
 <?php
+if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
+  exit("This file is meant to be included.");

 switch ($service) {

--- a/top.inc.php
+++ b/top.inc.php
@ -1,13 +1,14 @@
 <?php
 if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
-  exit("This file can't be executed directly.");
+  exit("This file is meant to be included.");

-session_name("niver");
 session_start([
+  'name' => 'niver',
  'sid_length' => 64,
  'cookie_secure' => true,
  'cookie_httponly' => true,
  'cookie_samesite' => 'Strict',
+  'gc_maxlifetime' => 604800,
 ]);

 $usernamePattern = "[a-z]{4,32}";
@ -24,15 +25,16 @@ if ($service != $prefixURL . "/auth" AND !isset($_SESSION['username'])) {
  exit;
 }

+define("DB_PATH", $rootPath . "/db/auth.db");
 $dbPath = $rootPath . "/db/auth.db";

 $theme = array(
  'htColor' => "#FF0000",
-  'nicColor' => "#da03e5",
+  'nicColor' => "#DA03E5",
  'authColor' => "#00FF00",
  'nsColor' => "#00FFFF",
-  'color1' => 'white',
-  'color2' => '#2a2a2a',
+  'lightColor' => '#FFFFFF',
+  'darkColor' => '#2a2a2a',
 );

 switch ($service) {
@ -53,8 +55,8 @@ switch ($service) {
  break;
 }

-
 require "pages.inc.php";
+require "fn.inc.php";

 require_once 'lessphp/lib/Less/Autoloader.php';
 Less_Autoloader::register();
@ -66,7 +68,7 @@ foreach ($relativeLessFiles as $relativeLessFile => $nothing) {
  $absoluteLessFiles[$rootPath . "/less/" . $relativeLessFile] = "";
 }

-$options = array('cache_dir' => $rootPath . '/css/', 'compress' => true);
+$options = array('cache_dir' => $rootPath . '/css/'); //, 'compress' => true
 $cssFileName = Less_Cache::Get($absoluteLessFiles, $options, $theme);

 ?>
@ -87,5 +89,6 @@ $cssFileName = Less_Cache::Get($absoluteLessFiles, $options, $theme);
      <nav>
        <a href="<?= $prefixURL ?>">Niver</a> > <a href="./"><?= $page['service'] ?></a> > <?= $page['title'] ?>
      </nav>
+
      <h1><?= $page['title'] ?></h1>
    </header>