Bill Shupp wrote: > > Thanks for all your feedback. I'll be back to work on this stuff early > this week, and will review all the changes and get them tested and > hopefully integrated.
You may as well start with the attached patch - this is a diff from 0.9.9.1 against my current working version. It contains the following fixes: axfr-get.php ============ Add "-R" to the tcpclient command. This stops tcpclient looking up TCPREMOTEINFO which is often not available and simply causes the tcpclient command to hang until it times out (default 26 seconds) index.php ========= Turn on Full error reporting (E_ALL) This is useful for debugging when evaluating vegadns but should be disabled in production. create_tables.php ================= Add quotes to md5() function when creating default password. VegaDNS wouldn't work for me without this. Identified by Bob Hutchinson. domains.php =========== Add checks for default_ns and default_soa being present in the $_REQUEST array before accessing them. This prevents php warning notices in the form: Notice: Undefined index: default_soa in /var/www/vegadns/vegadns-0.9.9.1/src/domains.php on line 534 functions.php ============= Removed MD5 function from query in authenticate_user function Added several checks for array elements being set before attempting to access them to prevent php warning notices. Set a default value for $out_array in the parse_dataline function. This prevents php warning notices in the form: Notice: Undefined index: out_array in /var/www/vegadns/vegadns-0.9.9.1/src/functions.php on line 433 R.
diff -ur --exclude=config.php vegadns-0.9.9.1/axfr_get.php vegadns-0.9.9.1-working/axfr_get.php --- vegadns-0.9.9.1/axfr_get.php 2005-02-04 00:07:16.000000000 +0000 +++ vegadns-0.9.9.1-working/axfr_get.php 2006-04-25 01:23:48.000000000 +0100 @@ -45,7 +45,7 @@ $rand = rand(); $file = "/tmp/$domain.$rand"; -$command = "/usr/local/bin/tcpclient '".escapeshellcmd($hostname)."' 53 /usr/local/bin/axfr-get '".escapeshellcmd($domain)."' $file $file.tmp 2>&1"; +$command = "/usr/local/bin/tcpclient -R '".escapeshellcmd($hostname)."' 53 /usr/local/bin/axfr-get '".escapeshellcmd($domain)."' $file $file.tmp 2>&1"; exec($command, $out); // Print any errors first diff -ur --exclude=config.php vegadns-0.9.9.1/index.php vegadns-0.9.9.1-working/index.php --- vegadns-0.9.9.1/index.php 2005-09-10 17:49:22.000000000 +0100 +++ vegadns-0.9.9.1-working/index.php 2006-03-29 20:26:44.000000000 +0100 @@ -23,6 +23,7 @@ ini_set('log_errors', 1); ini_set('allow_url_fopen', 0); ini_set('session.use_cookies',0); +ini_set('error_reporting', E_ALL); // Check that register_globals is off if(ini_get('register_globals')) { diff -ur --exclude=config.php vegadns-0.9.9.1/src/create_tables.php vegadns-0.9.9.1-working/src/create_tables.php --- vegadns-0.9.9.1/src/create_tables.php 2005-02-04 00:05:34.000000000 +0000 +++ vegadns-0.9.9.1-working/src/create_tables.php 2006-03-29 20:28:51.000000000 +0100 @@ -40,7 +40,7 @@ ) TYPE=MyISAM"; mysql_query($q) or die(mysql_error()); -$q = "INSERT INTO accounts VALUES (0,0,'test@test.com','".md5(test)."','Test','User','','senior_admin','active')"; +$q = "INSERT INTO accounts VALUES (0,0,'test@test.com','".md5('test')."','Test','User','','senior_admin','active')"; mysql_query($q) or die(mysql_error()."<br>".$q); $q = "CREATE TABLE active_sessions ( diff -ur --exclude=config.php vegadns-0.9.9.1/src/domains.php vegadns-0.9.9.1-working/src/domains.php --- vegadns-0.9.9.1/src/domains.php 2005-09-10 12:35:33.000000000 +0100 +++ vegadns-0.9.9.1-working/src/domains.php 2006-04-30 18:27:45.000000000 +0100 @@ -531,10 +531,10 @@ $counter = 0; // default SOA and NS - if ($_REQUEST['default_soa']=="on") + if (isset($_REQUEST['default_soa']) && $_REQUEST['default_soa']=="on") $def_soa=mysql_fetch_array( mysql_query("SELECT host,val FROM default_records WHERE type='S'")); - if ($_REQUEST['default_ns']=="on") { + if (isset($_REQUEST['default_ns']) && $_REQUEST['default_ns']=="on") { $q=mysql_query("SELECT host,val,distance,ttl FROM default_records WHERE type='N'"); while ($l = mysql_fetch_array($q)) $def_ns[]=$l; @@ -582,11 +582,11 @@ if($line_key != 'domain' && !ereg("^#", $value)) { $result = parse_dataline($value); if(is_array($result)) { - if (($_REQUEST['default_soa']=="on") && ($result['type']=='S')) { + if ((isset($_REQUEST['default_soa']) && $_REQUEST['default_soa']=="on") && ($result['type']=='S')) { $result['val']=$def_soa['val']; $result['host']=$def_soa['host']; } - if (($_REQUEST['default_ns']!="on") || ($result['type']!='N')) { + if ((isset($_REQUEST['default_ns']) && $_REQUEST['default_ns']!="on") || ($result['type']!='N')) { $q = "insert into records (domain_id,host,type,val,distance,ttl) values( @@ -601,7 +601,7 @@ } } } - if ($_REQUEST['default_ns']=="on") { + if (isset($_REQUEST['default_ns']) && $_REQUEST['default_ns']=="on") { $counter=0; while ($ns = $def_ns[$counter]) { $host = ereg_replace("DOMAIN", $domain, $ns['host']); diff -ur --exclude=config.php vegadns-0.9.9.1/src/functions.php vegadns-0.9.9.1-working/src/functions.php --- vegadns-0.9.9.1/src/functions.php 2005-09-10 17:48:07.000000000 +0100 +++ vegadns-0.9.9.1-working/src/functions.php 2006-04-30 18:38:50.000000000 +0100 @@ -35,7 +35,7 @@ mysql_query("delete from active_sessions where time < $oldsessions"); $result = mysql_query("select Email from accounts where Email='".mysql_real_escape_string(strtolower($email))."' and - Password='".md5($password)."' and + Password='".$password."' and Status='active' LIMIT 1") or die(mysql_error()); $resultarray = mysql_fetch_array($result); if($resultarray['Email'] != "") { @@ -294,36 +294,39 @@ function parse_soa($soa) { $email_soa = explode(":", $soa['host']); - $array['tldemail'] = $email_soa[0]; - $array['tldhost'] = $email_soa[1]; - + if (isset($email_soa[0])) { + $array['tldemail'] = $email_soa[0]; + } + if (isset($email_soa[1])) { + $array['tldhost'] = $email_soa[1]; + } $ttls_soa = explode(":", $soa['val']); // ttl - if($soa['ttl'] == "") { + if(!isset($soa['ttl']) || $soa['ttl'] == "") { $array['ttl'] = 86400; } else { $array['ttl'] = $soa['ttl']; } // refresh - if($ttls_soa[0] == "") { + if(!isset($ttls_soa[0]) || $ttls_soa[0] == "") { $array['refresh'] = 16384; } else { $array['refresh'] = $ttls_soa[0]; } // retry - if($ttls_soa[1] == "") { + if (!isset($ttls_soa[1]) || $ttls_soa[1] == "") { $array['retry'] = 2048; } else { $array['retry'] = $ttls_soa[1]; } // expiration - if($ttls_soa[2] == "") { + if (!isset($ttls_soa[2]) || $ttls_soa[2] == "") { $array['expire'] = 1048576; } else { $array['expire'] = $ttls_soa[2]; } // min - if($ttls_soa[3] == "") { + if(!isset($ttls_soa[3]) || $ttls_soa[3] == "") { $array['minimum'] = 2560; } else { $array['minimum'] = $ttls_soa[3]; @@ -381,6 +384,7 @@ // Strip first char $stripped = ereg_replace("^.", "", $line); $array = explode(":", $stripped); + $out_array = ''; // Format the array according to the type if(strncmp('+', $line, 1) == 0) {