diff --git a/epp/src/epp-check.php b/epp/src/epp-check.php index e0916bf..c309f06 100644 --- a/epp/src/epp-check.php +++ b/epp/src/epp-check.php @@ -113,6 +113,7 @@ function processDomainCheck($conn, $db, $xml, $trans) { if (isset($extensionNode)) { $launch_check = $xml->xpath('//launch:check')[0] ?? null; $fee_check = $xml->xpath('//fee:check')[0] ?? null; + $allocation_token = $xml->xpath('//allocationToken:allocationToken')[0] ?? null; } if (isset($launch_check)) { @@ -262,8 +263,24 @@ function processDomainCheck($conn, $db, $xml, $trans) { $reserved = $stmt->fetchColumn(); if ($reserved) { - $domainEntry[] = 0; // Set status to unavailable - $domainEntry[] = ucfirst($reserved); // Capitalize the first letter + if ($allocation_token !== null) { + $allocationTokenValue = (string)$allocation_token; + + $stmt = $db->prepare("SELECT token FROM allocation_tokens WHERE domain_name = :domainName LIMIT 1"); + $stmt->bindParam(':domainName', $label, PDO::PARAM_STR); + $stmt->execute(); + $token = $stmt->fetchColumn(); + + if ($token) { + $domainEntry[] = 1; + } else { + $domainEntry[] = 0; + $domainEntry[] = 'Allocation Token mismatch'; + } + } else { + $domainEntry[] = 0; // Set status to unavailable + $domainEntry[] = ucfirst($reserved); // Capitalize the first letter + } } else { $invalid_label = validate_label($domainName, $db); diff --git a/epp/src/epp-create.php b/epp/src/epp-create.php index 842a4ba..24983c2 100644 --- a/epp/src/epp-create.php +++ b/epp/src/epp-create.php @@ -578,6 +578,7 @@ function processDomainCreate($conn, $db, $xml, $clid, $database_type, $trans) { if (isset($extensionNode)) { $fee_create = $xml->xpath('//fee:create')[0] ?? null; $launch_create = $xml->xpath('//launch:create')[0] ?? null; + $allocation_token = $xml->xpath('//allocationToken:allocationToken')[0] ?? null; } $parts = extractDomainAndTLD($domainName); @@ -621,8 +622,24 @@ function processDomainCreate($conn, $db, $xml, $clid, $database_type, $trans) { $domain_already_reserved = $stmt->fetchColumn(); if ($domain_already_reserved) { - sendEppError($conn, $db, 2302, 'Domain name is reserved or restricted', $clTRID, $trans); - return; + if ($allocation_token !== null) { + $allocationTokenValue = (string)$allocation_token; + + $stmt = $db->prepare("SELECT token FROM allocation_tokens WHERE domain_name = :domainName LIMIT 1"); + $stmt->bindParam(':domainName', $label, PDO::PARAM_STR); + $stmt->execute(); + $token = $stmt->fetchColumn(); + + if ($token) { + // No action needed, script continues + } else { + sendEppError($conn, $db, 2201, 'Please double check your allocation token', $clTRID, $trans); + return; + } + } else { + sendEppError($conn, $db, 2302, 'Domain name is reserved or restricted', $clTRID, $trans); + return; + } } $periodElements = $xml->xpath("//domain:create/domain:period"); diff --git a/epp/src/epp-transfer.php b/epp/src/epp-transfer.php index a067161..926c109 100644 --- a/epp/src/epp-transfer.php +++ b/epp/src/epp-transfer.php @@ -401,6 +401,11 @@ function processDomainTransfer($conn, $db, $xml, $clid, $database_type, $trans) $domainName = (string) $xml->command->transfer->children('urn:ietf:params:xml:ns:domain-1.0')->transfer->name; $clTRID = (string) $xml->command->clTRID; $op = (string) $xml->xpath('//@op')[0] ?? null; + + $extensionNode = $xml->command->extension; + if (isset($extensionNode)) { + $allocation_token = $xml->xpath('//allocationToken:allocationToken')[0] ?? null; + } // - An OPTIONAL for op="query" and mandatory for other op values "approve|cancel|reject|request" $authInfo_pw = (string)$xml->xpath('//domain:authInfo/domain:pw[1]')[0]; @@ -748,6 +753,22 @@ function processDomainTransfer($conn, $db, $xml, $clid, $database_type, $trans) } elseif ($op === 'request') { + if ($allocation_token !== null) { + $allocationTokenValue = (string)$allocation_token; + + $stmt = $db->prepare("SELECT token FROM allocation_tokens WHERE domain_name = :domainName LIMIT 1"); + $stmt->bindParam(':domainName', $domainName, PDO::PARAM_STR); + $stmt->execute(); + $token = $stmt->fetchColumn(); + + if ($token) { + // No action needed, script continues + } else { + sendEppError($conn, $db, 2201, 'Please double check your allocation token', $clTRID, $trans); + return; + } + } + // Check days from registration $stmt = $db->prepare("SELECT DATEDIFF(CURRENT_TIMESTAMP(3), crdate) FROM domain WHERE id = :domain_id LIMIT 1"); $stmt->execute(['domain_id' => $domain_id]); diff --git a/epp/start_epp.php b/epp/start_epp.php index d536eed..900fbb5 100644 --- a/epp/start_epp.php +++ b/epp/start_epp.php @@ -111,6 +111,7 @@ $server->handle(function (Connection $conn) use ($table, $pool, $c, $log, $permi $xml->registerXPathNamespace('launch', 'urn:ietf:params:xml:ns:launch-1.0'); $xml->registerXPathNamespace('fee', 'urn:ietf:params:xml:ns:epp:fee-1.0'); $xml->registerXPathNamespace('mark', 'urn:ietf:params:xml:ns:mark-1.0'); + $xml->registerXPathNamespace('allocationToken', 'urn:ietf:params:xml:ns:allocationToken-1.0'); if ($xml === false) { sendEppError($conn, $pdo, 2001, 'Invalid XML');