adding the check dig in the domain list feature

bureau/admin/adm_doms.php

@@ -43,16 +43,24 @@ include_once ("head.php");
 	  echo "<p class=\"error\">$error</p>";
 	}
 
-$c=$admin->dom_list();
+// List the domains. If the first parameter is true, also check their DNS & other IPs actual parameters.
+// If the second parameter is true, check the domains whatever the dis cache is.
+$forcecheck=($_REQUEST["force"]!="");
+$c=$admin->dom_list(true,$forcecheck);
 
 ?>
 <p>
 <?php __("Here is the list of the domains installed on this server. You can remove a domain if it does not exist or does not point to our server anymore. You can also set the 'Lock' flag on a domain so that the user will not be able to change any DNS parameter or delete this domain from his account."); ?>
 </p>
-
+<p>
+<?php __("The domain OK column are green when the domain exists in the worldwide registry and has a proper NS,MX and IP depending on its configuration. It is red if we have serious doubts about its NS, MX or IP configuration"); ?>
+</p>
+<p>
+<?php __("If you want to force the check of NS, MX, IP on domains, click the link "); ?><a href="adm_doms.php?force=1"><?php __("Show domain list with refreshed checked NS, MX, IP information"); ?></a>
+</p>
 <form method="post" action="adm_dodom.php">
 <table border="0" cellpadding="4" cellspacing="0">
-  <tr><th><?php __("Action"); ?></th><th><?php __("Domain"); ?></th><th><?php __("Member"); ?></th><th><?php __("Connect as"); ?><th>Lock</th></tr>
+    <tr><th><?php __("Action"); ?></th><th><?php __("Domain"); ?></th><th><?php __("Member"); ?></th><th><?php __("Connect as"); ?><th><?php __("Lock"); ?></th><th><?php __("OK?"); ?></th><th><?php __("Status"); ?></th></tr>
 <?php
 $col=1;
 for($i=0;$i<count($c);$i++) {
@@ -73,6 +81,15 @@ for($i=0;$i<count($c);$i++) {
 				    <td><?php if ($c[$i]["noerase"]) {
 			echo "<img src=\"icon/encrypted.png\" width=\"16\" height=\"16\" alt=\""._("Locked Domain")."\" />";
 				    } ?></td>
+<td style="background: <?php 
+				       if ($c[$i]["errno"]==0) {
+					 echo "green";
+				       } else {
+					 echo  "red";
+				       }
+  ?>">&nbsp;
+</td>
+<td><?php echo nl2br($c[$i]["errstr"]); ?></td>
 </tr>
 <?php
 }

bureau/class/m_admin.php

@@ -822,17 +822,102 @@ EOF;
    * List the hosted domains on this server
    * 
    * Return the list of hosted domains on this server, (an array of associative arrays)
+   * @param boolean $alsocheck Returns also errstr and errno telling the domains dig checks
+   * @param boolean $forcecheck Force the check of dig domain even if a cache exists.
    * @return array $r[$i] / [domaine][member][noerase][gesdns][gesmx]
    */
-  function dom_list() {
+  function dom_list($alsocheck=false,$forcecheck=false) {
     global $db;
+    $cachefile="/tmp/alternc_dig_check_cache";
+    $cachetime=3600; // The dns cache file can be up to 1H old
+    if ($alsocheck) {
+      if (!$forcecheck && file_exists($cachefile) && filemtime($cachefile)+$cachetime>time()) {
+	$checked=unserialize(file_get_contents($cachefile));
+      } else {
+	// TODO : do the check here (cf checkdom.php) and store it in $checked
+	$checked=$this->checkalldom();
+	file_put_contents($cachefile,serialize($checked));
+      }
+    }
     $db->query("SELECT m.login,d.domaine,d.gesdns,d.gesmx,d.noerase FROM domaines d LEFT JOIN membres m ON m.uid=d.compte ORDER BY domaine;");
     while ($db->next_record()) {
-      $c[]=$db->Record;
+      $tmp=$db->Record;
+      if ($alsocheck) {
+	$tmp["errstr"]=$checked[$tmp["domaine"]]["errstr"];
+	$tmp["errno"]=$checked[$tmp["domaine"]]["errno"];
+      }
+      $c[]=$tmp;
     }
     return $c;
   }
 
+  /** Check all the domains for their NS MX and IPs
+   */
+  function checkalldom() {
+    global $L_NS1,$L_NS2,$L_MX,$L_PUBLIC_IP;
+    $checked=array();
+    $r=$db->query("SELECT * FROM domaines ORDER BY domaine;");
+    $dl=array();
+    while ($db->next_record()) {
+      $dl[$db->Record["domaine"]]=$db->Record;
+    }
+    sort($dl);
+    foreach($dl as $c) {
+      // Pour chaque domaine on verifie son etat : 
+      $errno=0;
+      $errstr="";
+      $dontexist=false;
+      // Check du domaine
+      if ($c["gesdns"]==1) {
+	// Check du NS qui pointe chez nous 
+	$out=array();
+	exec("dig +short NS ".escapeshellarg($c["domaine"]),$out);
+	if (count($out)==0) {
+	  $dontexist=true;
+	} else {
+	  if (!in_array($L_NS1,$out) || !in_array($L_NS2,$out)) {
+	    $errno=1; $errstr.="NS for this domain are not $L_NS1 and $L_NS2 BUT ".implode(",",$out)."\n";
+	  }
+	}
+      }
+      if ($c["gesmx"]==1 && !$dontexist) {
+	$out=array();
+	exec("dig +short MX ".escapeshellarg($c["domaine"]),$out);
+	$out2=array();
+	foreach($out as $o) {
+	  list($t,$out2[])=explode(" ",$o);
+	}
+	if (!in_array($L_MX,$out2)) {
+	  $errno=1; $errstr.="MX is not $L_MX BUT ".implode(",",$out2)."\n";
+	}
+      }
+      if (!$dontexist) {
+	// On liste les sous-domaine et on verifie qu'ils pointent bien chez nous...
+	$db->query("SELECT * FROM sub_domaines WHERE domaine='".addslashes($c["domaine"])."' ORDER BY sub;");
+	while ($db->next_record()) {
+	  $d=$db->Record;
+	  if ($d["type"]==0) {
+	    // Check l'IP : 
+	    $out=array();
+	    exec("dig +short A ".escapeshellarg($d["sub"].(($d["sub"]!="")?".":"").$c["domaine"]),$out);
+	    if (!in_array($L_PUBLIC_IP,$out)) {
+	      $errstr.="subdomain '".$d["sub"]."' don't point to $L_PUBLIC_IP but to ".implode(",",$out)."\n";
+	      $errno=1;
+	    }
+	  }
+	}
+      }
+      if ($dontexist) {
+	$errno=2;
+	$errstr="Domain don't exist anymore !";
+      }
+      if ($errno==0) $errstr="OK";
+      $checked[$c["domaine"]]=array("errno"=>$errno, "errstr"=>$errstr); 
+    }
+    return $checked;
+  }
+
+
   /* ----------------------------------------------------------------- */
   /**
    * Lock / Unlock a domain 

debian/changelog

@@ -1,5 +1,8 @@
 alternc (0.9.10~rc1) stable; urgency=low
 
+  * new features:
+    * removed the dependency on postgrey, added dnsutils (for domain checks)
+    * added domain check (exists, ns, mx, ip) when listing domains in admin panel.
   * bugfixes:
     * fix a "already exist" error when creating a database containing an hyphen (-)
     * #1163: fix sqlbackup script call routine to retain backwards

debian/control

@@ -10,7 +10,7 @@ Standards-Version: 3.8.0
 Package: alternc
 Architecture: all
 Pre-depends: debconf (>= 0.5.00) | debconf-2.0
-Depends: debianutils (>= 1.13.1), apache2 | apache, libapache2-mod-php5 | libapache-mod-php5 | libapache2-mod-php4 | libapache-mod-php4, courier-ssl, courier-imap-ssl, courier-pop-ssl, php5-mysql | php4-mysql, phpmyadmin, postfix, proftpd-mod-mysql | proftpd-mysql, squirrelmail, squirrelmail-locales, postfix-tls, bind9, wget, rsync, quota, courier-authmysql | courier-authlib-mysql, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli | php4-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), pdksh (>= 5.2.14-6), adduser, mysql-client, postgrey
+Depends: debianutils (>= 1.13.1), apache2 | apache, libapache2-mod-php5 | libapache-mod-php5 | libapache2-mod-php4 | libapache-mod-php4, courier-ssl, courier-imap-ssl, courier-pop-ssl, php5-mysql | php4-mysql, phpmyadmin, postfix, proftpd-mod-mysql | proftpd-mysql, squirrelmail, squirrelmail-locales, postfix-tls, bind9, wget, rsync, quota, courier-authmysql | courier-authlib-mysql, ca-certificates, locales, perl-suid, perl, postfix-mysql, wwwconfig-common, sasl2-bin, libsasl2-modules, php5-cli | php4-cli, lockfile-progs (>= 0.1.9), gettext (>= 0.10.40-5), pdksh (>= 5.2.14-6), adduser, mysql-client, dnsutils
 Recommends: apache2 | libapache-mod-gzip, apache2 | apache-ssl, mysql-server
 Conflicts: alternc-admintools, alternc-awstats (<= 0.3.2), alternc-webalizer (<= 0.9.4)
 Provides: alternc-admintools