zydronium/getnamingo-registry
1
0
Fork 0
mirror of https://github.com/getnamingo/registry.git synced 2025-07-22 18:45:59 +02:00
Code Issues Projects Releases Packages Wiki Activity

Security and UI updates

Browse source
This commit is contained in:
Pinga 2024-02-24 13:42:14 +02:00
parent 86f2096d1f
commit 16657033ca
3 changed files with 84 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

72
cp/app/Controllers/SystemController.php
View file

@ -582,6 +582,13 @@ class SystemController extends Controller
if ($args) { if ($args) {
$args = trim($args); $args = trim($args);
if (!empty($_SESSION['u_tld_extension'])) {
$tld_extension = $_SESSION['u_tld_extension'][0];
} else {
$this->container->get('flash')->addMessage('error', 'No TLD specified for update');
return $response->withHeader('Location', '/registry/tlds')->withStatus(302);
}
if (!preg_match('/^\.(xn--[a-zA-Z0-9-]+|[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)?)$/', $args)) { if (!preg_match('/^\.(xn--[a-zA-Z0-9-]+|[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)?)$/', $args)) {
$this->container->get('flash')->addMessage('error', 'Invalid TLD format'); $this->container->get('flash')->addMessage('error', 'Invalid TLD format');
@ -589,7 +596,6 @@ class SystemController extends Controller
} }
$validators = [ $validators = [
'extension' => v::stringType()->notEmpty()->length(2, 64),
'createm0' => v::numericVal()->between(0.00, 9999999.99, true), 'createm0' => v::numericVal()->between(0.00, 9999999.99, true),
'createm12' => v::numericVal()->between(0.00, 9999999.99, true), 'createm12' => v::numericVal()->between(0.00, 9999999.99, true),
'createm24' => v::numericVal()->between(0.00, 9999999.99, true), 'createm24' => v::numericVal()->between(0.00, 9999999.99, true),
@ -683,7 +689,7 @@ class SystemController extends Controller
$errorText = rtrim($errorText, '; '); $errorText = rtrim($errorText, '; ');
$this->container->get('flash')->addMessage('error', $errorText); $this->container->get('flash')->addMessage('error', $errorText);
return $response->withHeader('Location', '/registry/tld/'.$data['extension'])->withStatus(302); return $response->withHeader('Location', '/registry/tld/'.$tld_extension)->withStatus(302);
} }
try { try {
@ -691,7 +697,7 @@ class SystemController extends Controller
$tld_id = $db->selectValue( $tld_id = $db->selectValue(
'SELECT id FROM domain_tld WHERE tld = ?', 'SELECT id FROM domain_tld WHERE tld = ?',
[$data['extension']] [$tld_extension]
); );
$db->update( $db->update(
@ -809,13 +815,13 @@ class SystemController extends Controller
// Check if the upload was successful // Check if the upload was successful
if ($file->getError() !== UPLOAD_ERR_OK) { if ($file->getError() !== UPLOAD_ERR_OK) {
$this->container->get('flash')->addMessage('error', 'Upload failed with error code ' . $file->getError()); $this->container->get('flash')->addMessage('error', 'Upload failed with error code ' . $file->getError());
return $response->withHeader('Location', '/registry/tld/'.$data['extension'])->withStatus(302); return $response->withHeader('Location', '/registry/tld/'.$tld_extension)->withStatus(302);
} }
// Validate file type and size // Validate file type and size
if ($file->getClientMediaType() !== 'text/csv' || $file->getSize() > 5 * 1024 * 1024) { if ($file->getClientMediaType() !== 'text/csv' || $file->getSize() > 5 * 1024 * 1024) {
$this->container->get('flash')->addMessage('error', 'Invalid file type or size'); $this->container->get('flash')->addMessage('error', 'Invalid file type or size');
return $response->withHeader('Location', '/registry/tld/'.$data['extension'])->withStatus(302); return $response->withHeader('Location', '/registry/tld/'.$tld_extension)->withStatus(302);
} }
// Process the CSV file // Process the CSV file
@ -845,20 +851,23 @@ class SystemController extends Controller
); );
} else { } else {
$this->container->get('flash')->addMessage('error', 'Premium names category ' . $categoryName . ' not found'); $this->container->get('flash')->addMessage('error', 'Premium names category ' . $categoryName . ' not found');
return $response->withHeader('Location', '/registry/tld/'.$data['extension'])->withStatus(302); return $response->withHeader('Location', '/registry/tld/'.$tld_extension)->withStatus(302);
} }
} }
} }
} }
$db->commit(); $db->commit();
$this->container->get('flash')->addMessage('success', 'TLD ' . $data['extension'] . ' has been updated successfully'); unset($_SESSION['u_tld_id']);
unset($_SESSION['u_tld_extension']);
$this->container->get('flash')->addMessage('success', 'TLD ' . $tld_extension . ' has been updated successfully');
return $response->withHeader('Location', '/registry/tlds')->withStatus(302); return $response->withHeader('Location', '/registry/tlds')->withStatus(302);
} catch (Exception $e) { } catch (Exception $e) {
$db->rollBack(); $db->rollBack();
$this->container->get('flash')->addMessage('error', 'Database failure: ' . $e->getMessage()); $this->container->get('flash')->addMessage('error', 'Database failure: ' . $e->getMessage());
return $response->withHeader('Location', '/registry/tld/'.$data['extension'])->withStatus(302); return $response->withHeader('Location', '/registry/tld/'.$tld_extension)->withStatus(302);
} }
} else { } else {
// Redirect to the tlds view // Redirect to the tlds view
@ -922,6 +931,9 @@ class SystemController extends Controller
$tld_u = $tld['tld']; $tld_u = $tld['tld'];
} }
$_SESSION['u_tld_id'] = [$tld['id']];
$_SESSION['u_tld_extension'] = [$tld['tld']];
return view($response,'admin/system/manageTld.twig', [ return view($response,'admin/system/manageTld.twig', [
'tld' => $tld, 'tld' => $tld,
'tld_u' => $tld_u, 'tld_u' => $tld_u,
@ -1062,11 +1074,25 @@ class SystemController extends Controller
// Retrieve POST data // Retrieve POST data
$data = $request->getParsedBody(); $data = $request->getParsedBody();
$db = $this->container->get('db'); $db = $this->container->get('db');
if (!empty($_SESSION['u_tld_id'])) {
$tld_id = $_SESSION['u_tld_id'][0];
} else {
$this->container->get('flash')->addMessage('error', 'No TLD specified for promotions');
return $response->withHeader('Location', '/registry/tlds')->withStatus(302);
}
if (!empty($_SESSION['u_tld_extension'])) {
$tld_extension = $_SESSION['u_tld_extension'][0];
} else {
$this->container->get('flash')->addMessage('error', 'No TLD specified for promotions');
return $response->withHeader('Location', '/registry/tlds')->withStatus(302);
}
$sData = array(); $sData = array();
$sData['tldid'] = filter_var($data['tldid'], FILTER_SANITIZE_NUMBER_INT); $sData['tldid'] = filter_var($tld_id, FILTER_SANITIZE_NUMBER_INT);
$sData['extension'] = substr(trim($data['extension']), 0, 10); $sData['extension'] = substr(trim($tld_extension), 0, 10);
$sData['promotionName'] = substr(trim($data['promotionName']), 0, 255); $sData['promotionName'] = substr(trim($data['promotionName']), 0, 255);
$sData['promotionStart'] = str_replace('T', ' ', $data['promotionStart']) . ':00'; $sData['promotionStart'] = str_replace('T', ' ', $data['promotionStart']) . ':00';
$sData['promotionEnd'] = str_replace('T', ' ', $data['promotionEnd']) . ':00'; $sData['promotionEnd'] = str_replace('T', ' ', $data['promotionEnd']) . ':00';
@ -1115,6 +1141,9 @@ class SystemController extends Controller
$db->commit(); $db->commit();
unset($_SESSION['u_tld_id']);
unset($_SESSION['u_tld_extension']);
$this->container->get('flash')->addMessage('success', 'Promotion updates for the ' . $sData['extension'] . ' TLD have been successfully applied'); $this->container->get('flash')->addMessage('success', 'Promotion updates for the ' . $sData['extension'] . ' TLD have been successfully applied');
return $response->withHeader('Location', '/registry/tlds')->withStatus(302); return $response->withHeader('Location', '/registry/tlds')->withStatus(302);
} catch (Exception $e) { } catch (Exception $e) {
@ -1140,11 +1169,25 @@ class SystemController extends Controller
// Retrieve POST data // Retrieve POST data
$data = $request->getParsedBody(); $data = $request->getParsedBody();
$db = $this->container->get('db'); $db = $this->container->get('db');
if (!empty($_SESSION['u_tld_id'])) {
$tld_id = $_SESSION['u_tld_id'][0];
} else {
$this->container->get('flash')->addMessage('error', 'No TLD specified for promotions');
return $response->withHeader('Location', '/registry/tlds')->withStatus(302);
}
if (!empty($_SESSION['u_tld_extension'])) {
$tld_extension = $_SESSION['u_tld_extension'][0];
} else {
$this->container->get('flash')->addMessage('error', 'No TLD specified for promotions');
return $response->withHeader('Location', '/registry/tlds')->withStatus(302);
}
$sData = array(); $sData = array();
$sData['tldid'] = filter_var($data['tldid'], FILTER_SANITIZE_NUMBER_INT); $sData['tldid'] = filter_var($tld_id, FILTER_SANITIZE_NUMBER_INT);
$sData['extension'] = substr(trim($data['extension']), 0, 10); $sData['extension'] = substr(trim($tld_extension), 0, 10);
$sData['phaseName'] = substr(trim($data['phaseName']), 0, 255); $sData['phaseName'] = substr(trim($data['phaseName']), 0, 255);
$sData['phaseCategory'] = substr(trim($data['phaseCategory']), 0, 255); $sData['phaseCategory'] = substr(trim($data['phaseCategory']), 0, 255);
$sData['phaseType'] = substr(trim($data['phaseType']), 0, 255); $sData['phaseType'] = substr(trim($data['phaseType']), 0, 255);
@ -1216,6 +1259,9 @@ class SystemController extends Controller
$db->commit(); $db->commit();
unset($_SESSION['u_tld_id']);
unset($_SESSION['u_tld_extension']);
$this->container->get('flash')->addMessage('success', 'Launch phase updates for the ' . $sData['extension'] . ' TLD have been successfully applied'); $this->container->get('flash')->addMessage('success', 'Launch phase updates for the ' . $sData['extension'] . ' TLD have been successfully applied');
return $response->withHeader('Location', '/registry/tlds')->withStatus(302); return $response->withHeader('Location', '/registry/tlds')->withStatus(302);
} catch (Exception $e) { } catch (Exception $e) {

2
cp/resources/views/admin/system/createTld.twig
View file

@ -150,7 +150,7 @@
<hr> <hr>
<h6 class="mt-4 mb-3">{{ __('Set Premium Name Price Categories') }}</h6> <h5 class="card-title mb-3">{{ __('Set Premium Name Price Categories') }}</h5>
<table class="table" id="categoriesTable"> <table class="table" id="categoriesTable">
<thead> <thead>
<tr> <tr>

47
cp/resources/views/admin/system/manageTld.twig
View file

@ -32,24 +32,27 @@
<h5 class="card-title">{{ __('General Details') }}</h5> <h5 class="card-title">{{ __('General Details') }}</h5>
</div> </div>
<div class="card-body"> <div class="card-body">
<div class="mb-3"> <div class="datagrid">
<label for="tldName" class="form-label">{{ __('TLD Extension') }}</label> <div class="datagrid-item">
<div class="form-control-plaintext">{{ tld_u }}</div> <div class="datagrid-title">{{ __('TLD Extension') }}</div>
<input type="hidden" name="extension" value="{{ tld.tld }}"> <div class="datagrid-content">{{ tld_u }}</div>
</div> </div>
<div class="mb-3"> <div class="datagrid-item">
<label class="form-check form-switch"> <div class="datagrid-title">{{ __('TLD Type') }}</div>
<input class="form-check-input" type="checkbox" id="dnssecToggle" disabled> <div class="datagrid-content">{{ tld_u|length == 3 ? 'ccTLD' : (tld_u|length > 3 ? 'gTLD' : (tld_u|length == 2 ? 'Test TLD' : '')) }}</div>
<span class="form-check-label">DNSSEC</span> </div>
</label> <div class="datagrid-item">
</div> <div class="datagrid-title">{{ __('Supported Script') }}</div>
<div class="mb-3"> <div class="datagrid-content">{{ scriptName }}</div>
<label for="tldTypeSelector" class="form-label">{{ __('TLD Type') }}</label> </div>
<div class="form-control-plaintext">{{ tld_u|length == 3 ? 'ccTLD' : (tld_u|length > 3 ? 'gTLD' : (tld_u|length == 2 ? 'Test TLD' : '')) }}</div> <div class="datagrid-item">
</div> <div class="datagrid-title">DNSSEC</div>
<div class="mb-3"> <div class="datagrid-content">
<label for="scriptDropdown" class="form-label">{{ __('Supported Script') }}</label> <span class="status status-yellow">
<div class="form-control-plaintext">{{ scriptName }}</div> {{ __('Manual') }}
</span>
</div>
</div>
</div> </div>
</div> </div>
</div> </div>
@ -147,7 +150,7 @@
<hr> <hr>
<h6 class="mt-4 mb-3">{{ __('Set Premium Name Price Categories') }}</h6> <h5 class="card-title mb-3">{{ __('Set Premium Name Price Categories') }}</h5>
<table class="table" id="categoriesTable"> <table class="table" id="categoriesTable">
<thead> <thead>
<tr> <tr>
@ -226,10 +229,9 @@
</tbody> </tbody>
</table> </table>
</div> </div>
<h4 class="card-subtitle mt-3 mb-3">{{ __('Create New Promotion') }}</h4> <h5 class="card-title mb-3">{{ __('Create New Promotion') }}</h5>
<form action="/registry/promotions" method="post"> <form action="/registry/promotions" method="post">
{{ csrf.field | raw }} {{ csrf.field | raw }}
<input type="hidden" name="tldid" value="{{ tld.id }}"><input type="hidden" name="extension" value="{{ tld.tld }}">
<div class="mb-3"> <div class="mb-3">
<label for="promotionName" class="form-label required">{{ __('Promotion Name') }}</label> <label for="promotionName" class="form-label required">{{ __('Promotion Name') }}</label>
<input type="text" class="form-control" id="promotionName" name="promotionName" placeholder="Enter promotion name" required> <input type="text" class="form-control" id="promotionName" name="promotionName" placeholder="Enter promotion name" required>
@ -319,10 +321,9 @@
</tbody> </tbody>
</table> </table>
</div> </div>
<h4 class="card-subtitle mt-3 mb-3">{{ __('Create New Phase') }}</h4> <h5 class="card-title mb-3">{{ __('Create New Phase') }}</h5>
<form action="/registry/phases" method="post"> <form action="/registry/phases" method="post">
{{ csrf.field | raw }} {{ csrf.field | raw }}
<input type="hidden" name="tldid" value="{{ tld.id }}"><input type="hidden" name="extension" value="{{ tld.tld }}">
<div class="mb-3"> <div class="mb-3">
<label for="phaseType" class="form-label required">{{ __('Phase Type') }}</label> <label for="phaseType" class="form-label required">{{ __('Phase Type') }}</label>
<select class="form-select" id="phaseType" name="phaseType" required> <select class="form-select" id="phaseType" name="phaseType" required>