'*', 'bla' => 'blub', ); $ALLOWED_RECORDS = array( 'A' => True, 'AAAA' => True, 'MX' => True, 'CNAME' => True, 'NS' => True, 'TXT' => True, 'SPF' => True, 'SRV' => True, ); $user = $_SERVER['PHP_AUTH_USER']; // validate and sanitize parameters $value = filter_var($_REQUEST['value'], FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_NO_ENCODE_QUOTES); if(!strlen($value) > 0) $value = False; if(isset($ALLOWED_RECORDS[$_REQUEST['type']])) { $type = $_REQUEST['type']; switch ($type) { case 'A': $value = filter_var($value, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); break; case 'AAAA': $value = filter_var($value, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6); break; case 'SRV': case 'MX': case 'CNAME': case 'NS': case 'TXT': case 'SPF': break; default: $value = False; break; } } else $type = False; $domain = filter_var($_REQUEST['domain'], FILTER_SANITIZE_FULL_SPECIAL_CHARS, FILTER_FLAG_NO_ENCODE_QUOTES); if(!strlen($domain) > 0) $domain = False; // Check if we got all needed parameters and the user is allowed to change this sub if($value !== False && $type !== False && $domain !== False && ( $ACL[$user] == '*' || $ACL[$user] == $domain )) { $nsupdateCommands = << array("pipe", "r"), // STDIN ); if($DEBUG === True) { $descriptorspec[1] = array("pipe", "w"); // STDOUT $descriptorspec[2] = array("pipe", "w"); // STDERR }; $cwd = '/tmp'; $process = proc_open("/usr/bin/nsupdate -d -k $KEYFILE", $descriptorspec, $pipes, $cwd, NULL); if(is_resource($process)) { fwrite($pipes[0], $nsupdateCommands); fclose($pipes[0]); if($DEBUG === True) { echo nl2br(stream_get_contents($pipes[1])); fclose($pipes[1]); echo nl2br(stream_get_contents($pipes[2])); fclose($pipes[2]); } $return_value = proc_close($process); //echo "Rückgabewert des Kommandos: $return_value\n"; echo $return_value; if($return_value == 0) { syslog(LOG_INFO, "Updated Record {$domain}.{$DYNDOMAIN} {$type} {$ip} "); } else { syslog(LOG_ERR, "Update Record {$domain}.{$DYNDOMAIN} {$type} {$ip} Failed"); } } } else { echo "Parameter Error."; } ?>