Index: blahzdns/INSTALL
diff -c blahzdns/INSTALL:1.4 blahzdns/INSTALL:1.5
*** blahzdns/INSTALL:1.4	Sun Feb  8 10:17:50 2004
--- blahzdns/INSTALL	Wed Apr  7 19:32:38 2004
***************
*** 47,52 ****
  10) Check the outputInterfaces directory for the script to output data into the correct
  format for your DNS server package. If you donot wish to use the provided
  output interfaces please feel free to write your own.  All I ask is that you submit it to
! be included in the package.
  
  
--- 47,54 ----
  10) Check the outputInterfaces directory for the script to output data into the correct
  format for your DNS server package. If you donot wish to use the provided
  output interfaces please feel free to write your own.  All I ask is that you submit it to
! be included in the package. Once you have chosen a output Interface to use you
! can either run it manually when you make a change.  Or you can set it up to run
! in cron on an interval.
  
  
Index: blahzdns/dns.inc.php
diff -c blahzdns/dns.inc.php:1.20 blahzdns/dns.inc.php:1.21
*** blahzdns/dns.inc.php:1.20	Sat Feb  7 00:26:45 2004
--- blahzdns/dns.inc.php	Sun Apr 25 19:03:55 2004
***************
*** 253,266 ****
  	}
  	else {
  		$userid = getUserId($user);
! 		if($zonetype = "Primary" || $zonetype = "Dynamic") {
  			$query = "SELECT PUR.USERID FROM PRIMARYUSERREF PUR, USERACCOUNT UA, USERACCOUNTTYPE UAT WHERE PUR.ZONEID=$zoneid";
  			$query .= " AND PUR.USERID=$userid\n";
  			$query .= " AND UA.USERID=$userid AND UA.USERACCOUNTTYPEID=UAT.USERACCOUNTTYPEID AND UAT.NAME=\"User\"";
  		}
  		else {
! 			$query = "SELECT PUR.USERID FROM SECONDARYUSERREF SUR, USERACCOUNT UA, USERACCOUNTTYPE UAT WHERE SUR.ZONEID=$zoneid";
! 			$query .= " AND PUR.USERID=$userid\n";
  			$query .= " AND UA.USERID=$userid AND UA.USERACCOUNTTYPEID=UAT.USERACCOUNTTYPEID AND UAT.NAME=\"User\"";
  		}
  		$result=mysql_query($query,$db);
--- 253,266 ----
  	}
  	else {
  		$userid = getUserId($user);
! 		if($zonetype == "Primary" || $zonetype == "Dynamic") {
  			$query = "SELECT PUR.USERID FROM PRIMARYUSERREF PUR, USERACCOUNT UA, USERACCOUNTTYPE UAT WHERE PUR.ZONEID=$zoneid";
  			$query .= " AND PUR.USERID=$userid\n";
  			$query .= " AND UA.USERID=$userid AND UA.USERACCOUNTTYPEID=UAT.USERACCOUNTTYPEID AND UAT.NAME=\"User\"";
  		}
  		else {
! 			$query = "SELECT SUR.USERID FROM SECONDARYUSERREF SUR, USERACCOUNT UA, USERACCOUNTTYPE UAT WHERE SUR.ZONEID=$zoneid";
! 			$query .= " AND SUR.USERID=$userid\n";
  			$query .= " AND UA.USERID=$userid AND UA.USERACCOUNTTYPEID=UAT.USERACCOUNTTYPEID AND UAT.NAME=\"User\"";
  		}
  		$result=mysql_query($query,$db);
Index: blahzdns/editzone.php
diff -c blahzdns/editzone.php:1.19 blahzdns/editzone.php:1.24
*** blahzdns/editzone.php:1.19	Sat Feb 28 22:00:21 2004
--- blahzdns/editzone.php	Tue May 18 20:28:50 2004
***************
*** 215,245 ****
        }
      }
      else {
!       if($_POST['RECORD'] == "") {
! 	$_POST['RECORD'] = "@";
!       }
!       if(is_null($_POST['RECORD']) || $_POST['RECORD'] == "" ||
! 	 is_null($_POST['VALUE']) || $_POST['VALUE'] == "" ||
! 	 is_null($_POST['RECORDID']) || $_POST['RECORDID']=="") {
! 	getPage($user);
!       }
!       else {
! 	$ttl = intval($_POST['TTL']);
! 	$mx = intval($_POST['MXPRIORITY']);
  	if($ttl == 0) {
  	  $ttl = "NULL";
  	}
  	if($mx == 0) {
  	  $mx = "NULL";
  	}
! 	$query = "UPDATE RECORDS SET RECORD=\"".mysql_escape_string($_POST['RECORD'])."\",TTL=$ttl,".
! 	  "MXPRIORITY=$mx,VALUE=\"".mysql_escape_string($_POST['VALUE'])."\",MODUSER=\"$user\" WHERE RECORDID=".$_POST['RECORDID']."\n";
  	$result = mysql_query($query,$db);
  	zoneUpdated($_POST['ZONEID']);
! 	logMessage($user,$ip,"MODRECORD","Record ".mysql_escape_string($_POST['RECORD'])." modified to ".mysql_escape_string($_POST['VALUE']." for zone ".$_POST['ZONE']));
  	getPage($user);
  	echo "<BR>Success Changes Saved<BR>\n";
-       }
      }
    }
    else if(!is_null($_POST['NEW']) && $_POST['NEW'] == "New Record" && userAuthToEdit($user,$_POST['ZONEID'],$_POST['ZONETYPE'])) {
--- 215,248 ----
        }
      }
      else {
! 	$records = substr($_POST['RECORDS'],0,strlen($POST['RECORDS'])-1);
! 	$recordArray = split(',',$records);
! 	
! 	for( $k=0; $k < count($recordArray); $k++) {
! 	$record = $recordArray[$k];
! 	if($_POST[$record.'-RECORD'] == "") {
! 		$_POST[$record.'-RECORD'] = "@";
!       	 }
! 	
! 	$ttl = intval($_POST[$record.'-TTL']);
! 	$mx = intval($_POST[$record.'-MXPRIORITY']);
  	if($ttl == 0) {
  	  $ttl = "NULL";
  	}
  	if($mx == 0) {
  	  $mx = "NULL";
  	}
! 
! 	
! 	$query = "UPDATE RECORDS SET RECORD=\"".mysql_escape_string($_POST[$record.'-RECORD'])."\",TTL=$ttl,".
! 	  "MXPRIORITY=$mx,VALUE=\"".mysql_escape_string($_POST[$record.'-VALUE'])."\",MODUSER=\"$user\" WHERE RECORDID=".$record."\n";
  	$result = mysql_query($query,$db);
  	zoneUpdated($_POST['ZONEID']);
! 	logMessage($user,$ip,"MODRECORD","Record ".mysql_escape_string($_POST[$record.'-RECORD'])." modified to ".mysql_escape_string($_POST[$record.'-VALUE']." for zone ".$_POST['ZONE']));
! 	}
  	getPage($user);
+ 	
  	echo "<BR>Success Changes Saved<BR>\n";
      }
    }
    else if(!is_null($_POST['NEW']) && $_POST['NEW'] == "New Record" && userAuthToEdit($user,$_POST['ZONEID'],$_POST['ZONETYPE'])) {
***************
*** 386,418 ****
  	$zone = $myrow[0];
  		      
  	if($zonetype == "Primary") {
  	  //Setup Output Table
  	  $output = "<H1>$myrow[0]</H1>\n<TABLE BORDER=\"1\">\n";
! 	  $output .= "<TR><TD>Record</TD><TD>TTL</TD><TD>Type</TD>\n";
! 	  $output .= "<TD>MX Priority</TD><TD>Value</TD><TD>&nbsp;</TD></TR>\n";	
  	  //Perform query
  	  $query = "SELECT R.RECORDID, R.ZONEID, R.RECORDTYPEID,R.RECORD,R.TTL,R.MXPRIORITY,R.VALUE,Z.NAME ZNAME,RT.NAME RTNAME\n";
! 	  $query .= " FROM RECORDS R,ZONES Z, RECORDTYPE RT WHERE R.ZONEID=$zoneid AND Z.ZONEID=R.ZONEID AND R.RECORDTYPEID=RT.RECORDTYPEID ORDER BY RT.SORTORDER,R.RECORD,R.MXPRIORITY\n";
  	  $result = mysql_query($query,$db);
  	  if(userAuthToView($user,$zoneid,$zonetype)) {
  	    while($myrow = mysql_fetch_row($result)) {
                $deleteScript="";
                if((strtoupper($confirm) == "YES") ||(strtoupper($confirm)=="USER" && isUser($username) )) {
!                 $deleteScript = "var agree=confirm('Delete Record $myrow[3]:$myrow[8]:$myrow[6]?'); if(agree) { return true; } else { return false; }";
                }
! 					      
  	      $zone=$myrow[7];
! 	      $output .= "<FORM NAME=\"FORM$myrow[0]\" ACTION=\"editzone.php\" METHOD=\"POST\">\n" .
! 		"<TR><TD><INPUT NAME=\"RECORD\" VALUE=\"$myrow[3]\" TYPE=\"TEXT\"></TD>\n".
! 		"<TD><INPUT NAME=\"TTL\" VALUE=\"$myrow[4]\" TYPE=\"TEXT\"></TD>\n".
! 		"<TD>$myrow[8]</TD><TD><INPUT NAME=\"MXPRIORITY\" VALUE=\"$myrow[5]\" TYPE=\"TEXT\"></TD>\n".
! 		"<TD><INPUT TYPE=\"TEXT\" NAME=\"VALUE\" VALUE=\"$myrow[6]\"></TD>\n".
! 		"<TD><INPUT CLASS=\"BUTTON\" TYPE=\"SUBMIT\" NAME=\"SAVE\" VALUE=\"Save\">&nbsp;\n".
! 		"<INPUT CLASS=\"BUTTON\" TYPE=\"SUBMIT\" NAME=\"DELETE\" VALUE=\"Delete\" onClick=\"$deleteScript\"></TD></TR>\n".
! 		"<INPUT TYPE=\"HIDDEN\" NAME=\"RECORDID\" VALUE=\"$myrow[0]\">\n".
! 		"<INPUT TYPE=\"HIDDEN\" NAME=\"ZONEID\" VALUE=\"$zoneid\"><INPUT TYPE=\"HIDDEN\" NAME=\"ZONE\" VALUE=\"$myrow[7]\">".
! 		"<INPUT TYPE=\"HIDDEN\" NAME=\"ZONETYPE\" VALUE=\"$zonetype\"></FORM>\n";
  	    }
  	    $output .= "<FORM NAME=\"NEWRECORD\" ACTION=\"editzone.php\" METHOD=\"POST\">\n".
  	      "<TR><TD><INPUT NAME=\"RECORD\" VALUE=\"\" TYPE=\"TEXT\"></TD>\n".
  	      "<TD><INPUT NAME=\"TTL\" VALUE=\"\" TYPE=\"TEXT\"></TD>\n".
--- 389,451 ----
  	$zone = $myrow[0];
  		      
  	if($zonetype == "Primary") {
+ 	  $sortColumn = $_GET['SORTCOLUMN'];
+ 	  if(is_null($sortColumn)) {
+ 	  	$sortColumn=$_POST['SORTCOLUMN'];
+ 	  }
+ 	  $order=$_GET['ORDER'];
+ 	  if(is_null($order)) { 
+ 	  $order=$_POST['ORDER']; 
+ 	  }
+ 												      
  	  //Setup Output Table
  	  $output = "<H1>$myrow[0]</H1>\n<TABLE BORDER=\"1\">\n";
! 	  $output .= "<FORM NAME=\"EDITZONE\" ACTION=\"editzone.php\" METHOD=\"POST\">\n";
! 	  
! 	  $output .="<INPUT TYPE=\"HIDDEN\" NAME=\"SORTCOLUMN\" VALUE=\"$sortColumn\">\n";
! 	  $output .="<INPUT TYPE=\"HIDDEN\" NAME=\"ORDER\" VALUE=\"$order\">\n";
! 	  $output .= "<TR><TD>Record&nbsp;<a href=\"editzone.php?ZONEID=$zoneid&SORTCOLUMN=4&ORDER=ASC\"><IMG SRC=\"images/up.gif\" BORDER=\"0\"></a><a href=\"editzone.php?ZONEID=$zoneid&SORTCOLUMN=4&ORDER=DESC\"><IMG SRC=\"images/down.gif\" BORDER=\"0\"></a></TD>\n";
! 	  $output .= "<TD>TTL&nbsp;<a href=\"editzone.php?ZONEID=$zoneid&SORTCOLUMN=5&ORDER=ASC\"><IMG SRC=\"images/up.gif\" BORDER=\"0\"></a><a href=\"editzone.php?ZONEID=$zoneid&SORTCOLUMN=5&ORDER=DESC\"><IMG SRC=\"images/down.gif\" BORDER=\"0\"></a></TD>\n";
! 	  $output .= "<TD>Type&nbsp;<a href=\"editzone.php?ZONEID=$zoneid&SORTCOLUMN=3&ORDER=ASC\"><IMG SRC=\"images/up.gif\" BORDER=\"0\"></a><a href=\"editzone.php?ZONEID=$zoneid&SORTCOLUMN=3&ORDER=DESC\"><IMG SRC=\"images/down.gif\" BORDER=\"0\"></a></TD>\n";
! 	  $output .= "<TD>MX Priority&nbsp;<a href=\"editzone.php?ZONEID=$zoneid&SORTCOLUMN=6&ORDER=ASC\"><IMG SRC=\"images/up.gif\" BORDER=\"0\"></a><a href=\"editzone.php?ZONEID=$zoneid&SORTCOLUMN=6&ORDER=DESC\"><IMG SRC=\"images/down.gif\" BORDER=\"0\"></a></TD>\n";
! 	  $output .= "<TD>Value&nbsp;<a href=\"editzone.php?ZONEID=$zoneid&SORTCOLUMN=7&ORDER=ASC\"><IMG SRC=\"images/up.gif\" BORDER=\"0\"></a><a href=\"editzone.php?ZONEID=$zoneid&SORTCOLUMN=7&ORDER=DESC\"><IMG SRC=\"images/down.gif\" BORDER=\"0\"></a></TD><TD>&nbsp;</TD></TR>\n";	
  	  //Perform query
  	  $query = "SELECT R.RECORDID, R.ZONEID, R.RECORDTYPEID,R.RECORD,R.TTL,R.MXPRIORITY,R.VALUE,Z.NAME ZNAME,RT.NAME RTNAME\n";
! 	  $query .= " FROM RECORDS R,ZONES Z, RECORDTYPE RT WHERE R.ZONEID=$zoneid AND Z.ZONEID=R.ZONEID AND R.RECORDTYPEID=RT.RECORDTYPEID\n";
! 	  if(is_null($sortColumn) || $sortColumn =="" || $sortColumn=="3") {
! 		 $query .= "ORDER BY RT.SORTORDER $order ,R.RECORD,R.MXPRIORITY \n";
! 	  }
! 	  else {
! 	  	$query .= "ORDER BY $sortColumn $order,4,5 \n";
! 	  }
  	  $result = mysql_query($query,$db);
  	  if(userAuthToView($user,$zoneid,$zonetype)) {
  	    while($myrow = mysql_fetch_row($result)) {
                $deleteScript="";
                if((strtoupper($confirm) == "YES") ||(strtoupper($confirm)=="USER" && isUser($username) )) {
!                 $deleteScript = "var agree=confirm('Delete Record $myrow[3]:$myrow[8]:$myrow[6]?'); if(agree) { form.elements['RECORDID'].value=$myrow[0]; return true; } else { return false; }";
                }
! 	      else {
! 	      	$deleteScript = "form.elements['RECORDID'].value=$myrow[0];";
! 	      }
! 	      $record .= $myrow[0].",";	      
! 	      $recordId = $myrow[0];
  	      $zone=$myrow[7];
! 	      
! 	      $output .="<TR><TD><INPUT NAME=\"$recordId-RECORD\" VALUE=\"$myrow[3]\" TYPE=\"TEXT\"></TD>\n".
! 		"<TD><INPUT NAME=\"$recordId-TTL\" VALUE=\"$myrow[4]\" TYPE=\"TEXT\"></TD>\n".
! 		"<TD>$myrow[8]</TD><TD><INPUT NAME=\"$recordId-MXPRIORITY\" VALUE=\"$myrow[5]\" TYPE=\"TEXT\"></TD>\n".
! 		"<TD><INPUT TYPE=\"TEXT\" NAME=\"$recordId-VALUE\" VALUE=\"$myrow[6]\"></TD>\n".
! 		"<TD><INPUT CLASS=\"BUTTON\" TYPE=\"SUBMIT\" NAME=\"DELETE\" VALUE=\"Delete\" onClick=\"$deleteScript\"></TD></TR>\n";
  	    }
+ 	    $output .=	"<INPUT TYPE=\"HIDDEN\" NAME=\"ZONEID\" VALUE=\"$zoneid\"><INPUT TYPE=\"HIDDEN\" NAME=\"ZONE\" VALUE=\"$myrow[7]\">".
+ 		"<INPUT TYPE=\"HIDDEN\" NAME=\"ZONETYPE\" VALUE=\"$zonetype\">\n"
+ 		."<INPUT TYPE=\"HIDDEN\" NAME=\"RECORDS\" VALUE=\"$record\">\n"
+ 		."<INPUT TYPE=\"HIDDEN\" NAME=\"RECORDID\" VALUE=\"\">\n";
+ 		
+ 	    $output .= "<TR><TD>&nbsp;</TD><TD>&nbsp;</TD><TD>&nbsp;</TD><TD>&nbsp;</TD><TD>&nbsp;</TD><TD><INPUT CLASS=\"BUTTON\" TYPE=\"SUBMIT\" NAME=\"SAVE\" VALUE=\"Save\"></TD></TR>\n"; 
+  
+ 	    $output .= "</FORM>\n";
  	    $output .= "<FORM NAME=\"NEWRECORD\" ACTION=\"editzone.php\" METHOD=\"POST\">\n".
  	      "<TR><TD><INPUT NAME=\"RECORD\" VALUE=\"\" TYPE=\"TEXT\"></TD>\n".
  	      "<TD><INPUT NAME=\"TTL\" VALUE=\"\" TYPE=\"TEXT\"></TD>\n".
***************
*** 421,426 ****
--- 454,460 ----
  	      "<TD><INPUT TYPE=\"TEXT\" NAME=\"VALUE\" VALUE=\"\"></TD>\n".
  	      "<TD><INPUT CLASS=\"BUTTON\" TYPE=\"SUBMIT\" NAME=\"NEW\" VALUE=\"New Record\">\n".
  	      "</TD></TR>\n".
+ 	      "<INPUT TYPE=\"HIDDEN\" NAME=\"ZONETYPE\" VALUE=\"$zonetype\">\n".
  	      "<INPUT TYPE=\"HIDDEN\" NAME=\"ZONEID\" VALUE=\"$zoneid\"><INPUT TYPE=\"HIDDEN\" NAME=\"ZONE\" VALUE=\"$zone\"></FORM>\n";
  	    echo $output."</TABLE>\n";
  	  }
***************
*** 443,448 ****
--- 477,483 ----
  	      "</TD><TD><INPUT TYPE=\"SUBMIT\" NAME=\"SAVE\" VALUE=\"Save\" onClick=\"$JS\">\n".
  	      "<INPUT TYPE=\"HIDDEN\" NAME=\"ZONE\" VALUE=\"$zone\">\n".
  	      "<INPUT TYPE=\"HIDDEN\" NAME=\"ACTION\" VALUE=\"UPDATESEC\">\n".
+ 	      "<INPUT TYPE=\"HIDDEN\" NAME=\"ZONETYPE\" VALUE=\"$zonetype\">\n".
  	      "</TD></TR></FORM></TABLE>\n";
  	    echo $output;
  	  }
Index: blahzdns/vars.php
diff -c blahzdns/vars.php:1.8 blahzdns/vars.php:1.9
*** blahzdns/vars.php:1.8	Thu Nov 27 18:44:51 2003
--- blahzdns/vars.php	Wed Apr  7 18:33:07 2004
***************
*** 4,22 ****
  
  
  //This variable holds our SQL username
! $dbuser = "";
  
  
  //This variable holds our SQL password
  $dbpass = "";
  
  //This variable holds our SQL DB Name
! $dbname = "dnstest2";
  
  
  //This Variable holds our crypt method
  //If you don't know what you're doing DO NOT TOUCH THIS
  //See README file Section on crypt method
  //Valid options "crypt" & "mcrypt"
! $cryptMethod = "mcrypt";
  ?>
--- 4,22 ----
  
  
  //This variable holds our SQL username
! $dbuser = "root";
  
  
  //This variable holds our SQL password
  $dbpass = "";
  
  //This variable holds our SQL DB Name
! $dbname = "blahzdns";
  
  
  //This Variable holds our crypt method
  //If you don't know what you're doing DO NOT TOUCH THIS
  //See README file Section on crypt method
  //Valid options "crypt" & "mcrypt"
! $cryptMethod = "crypt";
  ?>
Index: blahzdns/images/down.gif
Index: blahzdns/images/up.gif
Index: blahzdns/outputInterfaces/bind9.py
diff -c blahzdns/outputInterfaces/bind9.py:1.2 blahzdns/outputInterfaces/bind9.py:1.6
*** blahzdns/outputInterfaces/bind9.py:1.2	Wed Feb  4 15:43:18 2004
--- blahzdns/outputInterfaces/bind9.py	Fri May 21 07:29:57 2004
***************
*** 134,140 ****
  	  output.write("\ttype master;\n")
  	  val = zoHash.get("2")
  	  if val != None:
! 	    output.write("\talso-notify {"+string.replace(val,",","; ")+"};\n")
  	  
  	  val = zoHash.get("3")
  	  if val != None:
--- 134,140 ----
  	  output.write("\ttype master;\n")
  	  val = zoHash.get("2")
  	  if val != None:
! 	    output.write("\talso-notify {"+string.replace(val,",","; ")+";};\n")
  	  
  	  val = zoHash.get("3")
  	  if val != None:
***************
*** 252,258 ****
  	    #Handle CNAME Records
  	    if type == 'CNAME':
  	      if(ttl == None):
! 	        ttl=globalttyl
  	      else:
  	        ttl = ttl.__str__()
  	      #output.write("C"+record+":"+value+ttl+"\n")
--- 252,258 ----
  	    #Handle CNAME Records
  	    if type == 'CNAME':
  	      if(ttl == None):
! 	        ttl=globalttl
  	      else:
  	        ttl = ttl.__str__()
  	      #output.write("C"+record+":"+value+ttl+"\n")
***************
*** 289,295 ****
  	  output.write("\ttype slave;\n")
  	  val = zoHash.get("2")
            if val != None:
!             output.write("\talso-notify {"+string.replace(val,",","; ")+"};\n")
              val = zoHash.get("3")
            if val != None:
              if(val[len(val)-1] != "/"):
--- 289,295 ----
  	  output.write("\ttype slave;\n")
  	  val = zoHash.get("2")
            if val != None:
!             output.write("\talso-notify {"+string.replace(val,",","; ")+";};\n")
              val = zoHash.get("3")
            if val != None:
              if(val[len(val)-1] != "/"):
***************
*** 338,343 ****
--- 338,344 ----
  	result = c.fetchall()
  	for name,value in result:
  	  configHash[name] = value
+ 	  configHash[name] = string.replace(configHash[name],"\\\"","\"")
  	return configHash
  	  
  if __name__ == "__main__":
Index: blahzdns/outputInterfaces/tinydns.py
diff -c blahzdns/outputInterfaces/tinydns.py:1.10 blahzdns/outputInterfaces/tinydns.py:1.12
*** blahzdns/outputInterfaces/tinydns.py:1.10	Fri Jan  9 17:25:27 2004
--- blahzdns/outputInterfaces/tinydns.py	Mon Apr 26 12:51:14 2004
***************
*** 275,280 ****
--- 275,281 ----
  	result = c.fetchall()
  	for name,value in result:
  	  configHash[name] = value
+ 	  configHash[name] = string.replace(configHash[name],"\\\"","\"")
  	return configHash
  	  
  if __name__ == "__main__":