<?php
# updns v0.1
# By Fotis Loukos <fotisl@gmail.com>

# The database
$database = 'updns.db';
# Duration of entries
$duration = 60 * 60;

if(!isset($_REQUEST['username']) || !isset($_REQUEST['password'])) {
    echo 'Error: Authentication problem';
    exit;
}

if(!isset($_REQUEST['action'])) {
    echo 'Error: Action missing';
    exit;
}

try {
    $dbh = new PDO("sqlite:$database");

    $sth = $dbh->prepare('select * from users where username = ? and password = ?');
    $sth->execute(array($_REQUEST['username'], hash('sha256', $_REQUEST['password'])));
    $row = $sth->fetch();
    $userid = $row['id'];
    $userpriv = $row['priv'];
    $userhost = $row['hostname'];
    if(!$userid) {
        echo 'Error: Authentication problem';
        exit;
    }

    if($_REQUEST['action'] == 'update4') {
        if(($userpriv > 1) && isset($_REQUEST['ip']))
            $tmpip = $_REQUEST['ip'];
        else
            $tmpip = $_SERVER['REMOTE_ADDR'];
        if(($userpriv > 2) && isset($_REQUEST['hostname']))
            $hostname = $_REQUEST['hostname'];
        else
            $hostname = $userhost;
        $ip = filter_var($tmpip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE);
        if($ip == false) {
            echo 'Error: Invalid IPv4 IP';
            exit;
        }

        $sth = $dbh->prepare('select count(*) from ipv4 where hostname = ? and userid != ?');
        $sth->execute(array($hostname, $userid));
        $row = $sth->fetch();
        if($row[0] > 0) {
            echo 'Error: Hostname unavailable';
            exit;
        }
        $sth = $dbh->prepare('update ipv4 set valid = 0 where userid = ? and hostname = ?');
        $sth->execute(array($userid, $hostname));
        $sth = $dbh->prepare('insert into ipv4 (userid, hostname, ip, valid, expires) values (?, ?, ?, 1, ?)');
        $sth->execute(array($userid, $hostname, $ip, sprintf('4%015x', time() + $duration)));
        echo "$hostname=$ip until " . strftime('%d/%m/%y %H:%M:%S', hexdec(substr($row[1], 1))) . "\n";
    } elseif($_REQUEST['action'] == 'update6') {
        if(($userpriv > 1) && isset($_REQUEST['ip']))
            $tmpip = $_REQUEST['ip'];
        else
            $tmpip = $_SERVER['REMOTE_ADDR'];
        if(($userpriv > 2) && isset($_REQUEST['hostname']))
            $hostname = $_REQUEST['hostname'];
        else
            $hostname = $userhost;
        $ip = filter_var($tmpip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE);
        if($ip == false) {
            echo 'Error: Invalid IPv6 IP';
            exit;
        }
        $cnt = substr_count($ip, ':');
        if(strstr($ip, '::') != false)
            $ip = str_replace('::', ':' . str_repeat('0:', 8 - $cnt), $ip);
        $finalip = array();
        foreach(explode(':', $ip) as $part)
            $finalip[] = sprintf('%04x', hexdec($part));

        $sth = $dbh->prepare('select count(*) from ipv6 where hostname = ? and userid != ?');
        $sth->execute(array($hostname, $userid));
        $row = $sth->fetch();
        if($row[0] > 0) {
            echo 'Error: Hostname unavailable';
            exit;
        }
        $sth = $dbh->prepare('update ipv6 set valid = 0 where userid = ? and hostname = ?');
        $sth->execute(array($userid, $hostname));
        $sth = $dbh->prepare('insert into ipv6 (userid, hostname, ip, valid, expires) values (?, ?, ?, 1, ?)');
        $sth->execute(array($userid, $hostname, implode('', $finalip), sprintf('4%015x', time() + $duration)));
        echo "$hostname=$ip until " . strftime('%d/%m/%y %H:%M:%S', hexdec(substr($row[1], 1))) . "\n";
    } elseif($_REQUEST['action'] == 'list') {
        $sth = $dbh->prepare('select hostname, ip, expires from ipv4 where userid = ? and valid = 1');
        $sth->execute(array($userid));
        while($row = $sth->fetch())
            echo $row['hostname'] . '=' . $row['ip'] . ' until ' . strftime('%d/%m/%y %H:%M:%S', hexdec(substr($row[1], 1))) . "\n";

        $sth = $dbh->prepare('select hostname, ip, expires from ipv6 where userid = ? and valid = 1');
        $sth->execute(array($userid));
        while($row = $sth->fetch())
            echo $row['hostname'] . '=' . $row['ip'] . ' until ' . strftime('%d/%m/%y %H:%M:%S', hexdec(substr($row[1], 1))) . "\n";

        $sth = $dbh->prepare('select hostname, type from sshfp where userid = ? and valid = 1');
        $sth->execute(array($userid));
        while($row = $sth->fetch())
            echo $row['hostname'] . (($row['type'] == 1) ? ' RSA ' : ' DSA ') . "key\n";
    } elseif($_REQUEST['action'] == 'delete4') {
        if(($userpriv > 2) && isset($_REQUEST['hostname']))
            $hostname = $_REQUEST['hostname'];
        else
            $hostname = $userhost;

        $sth = $dbh->prepare('update ipv4 set valid = 0 where userid = ? and hostname = ?');
        $sth->execute(array($userid, $hostname));
        echo "$hostname A record deleted";
    } elseif($_REQUEST['action'] == 'delete6') {
        if(($userpriv > 2) && isset($_REQUEST['hostname']))
            $hostname = $_REQUEST['hostname'];
        else
            $hostname = $userhost;

        $sth = $dbh->prepare('update ipv6 set valid = 0 where userid = ? and hostname = ?');
        $sth->execute(array($userid, $hostname));
        echo "$hostname AAAA record deleted";
    } elseif($_REQUEST['action'] == 'setsshfp') {
        if(!isset($_REQUEST['key'])) {
            echo 'Error: Missing key';
            exit;
        }
        $key = $_REQUEST['key'];
        if(($userpriv > 2) && isset($_REQUEST['hostname']))
            $hostname = $_REQUEST['hostname'];
        else
            $hostname = $userhost;

        $sth = $dbh->prepare('select count(*) from ipv4 where hostname = ? and userid != ?');
        $sth->execute(array($hostname, $userid));
        $row = $sth->fetch();
        if($row[0] > 0) {
            echo 'Error: Hostname unavailable';
            exit;
        }

        if(!strncmp($key, 'ssh-rsa ', 8)) {
            $type = 1;
        } elseif(!strncmp($key, 'ssh-dss ', 8)) {
            $type = 2;
        } else {
            echo 'Error: Invalid key';
            exit;
        }

        $keyparts = explode(' ', $key);
        $rawkey = base64_decode($keyparts[1]);
        if($rawkey == false) {
            echo 'Error: Invalid key';
            exit;
        }
        $keyhash = str_split(sha1($rawkey), 2);
        $sshfp = sprintf('\\%03o\\%03o', $type, 1);
        foreach($keyhash as $enc)
            $sshfp .= sprintf('\\%03o', hexdec($enc));

        $sth = $dbh->prepare('update sshfp set valid = 0 where userid = ? and hostname = ? and type = ?');
        $sth->execute(array($userid, $hostname, $type));
        $sth = $dbh->prepare('insert into sshfp (userid, hostname, sshfp, type, valid) values (?, ?, ?, ?, 1)');
        $sth->execute(array($userid, $hostname, $sshfp, $type));
        echo "$hostname SSHFP record set";
    } elseif($_REQUEST['action'] == 'delsshfp') {
        if(($userpriv > 2) && isset($_REQUEST['hostname']))
            $hostname = $_REQUEST['hostname'];
        else
            $hostname = $userhost;

        $sth = $dbh->prepare('update sshfp set valid = 0 where userid = ? and hostname = ?');
        $sth->execute(array($userid, $hostname));
        echo "$hostname SSHFP record deleted";
    } elseif($_REQUEST['action'] == 'changepw') {
        if(!isset($_REQUEST['newpw'])) {
            echo 'Error: New password missing';
            exit;
        }

        $sth = $dbh->prepare('update users set password = ? where id = ?');
        $sth->execute(array(hash('sha256', $_REQUEST['newpw']), $userid));
        echo 'New password set.';
    } elseif($_REQUEST['action'] == 'adduser') {
        if(($userpriv < 10) || !isset($_REQUEST['newuser']) || !isset($_REQUEST['newpw']) || !isset($_REQUEST['newpriv']) || !isset($_REQUEST['newhostname'])) {
            echo 'Error: Privileged operation or missing user information';
            exit;
        }

        $sth = $dbh->prepare('insert into users (username, password, priv, hostname) values (?, ?, ?, ?)');
        $sth->execute(array($_REQUEST['newuser'], $_REQUEST['newpw'], $_REQUEST['newpriv'], $_REQUEST['newhostname']));
        echo 'User added';
    } elseif($_REQUEST['action'] == 'deluser') {
        if(($userpriv < 10) || !isset($_REQUEST['deluser'])) {
            echo 'Error: Privileged operation';
            exit;
        }

        $sth = $dbh->prepare('delete from users where username = ?');
        $sth->execute(array($_REQUEST['deluser']));
        echo 'User deleted';
    } elseif($_REQUEST['action'] == 'edituser') {
        if(($userpriv < 10) || !isset($_REQUEST['targetuser'])) {
            echo 'Error: Privileged operation or missing target user';
            exit;
        }
        if(isset($_REQUEST['newpw'])) {
            $sth = $dbh->prepare('update users set password = ? where username = ?');
            $sth->execute(array($_REQUEST['newpw'], $_REQUEST['targetuser']));
        }
        if(isset($_REQUEST['newpriv'])) {
            $sth = $dbh->prepare('update users set priv = ? where username = ?');
            $sth->execute(array($_REQUEST['newpriv'], $_REQUEST['targetuser']));
        }
        if(isset($_REQUEST['newhostname'])) {
            $sth = $dbh->prepare('update users set hostname = ? where username = ?');
            $sth->execute(array($_REQUEST['newhostname'], $_REQUEST['targetuser']));
        }
        echo 'Done';
    } elseif($_REQUEST['action'] == 'cleanup') {
        if($userpriv < 10) {
            echo 'Error: Privileged operation';
            exit;
        }

        $sth = $dbh->prepare('select id, expires from ipv4 where valid = 1');
        $sth->execute();
        $toremove = array();
        while($row = $sth->fetch())
            if(hexdec(substr($row[1], 1)) < time())
                $toremove[] = $row[0];
        $sth = $dbh->prepare('update ipv4 set valid = 0 where id = ?');
        foreach($toremove as $rid)
            $sth->execute(array($rid));

        $sth = $dbh->prepare('select id, expires from ipv6 where valid = 1');
        $sth->execute();
        $toremove = array();
        while($row = $sth->fetch())
            if(hexdec(substr($row[1], 1)) < time())
                $toremove[] = $row[0];
        $sth = $dbh->prepare('update ipv6 set valid = 0 where id = ?');
        foreach($toremove as $rid)
            $sth->execute(array($rid));

        echo 'Cleanup successful';
    } else {
        echo 'Error: Invalid action';
    }
} catch(PDOException $e) {
    echo 'Error: Database problem';
}
?>