PageRenderTime 39ms CodeModel.GetById 18ms app.highlight 17ms RepoModel.GetById 1ms app.codeStats 0ms

/class/class.manager.php

http://freshdns.googlecode.com/
PHP | 587 lines | 478 code | 100 blank | 9 comment | 55 complexity | 429ca133863f3635729dc5f213df0b6b MD5 | raw file 
  1<?php
  2class manager
  3{
  4	private $database;
  5
  6	/* **************************************** */
  7
  8	function __construct ($database)
  9	{
 10		$this->database = $database;
 11	}
 12
 13	function __destruct () {
 14		unset($this->users, $this->domains, $this->database);
 15	}
 16
 17	/* **************************************** */
 18
 19	function addUser ($username, $password, $fullname, $email, $description, $level, $active, $maxdomains)
 20	{
 21		if($_SESSION['level']<10)
 22		{
 23			throw new Exception("No rights");
 24			return false;
 25		}
 26
 27		$query = "INSERT INTO `users` ( `id` , `username` , `password` , `fullname` , `email` , `description` , `level` , `active` , `maxdomains`) VALUES
 28		('', '".$this->database->escape_string($username)."', '".$this->database->escape_string($password)."', '".$this->database->escape_string($fullname)."',
 29		'".$this->database->escape_string($email)."', '".$this->database->escape_string($description)."', '".$this->database->escape_string($level)."',
 30		'".$this->database->escape_string($active)."', '".$this->database->escape_string($maxdomains)."');";
 31
 32		if($this->database->query_master($query))
 33		{
 34			return mysql_insert_id();
 35		}else
 36		{
 37			throw new Exception($this->database->error());
 38		}
 39	}
 40
 41	function getUser ($userId)
 42	{
 43		$query = "SELECT * FROM users WHERE id = '".$this->database->escape_string($userId)."'";
 44		$query = $this->database->query_slave($query) or die ($this->database->error());
 45
 46		if($this->database->num_rows($query)==0)
 47		{
 48			return '';
 49		}else
 50		{
 51			return $this->database->fetch_array($query);
 52		}
 53	}
 54
 55	function updateUser ($orgUserId, $userId, $username, $password, $fullname, $email, $description, $level, $active, $maxdomains)
 56	{
 57		$query = "UPDATE `users`
 58		SET `username`='".$this->database->escape_string($username)."',
 59		`fullname`='".$this->database->escape_string($fullname)."', `email`='".$this->database->escape_string($email)."',
 60		`description`='".$this->database->escape_string($description)."',";
 61
 62		if($_SESSION['level']>5)
 63		{
 64			$query .= " `level`='".$this->database->escape_string($level)."', `active`='".$this->database->escape_string($active)."', `maxdomains`='".$this->database->escape_string($maxdomains)."',";
 65		}
 66
 67		if($password!="")
 68		{
 69			$query .= " `password`='".$this->database->escape_string(md5($password))."',";
 70		}
 71
 72		$query .= " `id`='".$this->database->escape_string($userId)."'
 73		WHERE `id`='".$this->database->escape_string($orgUserId)."' LIMIT 1;";
 74
 75		if($_SESSION['level']<5 && $_SESSION['userId']!=$orgUserId || $_SESSION['level']>=5)
 76		{
 77			if($this->database->query_master($query))
 78			{
 79				return true;
 80			}else
 81			{
 82				throw new Exception ($this->database->error());
 83			}
 84		}
 85	}
 86
 87	function removeUser ($userId)
 88	{
 89		if($_SESSION['level']>=5)
 90		{
 91			$query = "DELETE FROM `users` WHERE `id`='".$this->database->escape_string($userId)."' LIMIT 1;";
 92
 93			if($this->database->query_master($query))
 94			{
 95				return true;
 96			}else
 97			{
 98				throw new Exception ($this->database->error());
 99			}
100		}
101	}
102
103	function removeUserData ($userId)
104	{
105		if($_SESSION['level']>=5)
106		{
107
108			$query = "DELETE FROM zones z, domains d, records r USING zones z, domains d, records r
109			WHERE z.domain_id = d.id AND
110			z.domain_id = r.domain_id AND
111			z.owner = '".$this->database->escape_string($userId)."';";
112
113			if($this->database->query_master($query))
114			{
115				return true;
116			}else
117			{
118				throw new Exception ($this->database->error());
119			}
120		}
121	}
122
123	/* **************************************** */
124
125	function addZone ($domainId, $userId, $comment)
126	{
127		if($_SESSION['level']<5)
128		{
129			$userId = $_SESSION['userId'];
130		}
131
132		$query = "INSERT INTO `zones` ( `id` , `domain_id` , `owner` , `comment` )
133		VALUES ( NULL , '".$this->database->escape_string($domainId)."', '".$this->database->escape_string($userId)."', '".$this->database->escape_string($comment)."' );";
134
135		if($this->database->query_master($query))
136		{
137			return mysql_insert_id();
138		}else
139		{
140			throw new Exception($this->database->error());
141		}
142	}
143
144	function editZone ($domainId, $userId)
145	{
146		$query = "UPDATE `zones` SET owner='".$this->database->escape_string($userId)."'  WHERE `domain_id` = '".$this->database->escape_string($domainId)."'";
147
148		if($_SESSION['level']<5)
149		{
150			$query .= " AND owner = '".$this->database->escape_string($_SESSION['userId'])."'";
151		}
152
153		$query .= " LIMIT 1;";
154
155		if($this->database->query_master($query))
156		{
157			return true;
158		}else
159		{
160			throw new Exception ($this->database->error());
161		}
162	}
163
164	function removeZone ($zoneId)
165	{
166		$query = "DELETE FROM `zones` WHERE `id` = '".$this->database->escape_string($zoneId)."'";
167
168		if($_SESSION['level']<5)
169		{
170			$query .= " AND owner = '".$this->database->escape_string($_SESSION['userId'])."'";
171		}
172
173		$query .= " LIMIT 1;";
174
175		if($this->database->query_master($query))
176		{
177			return true;
178		}else
179		{
180			throw new Exception ($this->database->error());
181		}
182	}
183
184	function removeZoneByDomainId ($domainId)
185	{
186		$query = "DELETE FROM `zones` WHERE `domain_id` = '".$this->database->escape_string($domainId)."'";
187
188		if($_SESSION['level']<5)
189		{
190			$query .= " AND owner = '".$this->database->escape_string($_SESSION['userId'])."'";
191		}
192
193		if($this->database->query_master($query))
194		{
195			return true;
196		}else
197		{
198			throw new Exception ($this->database->error());
199		}
200	}
201
202	/* **************************************** */
203
204	function getDomain ($domainId)
205	{
206		$query = "SELECT * FROM domains WHERE id='".$this->database->escape_string($domainId)."'";
207
208		$query = $this->database->query_slave($query) or die ($this->database->error());
209
210		if($this->database->num_rows($query)==0)
211		{
212			return '';
213		}else
214		{
215			return $this->database->fetch_array($query);
216		}
217	}
218
219	function addDomain ($name, $master, $lastCheck, $type, $notifiedSerial, $account)
220	{
221		if($_SESSION['level'] == 1)
222		{
223			if(!$this->canAddDomainCheckMax($_SESSION['userId']))
224			{
225				throw new Exception("Max domain setting reached. Please ask your host to update your max domains setting.");
226				$error = 1;
227			}
228		}
229
230		if($error != 1)
231		{
232			$query = "INSERT INTO `domains` ( `id` , `name` , `master` , `last_check` , `type` , `notified_serial` , `account` ) VALUES
233			('', '".$this->database->escape_string(trim($name))."', '".$this->database->escape_string($master)."' , '".$this->database->escape_string($lastCheck)."' ,
234			'".$this->database->escape_string($type)."', '".$this->database->escape_string($notifiedSerial)."' , '".$this->database->escape_string($account)."');";
235
236			if($this->database->query_master($query))
237			{
238				return mysql_insert_id();
239			}else
240			{
241				throw new Exception($this->database->error());
242			}
243		}
244	}
245
246	function updateDomain ($orgDomainId, $domainId, $name, $master, $lastCheck, $type, $notifiedSerial, $account)
247	{
248		$query = "UPDATE `domains` SET `id` = '".$this->database->escape_string($domainId)."', `name` = '".$this->database->escape_string($name)."',
249		`master` = '".$this->database->escape_string($master)."', `last_check` = '".$this->database->escape_string($lastCheck)."',
250		`type` = '".$this->database->escape_string($type)."', `notified_serial` = '".$this->database->escape_string($notifiedSerial)."',
251		`account` = '".$this->database->escape_string($account)."'
252		WHERE `id` = '".$this->database->escape_string($orgDomainId)."' LIMIT 1;";
253
254		if($this->database->query_master($query))
255		{
256			return true;
257		}else
258		{
259			throw new Exception ($this->database->error());
260		}
261	}
262
263	function removeDomain ($domainId)
264	{
265		$query = "DELETE FROM `domains` WHERE `id`='".$this->database->escape_string($domainId)."' LIMIT 1;";
266
267		if($this->database->query_master($query))
268		{
269			return true;
270		}else
271		{
272			throw new Exception ($this->database->error());
273		}
274	}
275
276	function canAddDomainCheckMax ($userId)
277	{
278		$query = "SELECT count(owner) AS current FROM zones WHERE owner = ".$this->database->escape_string($userId);
279		$query	= $this->database->query_slave($query) or die ($this->database->error());
280		$record = $this->database->fetch_array($query);
281
282		$user = $this->getUser($userId);
283
284		if($record['current'] < $user['maxdomains'] || $user['maxdomains'] == 0)
285		{
286			return true;
287		}
288
289		return false;
290	}
291
292	function searchDomains ($q)
293	{
294		if(strlen($q)<2) // SEARCHES SMALLER THAN 2 ARE USELESS AND TAKE UP CPU :@
295		{
296			return '';
297		}
298
299		$return = array();
300		$query	= "SELECT d.id, d.name, count(r.id) AS records, fullname, u.id AS userId
301		FROM domains d, records r, zones z, users u
302		WHERE d.id=r.domain_id AND
303		d.id = z.domain_id AND
304		z.owner = u.id AND";
305
306		if($_SESSION['level']==1)
307		{
308			$query .= " z.owner = '".$_SESSION['userId']."' AND";
309		}
310
311		$query .= " d.name LIKE '%".addslashes($q)."%'
312		GROUP BY r.domain_id
313		ORDER BY name";
314		$query	= $this->database->query_slave($query) or die ($this->database->error());
315
316		if($this->database->num_rows($query)==0)
317		{
318			return '';
319		}else
320		{
321			while($record=$this->database->fetch_array($query))
322			{
323				$return[] = $record;
324			}
325
326			return $return;
327		}
328	}
329
330	function getListByLetter ($letter)
331	{
332		$query = "SELECT d.id, d.name, d.name REGEXP '^".$letter."' AS regex, count(r.id) AS records, fullname, u.id AS userId
333		FROM domains d, records r, zones z, users u
334		WHERE d.id=r.domain_id AND
335		d.id = z.domain_id AND";
336
337		if($_SESSION['level']==1)
338		{
339			$query .= " z.owner = '".$_SESSION['userId']."' AND";
340		}
341
342		$query .= " z.owner = u.id
343		GROUP BY r.domain_id
344		HAVING regex = 1
345		ORDER BY name;";
346		$query = $this->database->query_slave($query) or die ($this->database->error());
347
348		if($this->database->num_rows($query)==0)
349		{
350			return '';
351		}else
352		{
353			while($record=$this->database->fetch_array($query))
354			{
355				$return[] = $record;
356			}
357
358			return $return;
359		}
360	}
361
362	function getListByOwner ($userId)
363	{
364		if($_SESSION['level']>=5)
365		{
366			$query = "SELECT d.id, d.name, count(r.id) AS records, fullname, u.id AS userId
367			FROM domains d, records r, zones z, users u
368			WHERE d.id=r.domain_id AND
369			d.id = z.domain_id AND
370			z.owner = u.id AND
371			z.owner = '".$userId."'
372			GROUP BY r.domain_id
373			ORDER BY name;";
374
375			$query = $this->database->query_slave($query) or die ($this->database->error());
376
377			if($this->database->num_rows($query)==0)
378			{
379				return '';
380			}else
381			{
382				while($record=$this->database->fetch_array($query))
383				{
384					$return[] = $record;
385				}
386
387				return $return;
388			}
389		}
390	}
391
392	function getAllOwners ()
393	{
394		$query = "SELECT id, fullname, level FROM users ORDER BY fullname";
395
396		$query = $this->database->query_slave($query) or die ($this->database->error());
397
398		if($this->database->num_rows($query)==0)
399		{
400			throw new Exception("No records found");
401		}else
402		{
403			while($record=$this->database->fetch_array($query))
404			{
405				$return[] = $record;
406			}
407
408			return $return;
409		}
410	}
411
412	function transferDomain ($domainId, $owner)
413	{
414		if($_SESSION['level']<5)
415		{
416			throw new Exception("No rights");
417			return false;
418		}
419
420		$query = "UPDATE zones SET owner='".$this->database->escape_string($owner)."' WHERE domain_id='".$this->database->escape_string($domainId)."'";
421
422		if($this->database->query_master($query))
423		{
424			return true;
425		}else
426		{
427			throw new Exception($this->database->error());
428			return false;
429		}
430	}
431
432	/* **************************************** */
433
434	function addRecord ($domainId, $name, $type, $content, $ttl, $prio, $changeDate)
435	{
436		$query = "INSERT INTO `records` ( `id` , `domain_id` , `name` , `type` , `content` , `ttl` , `prio` , `change_date` ) VALUES
437		( '', '".$this->database->escape_string($domainId)."', '".$this->database->escape_string(trim($name))."', '".$this->database->escape_string($type)."',
438		'".$this->database->escape_string($content)."', '".$this->database->escape_string($ttl)."', '".$this->database->escape_string($prio)."', '".$this->database->escape_string($changeDate)."');";
439
440		if($this->database->query_master($query))
441		{
442			// UPDATE THE SOA SERIAL
443			$this->updateSoaSerial($domainId);
444				
445			return mysql_insert_id();
446		}else
447		{
448			throw new Exception($this->database->error());
449		}
450	}
451
452	function updateRecord ($orgRecordId, $recordId, $domainId, $name, $type, $content, $ttl, $prio, $changeDate, $updateSerial = true)
453	{
454		$query = "UPDATE `records` SET
455		`id` = '".$this->database->escape_string($recordId)."', `domain_id` = '".$this->database->escape_string($domainId)."',
456		`name` = '".$this->database->escape_string($name)."', `type` = '".$this->database->escape_string($type)."',
457		`content` = '".$this->database->escape_string($content)."', `ttl` = '".$this->database->escape_string($ttl)."', 
458		`prio` = '".$this->database->escape_string($prio)."', `change_date` = '".$this->database->escape_string($changeDate)."'
459		WHERE `id` = '".$this->database->escape_string($orgRecordId)."' LIMIT 1;";	
460
461		if($this->database->query_master($query))
462		{
463			if($updateSerial)
464			{
465				// UPDATE THE SOA SERIAL
466				$this->updateSoaSerial($domainId);
467			}
468				
469			return true;
470		}else
471		{
472			throw new Exception ($this->database->error());
473		}
474	}
475
476	function removeRecord ($recordId, $domainId)
477	{
478		$query = "DELETE records FROM records, zones WHERE records.domain_id = zones.domain_id AND";
479
480		if($_SESSION['level']<5)
481		{
482			$query .= " zones.owner = '".$_SESSION['userId']."' AND";
483		}
484
485		$query .= " records.id='".$this->database->escape_string($recordId)."'";
486
487		if($this->database->query_master($query))
488		{
489			// UPDATE THE SOA SERIAL
490			$this->updateSoaSerial($domainId);
491				
492			return true;
493		}else
494		{
495			throw new Exception ($this->database->error());
496		}
497	}
498
499	function getAllRecords ($domainId)
500	{
501		$query = "SELECT * FROM zones z, records r
502		WHERE r.domain_id = z.domain_id AND";
503
504		if($_SESSION['level']<5)
505		{
506			$query .= " z.owner = '".$_SESSION['userId']."' AND";
507		}
508
509		$query .= " r.domain_id = '".$this->database->escape_string($domainId)."'
510		ORDER BY r.type DESC, r.prio ASC, r.name ASC";
511
512		$query = $this->database->query_slave($query) or die ($this->database->error());
513
514		if($this->database->num_rows($query)==0)
515		{
516			return '';
517		}else
518		{
519			while($record=$this->database->fetch_array($query))
520			{
521				$return[] = $record;
522			}
523
524			return $return;
525		}
526	}
527
528	function removeAllRecords ($domainId)
529	{
530		$query = "DELETE records FROM records, zones
531		WHERE records.domain_id = zones.domain_id AND";
532
533		if($_SESSION['level']<5)
534		{
535			$query .= " zones.owner = '".$_SESSION['userId']."' AND";
536		}
537
538		$query .= " records.domain_id='".$this->database->escape_string($domainId)."';";
539
540		if($this->database->query_master($query))
541		{
542			return true;
543		}else
544		{
545			throw new Exception ($this->database->error());
546		}
547	}
548
549	function createNewSoaSerial ()
550	{
551		return date("Ymd").'00';
552	}
553
554	function updateSoaSerial ($domainId)
555	{
556		$query 		= "SELECT content FROM records WHERE domain_id='".$this->database->escape_string($domainId)."' AND type='SOA'";
557		$query 		= $this->database->query_slave($query) or die ($this->database->error());
558		$record		= $this->database->fetch_array($query);
559		$soa		= explode(" ", $record['content']);
560
561		if(substr($soa[2], 0, 8) != date("Ymd")) // IF THE SOA ISN'T OF TODAY THEN CREATE A NEW SOA
562		{
563			$soa[2] = $this->createNewSoaSerial();
564		}else // SOA + 1
565		{
566			$soa[2]++;
567		}
568
569		return $this->setSoaSerial ($domainId, $soa[0], $soa[1], $soa[2]);
570	}
571
572	function setSoaSerial ($domainId, $ns0, $hostmaster, $serial)
573	{
574		$query		= "UPDATE records SET content='".$this->database->escape_string($ns0." ".$hostmaster." ".$serial)."' WHERE domain_id='".$this->database->escape_string($domainId)."' AND type='SOA'";
575
576		if($this->database->query_master($query))
577		{
578			return true;
579		}else
580		{
581			throw new Exception ($this->database->error());
582		}
583	}
584
585	/* **************************************** */
586}
587?>