Made a lot of small changes to allow PHP to run with error_reporting …

…E_ALL without giving notices.

Most functions have been checked but some situations might give a notice.

add_record.php

@@ -26,7 +26,7 @@
 	error(ERR_RECORD_ACCESS_DENIED);
 }
 
-if ($_POST["commit"]) {
+if (isset($_POST["commit"]) && isset($_POST['zoneid']) && isset($_POST['name']) && isset($_POST['type']) && isset($_POST['content']) && isset($_POST['ttl']) && isset($_POST['prio']) ) {
         $ret = add_record($_POST["zoneid"], $_POST["name"], $_POST["type"], $_POST["content"], $_POST["ttl"], $_POST["prio"]);
         if ($ret != '1') {
                 die("$ret");
@@ -63,7 +63,7 @@
         } elseif (strtoupper($c) == 'A') {
                 $add = " SELECTED";
         } else {
-                unset($add);
+                $add = '';
         }
         ?><option<?php echo $add ?> value="<?php echo $c ?>"><?php echo $c ?></option><?php
 }

add_supermaster.php

@@ -26,12 +26,12 @@
 	 error(ERR_LEVEL_5);
 }
 
-if($_POST["submit"])
+if(isset($_POST["submit"]))
 {
-	$master_ip = $_POST["master_ip"];
-	$ns_name = $_POST["ns_name"];
-	$account = $_POST["account"];
-	if (!$error)
+	$master_ip = (isset($_POST['master_ip']) ? $_POST["master_ip"] : '');
+	$ns_name = (isset($_POST['ns_name']) ? $_POST["ns_name"] : '');
+	$account = (isset($_POST["account"]) ? $_POST['account'] : '');
+	if (!isset($error))
 	{
 		if (!is_valid_ip($master_ip) && !is_valid_ip6($master_ip))
 		{
@@ -57,11 +57,11 @@
 
 include_once("inc/header.inc.php");
 
-    if ($error != "")
+    if ((isset($error)) && ($error != ""))
     {
     	?><div class="error"><?php echo _('Error'); ?>: <?php echo $error; ?></div><?php
     }
-    elseif ($success != "")
+    elseif ((isset($success)) && ($success != ""))
     {
     	?><div class="success"><?php echo $success; ?></div><?php
     }
@@ -73,19 +73,19 @@
       <tr>
        <td class="n"><?php echo _('IP address of supermaster'); ?>:</td>
        <td class="n">
-        <input type="text" class="input" name="master_ip" value="<?php if ($error) print $_POST["master_ip"]; ?>">
+        <input type="text" class="input" name="master_ip" value="<?php if (isset($error)) print $_POST["master_ip"]; ?>">
        </td>
       </tr>
       <tr>
        <td class="n"><?php echo _('Hostname in NS record'); ?>:</td>
        <td class="n">
-        <input type="text" class="input" name="ns_name" value="<?php if ($error) print $_POST["ns_name"]; ?>">
+        <input type="text" class="input" name="ns_name" value="<?php if (isset($error)) print $_POST["ns_name"]; ?>">
        </td>
       </tr>
       <tr>
        <td class="n"><?php echo _('Account'); ?>:</td>
        <td class="n">
-        <input type="text" class="input" name="account" value="<?php if ($error) print $_POST["account"]; ?>">
+        <input type="text" class="input" name="account" value="<?php if (isset($error)) print $_POST["account"]; ?>">
        </td>
       </tr>
       <tr>

add_zone_master.php

@@ -27,14 +27,14 @@
 
 }
 
-if ($_POST["submit"])
+if (isset($_POST["submit"]))
 {
-        $domain = trim($_POST["domain"]);
-        $owner = $_POST["owner"];
-        $webip = $_POST["webip"];
-        $mailip = $_POST["mailip"];
-        $empty = $_POST["empty"];
-        $dom_type = isset($_POST["dom_type"]) ? $_POST["dom_type"] : "NATIVE";
+        $domain = (isset($_POST['domain']) ? trim($_POST["domain"]) : '');
+        $owner = (isset($_POST['owner']) ? $_POST["owner"] : 0 );
+        $webip = (isset($_POST["webip"]) ? $_POST['webip'] : '');
+        $mailip = (isset($_POST["mailip"]) ? $_POST['mailip'] : '');
+        $empty = (isset($_POST["empty"]) ? $_POST['empty'] : 0);
+        $dom_type = (isset($_POST["dom_type"]) ? $_POST["dom_type"] : "NATIVE");
         if(!$empty)
         {
                 $empty = 0;
@@ -43,7 +43,7 @@
                         $error = "Web or Mail ip is invalid!";
                 }
         }
-        if (!$error)
+        if (!isset($error))
         {
                 if (!is_valid_domain($domain))
                 {
@@ -64,11 +64,11 @@
 
 include_once("inc/header.inc.php");
 
-	if ($error != "")
+	if ((isset($error)) && ($error != ""))
 	{
 	        ?><div class="error"><?php echo _('Error'); ?>: <?php echo $error; ?></div><?php
 	}
-	elseif ($success != "")
+	elseif ((isset($success)) && ($success != ""))
 	{
 		?><div class="success"><?php echo $success; ?></div><?php
 	}
@@ -87,19 +87,19 @@
           <tr>
            <td class="n"><?php echo _('Zone name'); ?>:</td>
            <td class="n">
-            <input type="text" class="input" name="domain" value="<?php if ($error) print $_POST["domain"]; ?>">
+            <input type="text" class="input" name="domain" value="<?php if (isset($error)) print $_POST["domain"]; ?>">
            </td>
           </tr>
           <tr>
            <td class="n"><?php echo _('Web IP'); ?>:</td>
            <td class="n">
-            <input type="text" class="input" name="webip" value="<?php if ($error) print $_POST["webip"]; ?>">
+            <input type="text" class="input" name="webip" value="<?php if (isset($error)) print $_POST["webip"]; ?>">
            </td>
           </tr>
           <tr>
            <td class="n"><?php echo _('Mail IP'); ?>:</TD>
            <td class="n">
-            <input type="text" class="input" name="mailip" value="<?php if ($error) print $_POST["mailip"]; ?>">
+            <input type="text" class="input" name="mailip" value="<?php if (isset($error)) print $_POST["mailip"]; ?>">
            </td>
           </tr>
           <tr>

add_zone_slave.php

@@ -27,13 +27,13 @@
 
 }
 
-if ($_POST["submit"])
+if (isset($_POST["submit"]))
 {
      $domain = trim($_POST["domain"]);
      $owner = $_POST["owner"];
      $slave_master = $_POST["slave_master"];
      $dom_type = "SLAVE";
-     if (!$error)
+     if (!isset($error))
      {
              if (!is_valid_domain($domain))
              {
@@ -49,7 +49,7 @@
              }
              else
              {
-                     if(add_domain($domain, $owner, $webip, $mailip, $empty, $dom_type, $slave_master))
+                     if(add_domain($domain, $owner, '', '', 1, $dom_type, $slave_master))
 		     {
                                 $success = _('Successfully added slave zone.');
 		     }
@@ -59,11 +59,11 @@
 
 include_once("inc/header.inc.php");
 
-	if ($error != "")
+	if ((isset($error)) && ($error != ""))
 	{
 	        ?><div class="error"><?php echo _('Error'); ?>: <?php echo $error; ?></div><?php
 	}
-	elseif ($success != "")
+	elseif ((isset($success)) && ($success != ""))
 	{
 		?><div class="success"><?php echo $success; ?></div><?php
 	}
@@ -77,13 +77,13 @@
 	      <tr>
 	       <td class="n"><?php echo _('Zone name'); ?>:</td>
 	       <td class="n">
-	        <input type="text" class="input" name="domain" value="<?php if ($error) print $_POST["domain"]; ?>">
+	        <input type="text" class="input" name="domain" value="<?php if (isset($error)) print $_POST["domain"]; ?>">
 	       </td>
 	      </tr>
 	      <tr>
 	       <td class="n"><?php echo _('IP of master NS'); ?>:</td>
 	       <td class="n">
-	        <input type="text" class="input" name="slave_master" value="<?php if ($error) print $_POST["slave_master"]; ?>">
+	        <input type="text" class="input" name="slave_master" value="<?php if (isset($error)) print $_POST["slave_master"]; ?>">
 	       </td>
 	      </tr>
 	      <tr>

change_password.php

@@ -21,9 +21,9 @@
 
 require_once("inc/toolkit.inc.php");
 
-if($_POST["submit"])
+if(isset($_POST["submit"]))
 {
-	if(strlen($_POST["newpass"]) < 8)
+	if((!isset($_POST['newpass'])) || (strlen($_POST["newpass"]) < 8))
 	{
 		error('Password length should be at least 8 characters.');
 	}

delete_domain.php

@@ -27,10 +27,10 @@
 
 }
 
-if ($_GET["id"]) {
-        if ($_GET["confirm"] == '0') {
+if (isset($_GET["id"])) {
+        if ((isset($_GET["confirm"])) && ($_GET['confirm'] == '0')) {
                 clean_page("index.php");
-        } elseif ($_GET["confirm"] == '1') {
+        } elseif ((isset($_GET["confirm"])) && ($_GET['confirm'] == '1')) {
                 delete_domain($_GET["id"]);
                 clean_page("index.php");
         }

delete_supermaster.php

@@ -27,10 +27,10 @@
 
 }
 
-if ($_GET["master_ip"]) {
-        if ($_GET["confirm"] == '0') {
+if (isset($_GET["master_ip"])) {
+        if ((isset($_GET['confirm'])) && ($_GET["confirm"] == '0')) {
                 clean_page("index.php");
-        } elseif ($_GET["confirm"] == '1') {
+        } elseif ((isset($_GET["confirm"])) && ($_GET['confirm'] == '1')) {
                 delete_supermaster($_GET["master_ip"]);
                 clean_page("index.php");
         }

edit.php

@@ -124,7 +124,7 @@
   			$users = show_users();
   			foreach ($users as $u)
   			{
-  				unset($add);
+  				$add = '';
   				if ($u["id"] == $info["ownerid"])
   				{
   					$add = " SELECTED";
@@ -155,7 +155,7 @@
 <?php
 	foreach($server_types as $s)
 	{
-		unset($add);
+		$add = '';
 		if ($s == $domain_type)
 		{
 			$add = " SELECTED";

edit_record.php

@@ -21,7 +21,7 @@
 
 require_once("inc/toolkit.inc.php");
 
-if (isset($_GET["delid"])) {
+if (isset($_GET["delid"]) && isset($_GET['delid']) && isset($_GET['id'])) {
    delete_record_owner($_GET["domain"],$_GET["delid"],$_GET["id"]);
 }
 
@@ -32,11 +32,14 @@
     error(ERR_RECORD_ACCESS_DENIED);
 }
 
-if ($_POST["commit"])
+if (isset($_GET['domain'])) {
+	$domain_name = get_domain_name_from_id($_GET['domain']);
+}
+if (isset($_POST["commit"]) && isset($_POST['recordid']) && isset($_POST['domainid']) && isset($_POST['name']) && isset($_POST['type']) && isset($_POST['content']) && isset($_POST['ttl']) && isset($_POST['prio']))
 {
         edit_record($_POST["recordid"], $_POST["domainid"], $_POST["name"], $_POST["type"], $_POST["content"], $_POST["ttl"], $_POST["prio"]);
         clean_page("edit.php?id=".$_POST["domainid"]);
-} elseif($_SESSION["partial_".get_domain_name_from_id($_GET["domain"])] == 1)
+} elseif(isset($_SESSION['partial_'.$domain_name]) && ($_SESSION["partial_".$domain_name] == 1))
 {
 	$db->setLimit(1);
     $checkPartial = $db->queryOne("SELECT id FROM record_owners WHERE record_id=".$db->quote($_GET["id"])." AND user_id=".$db->quote($_SESSION["userid"]));
@@ -46,7 +49,7 @@
 }
 include_once("inc/header.inc.php");
 ?>
-    <h2><?php echo _('Edit record in zone'); ?> "<?php echo  get_domain_name_from_id($_GET["domain"]) ?>"</h2>
+    <h2><?php echo _('Edit record in zone'); ?> "<?php echo  $domain_name ?>"</h2>
 <?php
 
 $x_result = $db->query("SELECT r.id,u.fullname FROM record_owners as r, users as u WHERE r.record_id=".$db->quote($_GET['id'])." AND u.id=r.user_id");
@@ -98,19 +101,19 @@
 if ($_SESSION[$_GET["domain"]."_ispartial"] == 1)  
 {
 ?>
-         <input type="hidden" name="name" value="<?php echo  trim(str_replace(get_domain_name_from_id($_GET["domain"]), '', $rec["name"]), '.')?>" class="input">
+         <input type="hidden" name="name" value="<?php echo  trim(str_replace($domain_name, '', $rec["name"]), '.')?>" class="input">
 
-<?php echo  trim(str_replace(get_domain_name_from_id($_GET["domain"]), '', $rec["name"]), '.') ?>
+<?php echo  trim(str_replace($domain_name, '', $rec["name"]), '.') ?>
 <?php 
 } 
 else 
 { 
 ?>
-         <input type="text" name="name" value="<?php echo  trim(str_replace(get_domain_name_from_id($_GET["domain"]), '', $rec["name"]), '.') ?>" class="input">
+         <input type="text" name="name" value="<?php echo  trim(str_replace($domain_name, '', $rec["name"]), '.') ?>" class="input">
 <?php 
 } 
 ?>
-.<?php echo  get_domain_name_from_id($_GET["domain"]) ?>
+.<?php echo  $domain_name ?>
         </td>
 	<td class="n">IN</td>
 	<td>

inc/auth.inc.php

@@ -19,7 +19,7 @@
  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-session_start();
+//session_start();
 
 if (isset($_SERVER["QUERY_STRING"]) && $_SERVER["QUERY_STRING"] == "logout")
 {
@@ -52,7 +52,7 @@
 		$_SESSION["userid"] = $rowObj["id"];
 		$_SESSION["name"] = $rowObj["fullname"];
 		$_SESSION["level"] = $rowObj["level"];
-        	if($_POST["authenticate"])
+        	if(isset($_POST["authenticate"]))
         	{
             		//If a user has just authenticated, redirect him to index with timestamp, so post-data gets lost.
             		session_write_close();
@@ -117,6 +117,7 @@ function auth($msg="",$type="success")
 
 function logout($msg="")
 {
+	$type = '';
 	if ( $msg == "" ) {
 		$msg = _('You have logged out.');
 		$type = "success";

inc/dns.inc.php

@@ -75,6 +75,8 @@ function validate_input($zoneid, $type, &$content, &$name, &$prio, &$ttl)
 	if($name == '*')
 	{
 		$wildcard = true;
+	} else {
+		$wildcard = false;
 	}
 
 	if ($name=="0") {