From 6d2eb372a4c5493029b8443c06a2b59b24893232 Mon Sep 17 00:00:00 2001 From: Luke Bratch Date: Thu, 13 Apr 2017 15:22:04 +0100 Subject: Fix some places where functions were using global POST variables instead of what was passed to them --- dns.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'dns.php') diff --git a/dns.php b/dns.php index 0f7c683..cbef901 100644 --- a/dns.php +++ b/dns.php @@ -60,7 +60,7 @@ function sshrun($command) { } function getzone($domain, $password) { - if (!preg_match('/^[0-9A-Za-z\.\-]*$/', $_POST['domain'])) { + if (!preg_match('/^[0-9A-Za-z\.\-]*$/', $domain)) { die("invalid domain"); } @@ -77,7 +77,7 @@ function getzone($domain, $password) { } function writezone($domain, $password, $zonetext) { - if (!preg_match('/^[0-9A-Za-z\.\-]*$/', $_POST['domain'])) { + if (!preg_match('/^[0-9A-Za-z\.\-]*$/', $domain)) { die("invalid domain"); } @@ -85,10 +85,6 @@ function writezone($domain, $password, $zonetext) { die("somehow the password went bad"); } - if (isset($_POST['increment'])) { - $zonetext = incrementserial($zonetext)[0]; - } - $zonetext = str_replace('$', '\$', $zonetext); sshrun("echo -en \"$zonetext\" > " . ZONEROOT . "$domain" . ZONESUFFIX); @@ -127,6 +123,10 @@ if (isset($_POST['domain']) && isset($_POST['password']) && !isset($_POST['zonet } } else if (isset($_POST['domain']) && isset($_POST['password']) && isset($_POST['zonetext'])) { $zonetext = str_replace("\r", '', $_POST['zonetext']); + // Increment the serial number if the box was checked + if (isset($_POST['increment'])) { + $zonetext = incrementserial($zonetext)[0]; + } writezone($_POST['domain'], $_POST['password'], $zonetext); echo "

all done :)

"; } else { -- cgit v1.2.3