/class/class.manager.php
PHP | 587 lines | 478 code | 100 blank | 9 comment | 55 complexity | 429ca133863f3635729dc5f213df0b6b MD5 | raw file
1<?php 2class manager 3{ 4 private $database; 5 6 /* **************************************** */ 7 8 function __construct ($database) 9 { 10 $this->database = $database; 11 } 12 13 function __destruct () { 14 unset($this->users, $this->domains, $this->database); 15 } 16 17 /* **************************************** */ 18 19 function addUser ($username, $password, $fullname, $email, $description, $level, $active, $maxdomains) 20 { 21 if($_SESSION['level']<10) 22 { 23 throw new Exception("No rights"); 24 return false; 25 } 26 27 $query = "INSERT INTO `users` ( `id` , `username` , `password` , `fullname` , `email` , `description` , `level` , `active` , `maxdomains`) VALUES 28 ('', '".$this->database->escape_string($username)."', '".$this->database->escape_string($password)."', '".$this->database->escape_string($fullname)."', 29 '".$this->database->escape_string($email)."', '".$this->database->escape_string($description)."', '".$this->database->escape_string($level)."', 30 '".$this->database->escape_string($active)."', '".$this->database->escape_string($maxdomains)."');"; 31 32 if($this->database->query_master($query)) 33 { 34 return mysql_insert_id(); 35 }else 36 { 37 throw new Exception($this->database->error()); 38 } 39 } 40 41 function getUser ($userId) 42 { 43 $query = "SELECT * FROM users WHERE id = '".$this->database->escape_string($userId)."'"; 44 $query = $this->database->query_slave($query) or die ($this->database->error()); 45 46 if($this->database->num_rows($query)==0) 47 { 48 return ''; 49 }else 50 { 51 return $this->database->fetch_array($query); 52 } 53 } 54 55 function updateUser ($orgUserId, $userId, $username, $password, $fullname, $email, $description, $level, $active, $maxdomains) 56 { 57 $query = "UPDATE `users` 58 SET `username`='".$this->database->escape_string($username)."', 59 `fullname`='".$this->database->escape_string($fullname)."', `email`='".$this->database->escape_string($email)."', 60 `description`='".$this->database->escape_string($description)."',"; 61 62 if($_SESSION['level']>5) 63 { 64 $query .= " `level`='".$this->database->escape_string($level)."', `active`='".$this->database->escape_string($active)."', `maxdomains`='".$this->database->escape_string($maxdomains)."',"; 65 } 66 67 if($password!="") 68 { 69 $query .= " `password`='".$this->database->escape_string(md5($password))."',"; 70 } 71 72 $query .= " `id`='".$this->database->escape_string($userId)."' 73 WHERE `id`='".$this->database->escape_string($orgUserId)."' LIMIT 1;"; 74 75 if($_SESSION['level']<5 && $_SESSION['userId']!=$orgUserId || $_SESSION['level']>=5) 76 { 77 if($this->database->query_master($query)) 78 { 79 return true; 80 }else 81 { 82 throw new Exception ($this->database->error()); 83 } 84 } 85 } 86 87 function removeUser ($userId) 88 { 89 if($_SESSION['level']>=5) 90 { 91 $query = "DELETE FROM `users` WHERE `id`='".$this->database->escape_string($userId)."' LIMIT 1;"; 92 93 if($this->database->query_master($query)) 94 { 95 return true; 96 }else 97 { 98 throw new Exception ($this->database->error()); 99 } 100 } 101 } 102 103 function removeUserData ($userId) 104 { 105 if($_SESSION['level']>=5) 106 { 107 108 $query = "DELETE FROM zones z, domains d, records r USING zones z, domains d, records r 109 WHERE z.domain_id = d.id AND 110 z.domain_id = r.domain_id AND 111 z.owner = '".$this->database->escape_string($userId)."';"; 112 113 if($this->database->query_master($query)) 114 { 115 return true; 116 }else 117 { 118 throw new Exception ($this->database->error()); 119 } 120 } 121 } 122 123 /* **************************************** */ 124 125 function addZone ($domainId, $userId, $comment) 126 { 127 if($_SESSION['level']<5) 128 { 129 $userId = $_SESSION['userId']; 130 } 131 132 $query = "INSERT INTO `zones` ( `id` , `domain_id` , `owner` , `comment` ) 133 VALUES ( NULL , '".$this->database->escape_string($domainId)."', '".$this->database->escape_string($userId)."', '".$this->database->escape_string($comment)."' );"; 134 135 if($this->database->query_master($query)) 136 { 137 return mysql_insert_id(); 138 }else 139 { 140 throw new Exception($this->database->error()); 141 } 142 } 143 144 function editZone ($domainId, $userId) 145 { 146 $query = "UPDATE `zones` SET owner='".$this->database->escape_string($userId)."' WHERE `domain_id` = '".$this->database->escape_string($domainId)."'"; 147 148 if($_SESSION['level']<5) 149 { 150 $query .= " AND owner = '".$this->database->escape_string($_SESSION['userId'])."'"; 151 } 152 153 $query .= " LIMIT 1;"; 154 155 if($this->database->query_master($query)) 156 { 157 return true; 158 }else 159 { 160 throw new Exception ($this->database->error()); 161 } 162 } 163 164 function removeZone ($zoneId) 165 { 166 $query = "DELETE FROM `zones` WHERE `id` = '".$this->database->escape_string($zoneId)."'"; 167 168 if($_SESSION['level']<5) 169 { 170 $query .= " AND owner = '".$this->database->escape_string($_SESSION['userId'])."'"; 171 } 172 173 $query .= " LIMIT 1;"; 174 175 if($this->database->query_master($query)) 176 { 177 return true; 178 }else 179 { 180 throw new Exception ($this->database->error()); 181 } 182 } 183 184 function removeZoneByDomainId ($domainId) 185 { 186 $query = "DELETE FROM `zones` WHERE `domain_id` = '".$this->database->escape_string($domainId)."'"; 187 188 if($_SESSION['level']<5) 189 { 190 $query .= " AND owner = '".$this->database->escape_string($_SESSION['userId'])."'"; 191 } 192 193 if($this->database->query_master($query)) 194 { 195 return true; 196 }else 197 { 198 throw new Exception ($this->database->error()); 199 } 200 } 201 202 /* **************************************** */ 203 204 function getDomain ($domainId) 205 { 206 $query = "SELECT * FROM domains WHERE id='".$this->database->escape_string($domainId)."'"; 207 208 $query = $this->database->query_slave($query) or die ($this->database->error()); 209 210 if($this->database->num_rows($query)==0) 211 { 212 return ''; 213 }else 214 { 215 return $this->database->fetch_array($query); 216 } 217 } 218 219 function addDomain ($name, $master, $lastCheck, $type, $notifiedSerial, $account) 220 { 221 if($_SESSION['level'] == 1) 222 { 223 if(!$this->canAddDomainCheckMax($_SESSION['userId'])) 224 { 225 throw new Exception("Max domain setting reached. Please ask your host to update your max domains setting."); 226 $error = 1; 227 } 228 } 229 230 if($error != 1) 231 { 232 $query = "INSERT INTO `domains` ( `id` , `name` , `master` , `last_check` , `type` , `notified_serial` , `account` ) VALUES 233 ('', '".$this->database->escape_string(trim($name))."', '".$this->database->escape_string($master)."' , '".$this->database->escape_string($lastCheck)."' , 234 '".$this->database->escape_string($type)."', '".$this->database->escape_string($notifiedSerial)."' , '".$this->database->escape_string($account)."');"; 235 236 if($this->database->query_master($query)) 237 { 238 return mysql_insert_id(); 239 }else 240 { 241 throw new Exception($this->database->error()); 242 } 243 } 244 } 245 246 function updateDomain ($orgDomainId, $domainId, $name, $master, $lastCheck, $type, $notifiedSerial, $account) 247 { 248 $query = "UPDATE `domains` SET `id` = '".$this->database->escape_string($domainId)."', `name` = '".$this->database->escape_string($name)."', 249 `master` = '".$this->database->escape_string($master)."', `last_check` = '".$this->database->escape_string($lastCheck)."', 250 `type` = '".$this->database->escape_string($type)."', `notified_serial` = '".$this->database->escape_string($notifiedSerial)."', 251 `account` = '".$this->database->escape_string($account)."' 252 WHERE `id` = '".$this->database->escape_string($orgDomainId)."' LIMIT 1;"; 253 254 if($this->database->query_master($query)) 255 { 256 return true; 257 }else 258 { 259 throw new Exception ($this->database->error()); 260 } 261 } 262 263 function removeDomain ($domainId) 264 { 265 $query = "DELETE FROM `domains` WHERE `id`='".$this->database->escape_string($domainId)."' LIMIT 1;"; 266 267 if($this->database->query_master($query)) 268 { 269 return true; 270 }else 271 { 272 throw new Exception ($this->database->error()); 273 } 274 } 275 276 function canAddDomainCheckMax ($userId) 277 { 278 $query = "SELECT count(owner) AS current FROM zones WHERE owner = ".$this->database->escape_string($userId); 279 $query = $this->database->query_slave($query) or die ($this->database->error()); 280 $record = $this->database->fetch_array($query); 281 282 $user = $this->getUser($userId); 283 284 if($record['current'] < $user['maxdomains'] || $user['maxdomains'] == 0) 285 { 286 return true; 287 } 288 289 return false; 290 } 291 292 function searchDomains ($q) 293 { 294 if(strlen($q)<2) // SEARCHES SMALLER THAN 2 ARE USELESS AND TAKE UP CPU :@ 295 { 296 return ''; 297 } 298 299 $return = array(); 300 $query = "SELECT d.id, d.name, count(r.id) AS records, fullname, u.id AS userId 301 FROM domains d, records r, zones z, users u 302 WHERE d.id=r.domain_id AND 303 d.id = z.domain_id AND 304 z.owner = u.id AND"; 305 306 if($_SESSION['level']==1) 307 { 308 $query .= " z.owner = '".$_SESSION['userId']."' AND"; 309 } 310 311 $query .= " d.name LIKE '%".addslashes($q)."%' 312 GROUP BY r.domain_id 313 ORDER BY name"; 314 $query = $this->database->query_slave($query) or die ($this->database->error()); 315 316 if($this->database->num_rows($query)==0) 317 { 318 return ''; 319 }else 320 { 321 while($record=$this->database->fetch_array($query)) 322 { 323 $return[] = $record; 324 } 325 326 return $return; 327 } 328 } 329 330 function getListByLetter ($letter) 331 { 332 $query = "SELECT d.id, d.name, d.name REGEXP '^".$letter."' AS regex, count(r.id) AS records, fullname, u.id AS userId 333 FROM domains d, records r, zones z, users u 334 WHERE d.id=r.domain_id AND 335 d.id = z.domain_id AND"; 336 337 if($_SESSION['level']==1) 338 { 339 $query .= " z.owner = '".$_SESSION['userId']."' AND"; 340 } 341 342 $query .= " z.owner = u.id 343 GROUP BY r.domain_id 344 HAVING regex = 1 345 ORDER BY name;"; 346 $query = $this->database->query_slave($query) or die ($this->database->error()); 347 348 if($this->database->num_rows($query)==0) 349 { 350 return ''; 351 }else 352 { 353 while($record=$this->database->fetch_array($query)) 354 { 355 $return[] = $record; 356 } 357 358 return $return; 359 } 360 } 361 362 function getListByOwner ($userId) 363 { 364 if($_SESSION['level']>=5) 365 { 366 $query = "SELECT d.id, d.name, count(r.id) AS records, fullname, u.id AS userId 367 FROM domains d, records r, zones z, users u 368 WHERE d.id=r.domain_id AND 369 d.id = z.domain_id AND 370 z.owner = u.id AND 371 z.owner = '".$userId."' 372 GROUP BY r.domain_id 373 ORDER BY name;"; 374 375 $query = $this->database->query_slave($query) or die ($this->database->error()); 376 377 if($this->database->num_rows($query)==0) 378 { 379 return ''; 380 }else 381 { 382 while($record=$this->database->fetch_array($query)) 383 { 384 $return[] = $record; 385 } 386 387 return $return; 388 } 389 } 390 } 391 392 function getAllOwners () 393 { 394 $query = "SELECT id, fullname, level FROM users ORDER BY fullname"; 395 396 $query = $this->database->query_slave($query) or die ($this->database->error()); 397 398 if($this->database->num_rows($query)==0) 399 { 400 throw new Exception("No records found"); 401 }else 402 { 403 while($record=$this->database->fetch_array($query)) 404 { 405 $return[] = $record; 406 } 407 408 return $return; 409 } 410 } 411 412 function transferDomain ($domainId, $owner) 413 { 414 if($_SESSION['level']<5) 415 { 416 throw new Exception("No rights"); 417 return false; 418 } 419 420 $query = "UPDATE zones SET owner='".$this->database->escape_string($owner)."' WHERE domain_id='".$this->database->escape_string($domainId)."'"; 421 422 if($this->database->query_master($query)) 423 { 424 return true; 425 }else 426 { 427 throw new Exception($this->database->error()); 428 return false; 429 } 430 } 431 432 /* **************************************** */ 433 434 function addRecord ($domainId, $name, $type, $content, $ttl, $prio, $changeDate) 435 { 436 $query = "INSERT INTO `records` ( `id` , `domain_id` , `name` , `type` , `content` , `ttl` , `prio` , `change_date` ) VALUES 437 ( '', '".$this->database->escape_string($domainId)."', '".$this->database->escape_string(trim($name))."', '".$this->database->escape_string($type)."', 438 '".$this->database->escape_string($content)."', '".$this->database->escape_string($ttl)."', '".$this->database->escape_string($prio)."', '".$this->database->escape_string($changeDate)."');"; 439 440 if($this->database->query_master($query)) 441 { 442 // UPDATE THE SOA SERIAL 443 $this->updateSoaSerial($domainId); 444 445 return mysql_insert_id(); 446 }else 447 { 448 throw new Exception($this->database->error()); 449 } 450 } 451 452 function updateRecord ($orgRecordId, $recordId, $domainId, $name, $type, $content, $ttl, $prio, $changeDate, $updateSerial = true) 453 { 454 $query = "UPDATE `records` SET 455 `id` = '".$this->database->escape_string($recordId)."', `domain_id` = '".$this->database->escape_string($domainId)."', 456 `name` = '".$this->database->escape_string($name)."', `type` = '".$this->database->escape_string($type)."', 457 `content` = '".$this->database->escape_string($content)."', `ttl` = '".$this->database->escape_string($ttl)."', 458 `prio` = '".$this->database->escape_string($prio)."', `change_date` = '".$this->database->escape_string($changeDate)."' 459 WHERE `id` = '".$this->database->escape_string($orgRecordId)."' LIMIT 1;"; 460 461 if($this->database->query_master($query)) 462 { 463 if($updateSerial) 464 { 465 // UPDATE THE SOA SERIAL 466 $this->updateSoaSerial($domainId); 467 } 468 469 return true; 470 }else 471 { 472 throw new Exception ($this->database->error()); 473 } 474 } 475 476 function removeRecord ($recordId, $domainId) 477 { 478 $query = "DELETE records FROM records, zones WHERE records.domain_id = zones.domain_id AND"; 479 480 if($_SESSION['level']<5) 481 { 482 $query .= " zones.owner = '".$_SESSION['userId']."' AND"; 483 } 484 485 $query .= " records.id='".$this->database->escape_string($recordId)."'"; 486 487 if($this->database->query_master($query)) 488 { 489 // UPDATE THE SOA SERIAL 490 $this->updateSoaSerial($domainId); 491 492 return true; 493 }else 494 { 495 throw new Exception ($this->database->error()); 496 } 497 } 498 499 function getAllRecords ($domainId) 500 { 501 $query = "SELECT * FROM zones z, records r 502 WHERE r.domain_id = z.domain_id AND"; 503 504 if($_SESSION['level']<5) 505 { 506 $query .= " z.owner = '".$_SESSION['userId']."' AND"; 507 } 508 509 $query .= " r.domain_id = '".$this->database->escape_string($domainId)."' 510 ORDER BY r.type DESC, r.prio ASC, r.name ASC"; 511 512 $query = $this->database->query_slave($query) or die ($this->database->error()); 513 514 if($this->database->num_rows($query)==0) 515 { 516 return ''; 517 }else 518 { 519 while($record=$this->database->fetch_array($query)) 520 { 521 $return[] = $record; 522 } 523 524 return $return; 525 } 526 } 527 528 function removeAllRecords ($domainId) 529 { 530 $query = "DELETE records FROM records, zones 531 WHERE records.domain_id = zones.domain_id AND"; 532 533 if($_SESSION['level']<5) 534 { 535 $query .= " zones.owner = '".$_SESSION['userId']."' AND"; 536 } 537 538 $query .= " records.domain_id='".$this->database->escape_string($domainId)."';"; 539 540 if($this->database->query_master($query)) 541 { 542 return true; 543 }else 544 { 545 throw new Exception ($this->database->error()); 546 } 547 } 548 549 function createNewSoaSerial () 550 { 551 return date("Ymd").'00'; 552 } 553 554 function updateSoaSerial ($domainId) 555 { 556 $query = "SELECT content FROM records WHERE domain_id='".$this->database->escape_string($domainId)."' AND type='SOA'"; 557 $query = $this->database->query_slave($query) or die ($this->database->error()); 558 $record = $this->database->fetch_array($query); 559 $soa = explode(" ", $record['content']); 560 561 if(substr($soa[2], 0, 8) != date("Ymd")) // IF THE SOA ISN'T OF TODAY THEN CREATE A NEW SOA 562 { 563 $soa[2] = $this->createNewSoaSerial(); 564 }else // SOA + 1 565 { 566 $soa[2]++; 567 } 568 569 return $this->setSoaSerial ($domainId, $soa[0], $soa[1], $soa[2]); 570 } 571 572 function setSoaSerial ($domainId, $ns0, $hostmaster, $serial) 573 { 574 $query = "UPDATE records SET content='".$this->database->escape_string($ns0." ".$hostmaster." ".$serial)."' WHERE domain_id='".$this->database->escape_string($domainId)."' AND type='SOA'"; 575 576 if($this->database->query_master($query)) 577 { 578 return true; 579 }else 580 { 581 throw new Exception ($this->database->error()); 582 } 583 } 584 585 /* **************************************** */ 586} 587?>