<?php
/*************************************************************************************************

    ddnsupdate.php

    Updating DDNS

    Original:    2007.07.29 Ver.0.01 Genki wrote http://blog.genkikko.net/etc/updatedns.phps
    Modified:    2013.07.27 Ver.1.0 Masashi.org
    Modified:    2019.10.04 Ver.1.1 Masashi.org (mysqli etc)

***************************************************************************************************/
include "ddnscommon.php";

//
include "del_nday_file.php";
if(
del_nday_file(1)){die();}
//
/**** Settings ****/
/* List of Domain names */
$link mysqli_connect($db_host $db_user $db_pass $db_name);
if (
mysqli_connect_errno() > 0) {
  die(
"DB Connection error: " mysqli_connect_error());
}
$sql "SELECT domain FROM domain";
$rs mysqli_query($link,$sql);
$ct mysqli_num_rows($rs);
for(
$i=0;$i<$ct;$i++){
        
$row mysqli_fetch_row($rs);
        
$domains[$i] = $row[0];
}

mysqli_close($link);


/**** Initialize POST data into array ****/
$array = array("username","password","ipaddress","subdomain","domain");
$sizeofarray sizeof($array);
for(
$i=0;$i<$sizeofarray;$i++){
    $
$array[$i] = $_POST["{$array[$i]}"];
}

/******************************  Output HTML headers  **********************************************/
include "ddnsheader.php";
echo<<<EOH
<TITLE>Update Host IP Address for DDNS -{$org_name}-</TITLE>
</HEAD>
EOH;

echo<<<EOH
<BODY>
<h1>Update Host IP Address for DDNS</h1>
<br />
EOH;

/*************************************************************************************************

    If there is no POST data, display Input Form.

        If any of them is missing, go to input form.
        If any one of them is sent, warn items missing.
        If IP address is not provided by POST method, get ip address from the remote host address.

***************************************************************************************************/
$ipaddress filter_var($ipaddress,FILTER_VALIDATE_IP);
if(!(
$username && $password && $ipaddress && $subdomain && $domain)){
    if(
$username || $password || $ipaddress || $subdomain || $domain){
        if(!
$username){
            
$msg .= "User ID is missing.<br />";
        }
        if(!
$password){
            
$msg .= "Password is missing.<br />";
        }
        if(!
$ipaddress){
            
$msg .= "IP address is missing or wrong.<br />";
        }
        if(!
$subdomain){
            
$msg .= "Sub-domain is missing.<br />";
        }
        if(!
$domain){
            
$msg .= "Domain name is not selected.<br />";
        }
        echo 
"<font color=\"red\">$msg</font>";
    }
    if(!
$ipaddress){
        
$ipaddress $_SERVER['REMOTE_ADDR'];
    }
echo <<<EOF
<form action="{$_SERVER['SCRIPT_NAME']}" method="post">
    <table border=0>
        <tr>
            <td>User ID</td><td>:</td>
            <td>
                <input type="text" name="username" size=20 maxlength=20 value="
$username">
            </td>
        </tr>
        <tr>
            <td>Password</td><td>:</td>
            <td>
                <input type="password" name="password" size=20 maxlength=20>
            </td>
        </tr>
        <tr>
            <td>IP address</td><td>:</td>
            <td>
                <input type="text" name="ipaddress" size=20 maxlength=20 value="
$ipaddress">
            </td>
        </tr>
        <tr>
            <td>Hostname</td><td>:</td>
            <td>
                <input type="text" name="subdomain" size=20 maxlength=20 value="
$subdomain">
                <select name="domain">
                <option value="">- Select Domain Name -
EOF;
                
// Create Index from array of $domain
                
for($i=0;$domains[$i];$i++){
                    if(
$domains[$i] == $domain){
                        echo 
"<option value=\"{$domains[$i]}\" selected>.{$domains[$i]}\n";
                    }else{
                        echo 
"<option value=\"{$domains[$i]}\">.{$domains[$i]}\n";
                    }
                }

                echo <<<EOF
                </select>
            </td>
        </tr>
    </table>
    <br />
    <input type="submit" value="Update IP Address">
</form>

EOF;

/*************************************************************************************************

    If POST data is ready, process them
       compare with data in the database.

***************************************************************************************************/
}else{
    if(
$username && $ipaddress && $subdomain && $domain){
        
$link mysqli_connect($db_host $db_user $db_pass $db_name);
        if (
mysqli_connect_errno() > 0) {
          die(
"DB Connection error: " mysqli_connect_error());
        }
        
$pw_md5 md5($password);
        
$sql sprintf("SELECT * FROM userdata WHERE username='%s' AND password='%s'",
            
mysqli_real_escape_string($link,$username),
            
mysqli_real_escape_string($link,$pw_md5));
        
$rs mysqli_query($link,$sql);
        
$item mysqli_fetch_array($rs);
        if(!
$item){
            echo 
"User ID or Password is not correct.";
        }else{
            
$hostname $subdomain.".".$domain;
            
$sql sprintf("SELECT * FROM hostdata WHERE hostname='%s' AND username='%s'",
                
mysqli_real_escape_string($link,$hostname),
                
mysqli_real_escape_string($link,$username));
            
$rs mysqli_query($link,$sql);
            
$item mysqli_fetch_array($rs);
            if(
$item){
                
$timestamp date('Y-m-d H:i:s');
                if(
$ipaddress != $item['current_ip']){
                    echo 
"IP Address has been changed successfully.";
                    if(
$item['current_ip'] == "0.0.0.0"){
                        
$dat[0] = "update add $hostname 300 A $ipaddress\n";
                        
$dat[1] = "\n";
                    }else{
                        
$dat[0] = "update delete $hostname\n";
                        
$dat[1] = "update add $hostname 300 A $ipaddress\n";
                        
$dat[2] = "\n";
                    }
                    
$update_file "./temporary/$hostname.txt";
                    
touch($update_file);
                    
$fp fopen($update_file,'w');
                    for(
$i=0;$dat[$i];$i++){
                        
fputs($fp,$dat[$i]);
                    }
                    
fclose($fp);
                    
$status shell_exec($sudo_cmd." ".$nsupdate_cmd." -k ".$nsupdate_key." ".$update_file);
                    
unlink($update_file);
                    
$sql sprintf("UPDATE hostdata SET current_ip='%s' , last_access='$timestamp' , last_update='$timestamp' WHERE hostname='%s'",
                        
mysqli_real_escape_string($link,$ipaddress),
                        
mysqli_real_escape_string($link,$hostname));
                    
$rs mysqli_query($link,$sql);
                }else{
                    echo 
"IP Address has not been changed.";
                    
$sql sprintf("UPDATE hostdata SET current_ip='%s' , last_access='$timestamp'  WHERE hostname='%s'",
                        
mysqli_real_escape_string($link,$ipaddress),
                        
mysqli_real_escape_string($link,$hostname));
                    
$rs mysqli_query($link,$sql);
                }
            }else{
                echo 
"Invalid Login.";
            }
        }
        
mysqli_close($link);
    }
}
?>
<hr />
<a href="./">Return to homepage</a> -<?php echo $org_name?>-
</BODY>
</HTML>