servnest/fn/ns.php

<?php

function nsCommonRequirements() {
	return (isset($_POST['action'])
		AND isset($_POST['zone'])
		AND isset($_POST['ttl-value'])
		AND isset($_POST['ttl-multiplier'])
		AND isset($_SESSION['username'])
	);
}

function nsParseCommonRequirements() {
	nsCheckZonePossession($_POST['zone']);

	if (($_POST['subdomain'] === "") OR ($_POST['subdomain'] === "@"))
		$values['domain'] = $_POST['zone'];
	else
		$values['domain'] = $_POST['subdomain'] . "." . $_POST['zone'];
	checkAbsoluteDomainFormat($values['domain']);

	$values['ttl'] = $_POST['ttl-value'] * $_POST['ttl-multiplier'];

	if (!($values['ttl'] >= 300 AND $values['ttl'] <= 432000))
		userError("Le TTL doit être compris entre 5 minutes et 5 jours (entre 300 et 432000 secondes).");

	return $values;
}

function nsListUserZones($username) {
	$db = new PDO('sqlite:' . DB_PATH);
	$usernameArray[0] = $username;

	$op = $db->prepare('SELECT zone FROM zones WHERE username = ?');
	$op->execute($usernameArray);

	$zones = array();
	foreach ($op->fetchAll() as $zone)
		array_push($zones, $zone['zone']);

	return $zones;
}

function nsCheckZonePossession($submittedZone) {
	checkAbsoluteDomainFormat($submittedZone);

	$db = new PDO('sqlite:' . DB_PATH);
	$username[0] = $_SESSION['username'];

	$op = $db->prepare('SELECT zone FROM zones WHERE username = ?');
	$op->execute($username);

	$dbZone = $op->fetch()['zone'];

	while ($dbZone != NULL) {
		if ($dbZone === $submittedZone) return;
		$dbZone = $op->fetch()['zone'];
	}

	// If there is no entry in the database for the user matching the submitted zone
	userError("You don't own this zone on the nameserver.");
}