Changeset 548 for branches

Timestamp:

12/11/13 16:01:18 (11 years ago)

Author:

Kris Deugau

Message:

/branches/stable

Merge reverse DNS work and object conversion from /trunk, part 5

Includes changes through r543 with a few more minor conflicts.

Location:

branches/stable

Files:

• . (modified) (1 prop)
• DNSDB.pm (modified) (90 diffs)
• INSTALL (modified) (2 diffs)
• Makefile (modified) (4 diffs)
• UPGRADE (copied) (copied from trunk/UPGRADE ) (1 diff)
• compact-recs.pl (modified) (2 diffs)
• dns-1.0-1.2.sql (modified) (3 diffs)
• dns-rpc.cgi (modified) (27 diffs)
• dns.cgi (modified) (34 diffs)
• dns.sql (modified) (8 diffs)
• dnsdb.conf (modified) (1 diff)
• export.pl (modified) (1 diff)
• images/lastleaf.png (deleted)
• images/midleaf.png (deleted)
• images/plus.png (deleted)
• new-dns.sql (deleted)
• reverse-patterns.html (copied) (copied from trunk/reverse-patterns.html ) (1 diff)
• templates/axfr.tmpl (modified) (2 diffs)
• templates/badpage.tmpl (modified) (1 diff)
• templates/bulkchange.tmpl (modified) (1 diff)
• templates/bulkdomain.tmpl (modified) (2 diffs)
• templates/deldom.tmpl (modified) (1 diff)
• templates/delgrp.tmpl (modified) (1 diff)
• templates/delloc.tmpl (modified) (1 diff)
• templates/delrec.tmpl (modified) (1 diff)
• templates/delrevzone.tmpl (modified) (1 diff)
• templates/deluser.tmpl (modified) (1 diff)
• templates/dns.css (modified) (2 diffs)
• templates/dnsq.tmpl (modified) (2 diffs)
• templates/domlist.tmpl (modified) (4 diffs)
• templates/edgroup.tmpl (modified) (2 diffs)
• templates/editsoa.tmpl (modified) (2 diffs)
• templates/footer.tmpl (modified) (1 diff)
• templates/fpnla.tmpl (modified) (1 diff)
• templates/grpman.tmpl (modified) (5 diffs)
• templates/header.tmpl (modified) (1 diff)
• templates/location.tmpl (modified) (2 diffs)
• templates/loclist.tmpl (modified) (4 diffs)
• templates/log.tmpl (modified) (3 diffs)
• templates/login.tmpl (modified) (1 diff)
• templates/menu.tmpl (modified) (2 diffs)
• templates/newdomain.tmpl (modified) (3 diffs)
• templates/newgrp.tmpl (modified) (2 diffs)
• templates/newrevzone.tmpl (modified) (4 diffs)
• templates/permlist_enabled.tmpl (deleted)
• templates/reclist.tmpl (modified) (6 diffs)
• templates/record.tmpl (modified) (6 diffs)
• templates/soadata.tmpl (modified) (1 diff)
• templates/template.tmpl (modified) (1 diff)
• templates/user.tmpl (modified) (2 diffs)
• templates/useradmin.tmpl (modified) (6 diffs)
• templates/whoisq.tmpl (modified) (2 diffs)
• textrecs.cgi (modified) (5 diffs)
• tiny-import.pl (modified) (33 diffs)
• vega-import.pl (modified) (1 diff)

branches/stable/DNSDB.pm

@@ -3 +3 @@
 ##
 # $Id$
-# Copyright 2008-2012 Kris Deugau <kdeugau@deepnet.cx>
+# Copyright 2008-2013 Kris Deugau <kdeugau@deepnet.cx>
 # 
 #    This program is free software: you can redistribute it and/or modify
@@ -28 +28 @@
 use Crypt::PasswdMD5;
 use Net::SMTP;
-use NetAddr::IP qw(:lower);
+use NetAddr::IP 4.027 qw(:lower);
 use POSIX;
 use Fcntl qw(:flock);
+use Time::TAI64 qw(:tai64);
 
 use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS);
@@ -40 +41 @@
         &getPermissions &changePermissions &comparePermissions
         &changeGroup
-        &loadConfig &connectDB &finish
+        &connectDB &finish
         &addDomain &delZone &domainName &revName &domainID &revID &addRDNS
         &getZoneCount &getZoneList &getZoneLocation
@@ -49 +50 @@
         &addLoc &updateLoc &delLoc &getLoc
         &getLocCount &getLocList &getLocDropdown
-        &getSOA &updateSOA &getRecLine &getDomRecs &getRecCount
+        &getSOA &updateSOA &getRecLine &getRecList &getRecCount
         &addRec &updateRec &delRec
         &getLogCount &getLogEntries
@@ -59 +60 @@
         &export
         &mailNotify
-        %typemap %reverse_typemap %config
+        %typemap %reverse_typemap
         @permtypes $permlist %permchains
         );
@@ -68 +69 @@
                 &getPermissions &changePermissions &comparePermissions
                 &changeGroup
-                &loadConfig &connectDB &finish
+                &connectDB &finish
                 &addDomain &delZone &domainName &revName &domainID &revID &addRDNS
                 &getZoneCount &getZoneList &getZoneLocation
@@ -77 +78 @@
                 &addLoc &updateLoc &delLoc &getLoc
                 &getLocCount &getLocList &getLocDropdown
-                &getSOA &updateSOA &getRecLine &getDomRecs &getRecCount
+                &getSOA &updateSOA &getRecLine &getRecList &getRecCount
                 &addRec &updateRec &delRec
                 &getLogCount &getLogEntries
@@ -87 +88 @@
                 &export
                 &mailNotify
-                %typemap %reverse_typemap %config
+                %typemap %reverse_typemap
                 @permtypes $permlist %permchains
                 )]
@@ -94 +95 @@
 our $errstr = '';
 our $resultstr = '';
-
-# Halfway sane defaults for SOA, TTL, etc.
-# serial defaults to 0 for convenience.
-# value will be either YYYYMMDDNN for BIND/etc, or auto-internal for tinydns
-our %def = qw (
-        contact hostmaster.DOMAIN
-        prins   ns1.myserver.com
-        serial  0
-        soattl  86400
-        refresh 10800
-        retry   3600
-        expire  604800
-        minttl  10800
-        ttl     10800
-);
 
 # Arguably defined wholly in the db, but little reason to change without supporting code changes
@@ -135 +121 @@
 our %typemap;
 our %reverse_typemap;
-
-# Prepopulate a basic config.  Note some of these *will* cause errors if left unset.
-# note:  add appropriate stanzas in loadConfig to parse these
-our %config = (
-                # Database connection info
-                dbname  => 'dnsdb',
-                dbuser  => 'dnsdb',
-                dbpass  => 'secret',
-                dbhost  => '',
-
-                # Email notice settings
-                mailhost        => 'smtp.example.com',
-                mailnotify      => 'dnsdb@example.com', # to
-                mailsender      => 'dnsdb@example.com', # from
-                mailname        => 'DNS Administration',
-                orgname         => 'Example Corp',
-                domain          => 'example.com',
-
-                # Template directory
-                templatedir     => 'templates/',
-# fmeh.  this is a real web path, not a logical internal one.  hm..
-#               cssdir  => 'templates/',
-                sessiondir      => 'session/',
-                exportcache     => 'cache/',
-
-                # Session params
-                timeout         => '3600',      # 1 hour default
-
-                # Other miscellanea
-                log_failures    => 1,   # log all evarthing by default
-                perpage         => 15,
-                maxfcgi         => 100, # reasonable default?
-        );
 
 ## (Semi)private variables
@@ -221 +174 @@
   my $class = ref($this) || $this;
   my %args = @_;
-##fixme?  to ponder:  do we do some magic if the caller sets eg dbname to prevent parsing of the config file?
-  if (!loadConfig(basename => $args{configfile})) {
-    warn "Using default configuration;  unable to load custom settings: $errstr\n";
-  }
-  my $self = \%config;
-  $self->{configfile} = $args{configfile};
+
+  # Prepopulate a basic config.  Note some of these *will* cause errors if left unset.
+  # note:  add appropriate stanzas in __cfgload() to parse these
+  my %defconfig = (
+                # The only configuration options not loadable from a config file.
+                configfile => "/etc/dnsdb/dnsdb.conf",  ##CFG_LEAF##
+
+                # Database connection info
+                dbname  => 'dnsdb',
+                dbuser  => 'dnsdb',
+                dbpass  => 'secret',
+                dbhost  => '',
+
+                # Email notice settings
+                mailhost        => 'smtp.example.com',
+                mailnotify      => 'dnsdb@example.com', # to
+                mailsender      => 'dnsdb@example.com', # from
+                mailname        => 'DNS Administration',
+                orgname         => 'Example Corp',
+                domain          => 'example.com',
+
+                # Template directory
+                templatedir     => 'templates/',
+# fmeh.  this is a real web path, not a logical internal one.  hm..
+#               cssdir  => 'templates/',
+                sessiondir      => 'session/',
+                exportcache     => 'cache/',
+
+                # Session params
+                timeout         => '1h',        # passed as-is to CGI::Session
+
+                # Other miscellanea
+                log_failures    => 1,   # log all evarthing by default
+                perpage         => 15,
+                max_fcgi_requests => 100,       # reasonable default?
+                force_refresh   => 1,
+                lowercase       => 0,   # mangle as little as possible by default
+        );
+
+  # Config file parse calls.
+  # If we are passed a blank argument for $args{configfile},
+  #   we should NOT parse the default config file - we will
+  #   rely on hardcoded defaults OR caller-specified values.
+  # If we are passed a non-blank argument, parse that file.
+  # If no config file is specified, parse the default one.
+  my %siteconfig;
+  if (defined($args{configfile})) {
+    if ($args{configfile}) {
+      return if !__cfgload($args{configfile}, \%siteconfig);
+    }
+  } else {
+    return if !__cfgload($defconfig{configfile}, \%siteconfig);
+  }
+
+  # Assemble the object.  Apply configuration hashes in order of precedence.
+  my $self = {
+        # Hardcoded defaults
+        %defconfig,
+        # Default config file OR caller-specified one, loaded above
+        %siteconfig,
+        # Caller-specified arguments
+        %args
+        };
   bless $self, $class;
+
+  # Several settings are booleans.  Handle multiple possible ways of setting them.
+  for my $boolopt ('log_failures', 'force_refresh', 'lowercase') {
+    if ($self->{$boolopt} ne '1' && $self->{$boolopt} ne '0') {
+      # true/false, on/off, yes/no all valid.
+      if ($self->{$boolopt} =~ /^(?:true|false|t|f|on|off|yes|no)$/) {
+        if ($self->{$boolopt} =~ /(?:true|t|on|yes)/) {
+         $self->{$boolopt} = 1;
+        } else {
+         $self->{$boolopt} = 0;
+        }
+      } else {
+        warn "Bad $boolopt setting $self->{$boolopt}\n";
+        $self->{$boolopt} = 1;
+      }
+    }
+  }
+
+  # Try to connect to the DB, and initialize a number of handy globals.
   $self->{dbh} = connectDB($self->{dbname}, $self->{dbuser}, $self->{dbpass}, $self->{dbhost}) or return;
   $self->initGlobals();
@@ -236 +265 @@
 sub DESTROY {
   my $self = shift;
-  $self->{dbh}->disconnect;
+  $self->{dbh}->disconnect if $self->{dbh};
 }
+
+sub errstr { $DNSDB::errstr; }
 
 ##
@@ -370 +401 @@
 
 ##fixme:  farm out the actual logging to different subs for file, syslog, internal, etc based on config
-#  if ($config{log_channel} eq 'sql') {
+#  if ($self->{log_channel} eq 'sql') {
   $dbh->do("INSERT INTO log (domain_id,rdns_id,group_id,entry,user_id,email,name) VALUES (?,?,?,?,?,?,?)",
         undef,
         ($args{domain_id}, $args{rdns_id}, $args{group_id}, $args{entry},
                 $self->{loguserid}, $self->{logusername}, $self->{logfullname}) );
-#  } elsif ($config{log_channel} eq 'file') {
-#  } elsif ($config{log_channel} eq 'syslog') {
+#  } elsif ($self->{log_channel} eq 'file') {
+#  } elsif ($self->{log_channel} eq 'syslog') {
 #  }
 } # end _log
@@ -409 +440 @@
   # or the intended parent domain for live records.
   my $pname = ($args{defrec} eq 'y' ? 'DOMAIN' : $self->domainName($args{id}));
-  ${$args{host}} =~ s/\.*$/\.$pname/ if ${$args{host}} !~ /$pname$/;
+  ${$args{host}} =~ s/\.*$/\.$pname/ if (${$args{host}} ne '@' && ${$args{host}} !~ /$pname$/);
 
   # Check IP is well-formed, and that it's a v4 address
@@ -526 +557 @@
         ${$args{val}} = "ZONE,${$args{val}}" unless ${$args{val}} =~ /^ZONE/;
       }
-      ${$args{host}} =~ s/\.*$/\.$config{domain}/ if ${$args{host}} !~ /(?:$config{domain}|ADMINDOMAIN)$/;
+      ${$args{host}} =~ s/\.*$/\.$self->{domain}/ if ${$args{host}} !~ /(?:$self->{domain}|ADMINDOMAIN)$/;
     }
 
@@ -1202 +1233 @@
   #major patterns:
   #dashed IP, forward and reverse
+  #underscoreed IP, forward and reverse
   #dotted IP, forward and reverse (even if forward is... dumb)
-  # -> %r for reverse, %i for forward, leading - or . to indicate separator, defaults to -
+  # -> %r for reverse, %i for forward, leading -, _, or . to indicate separator, defaults to -
   # %r or %-r   => %4d-%3d-%2d-%1d
+  # %_r         => %4d_%3d_%2d_%1d
   # %.r         => %4d.%3d.%2d.%1d
   # %i or %-i   => %1d-%2d-%3d-%4d
+  # %_i         => %1d_%2d_%3d_%4d
   # %.i         => %1d.%2d.%3d.%4d
   $$tmpl =~ s/\%r/\%4d-\%3d-\%2d-\%1d/g;
-  $$tmpl =~ s/\%([-.])r/\%4d$1\%3d$1\%2d$1\%1d/g;
+  $$tmpl =~ s/\%([-._])r/\%4d$1\%3d$1\%2d$1\%1d/g;
   $$tmpl =~ s/\%i/\%1d-\%2d-\%3d-\%4d/g;
-  $$tmpl =~ s/\%([-.])i/\%1d$1\%2d$1\%3d$1\%4d/g;
+  $$tmpl =~ s/\%([-._])i/\%1d$1\%2d$1\%3d$1\%4d/g;
 
   #hex-coded IP
@@ -1232 +1266 @@
 } # _template4_expand()
 
+# Broad syntactic check on the hostname.  Checks for valid characters, correctly-expandable template patterns.
+# Takes the hostname, type, and live/default and forward/reverse flags
+# Returns true/false, sets errstr on failures
+sub _check_hostname_form {
+  my ($hname,$rectype,$defrec,$revrec) = @_;
+
+  if ($hname =~ /\%/ && ($rectype == 65282 || $rectype == 65283) ) {
+    my $tmphost = $hname;
+    # we don't actually need to test with the real IP passed;  that saves a bit of fiddling.
+    _template4_expand(\$tmphost, '10.10.10.10');
+    if ($tmphost =~ /\%/) {
+      $errstr = "Invalid template $hname";
+      return;
+    }
+  } elsif ($revrec eq 'y') {
+    # Reverse zones don't support @ in hostnames
+    # Also skip failure on revzone TXT records;  the hostname contains the TXT content in that case.
+    if ($rectype != $reverse_typemap{TXT} && lc($hname) !~ /^[0-9a-z_.-]+$/) {
+      $errstr = "Hostnames may not contain anything other than (0-9 a-z . _)";
+      return;
+    }
+  } else {
+    if (lc($hname) !~ /^(?:[0-9a-z_.-]+|@)$/) {
+      # Don't mention @, because it would be far too wordy to explain the nuance of @
+      $errstr = "Hostnames may not contain anything other than (0-9 a-z . _)";
+      return;
+    }
+  }
+  return 1;
+} # _check_hostname_form()
+
 
 ##
@@ -1237 +1302 @@
 ##
 
-## DNSDB::loadConfig()
-# Load the minimum required initial state (DB connect info) from a config file
-# Load misc other bits while we're at it.
-# Takes an optional hash that may contain:
-#  - basename and config path to look for
-# Populates the %config and %def hashes
-sub loadConfig {
-  my %args = @_;
-  $args{configfile} = '' if !$args{configfile};
-
-##fixme  this is *intended* to load a system-default config template, and allow
-# overriding on a per-tool or per-web-UI-instance basis with a secondary config
-# file.  The "default" config file can't be deleted in the current form.
-
-  my $deferr = '';      # place to put error from default config file in case we can't find either one
-
-  my $configroot = "/etc/dnsdb";        ##CFG_LEAF##
-  $configroot = '' if $args{configfile} =~ m|^/|;  # allow passed siteconfig to specify an arbitrary absolute path
-  $args{configfile} .= ".conf" if $args{configfile} !~ /\.conf$/;
-  my $defconfig = "$configroot/dnsdb.conf";
-  my $siteconfig = "$configroot/$args{configfile}";
-
-  # System defaults
-  __cfgload("$defconfig") or $deferr = $errstr;
-
-  # Per-site-ish settings.
-  if ($args{configfile} ne '.conf') {
-    unless (__cfgload("$siteconfig")) {
-      $errstr = ($deferr ? "Error opening default config file $defconfig: $deferr\n" : '').
-        "Error opening site config file $siteconfig";
-      return;
-    }
-  }
-
-  # Munge log_failures.
-  if ($config{log_failures} ne '1' && $config{log_failures} ne '0') {
-    # true/false, on/off, yes/no all valid.
-    if ($config{log_failures} =~ /^(?:true|false|on|off|yes|no)$/) {
-      if ($config{log_failures} =~ /(?:true|on|yes)/) {
-        $config{log_failures} = 1;
-      } else {
-        $config{log_failures} = 0;
-      }
-    } else {
-      $errstr = "Bad log_failures setting $config{log_failures}";
-      $config{log_failures} = 1;
-      # Bad setting shouldn't be fatal.
-      # return 2;
-    }
-  }
-
-  # All good, clear the error and go home.
-  $errstr = '';
-  return 1;
-} # end loadConfig()
-
-
 ## DNSDB::__cfgload()
 # Private sub to parse a config file and load it into %config
-# Takes a filename
+# Takes a filename and a hashref to put the parsed entries in
 sub __cfgload {
   $errstr = '';
   my $cfgfile = shift;
+  my $cfg = shift;
 
   if (open CFG, "<$cfgfile") {
@@ -1310 +1319 @@
 #    $mode = $1 if /^\[(a-z)+]/;
     # DB connect info
-      $config{dbname}   = $1 if /^dbname\s*=\s*([a-z0-9_.-]+)/i;
-      $config{dbuser}   = $1 if /^dbuser\s*=\s*([a-z0-9_.-]+)/i;
-      $config{dbpass}   = $1 if /^dbpass\s*=\s*([a-z0-9_.-]+)/i;
-      $config{dbhost}   = $1 if /^dbhost\s*=\s*([a-z0-9_.-]+)/i;
-      # SOA defaults
-      $def{contact}     = $1 if /^contact\s*=\s*([a-z0-9_.-]+)/i;
-      $def{prins}       = $1 if /^prins\s*=\s*([a-z0-9_.-]+)/i;
-      $def{soattl}      = $1 if /^soattl\s*=\s*(\d+)/i;
-      $def{refresh}     = $1 if /^refresh\s*=\s*(\d+)/i;
-      $def{retry}       = $1 if /^retry\s*=\s*(\d+)/i;
-      $def{expire}      = $1 if /^expire\s*=\s*(\d+)/i;
-      $def{minttl}      = $1 if /^minttl\s*=\s*(\d+)/i;
-      $def{ttl}         = $1 if /^ttl\s*=\s*(\d+)/i;
+      $cfg->{dbname}    = $1 if /^dbname\s*=\s*([a-z0-9_.-]+)/i;
+      $cfg->{dbuser}    = $1 if /^dbuser\s*=\s*([a-z0-9_.-]+)/i;
+      $cfg->{dbpass}    = $1 if /^dbpass\s*=\s*([a-z0-9_.-]+)/i;
+      $cfg->{dbhost}    = $1 if /^dbhost\s*=\s*([a-z0-9_.-]+)/i;
       # Mail settings
-      $config{mailhost}         = $1 if /^mailhost\s*=\s*([a-z0-9_.-]+)/i;
-      $config{mailnotify}       = $1 if /^mailnotify\s*=\s*([a-z0-9_.\@-]+)/i;
-      $config{mailsender}       = $1 if /^mailsender\s*=\s*([a-z0-9_.\@-]+)/i;
-      $config{mailname}         = $1 if /^mailname\s*=\s*([a-z0-9\s_.-]+)/i;
-      $config{orgname}          = $1 if /^orgname\s*=\s*([a-z0-9\s_.,'-]+)/i;
-      $config{domain}           = $1 if /^domain\s*=\s*([a-z0-9_.-]+)/i;
+      $cfg->{mailhost}          = $1 if /^mailhost\s*=\s*([a-z0-9_.-]+)/i;
+      $cfg->{mailnotify}        = $1 if /^mailnotify\s*=\s*([a-z0-9_.\@-]+)/i;
+      $cfg->{mailsender}        = $1 if /^mailsender\s*=\s*([a-z0-9_.\@-]+)/i;
+      $cfg->{mailname}          = $1 if /^mailname\s*=\s*([a-z0-9\s_.-]+)/i;
+      $cfg->{orgname}           = $1 if /^orgname\s*=\s*([a-z0-9\s_.,'-]+)/i;
+      $cfg->{domain}            = $1 if /^domain\s*=\s*([a-z0-9_.-]+)/i;
       # session - note this is fed directly to CGI::Session
-      $config{timeout}          = $1 if /^[tT][iI][mM][eE][oO][uU][tT]\s*=\s*(\d+[smhdwMy]?)/;
-      $config{sessiondir}       = $1 if m{^sessiondir\s*=\s*([a-z0-9/_.-]+)}i;
+      $cfg->{timeout}           = $1 if /^[tT][iI][mM][eE][oO][uU][tT]\s*=\s*(\d+[smhdwMy]?)/;
+      $cfg->{sessiondir}        = $1 if m{^sessiondir\s*=\s*([a-z0-9/_.-]+)}i;
       # misc
-      $config{log_failures}     = $1 if /^log_failures\s*=\s*([a-z01]+)/i;
-      $config{perpage}          = $1 if /^perpage\s*=\s*(\d+)/i;
-      $config{exportcache}      = $1 if m{^exportcache\s*=\s*([a-z0-9/_.-]+)}i;
+      $cfg->{log_failures}      = $1 if /^log_failures\s*=\s*([a-z01]+)/i;
+      $cfg->{perpage}           = $1 if /^perpage\s*=\s*(\d+)/i;
+      $cfg->{exportcache}       = $1 if m{^exportcache\s*=\s*([a-z0-9/_.-]+)}i;
+      $cfg->{lowercase}         = $1 if /^lowercase\s*=\s*([a-z01]+)/i;
+# not supported in dns.cgi yet
+#      $cfg->{templatedir}      = $1 if m{^templatedir\s*=\s*([a-z0-9/_.-]+)}i;
+#      $cfg->{templateoverride} = $1 if m{^templateoverride\s*=\s*([a-z0-9/_.-]+)}i;
       # RPC options
-      $config{rpcmode}          = $1 if /^rpc_mode\s*=\s*(socket|HTTP|XMLRPC)\s*$/i;
-      $config{maxfcgi}          = $1 if /^max_fcgi_requests\s*=\s*(\d+)\s*$/i;
+      $cfg->{rpcmode}           = $1 if /^rpc_mode\s*=\s*(socket|HTTP|XMLRPC)\s*$/i;
+      $cfg->{maxfcgi}           = $1 if /^max_fcgi_requests\s*=\s*(\d+)\s*$/i;
+      $cfg->{force_refresh}     = $1 if /^force_refresh\s*=\s*([a-z01]+)/i;
       if (my ($tmp) = /^rpc_iplist\s*=\s*(.+)/i) {
         my @ips = split /[,\s]+/, $tmp;
         my $rpcsys = shift @ips;
-        push @{$config{rpcacl}{$rpcsys}}, @ips;
+        push @{$cfg->{rpcacl}{$rpcsys}}, @ips;
       }
     }
     close CFG;
   } else {
-    $errstr = $!;
+    $errstr = "Couldn't load configuration file $cfgfile: $!";
     return;
   }
@@ -1531 +1536 @@
 # about having to open a file or a syslog channel
 ##fixme Need to call _initActionLog_blah() for various logging channels, configured
-# via dnsdb.conf, in $config{log_channel} or something
+# via dnsdb.conf, in $self->{log_channel} or something
 # See https://secure.deepnet.cx/trac/dnsadmin/ticket/21
 sub initActionLog {
@@ -1552 +1557 @@
 
   # convert to real check once we have other logging channels
-  # if ($config{log_channel} eq 'sql') {
+  # if ($self->{log_channel} eq 'sql') {
   #   Open Log, Sez Me!
   # }
@@ -1594 +1599 @@
   my $sth = $dbh->prepare($sql);
 
-  $sth->execute($id) or die "argh: ".$sth->errstr;
+##fixme?  we don't trap other plain SELECT errors
+  $sth->execute($id);
 
 #  my $permref = $sth->fetchrow_hashref;
@@ -1778 +1784 @@
     my $msg = $@;
     eval { $dbh->rollback; };
-    if ($config{log_failures}) {
+    if ($self->{log_failures}) {
       $self->_log(group_id => $oldgid, entry => "Error moving $type $entname to $newgname: $msg");
       $dbh->commit;     # since we enabled transactions earlier
@@ -1802 +1808 @@
   my $self = shift;
   my $dbh = $self->{dbh};
-  return ('FAIL',"Need database handle") if !$dbh;
   my $domain = shift;
-  return ('FAIL',"Domain must not be blank") if !$domain;
+  return ('FAIL',"Domain must not be blank\n") if !$domain;
   my $group = shift;
-  return ('FAIL',"Need group") if !defined($group);
+  return ('FAIL',"Group must be specified\n") if !defined($group);
   my $state = shift;
-  return ('FAIL',"Need domain status") if !defined($state);
+  return ('FAIL',"Domain status must be specified\n") if !defined($state);
+  my $defloc = shift || '';
 
   $state = 1 if $state =~ /^active$/;
@@ -1817 +1823 @@
   return ('FAIL',"Invalid domain status") if $state !~ /^\d+$/;
 
+  $domain = lc($domain) if $self->{lowercase};
+
   return ('FAIL', "Invalid characters in domain") if $domain !~ /^[a-zA-Z0-9_.-]+$/;
 
@@ -1836 +1844 @@
   eval {
     # insert the domain...
-    $dbh->do("INSERT INTO domains (domain,group_id,status) VALUES (?,?,?)", undef, ($domain, $group, $state));
+    $dbh->do("INSERT INTO domains (domain,group_id,status,default_location) VALUES (?,?,?,?)", undef,
+        ($domain, $group, $state, $defloc));
 
     # get the ID...
@@ -1847 +1856 @@
     # ... and now we construct the standard records from the default set.  NB:  group should be variable.
     my $sth = $dbh->prepare("SELECT host,type,val,distance,weight,port,ttl FROM default_records WHERE group_id=?");
-    my $sth_in = $dbh->prepare("INSERT INTO records (domain_id,host,type,val,distance,weight,port,ttl)".
-        " VALUES ($dom_id,?,?,?,?,?,?,?)");
+    my $sth_in = $dbh->prepare("INSERT INTO records (domain_id,host,type,val,distance,weight,port,ttl,location)".
+        " VALUES ($dom_id,?,?,?,?,?,?,?,?)");
     $sth->execute($group);
-    while (my ($host,$type,$val,$dist,$weight,$port,$ttl) = $sth->fetchrow_array()) {
+    while (my ($host, $type, $val, $dist, $weight, $port, $ttl) = $sth->fetchrow_array()) {
       $host =~ s/DOMAIN/$domain/g;
       $val =~ s/DOMAIN/$domain/g;
-      $sth_in->execute($host,$type,$val,$dist,$weight,$port,$ttl);
+      $sth_in->execute($host, $type, $val, $dist, $weight, $port, $ttl, $defloc);
       if ($typemap{$type} eq 'SOA') {
         my @tmp1 = split /:/, $host;
@@ -1877 +1886 @@
     eval { $dbh->rollback; };
     $self->_log(group_id => $group, entry => "Failed adding domain $domain ($msg)")
-        if $config{log_failures};
+        if $self->{log_failures};
     $dbh->commit;       # since we enabled transactions earlier
     return ('FAIL',$msg);
@@ -1908 +1917 @@
   return ('FAIL', ($revrec eq 'n' ? 'Domain' : 'Reverse zone')." ID $zoneid doesn't exist") if !$zone;
 
-  # Set this up here since we may use if if $config{log_failures} is enabled
+  # Set this up here since we may use if if $self->{log_failures} is enabled
   my %loghash;
   $loghash{domain_id} = $zoneid if $revrec eq 'n';
@@ -1956 +1965 @@
     eval { $dbh->rollback; };
     $loghash{entry} = "Error deleting $zone: $msg ($failmsg)";
-    if ($config{log_failures}) {
+    if ($self->{log_failures}) {
       $self->_log(%loghash);
       $dbh->commit;     # since we enabled transactions earlier
@@ -2008 +2017 @@
   my ($domid) = $dbh->selectrow_array("SELECT domain_id FROM domains WHERE lower(domain) = lower(?)",
         undef, ($domain) );
-  $errstr = $DBI::errstr if !$domid;
+  if (!$domid) {
+    if ($dbh->err) {
+      $errstr = $DBI::errstr;
+    } else {
+      $errstr = "Domain $domain not present";
+    }
+  }
   return $domid if $domid;
 } # end domainID()
@@ -2022 +2037 @@
   my $revzone = shift;
   my ($revid) = $dbh->selectrow_array("SELECT rdns_id FROM revzones WHERE revnet=?", undef, ($revzone) );
-  $errstr = $DBI::errstr if !$revid;
+  if (!$revid) {
+    if ($dbh->err) {
+      $errstr = $DBI::errstr;
+    } else {
+      $errstr = "Reverse zone $revzone not present";
+    }
+  }
   return $revid if $revid;
 } # end revID()
@@ -2089 +2110 @@
       }
 
-      $host =~ s/ADMINDOMAIN/$config{domain}/g;
+      $host =~ s/ADMINDOMAIN/$self->{domain}/g;
 
       # Check to make sure the IP stubs will fit in the zone.  Under most usage failures here should be rare.
@@ -2183 +2204 @@
     eval { $dbh->rollback; };
     $self->_log(group_id => $group, entry => "Failed adding reverse zone $zone ($msg)")
-        if $config{log_failures};
+        if $self->{log_failures};
     $dbh->commit;       # since we enabled transactions earlier
     return ('FAIL',$msg);
@@ -2211 +2232 @@
 
   my %args = @_;
+
+  # Fail on bad curgroup argument.  There's no sane fallback on this one.
+  if (!$args{curgroup} || $args{curgroup} !~ /^\d+$/) {
+    $errstr = "Bad or missing curgroup argument";
+    return;
+  }
+  # Fail on bad childlist argument.  This could be sanely ignored if bad, maybe.
+  if ($args{childlist} && $args{childlist} !~ /^[\d,]+$/) {
+    $errstr = "Bad childlist argument";
+    return;
+  }
 
   my @filterargs;
@@ -2250 +2282 @@
   $args{sortorder} = 'ASC' if !$args{sortorder} || !grep /^$args{sortorder}$/, ('ASC','DESC');
   $args{offset} = 0 if !$args{offset} || $args{offset} !~ /^(?:all|\d+)$/;
+
+  # Fail on bad curgroup argument.  There's no sane fallback on this one.
+  if (!$args{curgroup} || $args{curgroup} !~ /^\d+$/) {
+    $errstr = "Bad or missing curgroup argument";
+    return;
+  }
+  # Fail on bad childlist argument.  This could be sanely ignored if bad, maybe.
+  if ($args{childlist} && $args{childlist} !~ /^[\d,]+$/) {
+    $errstr = "Bad childlist argument";
+    return;
+  }
 
   my @filterargs;
@@ -2277 +2320 @@
   # A common tail.
   $sql .= " ORDER BY ".($args{sortby} eq 'group' ? 'groups.group_name' : $args{sortby})." $args{sortorder} ".
-        ($args{offset} eq 'all' ? '' : " LIMIT $config{perpage}".
-        " OFFSET ".$args{offset}*$config{perpage});
+        ($args{offset} eq 'all' ? '' : " LIMIT $self->{perpage}".
+        " OFFSET ".$args{offset}*$self->{perpage});
   my $sth = $dbh->prepare($sql);
   $sth->execute(@filterargs);
@@ -2404 +2447 @@
     my $msg = $@;
     eval { $dbh->rollback; };
-    if ($config{log_failures}) {
+    if ($self->{log_failures}) {
       $self->_log(group_id => $pargroup, entry => "Failed to add group $groupname: $msg");
       $dbh->commit;
@@ -2448 +2491 @@
     my ($domcnt) = $dbh->selectrow_array("SELECT count(*) FROM domains WHERE group_id=?", undef, ($groupid));
     die "$domcnt domains still in group\n" if $domcnt;
+    my ($revcnt) = $dbh->selectrow_array("SELECT count(*) FROM revzones WHERE group_id=?", undef, ($groupid));
+    die "$revcnt reverse zones still in group\n" if $revcnt;
     my ($usercnt) = $dbh->selectrow_array("SELECT count(*) FROM users WHERE group_id=?", undef, ($groupid));
     die "$usercnt users still in group\n" if $usercnt;
@@ -2468 +2513 @@
     my $msg = $@;
     eval { $dbh->rollback; };
-    if ($config{log_failures}) {
+    if ($self->{log_failures}) {
       $self->_log(group_id => $parid, entry => "$failmsg: $msg");
       $dbh->commit;     # since we enabled transactions earlier
@@ -2545 +2590 @@
   my %args = @_;
 
+  # Fail on bad curgroup argument.  There's no sane fallback on this one.
+  if (!$args{curgroup} || $args{curgroup} !~ /^\d+$/) {
+    $errstr = "Bad or missing curgroup argument";
+    return;
+  }
+  # Fail on bad childlist argument.  This could be sanely ignored if bad, maybe.
+  if ($args{childlist} && $args{childlist} !~ /^[\d,]+$/) {
+    $errstr = "Bad childlist argument";
+    return;
+  }
+
   my @filterargs;
-
   $args{startwith} = undef if $args{startwith} && $args{startwith} !~ /^(?:[a-z]|0-9)$/;
   push @filterargs, "^$args{startwith}" if $args{startwith};
@@ -2571 +2626 @@
   my %args = @_;
 
+  # Fail on bad curgroup argument.  There's no sane fallback on this one.
+  if (!$args{curgroup} || $args{curgroup} !~ /^\d+$/) {
+    $errstr = "Bad or missing curgroup argument";
+    return;
+  }
+  # Fail on bad childlist argument.  This could be sanely ignored if bad, maybe.
+  if ($args{childlist} && $args{childlist} !~ /^[\d,]+$/) {
+    $errstr = "Bad childlist argument";
+    return;
+  }
+
   my @filterargs;
-
   $args{startwith} = undef if $args{startwith} && $args{startwith} !~ /^(?:[a-z]|0-9)$/;
   push @filterargs, "^$args{startwith}" if $args{startwith};
@@ -2578 +2643 @@
 
   # protection against bad or missing arguments
-  $args{sortorder} = 'ASC' if !$args{sortorder};
+  $args{sortorder} = 'ASC' if !$args{sortorder} || !grep /^$args{sortorder}$/, ('ASC','DESC');
+  $args{sortby} = 'group' if !$args{sortby} || $args{sortby} !~ /^[\w_.]+$/;
   $args{offset} = 0 if !$args{offset} || $args{offset} !~ /^(?:all|\d+)$/;
 
@@ -2594 +2660 @@
         " GROUP BY g.group_id, g.group_name, g2.group_name ".
         " ORDER BY $args{sortby} $args{sortorder} ".
-        ($args{offset} eq 'all' ? '' : " LIMIT $config{perpage} OFFSET ".$args{offset}*$config{perpage});
+        ($args{offset} eq 'all' ? '' : " LIMIT $self->{perpage} OFFSET ".$args{offset}*$self->{perpage});
   my $glist = $dbh->selectall_arrayref($sql, { Slice => {} }, (@filterargs) );
   $errstr = $dbh->errstr if !$glist;
@@ -2749 +2815 @@
     my $msg = $@;
     eval { $dbh->rollback; };
-    if ($config{log_failures}) {
+    if ($self->{log_failures}) {
       $self->_log(group_id => $group, entry => "Error adding user $username: $msg");
       $dbh->commit;     # since we enabled transactions earlier
@@ -2772 +2838 @@
   my %args = @_;
 
+  # Fail on bad curgroup argument.  There's no sane fallback on this one.
+  if (!$args{curgroup} || $args{curgroup} !~ /^\d+$/) {
+    $errstr = "Bad or missing curgroup argument";
+    return;
+  }
+  # Fail on bad childlist argument.  This could be sanely ignored if bad, maybe.
+  if ($args{childlist} && $args{childlist} !~ /^[\d,]+$/) {
+    $errstr = "Bad childlist argument";
+    return;
+  }
+
   my @filterargs;
-
   $args{startwith} = undef if $args{startwith} && $args{startwith} !~ /^(?:[a-z]|0-9)$/;
   push @filterargs, "^$args{startwith}" if $args{startwith};
   push @filterargs, $args{filter} if $args{filter};
-
 
   my $sql = "SELECT count(*) FROM users ".
@@ -2801 +2876 @@
   my %args = @_;
 
+  # Fail on bad curgroup argument.  There's no sane fallback on this one.
+  if (!$args{curgroup} || $args{curgroup} !~ /^\d+$/) {
+    $errstr = "Bad or missing curgroup argument";
+    return;
+  }
+  # Fail on bad childlist argument.  This could be sanely ignored if bad, maybe.
+  if ($args{childlist} && $args{childlist} !~ /^[\d,]+$/) {
+    $errstr = "Bad childlist argument";
+    return;
+  }
+
   my @filterargs;
-
   $args{startwith} = undef if $args{startwith} && $args{startwith} !~ /^(?:[a-z]|0-9)$/;
   push @filterargs, "^$args{startwith}" if $args{startwith};
@@ -2813 +2898 @@
 
   # protection against bad or missing arguments
-  $args{sortorder} = 'ASC' if !$args{sortorder};
-  $args{sortby} = 'u.username' if !$args{sortby};
+  $args{sortorder} = 'ASC' if !$args{sortorder} || !grep /^$args{sortorder}$/, ('ASC','DESC');
+  $args{sortby} = 'u.username' if !$args{sortby} || $args{sortby} !~ /^[\w_.]+$/;
   $args{offset} = 0 if !$args{offset} || $args{offset} !~ /^(?:all|\d+)$/;
 
@@ -2825 +2910 @@
         " AND NOT u.type = 'R' ".
         " ORDER BY $args{sortby} $args{sortorder} ".
-        ($args{offset} eq 'all' ? '' : " LIMIT $config{perpage} OFFSET ".$args{offset}*$config{perpage});
+        ($args{offset} eq 'all' ? '' : " LIMIT $self->{perpage} OFFSET ".$args{offset}*$self->{perpage});
   my $ulist = $dbh->selectall_arrayref($sql, { Slice => {} }, (@filterargs) );
   $errstr = $dbh->errstr if !$ulist;
@@ -2908 +2993 @@
     my $msg = $@;
     eval { $dbh->rollback; };
-    if ($config{log_failures}) {
+    if ($self->{log_failures}) {
       $self->_log(group_id => $group, entry => "Error updating user $username: $msg");
       $dbh->commit;     # since we enabled transactions earlier
@@ -2947 +3032 @@
     my $msg = $@;
     eval { $dbh->rollback; };
-    if ($config{log_failures}) {
+    if ($self->{log_failures}) {
       $self->_log(group_id => $userdata->{group_id}, entry => "Error deleting user ID ".
         "$userid/".$userdata->{username}.": $msg");
@@ -3120 +3205 @@
     my $msg = $@;
     eval { $dbh->rollback; };
-    if ($config{log_failures}) {
+    if ($self->{log_failures}) {
       $shdesc = $loc if !$shdesc;
       $self->_log(entry => "Failed adding location ($shdesc, '$iplist'): $msg");
@@ -3167 +3252 @@
     my $msg = $@;
     eval { $dbh->rollback; };
-    if ($config{log_failures}) {
+    if ($self->{log_failures}) {
       $shdesc = $loc if !$shdesc;
       $self->_log(entry => "Failed updating location ($shdesc, '$iplist'): $msg");
@@ -3206 +3291 @@
     my $msg = $@;
     eval { $dbh->rollback; };
-    if ($config{log_failures}) {
+    if ($self->{log_failures}) {
       $self->_log(entry => "Failed to delete location ($olddesc, '$oldloc->{iplist}'): $msg");
       $dbh->commit;
@@ -3244 +3329 @@
   my %args = @_;
 
+  # Fail on bad curgroup argument.  There's no sane fallback on this one.
+  if (!$args{curgroup} || $args{curgroup} !~ /^\d+$/) {
+    $errstr = "Bad or missing curgroup argument";
+    return;
+  }
+  # Fail on bad childlist argument.  This could be sanely ignored if bad, maybe.
+  if ($args{childlist} && $args{childlist} !~ /^[\d,]+$/) {
+    $errstr = "Bad childlist argument";
+    return;
+  }
+
   my @filterargs;
-
   $args{startwith} = undef if $args{startwith} && $args{startwith} !~ /^(?:[a-z]|0-9)$/;
   push @filterargs, "^$args{startwith}" if $args{startwith};
   push @filterargs, $args{filter} if $args{filter};
-
 
   my $sql = "SELECT count(*) FROM locations ".
@@ -3268 +3362 @@
   my %args = @_;
 
+  # Fail on bad curgroup argument.  There's no sane fallback on this one.
+  if (!$args{curgroup} || $args{curgroup} !~ /^\d+$/) {
+    $errstr = "Bad or missing curgroup argument";
+    return;
+  }
+  # Fail on bad childlist argument.  This could be sanely ignored if bad, maybe.
+  if ($args{childlist} && $args{childlist} !~ /^[\d,]+$/) {
+    $errstr = "Bad childlist argument";
+    return;
+  }
+
   my @filterargs;
-
   $args{startwith} = undef if $args{startwith} && $args{startwith} !~ /^(?:[a-z]|0-9)$/;
   push @filterargs, "^$args{startwith}" if $args{startwith};
@@ -3280 +3384 @@
 
   # protection against bad or missing arguments
-  $args{sortorder} = 'ASC' if !$args{sortorder};
-  $args{sortby} = 'l.description' if !$args{sortby};
+  $args{sortorder} = 'ASC' if !$args{sortorder} || !grep /^$args{sortorder}$/, ('ASC','DESC');
+  $args{sortby} = 'l.description' if !$args{sortby} || $args{sortby} !~ /^[\w_.]+$/;
   $args{offset} = 0 if !$args{offset} || $args{offset} !~ /^(?:all|\d+)$/;
 
@@ -3291 +3395 @@
         ($args{filter} ? " AND l.description ~* ?" : '').
         " ORDER BY $args{sortby} $args{sortorder} ".
-        ($args{offset} eq 'all' ? '' : " LIMIT $config{perpage} OFFSET ".$args{offset}*$config{perpage});
+        ($args{offset} eq 'all' ? '' : " LIMIT $self->{perpage} OFFSET ".$args{offset}*$self->{perpage});
   my $ulist = $dbh->selectall_arrayref($sql, { Slice => {} }, (@filterargs) );
   $errstr = $dbh->errstr if !$ulist;
@@ -3411 +3515 @@
     $logdata{entry} = "Error updating ".($defrec eq 'y' ? ($revrec eq 'y' ? 'default reverse zone ' : 'default ') : '').
         "SOA record for $parname: $msg";
-    if ($config{log_failures}) {
+    if ($self->{log_failures}) {
       $self->_log(%logdata);
       $dbh->commit;
@@ -3433 +3537 @@
   my $id = shift;
 
+##fixme: do we need a knob to twist to switch between unix epoch and postgres time string?
   my $sql = "SELECT record_id,host,type,val,ttl".
         ($defrec eq 'n' ? ',location' : '').
         ($revrec eq 'n' ? ',distance,weight,port' : '').
-        (($defrec eq 'y') ? ',group_id FROM ' : ',domain_id,rdns_id FROM ').
+        (($defrec eq 'y') ? ',group_id FROM ' : ',domain_id,rdns_id,stamp,stamp < now() AS ispast,expires,stampactive FROM ').
         _rectable($defrec,$revrec)." WHERE record_id=?";
   my $ret = $dbh->selectrow_hashref($sql, undef, ($id) );
@@ -3465 +3570 @@
 
 ##fixme: should use above (getRecLine()) to get lines for below?
-## DNSDB::getDomRecs()
-# Return records for a domain
-# Takes a database handle, default/live flag, group/domain ID, start,
+## DNSDB::getRecList()
+# Return records for a group or zone
+# Takes a default/live flag, group or zone ID, start,
 # number of records, sort field, and sort order
 # Returns a reference to an array of hashes
-sub getDomRecs {
+sub getRecList {
   $errstr = '';
   my $self = shift;
@@ -3482 +3587 @@
 
   # protection against bad or missing arguments
-  $args{sortorder} = 'ASC' if !$args{sortorder};
-  $args{sortby} = 'host' if !$args{sortby} && $args{revrec} eq 'n';     # default sort by host on domain record list
-  $args{sortby} = 'val' if !$args{sortby} && $args{revrec} eq 'y';      # default sort by IP on revzone record list
+  $args{sortorder} = 'ASC' if !$args{sortorder} || !grep /^$args{sortorder}$/, ('ASC','DESC');
+  my $defsort;
+  $defsort = 'host' if $args{revrec} eq 'n';     # default sort by host on domain record list
+  $defsort = 'val' if $args{revrec} eq 'y';      # default sort by IP on revzone record list
+  $args{sortby} = '' if !$args{sortby};
+  $args{sortby} = $defsort if !$args{revrec};
+  $args{sortby} = $defsort if $args{sortby} !~ /^[\w_,.]+$/;
   $args{offset} = 0 if !$args{offset} || $args{offset} !~ /^(?:all|\d+)$/;  
+  my $perpage = ($args{nrecs} ? $args{nrecs} : $self->{perpage});
 
   # sort reverse zones on IP, correctly
@@ -3508 +3618 @@
   $newsort =~ s/^,//;
 
+##fixme:  do we need a knob to twist to switch from unix epoch to postgres time string?
+  my $sql = "SELECT r.record_id,r.host,r.type,r.val,r.ttl";
+  $sql .= ",l.description AS locname,stamp,r.stamp < now() AS ispast,r.expires,r.stampactive"
+        if $args{defrec} eq 'n';
+  $sql .= ",r.distance,r.weight,r.port" if $args{revrec} eq 'n';
+  $sql .= " FROM "._rectable($args{defrec},$args{revrec})." r ";
   $sql .= "INNER JOIN rectypes t ON r.type=t.val ";     # for sorting by type alphabetically
   $sql .= "LEFT JOIN locations l ON r.location=l.location " if $args{defrec} eq 'n';
@@ -3516 +3632 @@
   # ensure consistent ordering by sorting on record_id too
   $sql .= ", record_id $args{sortorder}";
-  $sql .= ($args{offset} eq 'all' ? '' : " LIMIT $config{perpage} OFFSET ".$args{offset}*$config{perpage});
+  $sql .= ($args{offset} eq 'all' ? '' : " LIMIT $perpage OFFSET ".$args{offset}*$perpage);
 
   my @bindvars = ($args{id});
@@ -3522 +3638 @@
 
   my $ret = $dbh->selectall_arrayref($sql, { Slice => {} }, (@bindvars) );
+  $errstr = "Error retrieving records: ".$dbh->errstr if !$ret;
+
   return $ret;
-} # end getDomRecs()
+} # end getRecList()
 
 
@@ -3581 +3699 @@
   $location  = '' if !$location;
 
+  my $expires = shift;
+  $expires = 1 if $expires eq 'until';  # Turn some special values into the appropriate booleans.
+  $expires = 0 if $expires eq 'after';
+  my $stamp = shift;
+  $stamp = '' if !$stamp;        # Timestamp should be a string at this point.
+
   # Spaces are evil.
   $host =~ s/^\s+//;
@@ -3590 +3714 @@
   }
 
-  # Validation
-  my $addr = NetAddr::IP->new($val);
-  if ($rectype == $reverse_typemap{A}) {
-    return ('FAIL',$typemap{$rectype}." record must be a valid IPv4 address")
-        unless $addr && !$addr->{isv6};
-  }
-  if ($rectype == $reverse_typemap{AAAA}) {
-    return ('FAIL',$typemap{$rectype}." record must be a valid IPv6 address")
-        unless $addr && $addr->{isv6};
-  }
+  if ($self->{lowercase}) {
+    if ($typemap{$$rectype} ne 'TXT') {
+      $$host = lc($$host);
+      $$val = lc($$val);
+    } else {
+      # TXT records should preserve user entry in the string.
+      if ($revrec eq 'n') {
+        $$host = lc($$host);
+      } else {
+        $$val = lc($$val);
+      }
+    }
+  }
+
+  # prep for validation
+  my $addr = NetAddr::IP->new($$val);
+  $$host =~ s/\.+$//;   # FQDNs ending in . are an internal detail, and really shouldn't be exposed in the UI.
 
   my $domid = 0;
@@ -3610 +3741 @@
   return ('FAIL', "TTL must be numeric") unless $ttl =~ /^\d+$/;
 
-  # Quick check on hostname parts.  Note the regex is more forgiving than the error message;
-  # domain names technically are case-insensitive, and we use printf-like % codes for a couple
-  # of types.  Other things may also be added to validate default records of several flavours.
-  return ('FAIL', "Hostnames may not contain anything other than (0-9 a-z . _)")
-        if $defrec eq 'n' && ($revrec eq 'y' ? $$rectype != $reverse_typemap{TXT} : 1) &&
-                $$host !~ /^[0-9a-z_%.-]+$/i;
+  # Quick check on hostname parts.  There are enough variations to justify a sub now.
+  return ('FAIL', $errstr) if ! _check_hostname_form($$host, $$rectype, $defrec, $revrec);
 
   # Collect these even if we're only doing a simple A record so we can call *any* validation sub
@@ -3637 +3764 @@
   push @vallist, ($$host,$$rectype,$$val,$ttl,$id);
 
-  # locations are not for default records, silly coder!
   if ($defrec eq 'n') {
+    # locations are not for default records, silly coder!
     $fields .= ",location";
     push @vallist, $location;
-  }
+    # timestamps are rare.
+    if ($stamp) {
+      $fields .= ",stamp,expires,stampactive";
+      push @vallist, $stamp, $expires, 'y';
+    } else {
+      $fields .= ",stampactive";
+      push @vallist, 'n';
+    }
+  }
+
+  # a little magic to get the right number of ? placeholders based on how many values we're providing
   my $vallen = '?'.(',?'x$#vallist);
 
@@ -3669 +3806 @@
   $logdata{entry} .= "', TTL $ttl";
   $logdata{entry} .= ", location ".$self->getLoc($location)->{description} if $location;
+  $logdata{entry} .= ($expires eq 'after' ? ', valid after ' : ', expires at ').$stamp if $stamp;
 
   # Allow transactions, and raise an exception on errors so we can catch it later.
@@ -3684 +3822 @@
     my $msg = $@;
     eval { $dbh->rollback; };
-    if ($config{log_failures}) {
+    if ($self->{log_failures}) {
       $logdata{entry} = "Failed adding ".($defrec eq 'y' ? 'default ' : '').
         "record '$$host $typemap{$$rectype} $$val', TTL $ttl ($msg)";
@@ -3722 +3860 @@
   $location  = '' if !$location;
 
-  # prep for validation
-  my $addr = NetAddr::IP->new($$val);
-  $$host =~ s/\.+$//;   # FQDNs ending in . are an internal detail, and really shouldn't be exposed in the UI.
+  my $expires = shift;
+  $expires = 1 if $expires eq 'until';  # Turn some special values into the appropriate booleans.
+  $expires = 0 if $expires eq 'after';
+  my $stamp = shift;
+  $stamp = '' if !$stamp;        # Timestamp should be a string at this point.
+
+  # just set it to an empty string;  failures will be caught later.
+  $$host = '' if !$$host;
 
   # Spaces are evil.
@@ -3735 +3878 @@
   }
 
+  if ($self->{lowercase}) {
+    if ($typemap{$$rectype} ne 'TXT') {
+      $$host = lc($$host);
+      $$val = lc($$val);
+    } else {
+      # TXT records should preserve user entry in the string.
+      if ($revrec eq 'n') {
+        $$host = lc($$host);
+      } else {
+        $$val = lc($$val);
+      }
+    }
+  }
+
+  # prep for validation
+  my $addr = NetAddr::IP->new($$val);
+  $$host =~ s/\.+$//;   # FQDNs ending in . are an internal detail, and really shouldn't be exposed in the UI.
+
   my $domid = 0;
   my $revid = 0;
@@ -3744 +3905 @@
   return ('FAIL', "TTL must be numeric") unless $ttl =~ /^\d+$/;
 
-  # Quick check on hostname parts.  Note the regex is more forgiving than the error message;
-  # domain names technically are case-insensitive, and we use printf-like % codes for a couple
-  # of types.  Other things may also be added to validate default records of several flavours.
-  return ('FAIL', "Hostnames may not contain anything other than (0-9 a-z - . _)")
-        if $defrec eq 'n' && ($revrec eq 'y' ? $$rectype != $reverse_typemap{TXT} : 1) &&
-                $$host !~ /^[0-9a-z_%.-]+$/i;
+  # Quick check on hostname parts.  There are enough variations to justify a sub now.
+  return ('FAIL', $errstr) if ! _check_hostname_form($$host, $$rectype, $defrec, $revrec);
 
   # only MX and SRV will use these
@@ -3780 +3937 @@
         ($defrec eq 'y' ? $oldrec->{group_id} : ($revrec eq 'n' ? $oldrec->{domain_id} : $oldrec->{rdns_id})) );
 
-  # locations are not for default records, silly coder!
   if ($defrec eq 'n') {
+    # locations are not for default records, silly coder!
     $fields .= ",location";
     push @vallist, $location;
+    # timestamps are rare.
+    if ($stamp) {
+      $fields .= ",stamp,expires,stampactive";
+      push @vallist, $stamp, $expires, 'y';
+    } else {
+      $fields .= ",stampactive";
+      push @vallist, 'n';
+    }
   }
 
@@ -3837 +4002 @@
   $logdata{entry} .= "', TTL $oldrec->{ttl}";
   $logdata{entry} .= ", location ".$self->getLoc($oldrec->{location})->{description} if $oldrec->{location};
+  $logdata{entry} .= ($oldrec->{expires} ? ', expires at ' : ', valid after ').$oldrec->{stamp}
+        if $oldrec->{stampactive};
   $logdata{entry} .= "\nto\n";
   # More NS special
@@ -3848 +4015 @@
   $logdata{entry} .= "', TTL $ttl";
   $logdata{entry} .= ", location ".$self->getLoc($location)->{description} if $location;
+  $logdata{entry} .= ($expires eq 'after' ? ', valid after ' : ', expires at ').$stamp if $stamp;
 
   local $dbh->{AutoCommit} = 0;
@@ -3864 +4032 @@
     my $msg = $@;
     eval { $dbh->rollback; };
-    if ($config{log_failures}) {
+    if ($self->{log_failures}) {
       $logdata{entry} = "Failed updating ".($defrec eq 'y' ? 'default ' : '').
         "record '$oldrec->{host} $typemap{$oldrec->{type}} $oldrec->{val}', TTL $oldrec->{ttl} ($msg)";
@@ -3975 +4143 @@
     my $msg = $@;
     eval { $dbh->rollback; };
-    if ($config{log_failures}) {
+    if ($self->{log_failures}) {
       $logdata{entry} = "Error deleting ".($defrec eq 'y' ? 'default record' : 'record').
         " '$oldrec->{host} $typemap{$oldrec->{type}} $oldrec->{val}', TTL $oldrec->{ttl} ($msg)";
@@ -4011 +4179 @@
   $args{logtype} = 'domain' if $args{logtype} eq 'dom';         # hack pthui
   return if !grep /^$args{logtype}$/, ('group', 'domain', 'revzone', 'user');
-
-  $args{logtype} = 'revzone' if $args{logtype} eq 'rdns';       # hack pthui
 
   my $sql = "SELECT count(*) FROM log ".
@@ -4047 +4213 @@
 
   # Sorting defaults
-  $args{sortby} = 'stamp' if !$args{sortby};
-  $args{sortorder} = 'DESC' if !$args{sortorder};
+  $args{sortorder} = 'DESC' if !$args{sortorder} || !grep /^$args{sortorder}$/, ('ASC','DESC');
+  $args{sortby} = 'stamp' if !$args{sortby} || $args{sortby} !~ /^[\w_.]+$/;
   $args{offset} = 0 if !$args{offset} || $args{offset} !~ /^(?:all|\d+)$/;
 
@@ -4060 +4226 @@
         ($args{filter} ? " AND entry ~* ?" : '').
         " ORDER BY $args{sortby} $args{sortorder}, log_id $args{sortorder}".
-        ($args{offset} eq 'all' ? '' : " LIMIT $config{perpage} OFFSET ".$args{offset}*$config{perpage});
+        ($args{offset} eq 'all' ? '' : " LIMIT $self->{perpage} OFFSET ".$args{offset}*$self->{perpage});
   my $loglist = $dbh->selectall_arrayref($sql, { Slice => {} }, ($args{id}, @filterargs) );
   $errstr = $dbh->errstr if !$loglist;
@@ -4111 +4277 @@
     # default;  forward zone types.  technically $type eq 'f' but not worth the error message.
     $sql .= "stdflag=1 OR stdflag=2";
+    $sql .= " AND val < 65280" if $recgroup eq 'fo';  # An extra flag to trim off the pseudotypes as well.
   }
   $sql .= " ORDER BY listorder";
@@ -4243 +4410 @@
       $limiter++;
 ##fixme:  how often will this happen on a live site?  fail at max limiter <n>?
+# 2013/10/22 only seems to happen when you request an entity that doesn't exist.
       warn "no results looking for $sql with id $id (depth $limiter)\n";
       last;
@@ -4841 +5009 @@
   my %recflags;
 
-  my $domsth = $dbh->prepare("SELECT domain_id,domain,status,changed FROM domains WHERE status=1");
-  my $recsth = $dbh->prepare("SELECT host,type,val,distance,weight,port,ttl,record_id,location ".
-        "FROM records WHERE domain_id=? AND type < 65280");     # Just exclude all types relating to rDNS
-  my $zonesth = $dbh->prepare("UPDATE domains SET changed='n' WHERE domain_id=?");
-  $domsth->execute();
-  while (my ($domid,$dom,$domstat,$changed) = $domsth->fetchrow_array) {
-##fixme: need to find a way to block opening symlinked files without introducing a race.
-#       O_NOFOLLOW
-#              If  pathname  is a symbolic link, then the open fails.  This is a FreeBSD extension, which was
-#              added to Linux in version 2.1.126.  Symbolic links in earlier components of the pathname  will
-#              still be followed.
-# but that doesn't help other platforms.  :/
-    sysopen(ZONECACHE, "$config{exportcache}/$dom", O_RDWR|O_CREAT);
-    flock(ZONECACHE, LOCK_EX);
-    if ($changed || -s "$config{exportcache}/$dom" == 0) {
-      $recsth->execute($domid);
-      while (my ($host,$type,$val,$dist,$weight,$port,$ttl,$recid,$loc) = $recsth->fetchrow_array) {
-        next if $recflags{$recid};
-
-        $loc = '' if !$loc;     # de-nullify - just in case
-##fixme:  handle case of record-with-location-that-doesn't-exist better.
-# note this currently fails safe (tested) - records with a location that
-# doesn't exist will not be sent to any client
-#       $loc = '' if !$lochash->{$loc};
-
-##fixme:  record validity timestamp. tinydns supports fiddling with timestamps.
-# note $ttl must be set to 0 if we want to use tinydns's auto-expiring timestamps.
-# timestamps are TAI64
-# ~~ 2^62 + time()
-        my $stamp = '';
-
-        # support tinydns' auto-TTL
-        $ttl = '' if $ttl == '0';
-
-        # Spaces are evil.
-        $host =~ s/^\s+//;
-        $host =~ s/\s+$//;
-        if ($typemap{$type} ne 'TXT') {
-          # Leading or trailng spaces could be legit in TXT records.
-          $val =~ s/^\s+//;
-          $val =~ s/\s+$//;
-        }
-
-        _printrec_tiny(*ZONECACHE, 'n', \%recflags,
-                $dom, $host, $type, $val, $dist, $weight, $port, $ttl, $loc, $stamp)
-                if *ZONECACHE;
-
-        # in case the zone shrunk, get rid of garbage at the end of the file.
-        truncate(ZONECACHE, tell(ZONECACHE));
-
-        $recflags{$recid} = 1;
-      } # while ($recsth)
-    }
-    # stream from cache, whether freshly created or existing
-    print $datafile $_ while <ZONECACHE>;
-    close ZONECACHE;
-    # mark domain as unmodified
-    $zonesth->execute($domid);
-  } # while ($domsth)
-
-  my $revsth = $dbh->prepare("SELECT rdns_id,revnet,status,changed FROM revzones WHERE status=1 ".
-        "ORDER BY masklen(revnet) DESC");
-
 # For reasons unknown, we can't sanely UNION these statements.  Feh.
 # Supposedly it should work though (note last 3 lines):
@@ -4918 +5023 @@
   my $soasth = $dbh->prepare("SELECT host,type,val,distance,weight,port,ttl,record_id,location ".
         "FROM records WHERE rdns_id=? AND type=6");
-  $recsth = $dbh->prepare("SELECT host,type,val,distance,weight,port,ttl,record_id,location ".
+  my $recsth = $dbh->prepare("SELECT host,type,val,distance,weight,port,ttl,record_id,location,extract(epoch from stamp),expires,stampactive ".
         "FROM records WHERE rdns_id=? AND not type=6 ".
         "ORDER BY masklen(CAST(val AS inet)) DESC, CAST(val AS inet)");
-  $zonesth = $dbh->prepare("UPDATE revzones SET changed='n' WHERE rdns_id=?");
+  my $revsth = $dbh->prepare("SELECT rdns_id,revnet,status,changed FROM revzones WHERE status=1 ".
+        "ORDER BY masklen(revnet) DESC");
+  my $zonesth = $dbh->prepare("UPDATE revzones SET changed='n' WHERE rdns_id=?");
   $revsth->execute();
   while (my ($revid,$revzone,$revstat,$changed) = $revsth->fetchrow_array) {
@@ -4931 +5038 @@
 # but that doesn't help other platforms.  :/
     my $tmpzone = NetAddr::IP->new($revzone);
-    sysopen(ZONECACHE, "$config{exportcache}/".$tmpzone->network->addr, O_RDWR|O_CREAT);
-    flock(ZONECACHE, LOCK_EX);
-    if ($changed || -s "$config{exportcache}/".$tmpzone->network->addr == 0) {
-      # need to fetch this separately since the rest of the records all (should) have real IPs in val
-      $soasth->execute($revid);
-      my (@zsoa) = $soasth->fetchrow_array();
-      _printrec_tiny(*ZONECACHE,'y',\%recflags,$revzone,
-        $zsoa[0],$zsoa[1],$zsoa[2],$zsoa[3],$zsoa[4],$zsoa[5],$zsoa[6],$zsoa[8],'');
-
-      $recsth->execute($revid);
-      while (my ($host,$type,$val,$dist,$weight,$port,$ttl,$recid,$loc) = $recsth->fetchrow_array) {
-        next if $recflags{$recid};
-
-        $loc = '' if !$loc;     # de-nullify - just in case
+##fixme:  locations/views?  subnet mask?  need to avoid possible collisions with zone/superzone
+##        (eg /20 vs /24, starting on .0.0)
+    my $cz = $tmpzone->network->addr."-".$tmpzone->masklen;
+    my $cachefile = "$self->{exportcache}/$cz";
+    my $tmpcache = "$self->{exportcache}/tmp.$cz.$$";
+    eval {
+
+      # only update the cache file if the zone has changed, or if the cache file has nothing in it.
+      if ($self->{force_refresh} || $changed || !-e $cachefile || -z $cachefile) {
+        open ZONECACHE, ">$tmpcache" or die "Error creating temporary file $tmpcache: $!\n";
+
+        # need to fetch this separately since the rest of the records all (should) have real IPs in val
+        $soasth->execute($revid);
+        my (@zsoa) = $soasth->fetchrow_array();
+        _printrec_tiny(*ZONECACHE,'y',\%recflags,$revzone,
+          $zsoa[0],$zsoa[1],$zsoa[2],$zsoa[3],$zsoa[4],$zsoa[5],$zsoa[6],$zsoa[8],'');
+
+        $recsth->execute($revid);
+        while (my ($host,$type,$val,$dist,$weight,$port,$ttl,$recid,$loc,$stamp,$expires,$stampactive) = $recsth->fetchrow_array) {
+          next if $recflags{$recid};
+
+# not sure this is necessary for revzones.
+#         # Spaces are evil.
+#         $val =~ s/^\s+//;
+#         $val =~ s/\s+$//;
+#         if ($typemap{$type} ne 'TXT') {
+#           # Leading or trailng spaces could be legit in TXT records.
+#           $host =~ s/^\s+//;
+#           $host =~ s/\s+$//;
+#         }
+
+          _printrec_tiny(*ZONECACHE, 'y', \%recflags, $revzone,
+            $host, $type, $val, $dist, $weight, $port, $ttl, $loc, $stamp, $expires, $stampactive)
+                if *ZONECACHE;
+
+          $recflags{$recid} = 1;
+
+        } # while ($recsth)
+
+        close ZONECACHE; # force the file to be written
+
+        # catch obvious write errors that leave an empty temp file
+        if (-s $tmpcache) {
+          rename $tmpcache, $cachefile
+            or die "Error overwriting cache file $cachefile with temporary file: $!\n";
+        }
+
+      } # if $changed or cache filesize is 0
+
+    };
+    if ($@) {
+      print "error writing new data for $revzone: $@\n";
+      # error!  something borked, and we should be able to fall back on the old cache file
+      # report the error, somehow.
+    } else {
+      # mark zone as unmodified.  Only do this if no errors, that way
+      # export failures should recover a little more automatically.
+      $zonesth->execute($revid);
+    }
+    # Always stream the cache (even if stale or obsolete due to errors creating the new cache)
+    open CACHE, "<$cachefile";
+    print $datafile $_ while <CACHE>;
+    close CACHE;
+
+  } # while ($revsth)
+
+  my $domsth = $dbh->prepare("SELECT domain_id,domain,status,changed FROM domains WHERE status=1");
+  $recsth = $dbh->prepare("SELECT host,type,val,distance,weight,port,ttl,record_id,location,extract(epoch from stamp),expires,stampactive ".
+        "FROM records WHERE domain_id=?");      # Just exclude all types relating to rDNS
+#       "FROM records WHERE domain_id=? AND type < 65280");     # Just exclude all types relating to rDNS
+  $zonesth = $dbh->prepare("UPDATE domains SET changed='n' WHERE domain_id=?");
+  $domsth->execute();
+  while (my ($domid,$dom,$domstat,$changed) = $domsth->fetchrow_array) {
+##fixme: need to find a way to block opening symlinked files without introducing a race.
+#       O_NOFOLLOW
+#              If  pathname  is a symbolic link, then the open fails.  This is a FreeBSD extension, which was
+#              added to Linux in version 2.1.126.  Symbolic links in earlier components of the pathname  will
+#              still be followed.
+# but that doesn't help other platforms.  :/
+    my $cachefile = "$self->{exportcache}/$dom";
+    my $tmpcache = "$self->{exportcache}/tmp.$dom.$$";
+    eval {
+
+      # only update the cache file if the zone has changed, or if the cache file has nothing in it.
+      if ($self->{force_refresh} || $changed || !-e $cachefile || -z $cachefile) {
+        open ZONECACHE, ">$tmpcache" or die "Error creating temporary file $tmpcache: $!\n";
+
+        $recsth->execute($domid);
+        while (my ($host,$type,$val,$dist,$weight,$port,$ttl,$recid,$loc,$stamp,$expires,$stampactive) = $recsth->fetchrow_array) {
+          next if $recflags{$recid};
+
+          # Spaces are evil.
+          $host =~ s/^\s+//;
+          $host =~ s/\s+$//;
+          if ($typemap{$type} ne 'TXT') {
+            # Leading or trailng spaces could be legit in TXT records.
+            $val =~ s/^\s+//;
+            $val =~ s/\s+$//;
+          }
+
+          _printrec_tiny(*ZONECACHE, 'n', \%recflags,
+                $dom, $host, $type, $val, $dist, $weight, $port, $ttl, $loc, $stamp, $expires, $stampactive)
+                if *ZONECACHE;
+
+          $recflags{$recid} = 1;
+
+        } # while ($recsth)
+
+        close ZONECACHE; # force the file to be written
+
+        # catch obvious write errors that leave an empty temp file
+        if (-s $tmpcache) {
+          rename $tmpcache, $cachefile
+            or die "Error overwriting cache file $cachefile with temporary file: $!\n";
+        }
+
+      } # if $changed or cache filesize is 0
+
+    };
+    if ($@) {
+      print "error writing new data for $dom: $@\n";
+      # error!  something borked, and we should be able to fall back on the old cache file
+      # report the error, somehow.
+    } else {
+      # mark domain as unmodified.  Only do this if no errors, that way
+      # export failures should recover a little more automatically.
+      $zonesth->execute($domid);
+    }
+    # Always stream the cache (even if stale or obsolete due to errors creating the new cache)
+    open CACHE, "<$cachefile";
+    print $datafile $_ while <CACHE>;
+    close CACHE;
+
+  } # while ($domsth)
+
+} # end __export_tiny()
+
+
+# Utility sub for __export_tiny above
+sub _printrec_tiny {
+  my ($datafile,$revrec,$recflags,$zone,$host,$type,$val,$dist,$weight,$port,$ttl,$loc,$stamp,$expires,$stampactive) = @_;
+
+  $loc = '' if !$loc;   # de-nullify - just in case
 ##fixme:  handle case of record-with-location-that-doesn't-exist better.
 # note this currently fails safe (tested) - records with a location that
@@ -4950 +5186 @@
 #       $loc = '' if !$lochash->{$loc};
 
-##fixme:  record validity timestamp. tinydns supports fiddling with timestamps.
-# note $ttl must be set to 0 if we want to use tinydns's auto-expiring timestamps.
-# timestamps are TAI64
-# ~~ 2^62 + time()
-        my $stamp = '';
-
-        # support tinydns' auto-TTL
-        $ttl = '' if $ttl == '0';
-
-        _printrec_tiny(*ZONECACHE, 'y', \%recflags, $revzone,
-                $host, $type, $val, $dist, $weight, $port, $ttl, $loc, $stamp)
-                if *ZONECACHE;
-
-        # in case the zone shrunk, get rid of garbage at the end of the file.
-        truncate(ZONECACHE, tell(ZONECACHE));
-
-        $recflags{$recid} = 1;
-      } # while ($recsth)
-    }
-    # stream from cache, whether freshly created or existing
-    print $datafile $_ while <ZONECACHE>;
-    close ZONECACHE;
-    # mark zone as unmodified
-    $zonesth->execute($revid);
-  } # while ($domsth)
-
-} # end __export_tiny()
-
-
-# Utility sub for __export_tiny above
-sub _printrec_tiny {
-  my ($datafile,$revrec,$recflags,$zone,$host,$type,$val,$dist,$weight,$port,$ttl,$loc,$stamp) = @_;
+
+## Records that are valid only before or after a set time
+
+# record due to expire sometime is the complex case.  we don't want to just
+# rely on tinydns' auto-adjusting TTLs, because the default TTL in that case
+# is one day instead of the SOA minttl as BIND might do.
+
+# consider the case where a record is set to expire a week ahead, but the next
+# day later you want to change it NOW (or as NOWish as you get with your DNS
+# management practice).  but now you're stuck, because someone, somewhere, 
+# has just done a lookup before your latest change was published, and they'll
+# be caching that old, broken record for 1 day instead of your zone default
+# TTL.
+
+# $stamp-$ttl is the *latest* we can publish the record with the defined TTL
+# to still have the expiry happen as scheduled, but we need to find some
+# *earlier* point.  We can maybe guess, and 2x TTL is probably reasonable,
+# but we need info on the export frequency.
+
+# export the normal, non-expiring record up until $stamp-<guesstimate>, then
+# switch to exporting a record with the TAI64 stamp and a 0 TTL so tinydns
+# takes over TTL management.
+
+  if ($stampactive) {
+    if ($expires) {
+      # record expires at $stamp;  decide if we need to keep the TTL and ignore
+      # the stamp for a time or if we need to change the TTL to 0 and convert
+      # $stamp to TAI64 so tinydns can use $stamp to autoadjust the TTL on the fly.
+# extra hack, optimally needs more knowledge of data export frequency
+# smack the idiot customer who insists on 0 TTLs;  they can suck up and
+# deal with a 10-minute TTL.  especially on scheduled changes.  note this
+# should be (export freq * 2), but we don't know the actual export frequency.
+$ttl = 300 if $ttl == 0;        #hack phtui
+      my $ahead = (86400 < $ttl*2 ? 86400 : $ttl*2);
+      if ((time() + $ahead) < $stamp) {
+        # more than 2x TTL OR more than one day (whichever is less) from expiry time;  publish normal record
+        $stamp = '';
+      } else {
+        # less than 2x TTL from expiry time, let tinydns take over TTL management and publish the TAI64 stamp.
+        $ttl = 0;
+        $stamp = unixtai64($stamp);
+        $stamp =~ s/\@//;
+      }
+    } else {
+      # record is "active after";  convert epoch from database to TAI64, publish, and collect $200.
+      $stamp = unixtai64($stamp);
+      $stamp =~ s/\@//;
+    }
+  } else {
+    # flag for active timestamp is false;  don't actually put a timestamp in the output
+    $stamp = '';
+  }
+
+  # support tinydns' auto-TTL
+  $ttl = '' if $ttl == -1;
+# these are WAY FREAKING HIGH - higher even than most TLD registry TTLs!
+# NS          259200  => 3d
+# all others   86400  => 1d
+
+  if ($revrec eq 'y') {
+    $val = $zone if $val eq '@';
+  } else {
+    $host = $zone if $host eq '@';
+  }
 
   ## Convert a bare number into an octal-coded pair of octets.
@@ -5202 +5470 @@
       } elsif ($type == 65281) { # AAAA+PTR
 
-#$$recflags{$val}++;
+        $$recflags{$val}++;
         # treat these as two separate records.  since tinydns doesn't have
         # a native combined type, we have to create them separately anyway.
-        if ($revrec eq 'n') {
-          $type = 28;
-        } else {
-          $type = 12;
-        }
-        _printrec_tiny($datafile,$revrec,$recflags,$zone,$host,$type,$val,$dist,$weight,$port,$ttl,$loc,$stamp);
+        # print both;  a dangling record is harmless, and impossible via web
+        # UI anyway
+        _printrec_tiny($datafile,$revrec,$recflags,$zone,$host,28,$val,$dist,$weight,$port,$ttl,$loc,$stamp);
+        _printrec_tiny($datafile,$revrec,$recflags,$zone,$host,12,$val,$dist,$weight,$port,$ttl,$loc,$stamp);
 ##fixme: add a config flag to indicate use of the patch from http://www.fefe.de/dns/
 # type 6 is for AAAA+PTR, type 3 is for AAAA
@@ -5309 +5575 @@
   my ($subj,$message) = @_;
 
-  return if $config{mailhost} eq 'smtp.example.com';   # do nothing if still using default SMTP host.
-
-  my $mailer = Net::SMTP->new($config{mailhost}, Hello => "dnsadmin.$config{domain}");
-
-  my $mailsender = ($config{mailsender} ? $config{mailsender} : $config{mailnotify});
+  return if $self->{mailhost} eq 'smtp.example.com';   # do nothing if still using default SMTP host.
+
+  my $mailer = Net::SMTP->new($self->{mailhost}, Hello => "dnsadmin.$self->{domain}");
+
+  my $mailsender = ($self->{mailsender} ? $self->{mailsender} : $self->{mailnotify});
 
   $mailer->mail($mailsender);
-  $mailer->to($config{mailnotify});
-  $mailer->data("From: \"$config{mailname}\" <$mailsender>\n",
-        "To: <$config{mailnotify}>\n",
+  $mailer->to($self->{mailnotify});
+  $mailer->data("From: \"$self->{mailname}\" <$mailsender>\n",
+        "To: <$self->{mailnotify}>\n",
         "Date: ".strftime("%a, %d %b %Y %H:%M:%S %z",localtime)."\n",
         "Subject: $subj\n",
-        "X-Mailer: DNSAdmin Notify v".sprintf("%.1d",$DNSDB::VERSION)."\n",
-        "Organization: $config{orgname}\n",
+        "X-Mailer: DNSAdmin v".$DNSDB::VERSION." Notify\n",
+        "Organization: $self->{orgname}\n",
         "\n$message\n");
   $mailer->quit;

branches/stable/INSTALL

@@ -23 +23 @@
     - Net::Whois::Raw
     - Net::DNS
+    - Net::SMTP
     - DBI
     - DBD::Pg
-    - NetAddr::IP >= 4.x.  3.x may work, however 4.x has been out for
-      more than 4 years.
+    - NetAddr::IP >= 4.0.27
     - Frontier::Responder (only required if using dns-rpc.cgi)
+    - FCGI (only required if you want to run the RPC script as FastCGI)
 - tinydns - support for other DNS server software is planned
+
 
 Installing DeepNet DNS Administrator
@@ -89 +91 @@
 
 Basic installation should now be complete!  Log in and start adding
-your domains and domain records.
+your domains and reverse zones and their records.
 
 A minimal export script is included (export.pl).  This should be modified

branches/stable/Makefile

@@ -46 +46 @@
         INSTALL COPYING TODO Makefile dnsadmin.spec \
         \
-        new-dns.sql dns.sql dns.cgi dns-rpc.cgi textrecs.cgi DNSDB.pm vega-import.pl export.pl \
+        dns.sql dns-1.0-1.2.sql \
+        \
+        $(SCRIPTS) $(MODULES) \
         \
         index.shtml \
         \
-        images/trash2.png images/fwd.png images/ffwd.png images/frev.png \
-        images/rev.png images/DESC.png images/ASC.png images/tree_open.png images/tree_closed.png \
+        $(IMAGES) \
         \
-        templates/adddomain.tmpl templates/addgroup.tmpl templates/addrec.tmpl templates/adduser.tmpl \
-        templates/axfr.tmpl templates/bulkchange.tmpl templates/bulkdomain.tmpl templates/dberr.tmpl \
-        templates/deldom.tmpl templates/delgrp.tmpl templates/delloc.tmpl templates/delrec.tmpl \
-        templates/delrevzone.tmpl templates/deluser.tmpl \
-        templates/dns.css templates/dnsq.tmpl templates/domlist.tmpl templates/edgroup.tmpl \
-        templates/editsoa.tmpl templates/footer.tmpl templates/fpnla.tmpl templates/grouptree.css \
-        templates/grouptree-ie.css templates/grpman.tmpl templates/grptree.tmpl templates/header.tmpl \
-        templates/lettsearch.tmpl templates/login.tmpl templates/log.tmpl templates/menu.tmpl \
-        templates/newdomain.tmpl templates/newgrp.tmpl templates/permlist_enabled.tmpl templates/permlist.tmpl \
-        templates/pgcount.tmpl templates/reclist.tmpl templates/record.tmpl templates/sbox.tmpl \
-        templates/soadata.tmpl templates/template.tmpl templates/textrecs.tmpl templates/updatesoa.tmpl \
-        templates/useradmin.tmpl templates/user.tmpl templates/whoisq.tmpl \
+        $(TEMPLATES) \
         \
         dnsdb.conf
@@ -72 +62 @@
 
 IMAGES = \
-        images/trash2.png images/fwd.png images/ffwd.png images/frev.png \
-        images/rev.png images/DESC.png images/ASC.png
+        images/ASC.png images/DESC.png \
+        images/ffwd.png images/frev.png images/fwd.png images/rev.png \
+        images/trash2.png \
+        images/tree_closed.png images/tree_open.png
 
 SCRIPTS = \
-        dns.cgi dns-rpc.cgi textrecs.cgi vega-import.pl export.pl
+        compact-recs.pl dns.cgi dns-rpc.cgi export.pl textrecs.cgi tiny-import.pl vega-import.pl
 
 MODULES = DNSDB.pm
 
 TEMPLATES = \
-        templates/adddomain.tmpl templates/addgroup.tmpl templates/addrec.tmpl templates/adduser.tmpl \
-        templates/axfr.tmpl templates/bulkchange.tmpl templates/bulkdomain.tmpl templates/dberr.tmpl \
-        templates/deldom.tmpl templates/delgrp.tmpl templates/delloc.tmpl templates/delrec.tmpl \
-        templates/delrevzone.tmpl templates/deluser.tmpl \
+        templates/adddomain.tmpl templates/addgroup.tmpl templates/addrec.tmpl templates/addrevzone.tmpl \
+        templates/adduser.tmpl templates/axfr.tmpl templates/badpage.tmpl templates/bulkchange.tmpl \
+        templates/bulkdomain.tmpl templates/dberr.tmpl templates/deldom.tmpl templates/delgrp.tmpl \
+        templates/delloc.tmpl templates/delrec.tmpl templates/delrevzone.tmpl templates/deluser.tmpl \
         templates/dns.css templates/dnsq.tmpl templates/domlist.tmpl templates/edgroup.tmpl \
         templates/editsoa.tmpl templates/footer.tmpl templates/fpnla.tmpl templates/grouptree.css \
         templates/grouptree-ie.css templates/grpman.tmpl templates/grptree.tmpl templates/header.tmpl \
-        templates/lettsearch.tmpl templates/login.tmpl templates/log.tmpl templates/menu.tmpl \
-        templates/newdomain.tmpl templates/newgrp.tmpl templates/permlist_enabled.tmpl templates/permlist.tmpl \
-        templates/pgcount.tmpl templates/reclist.tmpl templates/record.tmpl templates/sbox.tmpl \
-        templates/soadata.tmpl templates/template.tmpl templates/textrecs.tmpl templates/updatesoa.tmpl \
-        templates/useradmin.tmpl templates/user.tmpl templates/whoisq.tmpl
+        templates/lettsearch.tmpl templates/location.tmpl templates/loclist.tmpl templates/login.tmpl \
+        templates/log.tmpl templates/menu.tmpl templates/msgblock.tmpl templates/newdomain.tmpl \
+        templates/newgrp.tmpl templates/newrevzone.tmpl templates/permlist.tmpl \
+        templates/pgcount.tmpl templates/reclist.tmpl templates/record.tmpl templates/revzones.tmpl \
+        templates/sbox.tmpl templates/soadata.tmpl templates/template.tmpl templates/textrecs.tmpl \
+        templates/updatesoa.tmpl templates/useradmin.tmpl templates/user.tmpl templates/whoisq.tmpl
 
 CONFIGFILES = dnsdb.conf
@@ -108 +101 @@
         @for i in $(SCRIPTS) $(MODULES); do \
                 $(INSTALL_SCRIPT) -D $$i $(DESTDIR)${datadir}/$(PKG_LEAF)/$$i ; \
-                perl -pi -e 's|use lib '.';     ##uselib##|use lib "${datadir}/$(PKG_LEAF)/";|;' $(DESTDIR)${datadir}/$(PKG_LEAF)/$$i ; \
-                perl -pi -e 's|use lib '.';     ##uselib##|use lib "${datadir}/$(PKG_LEAF)/";|;' $(DESTDIR)${datadir}/$(PKG_LEAF)/$$i ; \
+                perl -pi -e "s|use lib '.';\s+##uselib##|use lib '${datadir}/$(PKG_LEAF)/';|;" $(DESTDIR)${datadir}/$(PKG_LEAF)/$$i ; \
         done
         @$(INSTALL) -d $(DESTDIR)${sysconfdir}/$(CFG_LEAF)/
@@ -120 +112 @@
                         $(INSTALL_DATA) $$i $(DESTDIR)${sysconfdir}/$(CFG_LEAF)/ ; \
                 fi ; \
-                perl -pi -e 's|"/etc/dnsdb";    ##CFG_LEAF##|"${sysconfdir}/$(CFG_LEAF)";|;' $(DESTDIR)${datadir}/$(PKG_LEAF)/DNSDB.pm ; \
+                perl -pi -e 's|"/etc/dnsdb/dnsdb.conf",\s+##CFG_LEAF##|"${sysconfdir}/$(CFG_LEAF)/dnsdb.conf",|;' $(DESTDIR)${datadir}/$(PKG_LEAF)/DNSDB.pm ; \
         done
-#       # and now munge MyDNSDB.pm so it can find the core library
-#       perl -pi -e 's|##uselib##|use lib "${libdir}/dnsdb";|;' $(DESTDIR)${sysconfdir}/dnsdb/MyDNSDB.pm
 
 #clean:

branches/stable/UPGRADE

@@ -1 +1 @@
 $Id$
 
-Upgrading from a previous release
-=================================
+DeepNet DNS Administrator - Upgrade Notes
+=========================================
 
 1.0 -> 1.2
+  - Make sure your NetAddr::IP version is 4.027 or greater.  Older versions
+    have been found to be missing key methods.
+
   - FastCGI is now supported for RPC.  Install the FCGI module to support
     this, and rename or symlink:

branches/stable/compact-recs.pl

@@ -23 +23 @@
 use warnings;
 
-use lib '.';
+use lib '.';    ##uselib##
 use DNSDB;
 
@@ -120 +120 @@
     $dbh->do("INSERT INTO records (domain_id, rdns_id, host, type, val, ttl, location) VALUES (?,?,?,?,?,?,?)",
         undef, ($dparent, $zone, $patt, $newtype, $cidr, $soa->{minttl}, $ploc) );
+    $dbh->do("UPDATE revzones SET changed='y' WHERE rdns_id = ?", undef, ($zone));
+    $dbh->do("UPDATE domains SET changed='y' WHERE domain_id = ?", undef, ($dparent)) if $dparent;
     $dnsdb->_log(rdns_id => $zone, domain_id => $dparent, group_id => 1,
         entry => "A+PTR and/or PTR records in $cidr matching $patt replaced by $typemap{$newtype} record for $cidr");

branches/stable/dns-1.0-1.2.sql

@@ -40 +40 @@
 \.
  
-SELECT pg_catalog.setval('default_rev_records_record_id_seq', 5, false);
+SELECT pg_catalog.setval('default_rev_records_record_id_seq', 4, true);
 
 ALTER TABLE domains ADD COLUMN changed boolean DEFAULT true NOT NULL;
@@ -72 +72 @@
 ALTER TABLE records ADD COLUMN rdns_id INTEGER DEFAULT 0 NOT NULL;
 ALTER TABLE records ADD COLUMN location character varying (4) DEFAULT '' NOT NULL;
+-- Scheduled changes.
+ALTER TABLE records ADD COLUMN stamp TIMESTAMP WITH TIME ZONE DEFAULT 'epoch' NOT NULL;
+ALTER TABLE records ADD COLUMN expires boolean DEFAULT 'n' NOT NULL;
+ALTER TABLE records ADD COLUMN stampactive boolean DEFAULT 'n' NOT NULL;
 
 -- ~120s -> 75s performance boost on 100K records when always exporting all records
@@ -171 +175 @@
 \.
 
+-- and readd the primary key
+ALTER TABLE ONLY rectypes
+     ADD CONSTRAINT rectypes_pkey PRIMARY KEY (val, name);
+
 -- Update dbversion
 UPDATE misc SET value='1.2' WHERE key='dbversion';

branches/stable/dns-rpc.cgi

@@ -3 +3 @@
 ##
 # $Id$
-# Copyright 2012 Kris Deugau <kdeugau@deepnet.cx>
+# Copyright 2012,2013 Kris Deugau <kdeugau@deepnet.cx>
 # 
 #    This program is free software: you can redistribute it and/or modify
@@ -41 +41 @@
 
 my $methods = {
+#sub getPermissions {
+#sub changePermissions {
+#sub comparePermissions {
+#sub changeGroup {
         'dnsdb.addDomain'       => \&addDomain,
         'dnsdb.delZone'         => \&delZone,
+#sub domainName {
+#sub revName {
+        'dnsdb.domainID'        => \&domainID,
+#sub revID {
         'dnsdb.addRDNS'         => \&addRDNS,
+#sub getZoneCount {
+#sub getZoneList {
+#sub getZoneLocation {
         'dnsdb.addGroup'        => \&addGroup,
         'dnsdb.delGroup'        => \&delGroup,
+#sub getChildren {
+#sub groupName {
+#sub getGroupCount {
+#sub getGroupList {
+#sub groupID {
         'dnsdb.addUser'         => \&addUser,
+#sub getUserCount {
+#sub getUserList {
+#sub getUserDropdown {
         'dnsdb.updateUser'      => \&updateUser,
         'dnsdb.delUser'         => \&delUser,
+#sub userFullName {
+#sub userStatus {
+#sub getUserData {
+#sub addLoc {
+#sub updateLoc {
+#sub delLoc {
+#sub getLoc {
+#sub getLocCount {
+#sub getLocList {
         'dnsdb.getLocDropdown'  => \&getLocDropdown,
         'dnsdb.getSOA'          => \&getSOA,
+#sub updateSOA {
         'dnsdb.getRecLine'      => \&getRecLine,
-        'dnsdb.getDomRecs'      => \&getDomRecs,
+        'dnsdb.getRecList'      => \&getRecList,
         'dnsdb.getRecCount'     => \&getRecCount,
         'dnsdb.addRec'          => \&addRec,
         'dnsdb.updateRec'       => \&updateRec,
+#sub downconvert {
         'dnsdb.addOrUpdateRevRec'       => \&addOrUpdateRevRec,
         'dnsdb.delRec'          => \&delRec,
@@ -62 +92 @@
 #sub getLogEntries {}
         'dnsdb.getRevPattern'   => \&getRevPattern,
+        'dnsdb.getTypelist'     => \&getTypelist,
+        'dnsdb.getTypemap'      => \&getTypemap,
+        'dnsdb.getReverse_typemap'      => \&getReverse_typemap,
+#sub parentID {
+#sub isParent {
         'dnsdb.zoneStatus'      => \&zoneStatus,
         'dnsdb.getZonesByCIDR'  => \&getZonesByCIDR,
+#sub importAXFR {
+#sub importBIND {
+#sub import_tinydns {
+#sub export {
+#sub mailNotify {
 
         'dnsdb.getMethods'      => \&get_method_list
@@ -95 +135 @@
   my $subsys = shift;
   return 1 if grep /$ENV{REMOTE_ADDR}/, @{$dnsdb->{rpcacl}{$subsys}};
+  warn "$subsys/$ENV{REMOTE_ADDR} not in ACL\n";        # a bit of logging
   return 0;
 }
@@ -111 +152 @@
                 fullname => ($argref->{fullname} ? $argref->{fullname} : $argref->{rpcuser}) );
   }
+}
+
+# check for defrec and revrec;  only call on subs that deal with records
+sub _reccheck {
+  my $argref = shift;
+  die "Missing defrec and/or revrec flags\n" if !($argref->{defrec} || $argref->{revrec});
 }
 
@@ -145 +192 @@
   _commoncheck(\%args, 'y');
 
-  my ($code, $msg) = $dnsdb->addDomain($args{domain}, $args{group}, $args{state});
-  die $msg if $code eq 'FAIL';
+  my ($code, $msg) = $dnsdb->addDomain($args{domain}, $args{group}, $args{state}, $args{location});
+  die "$msg\n" if $code eq 'FAIL';
   return $msg;  # domain ID
 }
@@ -167 +214 @@
     ($code,$msg) = $dnsdb->delZone($zoneid, $args{revrec});
   }
-  die $msg if $code eq 'FAIL';
+  die "$msg\n" if $code eq 'FAIL';
   return $msg;
 }
@@ -173 +220 @@
 #sub domainName {}
 #sub revName {}
-#sub domainID {}
+
+sub domainID {
+  my %args = @_;
+
+  _commoncheck(\%args, 'y');
+
+  my $domid = $dnsdb->domainID($args{domain});
+  die "$dnsdb->errstr\n" if !$domid;
+  return $domid;
+}
+
 #sub revID {}
 
@@ -204 +261 @@
 ## optional $inhert arg?
   my ($code,$msg) = $dnsdb->addGroup($args{groupname}, $args{parent_id}, $perms);
-  die $msg if $code eq 'FAIL';
+  die "$msg\n" if $code eq 'FAIL';
   return $msg;
 }
@@ -223 +280 @@
     ($code,$msg) = $dnsdb->delGroup($grpid);
   }
-  die $msg if $code eq 'FAIL';
+  die "$msg\n" if $code eq 'FAIL';
   return $msg;
 }
@@ -249 +306 @@
   }
   my ($code,$msg) = $dnsdb->addUser(@userargs);
-  die $msg if $code eq 'FAIL';
+  die "$msg\n" if $code eq 'FAIL';
   return $msg;
 }
@@ -275 +332 @@
 #         have to pass them all in to be overwritten
   my ($code,$msg) = $dnsdb->updateUser(@userargs);
-  die $msg if $code eq 'FAIL';
+  die "$msg\n" if $code eq 'FAIL';
   return $msg;
 }
@@ -286 +343 @@
   die "Missing UID\n" if !$args{uid};
   my ($code,$msg) = $dnsdb->delUser($args{uid});
-  die $msg if $code eq 'FAIL';
+  die "$msg\n" if $code eq 'FAIL';
   return $msg;
 }
@@ -315 +372 @@
 
   _commoncheck(\%args);
+
+  _reccheck(\%args);
 
   my $ret = $dnsdb->getSOA($args{defrec}, $args{revrec}, $args{id});
@@ -334 +393 @@
   _commoncheck(\%args);
 
+  _reccheck(\%args);
+
   my $ret = $dnsdb->getRecLine($args{defrec}, $args{revrec}, $args{id});
 
-  die $dnsdb->errstr if !$ret;
+  die "$dnsdb->errstr\n" if !$ret;
 
   return $ret;
 }
 
-sub getDomRecs {
+sub getRecList {
   my %args = @_;
 
   _commoncheck(\%args);
+
+  # deal gracefully with alternate calling convention for args{id}
+  $args{id} = $args{ID} if !$args{id} && $args{ID};
+  # ... and fail if we don't have one
+  die "Missing zone ID\n" if !$args{id};
+
+  # set some optional args
+  $args{offset} = 0 if !$args{offset};
+## for order, need to map input to column names
+  $args{order} = 'host' if !$args{order};
+  $args{direction} = 'ASC' if !$args{direction};
+  $args{defrec} = 'n' if !$args{defrec};
+  $args{revrec} = 'n' if !$args{revrec};
+
+  # convert zone name to zone ID, if needed
+  if ($args{defrec} eq 'n') {
+    if ($args{revrec} eq 'n') {
+      $args{id} = $dnsdb->domainID($args{id}) if $args{id} !~ /^\d+$/;
+    } else {
+      $args{id} = $dnsdb->revID($args{id}) if $args{id} !~ /^\d+$/
+    }
+  }
+
+  # fail if we *still* don't have a valid zone ID
+  die "$dnsdb->errstr\n" if !$args{id};
+
+  # and finally retrieve the records.
+  my $ret = $dnsdb->getRecList(defrec => $args{defrec}, revrec => $args{revrec}, id => $args{id},
+        offset => $args{offset}, nrecs => $args{nrecs}, sortby => $args{sortby},
+        sortorder => $args{sortorder}, filter => $args{filter});
+  die "$dnsdb->errstr\n" if !$ret;
+
+  return $ret;
+}
+
+sub getRecCount {
+  my %args = @_;
+
+  _commoncheck(\%args);
+
+  _reccheck(\%args);
 
   # set some optional args
@@ -353 +455 @@
   $args{direction} = 'ASC' if !$args{direction};
 
-  my $ret = $dnsdb->getDomRecs(defrec => $args{defrec}, revrec => $args{revrec}, id => $args{id},
-        offset => $args{offset}, sortby => $args{sortby}, sortorder => $args{sortorder},
-        filter => $args{filter});
-
-  die $dnsdb->errstr if !$ret;
+  my $ret = $dnsdb->getRecCount($args{defrec}, $args{revrec}, $args{id}, $args{filter});
+
+  die "$dnsdb->errstr\n" if !$ret;
 
   return $ret;
 }
 
-sub getRecCount {
-  my %args = @_;
-
-  _commoncheck(\%args);
-
-  # set some optional args
-  $args{nrecs} = 'all' if !$args{nrecs};
-  $args{nstart} = 0 if !$args{nstart};
-## for order, need to map input to column names
-  $args{order} = 'host' if !$args{order};
-  $args{direction} = 'ASC' if !$args{direction};
-
-  my $ret = $dnsdb->getRecCount($args{defrec}, $args{revrec}, $args{id}, $args{filter});
-
-  die $dnsdb->errstr if !$ret;
-
-  return $ret;
-}
-
 sub addRec {
   my %args = @_;
@@ -386 +467 @@
   _commoncheck(\%args, 'y');
 
+  _reccheck(\%args);
   _loccheck(\%args);
   _ttlcheck(\%args);
 
+  # allow passing text types rather than DNS integer IDs
+  $args{type} = $DNSDB::reverse_typemap{$args{type}} if $args{type} !~ /^\d+$/;
+
   my @recargs = ($args{defrec}, $args{revrec}, $args{parent_id},
-        \$args{name}, \$args{type}, \$args{address}, $args{ttl}, $args{location});
+        \$args{name}, \$args{type}, \$args{address}, $args{ttl}, $args{location},
+        $args{expires}, $args{stamp});
   if ($args{type} == $DNSDB::reverse_typemap{MX} or $args{type} == $DNSDB::reverse_typemap{SRV}) {
     push @recargs, $args{distance};
@@ -401 +487 @@
   my ($code, $msg) = $dnsdb->addRec(@recargs);
 
-  die $msg if $code eq 'FAIL';
+  die "$msg\n" if $code eq 'FAIL';
   return $msg;
 }
@@ -410 +496 @@
   _commoncheck(\%args, 'y');
 
+  _reccheck(\%args);
+
+  # put some caller-friendly names in their rightful DB column places
+  $args{val} = $args{address};
+  $args{host} = $args{name};
+
   # get old line, so we can update only the bits that the caller passed to change
-  # note we subbed address for val since it's a little more caller-friendly
   my $oldrec = $dnsdb->getRecLine($args{defrec}, $args{revrec}, $args{id});
-  foreach my $field (qw(name type address ttl location distance weight port)) {
+  foreach my $field (qw(host type val ttl location expires distance weight port)) {
     $args{$field} = $oldrec->{$field} if !$args{$field} && defined($oldrec->{$field});
   }
+  # stamp has special handling when blank or 0.  "undefined" from the caller should mean "don't change"
+  $args{stamp} = $oldrec->{stamp} if !defined($args{stamp}) && defined($oldrec->{stamp});
+
+  # allow passing text types rather than DNS integer IDs
+  $args{type} = $DNSDB::reverse_typemap{$args{type}} if $args{type} !~ /^\d+$/;
 
   # note dist, weight, port are not required on all types;  will be ignored if not needed.
   # parent_id is the "primary" zone we're updating;  necessary for forward/reverse voodoo
   my ($code, $msg) = $dnsdb->updateRec($args{defrec}, $args{revrec}, $args{id}, $args{parent_id},
-        \$args{name}, \$args{type}, \$args{address}, $args{ttl}, $args{location},
+        \$args{host}, \$args{type}, \$args{val}, $args{ttl}, $args{location},
+        $args{expires}, $args{stamp},
         $args{distance}, $args{weight}, $args{port});
 
-  die $msg if $code eq 'FAIL';
+  die "$msg\n" if $code eq 'FAIL';
   return $msg;
 }
@@ -443 +540 @@
       # We need to strip the CIDR mask on IPv4 /32 assignments, or we just add a new record all the time.
       my $filt = ($cidr->{isv6} || $cidr->masklen != 32 ? "$cidr" : $cidr->addr);
-      my $reclist = $dnsdb->getDomRecs(defrec => 'n', revrec => 'y',
+      my $reclist = $dnsdb->getRecList(defrec => 'n', revrec => 'y',
         id => $zonelist->[0]->{rdns_id}, filter => $filt);
       if (scalar(@$reclist) == 0) {
@@ -477 +574 @@
     # that spans multiple reverse zones (eg, /23 CIDR -> 2 /24 rzones)
     foreach my $zdata (@$zonelist) {
-      my $reclist = $dnsdb->getDomRecs(defrec => 'n', revrec => 'y',
+      my $reclist = $dnsdb->getRecList(defrec => 'n', revrec => 'y',
         id => $zdata->{rdns_id}, filter => $zdata->{revnet});
       if (scalar(@$reclist) == 0) {
@@ -502 +599 @@
   _commoncheck(\%args, 'y');
 
+  _reccheck(\%args);
+
   my ($code, $msg) = $dnsdb->delRec($args{defrec}, $args{recrev}, $args{id});
 
-  die $msg if $code eq 'FAIL';
+  die "$msg\n" if $code eq 'FAIL';
   return $msg;
 }
@@ -527 +626 @@
       if ($args{delsubs}) {
         # Delete ALL EVARYTHING!!one11!! in $args{cidr}
-        my $reclist = $dnsdb->getDomRecs(defrec => 'n', revrec => 'y', id => $zonelist->[0]->{rdns_id});
+        my $reclist = $dnsdb->getRecList(defrec => 'n', revrec => 'y', id => $zonelist->[0]->{rdns_id});
         foreach my $rec (@$reclist) {
           my $reccidr = new NetAddr::IP $rec->{val};
@@ -554 +653 @@
         # We need to strip the CIDR mask on IPv4 /32 assignments, or we can't find single-IP records
         my $filt = ($cidr->{isv6} || $cidr->masklen != 32 ? "$cidr" : $cidr->addr);
-        my $reclist = $dnsdb->getDomRecs(defrec => 'n', revrec => 'y',
+        my $reclist = $dnsdb->getRecList(defrec => 'n', revrec => 'y',
           id => $zonelist->[0]->{rdns_id}, filter => $filt, sortby => 'val', sortorder => 'DESC');
         foreach my $rec (@$reclist) {
@@ -563 +662 @@
           if ($args{delforward} || $rec->{type} == 12) {
             my ($code,$msg) = $dnsdb->delRec('n', 'y', $rec->{record_id});
-            die $msg if $code eq 'FAIL';
+            die "$msg\n" if $code eq 'FAIL';
             return $msg;
           } else {
             my $ret = $dnsdb->downconvert($rec->{record_id}, $DNSDB::reverse_typemap{A});
-            die $dnsdb->errstr if !$ret;
+            die "$dnsdb->errstr\n" if !$ret;
             return "A+PTR for $args{cidr} split and PTR removed";
           }
@@ -582 +681 @@
     # that spans multiple reverse zones (eg, /23 CIDR -> 2 /24 rzones)
     foreach my $zdata (@$zonelist) {
-      my $reclist = $dnsdb->getDomRecs(defrec => 'n', revrec => 'y', id => $zdata->{rdns_id});
+      my $reclist = $dnsdb->getRecList(defrec => 'n', revrec => 'y', id => $zdata->{rdns_id});
       if (scalar(@$reclist) == 0) {
 # nothing to do?  or do we (re)add a record based on the parent?
@@ -627 +726 @@
 }
 
-#sub getTypelist {}
+sub getTypelist {
+  my %args = @_;
+  _commoncheck(\%args, 'y');
+
+  $args{selected} = $reverse_typemap{A} if !$args{selected};
+
+  return $dnsdb->getTypelist($args{recgroup}, $args{selected});
+}
+
+sub getTypemap {
+  my %args = @_;
+  _commoncheck(\%args, 'y');
+  return \%typemap;
+}
+
+sub getReverse_typemap {
+  my %args = @_;
+  _commoncheck(\%args, 'y');
+  return \%reverse_typemap;
+}
+
 #sub parentID {}
 #sub isParent {}

branches/stable/dns.cgi

@@ -3 +3 @@
 ##
 # $Id$
-# Copyright 2008-2012 Kris Deugau <kdeugau@deepnet.cx>
+# Copyright 2008-2013 Kris Deugau <kdeugau@deepnet.cx>
 # 
 #    This program is free software: you can redistribute it and/or modify
@@ -30 +30 @@
 use Net::DNS;
 use DBI;
+
 use Data::Dumper;
 
@@ -65 +66 @@
 $webvar{revrec} = 'n' if !$webvar{revrec};      # non-reverse (domain) records
 
-# load some local system defaults (mainly DB connect info)
-# note this is not *absolutely* fatal, since there's a default dbname/user/pass in DNSDB.pm
-# we'll catch a bad DB connect string once we get to trying that
-##fixme:  pass params to loadConfig, and use them there, to allow one codebase to support multiple sites
+# create a DNSDB object.  this loads some local system defaults and connects to the DB
+# with the credentials configured
+##fixme:  pass params for loadConfig, and use them there, to allow one codebase to support multiple sites
 my $dnsdb = new DNSDB;
 
@@ -75 +75 @@
 $footer->param(version => $DNSDB::VERSION);
 
+##fixme:  slim chance this could be triggered on errors other than DB failure?
 if (!$dnsdb) {
   print "Content-type: text/html\n\n";
@@ -87 +88 @@
 $header->param(orgname => $dnsdb->{orgname}) if $dnsdb->{orgname} ne 'Example Corp';
 
-# persistent stuff needed on most/all pages
-my $sid = ($webvar{sid} ? $webvar{sid} : undef);
-my $session = new CGI::Session("driver:File", $sid, {Directory => $dnsdb->{sessiondir}})
+my $logingroup;
+my $curgroup;
+my @viewablegroups;
+
+# retrieve the session ID from our cookie, if possible
+my $sid = $q->cookie('dnsadmin_session');
+
+# see if the session loads
+my $session = CGI::Session->load("driver:File", $sid, {Directory => $dnsdb->{sessiondir}})
         or die CGI::Session->errstr();
-#$sid = $session->id() if !$sid;
+
 if (!$sid) {
-  # init stuff.  can probably axe this down to just above if'n'when user manipulation happens
-  $sid = $session->id();
-  $session->expire($dnsdb->{timeout});
-# need to know the "upper" group the user can deal with;  may as well
-# stick this in the session rather than calling out to the DB every time.
-  $session->param('logingroup',1);
-  $session->param('curgroup',1);        # yes, we *do* need to track this too.  er, probably.
-  $session->param('domlistsortby','domain');
-  $session->param('domlistorder','ASC');
-  $session->param('revzonessortby','revnet');
-  $session->param('revzonesorder','ASC');
-  $session->param('useradminsortby','user');
-  $session->param('useradminorder','ASC');
-  $session->param('grpmansortby','group');
-  $session->param('grpmanorder','ASC');
-  $session->param('reclistsortby','host');
-  $session->param('reclistorder','ASC');
-  $session->param('loclistsortby','description');
-  $session->param('loclistorder','ASC');
-  $session->param('logsortby','stamp');
-  $session->param('logorder','DESC');
+  $webvar{page} = 'login';
+} else {
+  # we have a session to load from, maybe
+  $logingroup = ($session->param('logingroup') ? $session->param('logingroup') : 1);
+  $curgroup = ($session->param('curgroup') ? $session->param('curgroup') : $logingroup);
+  # security check - does the user have permission to view this entity?
+  # this is a prep step used "many" places
+  $dnsdb->getChildren($logingroup, \@viewablegroups, 'all');
+  push @viewablegroups, $logingroup;
+##fixme: make sessions persist through closing the site?
+# this even bridges browser close too.  hmm...
+  $webvar{page} = 'domlist' if !$webvar{page};
 }
 
-# Just In Case.  Stale sessions should not be resurrectable.
-if ($sid ne $session->id()) {
-  $sid = '';
-  changepage(page=> "login", sessexpired => 1);
-}
-
-# normal expiry, more or less
-if ($session->is_expired) {
-  $sid = '';
-  changepage(page=> "login", sessexpired => 1);
-}
-
-my $logingroup = ($session->param('logingroup') ? $session->param('logingroup') : 1);
-my $curgroup = ($session->param('curgroup') ? $session->param('curgroup') : $logingroup);
-
-# decide which page to spit out...
-# also set $webvar{page} before we try to use it.
+# set $webvar{page} before we try to use it.
 $webvar{page} = 'login' if !$webvar{page};
 
-# per-page startwith, filter, searchsubs
+## per-page startwith, filter, searchsubs
 
 ##fixme:  complain-munge-and-continue with non-"[a-z0-9-.]" filter and startwith
@@ -150 +132 @@
 $webvar{searchsubs} =~ s/[^yn]//g if $webvar{searchsubs};
 
-$session->param($webvar{page}.'startwith', $webvar{startwith}) if defined($webvar{startwith});
-$session->param($webvar{page}.'filter', $webvar{filter}) if defined($webvar{filter});
+# pagination
+my $perpage = 15;  # Just In Case
+$perpage = $dnsdb->{perpage} if $dnsdb->{perpage};
+my $offset = ($webvar{offset} ? $webvar{offset} : 0);
+
+## set up "URL to self" (whereami edition)
+# @#$%@%@#% XHTML - & in a URL must be escaped.  >:(
+my $uri_self = $ENV{REQUEST_URI};
+$uri_self =~ s/\&([a-z])/\&amp\;$1/g;
+
+# le sigh.  and we need to strip any previous action
+$uri_self =~ s/\&amp;action=[^&]+//g;
+
+# much magic happens.  if startwith or a search string change (to, from, or
+# across, in the request vs whatever's in the session) then the offset should
+# be reset to 0 so that the first/prev/next/last widget populates correctly,
+# and so that the list of whatever we're looking at actually shows things
+# (since we may have started on page 42 of 300 with a LOOOOONG list, but we
+# now only need 3 pages for the filtered list).
+# while we're at it, plonk these into the session for safekeeping.
+if (defined($webvar{startwith})) {
+  if ($webvar{startwith} ne $session->param($webvar{page}.'startwith')) {
+    $uri_self =~ s/\&amp;offset=[^&]//;
+    $offset = 0;
+  }
+  $session->param($webvar{page}.'startwith', $webvar{startwith});
+}
+if (defined($webvar{filter})) {
+  if ($webvar{filter} ne $session->param($webvar{page}.'filter')) {
+    $uri_self =~ s/\&amp;offset=[^&]//;
+    $offset = 0;
+  }
+  $session->param($webvar{page}.'filter', $webvar{filter})
+}
 $session->param($webvar{page}.'searchsubs', $webvar{searchsubs}) if defined($webvar{searchsubs});
 
+# and now that the search/filter criteria for this page are set, put them in some globals for actual use.
 my $startwith = $session->param($webvar{page}.'startwith');
 my $filter = $session->param($webvar{page}.'filter');
@@ -162 +177 @@
 push @filterargs, "^[$startwith]" if $startwith;
 push @filterargs, $filter if $filter;
-
-## set up "URL to self"
-# @#$%@%@#% XHTML - & in a URL must be escaped.  >:(
-my $uri_self = $ENV{REQUEST_URI};
-$uri_self =~ s/\&([a-z])/\&amp\;$1/g;
-
-# le sigh.  and we need to strip any previous action
-$uri_self =~ s/\&amp;action=[^&]+//g;
 
 # and search filter options.  these get stored in the session, but discarded
@@ -181 +188 @@
 
 # Fix up $uri_self so we don't lose the session/page
-$uri_self .= "?sid=$sid&amp;page=$webvar{page}" if $uri_self =~ m{/dns.cgi$};
-$uri_self = "$ENV{SCRIPT_NAME}?sid=$sid&amp;page=$webvar{page}$1" if $uri_self =~ m{/dns.cgi\&(.+)$};
-
-# pagination
-my $perpage = 15;
-$perpage = $dnsdb->{perpage} if $dnsdb->{perpage};
-my $offset = ($webvar{offset} ? $webvar{offset} : 0);
+$uri_self .= "?page=$webvar{page}" if $uri_self =~ m{/dns.cgi$};
+$uri_self = "$ENV{SCRIPT_NAME}?page=$webvar{page}$1" if $uri_self =~ m{/dns.cgi\&(.+)$};
+
+## end uri_self monkeying
 
 # NB:  these must match the field name and SQL ascend/descend syntax respectively
+# sortby is reset to a suitable "default", then re-reset to whatever the user has
+# clicked on last in the record=listing subs, but best to put a default here.
 my $sortby = "domain";
 my $sortorder = "ASC";
 
-# security check - does the user have permission to view this entity?
-# this is a prep step used "many" places
-my @viewablegroups;
-$dnsdb->getChildren($logingroup, \@viewablegroups, 'all');
-push @viewablegroups, $logingroup;
-
+# Create the page template object.  Display a reasonable error page and whine if the template doesn't exist.
 my $page;
 eval {
@@ -217 +218 @@
 }
 
-# handle login redirect
+my $sesscookie;
+
+# handle can-happen-on-(almost)-any-page actions
 if ($webvar{action}) {
+
   if ($webvar{action} eq 'login') {
     # Snag ACL/permissions here too
@@ -226 +230 @@
     if ($userdata) {
 
+      # (re)create the session
+      $session = new CGI::Session("driver:File", $sid, {Directory => $dnsdb->{sessiondir}})
+        or die CGI::Session->errstr();
+      $sid = $session->id();
+
+      $sesscookie = $q->cookie( -name => 'dnsadmin_session',
+        -value => $sid,
+        -expires => "+".$dnsdb->{timeout},
+        -secure => 0,
+## fixme:  need to extract root path for cookie, so as to limit cookie to dnsadmin instance
+#        -path => $url
+        );
+
       # set session bits
+      $session->expire($dnsdb->{timeout});
       $session->param('logingroup',$userdata->{group_id});
       $session->param('curgroup',$userdata->{group_id});
@@ -232 +250 @@
       $session->param('username',$webvar{username});
 
-      changepage(page => "domlist");
+# for reference.  seems we don't need to set these on login any more.
+#  $session->param('domlistsortby','domain');
+#  $session->param('domlistorder','ASC');
+#  $session->param('revzonessortby','revnet');
+#  $session->param('revzonesorder','ASC');
+#  $session->param('useradminsortby','user');
+#  $session->param('useradminorder','ASC');
+#  $session->param('grpmansortby','group');
+#  $session->param('grpmanorder','ASC');
+#  $session->param('reclistsortby','host');
+#  $session->param('reclistorder','ASC');
+#  $session->param('loclistsortby','description');
+#  $session->param('loclistorder','ASC');
+#  $session->param('logsortby','stamp');
+#  $session->param('logorder','DESC');
+
+      ## "recover my link" - tack on request bits and use requested page instead of hardcoding domlist
+      # this could possibly be compacted by munging changepage a little so we don't have to deconstruct
+      # and reconstruct the URI argument list.
+      my %target = (page => "domlist");
+      if ($webvar{target} && $webvar{target} =~ /\?/) {
+        my $tmp = (split /\?/, $webvar{target})[1];
+        $tmp =~ s/^\&//;
+        my @targs = split /\&/, $tmp;
+        foreach (@targs) {
+          my ($k,$v) = split /=/;
+          $target{$k} = $v if $k;
+          # if we're going through a "session expired" login, we may have a different
+          # "current group" than the login group.
+          $session->param('curgroup', $v) if $k eq 'curgroup';
+##fixme:  page=record goes "FOOM", sometimes - cause/fix?
+        }
+      }
+      changepage(%target);
 
     } else {
@@ -243 +294 @@
     $session->flush();
 
+    my $sesscookie = $q->cookie( -name => 'dnsadmin_session',
+      -value => $sid,
+      -expires => "-1",
+      -secure => 0,
+## fixme:  need to extract root path for cookie, so as to limit cookie to dnsadmin instance
+#      -path => $url
+      );
+
     my $newurl = "http://$ENV{HTTP_HOST}$ENV{SCRIPT_NAME}";
     $newurl =~ s|/[^/]+$|/|;
-    print "Status: 302\nLocation: $newurl\n\n";
+    print $q->redirect( -uri => $newurl, -cookie => $sesscookie);
     exit;
 
-  } elsif ($webvar{action} eq 'chgroup') {
+  } elsif ($webvar{action} eq 'chgroup' && $webvar{page} ne 'login') {
     # fiddle session-stored group data
     # magic incantation to... uhhh...
@@ -276 +335 @@
       changepage(%args);
     }
-
-  }
+    # add offset back *into* $uri_self if we're also currently looking at a live record list.
+    if ($webvar{page} eq 'reclist' && $webvar{defrec} eq 'n') {
+      $uri_self .= "\&amp;offset=$offset";
+    }
+  } # done action=chgroup
 } # handle global webvar{action}s
+
 
 # finally check if the user was disabled.  we could just leave this for logout/session expiry,
@@ -295 +358 @@
 $dnsdb->initActionLog($session->param('uid'));
 
-$page->param(sid => $sid) unless $webvar{page} eq 'login';      # no session ID on the login page
+##
+## Per-page processing
+##
 
 if ($webvar{page} eq 'login') {
 
-  $page->param(loginfailed => 1) if $webvar{loginfailed};
-  $page->param(sessexpired => 1) if $webvar{sessexpired};
+  my $target = $ENV{REQUEST_URI};
+  $target =~ s/\&/\&amp;/g;
+  $page->param(target => $target); # needs to be trimmed a little, maybe?
+
+  $page->param(sessexpired => 1) if (!$sid && $target !~ m|/$|);
+
+  if ($webvar{loginfailed}) {
+    $page->param(loginfailed => 1);
+    $webvar{target} =~ s/\&/\&amp;/g;   # XHTML we do (not) love you so
+    $page->param(target => $webvar{target}) if $webvar{target};
+  }
+#  if $webvar{sessexpired};      # or this with below?
+  if ($session->is_expired) {
+    $page->param(sessexpired => 1);
+    $session->delete();   # Just to make sure
+    $session->flush();
+  }
   $page->param(version => $DNSDB::VERSION);
+  $page->param(script_self => ($ENV{SCRIPT_NAME} =~ m|/([^/]+)$|)[0]);
 
 } elsif ($webvar{page} eq 'domlist' or $webvar{page} eq 'index') {
@@ -337 +418 @@
   $webvar{group} = $curgroup if !$webvar{group};
   fill_grouplist("grouplist", $webvar{group});
-  fill_loclist();
+  fill_loclist($curgroup, $webvar{defloc} ? $webvar{defloc} : '');
 
   if ($session->param('add_failed')) {
@@ -363 +444 @@
   $webvar{makeactive} = 0 if !defined($webvar{makeactive});
 
-  my ($code,$msg) = $dnsdb->addDomain($webvar{domain}, $webvar{group}, ($webvar{makeactive} eq 'on' ? 1 : 0));
+  my ($code,$msg) = $dnsdb->addDomain($webvar{domain}, $webvar{group}, ($webvar{makeactive} eq 'on' ? 1 : 0),
+        $webvar{defloc});
 
   if ($code eq 'OK') {
@@ -373 +455 @@
     $session->param('add_failed', 1);
 ##fixme:  domain a security risk for XSS?
-    changepage(page => "newdomain", domain => $webvar{domain}, errmsg => $msg,
-        makeactive => ($webvar{makeactive} ? 'y' : 'n'), group => $webvar{group});
+    changepage(page => "newdomain", errmsg => $msg, domain => $webvar{domain},
+        group => $webvar{group}, makeactive => ($webvar{makeactive} ? 'y' : 'n'), defloc => $webvar{defloc});
   }
 
@@ -640 +722 @@
 
     my @recargs = ($webvar{defrec}, $webvar{revrec}, $webvar{parentid},
-        \$webvar{name}, \$webvar{type}, \$webvar{address}, $webvar{ttl}, $webvar{location});
+        \$webvar{name}, \$webvar{type}, \$webvar{address}, $webvar{ttl}, $webvar{location},
+        $webvar{expires}, $webvar{stamp});
     if ($webvar{type} == $reverse_typemap{MX} or $webvar{type} == $reverse_typemap{SRV}) {
       push @recargs, $webvar{distance};
@@ -688 +771 @@
     $page->param(ttl            => $recdata->{ttl});
     $page->param(typelist       => $dnsdb->getTypelist($webvar{revrec}, $recdata->{type}));
-
+    if ($recdata->{stampactive}) {
+      $page->param(stamp => $recdata->{stamp});
+      $page->param(stamp_until => $recdata->{expires});
+    }
     if ($webvar{defrec} eq 'n') {
       fill_loclist($curgroup, $recdata->{location});
@@ -704 +790 @@
     my ($code,$msg) = $dnsdb->updateRec($webvar{defrec}, $webvar{revrec}, $webvar{id}, $webvar{parentid},
         \$webvar{name}, \$webvar{type}, \$webvar{address}, $webvar{ttl}, $webvar{location},
+        $webvar{expires}, $webvar{stamp},
         $webvar{distance}, $webvar{weight}, $webvar{port});
 
@@ -1001 +1088 @@
   $page->param(perpage => $perpage);
 
-  my $domlist = $dnsdb->getZoneList(revrec => 'n', curgroup => $curgroup);
+  my $domlist = $dnsdb->getZoneList(revrec => 'n', curgroup => $curgroup, offset => $offset);
   my $rownum = 0;
   foreach my $dom (@{$domlist}) {
@@ -1693 +1780 @@
 
 # start output here so we can redirect pages.
-print "Content-type: text/html\n\n", $header->output;
+print $q->header( -cookie => $sesscookie);
+print $header->output;
 
 ##common bits
@@ -1722 +1810 @@
   $page->param(inlogingrp => $curgroup == $logingroup);
 
-# fill in the URL-to-self
+# fill in the URL-to-self for the group tree and search-by-letter
   $page->param(whereami => $uri_self);
+# fill in general URL-to-self
+  $page->param(script_self => "$ENV{SCRIPT_NAME}?".($curgroup ? "curgroup=$curgroup" : ''));
 }
 
@@ -1766 +1856 @@
 
   my @childlist;
+
+  # some magic to control bad offsets on group change
+  my $grp_uri_self = $uri_self;
+  $grp_uri_self =~ s/\&amp;offset=[^&]+// unless ($webvar{page} eq 'reclist' && $webvar{defrec} eq 'n');
 
   my $grptree = HTML::Template->new(filename => 'templates/grptree.tmpl');
@@ -1775 +1869 @@
     $row{grpname} = $dnsdb->groupName($_);
     $row{grpnum} = $_;
-    $row{whereami} = $uri_self;
+    $row{whereami} = $grp_uri_self;
     $row{curgrp} = ($_ == $cur);
     $row{expanded} = $dnsdb->isParent($_, 'group', $cur, 'group');
@@ -1805 +1899 @@
 
   # handle user check
-  my $newurl = "http://$ENV{HTTP_HOST}$ENV{SCRIPT_NAME}?sid=$sid";
+  my $newurl = "http://$ENV{HTTP_HOST}$ENV{SCRIPT_NAME}?";
   foreach (sort keys %params) {
 ## fixme:  something is undefined here on add location
@@ -1814 +1908 @@
   $session->flush();
 
-  print "Status: 302\nLocation: $newurl\n\n";
+  print $q->redirect ( -url => $newurl, -cookie => $sesscookie);
   exit;
 } # end changepage
@@ -1901 +1995 @@
   $page->param(ttl      => $soa->{ttl});
 
-  my $foo2 = $dnsdb->getDomRecs(defrec => $def, revrec => $rev, id => $id, offset => $webvar{offset},
+  my $foo2 = $dnsdb->getRecList(defrec => $def, revrec => $rev, id => $id, offset => $webvar{offset},
         sortby => $sortby, sortorder => $sortorder, filter => $filter);
 
   foreach my $rec (@$foo2) {
     $rec->{type} = $typemap{$rec->{type}};
-    $rec->{sid} = $webvar{sid};
     $rec->{fwdzone} = $rev eq 'n';
     $rec->{distance} = 'n/a' unless ($rec->{type} eq 'MX' || $rec->{type} eq 'SRV'); 
@@ -1915 +2008 @@
     $rec->{record_delete} = ($permissions{admin} || $permissions{record_delete});
     $rec->{locname} = '' unless ($permissions{admin} || $permissions{location_view});
+# Timestamps
+    if ($rec->{expires}) {
+      $rec->{stamptype} = $rec->{ispast} ? 'expired at' : 'expires at';
+    } else {
+      $rec->{stamptype} = 'valid after';
+    }
+    # strip seconds and timezone?  no, not yet.  could probably offer a config knob on this display at some point.
+#    $rec->{stamp} =~ s/:\d\d-\d+$//;
+    delete $rec->{expires};
+    delete $rec->{ispast};
   }
   $page->param(reclist => $foo2);
@@ -1945 +2048 @@
   my $soa = $dnsdb->getSOA($webvar{defrec}, $webvar{revrec}, $webvar{parentid});
   $page->param(ttl      => ($webvar{ttl} ? $webvar{ttl} : $soa->{minttl}));
+  $page->param(stamp_until => ($webvar{expires} eq 'until'));
+  $page->param(stamp => $webvar{stamp});
 }
 
@@ -2006 +2111 @@
   my $parent = shift;
 
-  # Fix display/UI bug where if you are not on the first page of the list, and
-  # you add a search term or click one of the "starts with" links, you end up
-  # on a page showing nothing.
-  # For bonus points, this reverts to the original offset on clicking the "All" link (mostly)
-  if ($offset ne 'all') {
-    $offset-- while ($offset * $perpage) >= $pgcount;
-  }
-
   $page->param(ntot => $pgcount);
   $page->param(nfirst => (($offset eq 'all' ? 0 : $offset)*$perpage+1));
@@ -2044 +2141 @@
   fill_fpnla($count);
 
+  $sortby = ($webvar{revrec} eq 'n' ? 'domain' : 'revnet');
 # sort/order
   $session->param($webvar{page}.'sortby', $webvar{sortby}) if $webvar{sortby};
@@ -2071 +2169 @@
   my $zonelist = $dnsdb->getZoneList(childlist => $childlist, curgroup => $curgroup, revrec => $webvar{revrec},
         filter => ($filter ? $filter : undef), startwith => ($startwith ? $startwith : undef),
-        offset => $webvar{offset}, sortby => $sortby, sortorder => $sortorder
+        offset => $offset, sortby => $sortby, sortorder => $sortorder
         );
 # probably don't need this, keeping for reference for now
@@ -2292 +2390 @@
   foreach my $col (@$cols) {
     my %coldata;
-    $coldata{sid} = $sid;
     $coldata{page} = $webvar{page};
     $coldata{offset} = $webvar{offset} if $webvar{offset};

branches/stable/dns.sql

@@ -78 +78 @@
     default_location character varying (4) DEFAULT '' NOT NULL
 );
+-- ~2x performance boost iff most zones are fed to output from the cache
+CREATE INDEX dom_status_index ON domains (status);
+
 
 CREATE TABLE revzones (
@@ -90 +93 @@
     default_location character varying (4) DEFAULT '' NOT NULL
 );
+CREATE INDEX rev_status_index ON revzones USING btree (status);
 
 CREATE TABLE groups (
@@ -109 +113 @@
     log_id serial NOT NULL,
     domain_id integer,
-    rdns_id integer,
     user_id integer,
     group_id integer,
@@ -115 +118 @@
     name character varying(60),
     entry text,
-    stamp timestamp with time zone DEFAULT now()
+    stamp timestamp with time zone DEFAULT now(),
+    rdns_id integer
 );
 
@@ -134 +138 @@
     record_edit boolean DEFAULT false NOT NULL,
     record_delete boolean DEFAULT false NOT NULL,
+    user_id integer UNIQUE,
+    group_id integer UNIQUE,
     record_locchg boolean DEFAULT false NOT NULL,
     location_create boolean DEFAULT false NOT NULL,
     location_edit boolean DEFAULT false NOT NULL,
     location_delete boolean DEFAULT false NOT NULL,
-    location_view boolean DEFAULT false NOT NULL,
-    user_id integer UNIQUE,
-    group_id integer UNIQUE
+    location_view boolean DEFAULT false NOT NULL
 );
 
 -- Need *two* basic permissions;  one for the initial group, one for the default admin user
-COPY permissions (permission_id, "admin", self_edit, group_create, group_edit, group_delete, user_create, user_edit, user_delete, domain_create, domain_edit, domain_delete, record_create, record_edit, record_delete, record_locchg, location_create, location_edit, location_delete, location_view, user_id, group_id) FROM stdin;
-1       f       f       f       f       f       f       f       f       t       t       t       t       t       t       f       f       f       f       f       \N      1
-2       t       f       f       f       f       f       f       f       f       f       f       f       f       f       f       f       f       f       f       1       \N
+COPY permissions (permission_id, "admin", self_edit, group_create, group_edit, group_delete, user_create, user_edit, user_delete, domain_create, domain_edit, domain_delete, record_create, record_edit, record_delete, user_id, group_id, record_locchg, location_create, location_edit, location_delete, location_view) FROM stdin;
+1       f       f       f       f       f       f       f       f       t       t       t       t       t       t       \N      1       f       f       f       f       f
+2       t       f       f       f       f       f       f       f       f       f       f       f       f       f       1       \N      f       f       f       f       f
 \.
 
@@ -152 +156 @@
 CREATE TABLE records (
     domain_id integer NOT NULL DEFAULT 0,
-    rdns_id integer NOT NULL DEFAULT 0,
     record_id serial NOT NULL,
     host text DEFAULT '' NOT NULL,
@@ -162 +165 @@
     ttl integer DEFAULT 7200 NOT NULL,
     description text,
-    location character varying (4) DEFAULT '' NOT NULL
-);
+    rdns_id integer NOT NULL DEFAULT 0,
+    location character varying (4) DEFAULT '' NOT NULL,
+    stamp TIMESTAMP WITH TIME ZONE DEFAULT 'epoch' NOT NULL,
+    expires boolean DEFAULT 'n' NOT NULL,
+    stampactive boolean DEFAULT 'n' NOT NULL
+);
+CREATE INDEX rec_domain_index ON records USING btree (domain_id);
+CREATE INDEX rec_revzone_index ON records USING btree (rdns_id);
+CREATE INDEX rec_types_index ON records USING btree ("type");
 
 CREATE TABLE rectypes (
@@ -309 +319 @@
     ADD CONSTRAINT "$1" FOREIGN KEY (group_id) REFERENCES groups(group_id);
 
+ALTER TABLE ONLY default_records
+    ADD CONSTRAINT "$1" FOREIGN KEY (group_id) REFERENCES groups(group_id);
+
+ALTER TABLE ONLY users
+    ADD CONSTRAINT "$1" FOREIGN KEY (group_id) REFERENCES groups(group_id);
+
 ALTER TABLE ONLY revzones
     ADD CONSTRAINT "$1" FOREIGN KEY (group_id) REFERENCES groups(group_id);
 
-ALTER TABLE ONLY default_records
-    ADD CONSTRAINT "$1" FOREIGN KEY (group_id) REFERENCES groups(group_id);
-
-ALTER TABLE ONLY users
-    ADD CONSTRAINT "$1" FOREIGN KEY (group_id) REFERENCES groups(group_id);
-
 ALTER TABLE ONLY groups
     ADD CONSTRAINT group_parent FOREIGN KEY (parent_group_id) REFERENCES groups(group_id);
 
 -- set starting sequence numbers, since we've inserted data before they're active
-SELECT pg_catalog.setval('misc_misc_id_seq', 2, false);
-SELECT pg_catalog.setval('default_records_record_id_seq', 8, false);
-SELECT pg_catalog.setval('default_rev_records_record_id_seq', 5, false);
-SELECT pg_catalog.setval('domains_domain_id_seq', 1, false);
-SELECT pg_catalog.setval('groups_group_id_seq', 2, false);
-SELECT pg_catalog.setval('permissions_permission_id_seq', 3, false);
-SELECT pg_catalog.setval('records_record_id_seq', 1, false);
-SELECT pg_catalog.setval('users_user_id_seq', 2, false);
+-- only set the ones that have data loaded with \copy, and obey the convention
+-- that comes out of pg_dump
+SELECT pg_catalog.setval('misc_misc_id_seq', 1, true);
+SELECT pg_catalog.setval('default_records_record_id_seq', 8, true);
+SELECT pg_catalog.setval('default_rev_records_record_id_seq', 4, true);
+SELECT pg_catalog.setval('groups_group_id_seq', 1, true);
+SELECT pg_catalog.setval('permissions_permission_id_seq', 2, true);
+SELECT pg_catalog.setval('users_user_id_seq', 1, true);

branches/stable/dnsdb.conf

@@ -2 +2 @@
 
 # Database connection info
-#dbname=dsndb
-#dbuser=dnsdb
-#dbpass=dnsdbpwd
-#dbhost=dnsdbhost
+#dbname = dsndb
+#dbuser = dnsdb
+#dbpass = dnsdbpwd
+#dbhost = dnsdbhost
 
-# SOA defaults.  contact and prins may only contain a-z, 0-9, . and -,
-# the rest are expected to be numeric.
-#contact=hostmaster.example.com
-#prins=ns1.example.com
-#soattl=7200
-#refresh=86400
-#retry=14400
-#expire=28800
-#minttl=900
-#ttl=900
-      
 # Mail settings
-#mailhost=smtp.example.com
-#mailnotify=dns@example.com
-#mailsender=hostmaster@example.com
-#mailname=Example Corp DNS Administrator
-#orgname=Example Corp
-#domain=example.com
+#mailhost = smtp.example.com
+#mailnotify = dns@example.com
+#mailsender = hostmaster@example.com
+#mailname = Example Corp DNS Administrator
+#orgname = Example Corp
+#domain = example.com
       
 # session - note this is fed directly to CGI::Session
 # timeout supports (s)econds, (m)inutes, (h)ours, (d)ays, (w)eeks, (M)months, or (y)ears
-#timeout=3h
-#sessiondir=/var/lib/dnsdb
+#timeout = 3h
+#sessiondir = /var/lib/dnsdb
 
-# misc
+## misc
+
 # flag to indicate if failed changes should be logged
-#log_failures=0
+#log_failures = 1
 # number of entries to display in lists
-#perpage=25
+#perpage = 25
+# maximum number of FCGI requests to serve before reloading/restarting FCGI
+#max_fcgi_requests = 10
+# path for per-zone cache files for export
+#exportcache = /var/cache/dnsdb
+
+# always refresh the cache from the DB on export if 1/on
+# if 0/off, use the "changed" flag on a zone to determine if we export from
+#  the DB or read from the existing cache file.
+#force_refresh = 1
+
+# RPC ACL
+# A comma-separated list starting with an abstract "system name"
+# (passed by an RPC caller), followed by a list of IP addresses
+# allowed to make RPC calls with that name.
+# Finer-grained access control must be handled by the caller.
+#rpc_iplist = billing, 192.168.0.11
+#rpc_iplist = billing, 172.12.12.12
+#rpc_iplist = custportal, 192.168.1.12, 192.168.1.13

branches/stable/export.pl

@@ -3 +3 @@
 ##
 # $Id$
-# Copyright 2012 Kris Deugau <kdeugau@deepnet.cx>
+# Copyright 2012,2013 Kris Deugau <kdeugau@deepnet.cx>
 # 
 #    This program is free software: you can redistribute it and/or modify

branches/stable/reverse-patterns.html

@@ -73 +73 @@
         supported since DNS names may not contain most other
         non-alphanumerics.</p>
+      <p>%blank% may be used to specifically prevent template expansion on
+        a segment of a block if desired;  eg, if<br />
+        192.168.23.0/24 has "unused-%i.example.com" set, adding an A+PTR
+        template for 192.168.23.48/30 of<br />
+        "%blank%" will leave 192.168.23.48 through .51 without PTR records
+        unless specific entries exist for those IPs.<p>
     </div>
   </body>

branches/stable/templates/axfr.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -5 +4 @@
 <td align="center" valign="top">
 
-<form action="dns.cgi" method="post">
+<form action="<TMPL_VAR NAME=script_self>" method="post">
 <fieldset>
-<input type="hidden" name="sid" value="<TMPL_VAR NAME=sid>" />
 <input type="hidden" name="page" value="axfr" />
 <input type="hidden" name="doit" value="y" />

branches/stable/templates/badpage.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <div id="badpage">
 <TMPL_IF badpage>

branches/stable/templates/bulkchange.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">

branches/stable/templates/bulkdomain.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -5 +4 @@
 <td align="center" valign="top">
 
-<form action="dns.cgi">
+<form action="<TMPL_VAR NAME=script_self>" method="post">
 <fieldset>
 
-<input type="hidden" name="sid" value="<TMPL_VAR NAME=sid>" />
 <input type="hidden" name="page" value="bulkchange" />
 <input type="hidden" name="offset" value="<TMPL_VAR NAME=offset>" />

branches/stable/templates/deldom.tmpl

@@ -5 +5 @@
 <td align="center" valign="top">
 <h3>Are you really sure you want to delete domain <TMPL_VAR NAME=domain>?</h3>
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=deldom&amp;del=cancel&amp;id=<TMPL_VAR NAME=id>">cancel</a> &nbsp; | &nbsp; 
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=deldom&amp;del=ok&amp;id=<TMPL_VAR NAME=id>">confirm</a>
+<a href="<TMPL_VAR NAME=script_self>&amp;page=deldom&amp;del=cancel&amp;id=<TMPL_VAR NAME=id>">cancel</a> &nbsp; | &nbsp; 
+<a href="<TMPL_VAR NAME=script_self>&amp;page=deldom&amp;del=ok&amp;id=<TMPL_VAR NAME=id>">confirm</a>
 </td></tr></table>
 

branches/stable/templates/delgrp.tmpl

@@ -5 +5 @@
 <td align="center" valign="top">
 <h3>Are you really sure you want to delete group <TMPL_VAR NAME=delgroupname>?</h3>
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=delgrp&amp;del=cancel&amp;id=<TMPL_VAR NAME=id>">cancel</a> &nbsp; | &nbsp; 
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=delgrp&amp;del=ok&amp;id=<TMPL_VAR NAME=id>">confirm</a>
+<a href="<TMPL_VAR NAME=script_self>&amp;page=delgrp&amp;del=cancel&amp;id=<TMPL_VAR NAME=id>">cancel</a> &nbsp; | &nbsp; 
+<a href="<TMPL_VAR NAME=script_self>&amp;page=delgrp&amp;del=ok&amp;id=<TMPL_VAR NAME=id>">confirm</a>
 </td></tr></table>
 

branches/stable/templates/delloc.tmpl

@@ -5 +5 @@
 <td align="center" valign="top">
 <h3>Are you really sure you want to delete location <TMPL_VAR NAME=location>?</h3>
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=delloc&amp;del=cancel&amp;locid=<TMPL_VAR NAME=locid>">cancel</a> &nbsp; | &nbsp; 
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=delloc&amp;del=ok&amp;locid=<TMPL_VAR NAME=locid>">confirm</a>
+<a href="<TMPL_VAR NAME=script_self>&amp;page=delloc&amp;del=cancel&amp;locid=<TMPL_VAR NAME=locid>">cancel</a> &nbsp; | &nbsp; 
+<a href="<TMPL_VAR NAME=script_self>&amp;page=delloc&amp;del=ok&amp;locid=<TMPL_VAR NAME=locid>">confirm</a>
 </td></tr></table>
 

branches/stable/templates/delrec.tmpl

@@ -6 +6 @@
 <h3>Are you really sure you want to delete record:<br />
 <TMPL_VAR NAME=host> <TMPL_VAR NAME=ftype> <TMPL_VAR NAME=recval></h3>
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=delrec&amp;del=cancel&amp;id=<TMPL_VAR NAME=id>&amp;defrec=<TMPL_VAR NAME=defrec>&amp;revrec=<TMPL_VAR NAME=revrec>&amp;parentid=<TMPL_VAR NAME=parentid>">cancel</a>
+<a href="<TMPL_VAR NAME=script_self>&amp;page=delrec&amp;del=cancel&amp;id=<TMPL_VAR NAME=id>&amp;defrec=<TMPL_VAR NAME=defrec>&amp;revrec=<TMPL_VAR NAME=revrec>&amp;parentid=<TMPL_VAR NAME=parentid>">cancel</a>
  &nbsp; | &nbsp; 
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=delrec&amp;del=ok&amp;id=<TMPL_VAR NAME=id>&amp;defrec=<TMPL_VAR NAME=defrec>&amp;revrec=<TMPL_VAR NAME=revrec>&amp;parentid=<TMPL_VAR NAME=parentid>">confirm</a>
+<a href="<TMPL_VAR NAME=script_self>&amp;page=delrec&amp;del=ok&amp;id=<TMPL_VAR NAME=id>&amp;defrec=<TMPL_VAR NAME=defrec>&amp;revrec=<TMPL_VAR NAME=revrec>&amp;parentid=<TMPL_VAR NAME=parentid>">confirm</a>
 </td></tr></table>
 

branches/stable/templates/delrevzone.tmpl

@@ -5 +5 @@
 <td align="center" valign="top">
 <h3>Are you really sure you want to delete reverse zone <TMPL_VAR NAME=revzone>?</h3>
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=delrevzone&amp;del=cancel&amp;id=<TMPL_VAR NAME=id>">cancel</a> &nbsp; | &nbsp; 
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=delrevzone&amp;del=ok&amp;id=<TMPL_VAR NAME=id>">confirm</a>
+<a href="<TMPL_VAR NAME=script_self>&amp;page=delrevzone&amp;del=cancel&amp;id=<TMPL_VAR NAME=id>">cancel</a> &nbsp; | &nbsp; 
+<a href="<TMPL_VAR NAME=script_self>&amp;page=delrevzone&amp;del=ok&amp;id=<TMPL_VAR NAME=id>">confirm</a>
 </td></tr></table>
 

branches/stable/templates/deluser.tmpl

@@ -5 +5 @@
 <td align="center" valign="top">
 <h3>Are you really sure you want to delete user <TMPL_VAR NAME=user>?</h3>
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=deluser&amp;del=cancel&amp;id=<TMPL_VAR NAME=id>">cancel</a> &nbsp; | &nbsp; 
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=deluser&amp;del=ok&amp;id=<TMPL_VAR NAME=id>">confirm</a>
+<a href="<TMPL_VAR NAME=script_self>&amp;page=deluser&amp;del=cancel&amp;id=<TMPL_VAR NAME=id>">cancel</a> &nbsp; | &nbsp; 
+<a href="<TMPL_VAR NAME=script_self>&amp;page=deluser&amp;del=ok&amp;id=<TMPL_VAR NAME=id>">confirm</a>
 </td></tr></table>
 

branches/stable/templates/dns.css

@@ -36 +36 @@
         background-color: #F0F0F0;
 }
-table.container {
+.container {
         background-color: #FFFFFF;
         border: none;
@@ -165 +165 @@
         text-align: center;
         padding: 5px;
-        width: 50%;
+        width: 55%;
 }
 .warning {

branches/stable/templates/dnsq.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -7 +6 @@
 <TMPL_IF errmsg><div class="errmsg">Query error: <TMPL_VARNAME=errmsg></div></TMPL_IF>
 
-<form action="dns.cgi" method="post">
+<form action="<TMPL_VAR NAME=script_self>" method="post">
 <fieldset>
-<input type="hidden" name="sid" value="<TMPL_VAR NAME=sid>" />
 <input type="hidden" name="page" value="dnsq" />
 

branches/stable/templates/domlist.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -18 +17 @@
 <TMPL_IF domain_create>
 <TMPL_IF domlist>
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=newdomain">New Domain</a>
+<a href="<TMPL_VAR NAME=script_self>&amp;page=newdomain">New Domain</a>
 <TMPL_ELSE>
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=newrevzone">New Reverse Zone</a>
+<a href="<TMPL_VAR NAME=script_self>&amp;page=newrevzone">New Reverse Zone</a>
 </TMPL_IF>
 </TMPL_IF>
@@ -28 +27 @@
 <table width="98%" border="0" cellspacing="4" cellpadding="3">
 <tr>
-<TMPL_LOOP NAME=colheads>       <td class="datahead_<TMPL_IF __first__>l<TMPL_ELSE>s</TMPL_IF>"><a href="dns.cgi?sid=<TMPL_VAR
- NAME=sid>&amp;page=<TMPL_VAR NAME=page><TMPL_IF NAME=offset>&amp;offset=<TMPL_VAR
+<TMPL_LOOP NAME=colheads>       <td class="datahead_<TMPL_IF __first__>l<TMPL_ELSE>s</TMPL_IF>"><a href="<TMPL_VAR
+ NAME=script_self>&amp;page=<TMPL_VAR NAME=page><TMPL_IF NAME=offset>&amp;offset=<TMPL_VAR
  NAME=offset></TMPL_IF>&amp;sortby=<TMPL_VAR NAME=sortby>&amp;order=<TMPL_VAR NAME=order>"><TMPL_VAR
  NAME=colname></a><TMPL_IF NAME=sortorder>&nbsp;<img alt="<TMPL_VAR NAME=sortorder>" src="images/<TMPL_VAR
@@ -40 +39 @@
 <TMPL_LOOP name=domtable>
 <tr class="row<TMPL_IF __odd__>0<TMPL_ELSE>1</TMPL_IF>">
-        <td align="left"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=reclist&amp;id=<TMPL_VAR NAME=domain_id>&amp;defrec=n<TMPL_UNLESS domlist>&amp;revrec=y</TMPL_UNLESS>"><TMPL_VAR NAME=domain></a></td>
+        <td align="left"><a href="<TMPL_VAR NAME=script_self>&amp;page=reclist&amp;id=<TMPL_VAR NAME=domain_id>&amp;defrec=n<TMPL_UNLESS domlist>&amp;revrec=y</TMPL_UNLESS>"><TMPL_VAR NAME=domain></a></td>
         <td><TMPL_IF status>Active<TMPL_ELSE>Inactive</TMPL_IF></td>
         <td><TMPL_VAR name=group></td>
-<TMPL_IF domain_edit>   <td align="center"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=<TMPL_VAR NAME=curpage><TMPL_IF NAME=offset>&amp;offset=<TMPL_VAR NAME=offset></TMPL_IF>&amp;id=<TMPL_VAR NAME=domainid>&amp;zonestatus=<TMPL_IF status>domoff<TMPL_ELSE>domon</TMPL_IF>"><TMPL_IF status>deactivate<TMPL_ELSE>activate</TMPL_IF></a></td></TMPL_IF>
-<TMPL_IF domain_delete> <td align="center"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=<TMPL_IF domlist>deldom<TMPL_ELSE>delrevzone</TMPL_IF>&amp;id=<TMPL_VAR NAME=domain_id>"><img src="images/trash2.png" alt="[ Delete ]" /></a></td></TMPL_IF>
+<TMPL_IF domain_edit>   <td align="center"><a href="<TMPL_VAR NAME=script_self>&amp;page=<TMPL_VAR NAME=curpage><TMPL_IF NAME=offset>&amp;offset=<TMPL_VAR NAME=offset></TMPL_IF>&amp;id=<TMPL_VAR NAME=domainid>&amp;zonestatus=<TMPL_IF status>domoff<TMPL_ELSE>domon</TMPL_IF>"><TMPL_IF status>deactivate<TMPL_ELSE>activate</TMPL_IF></a></td></TMPL_IF>
+<TMPL_IF domain_delete> <td align="center"><a href="<TMPL_VAR NAME=script_self>&amp;page=<TMPL_IF domlist>deldom<TMPL_ELSE>delrevzone</TMPL_IF>&amp;id=<TMPL_VAR NAME=domain_id>"><img src="images/trash2.png" alt="[ Delete ]" /></a></td></TMPL_IF>
 </tr>
 </TMPL_LOOP>
+<tr><td colspan="5" align="center"><TMPL_INCLUDE NAME="fpnla.tmpl"></td></tr>
 <TMPL_ELSE>
 <tr><td colspan="5" align="center">No <TMPL_IF domlist>domains<TMPL_ELSE>reverse zones</TMPL_IF> found</td></tr>

branches/stable/templates/edgroup.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -5 +4 @@
 <td align="center" valign="top">
 
-<form action="dns.cgi" method="post">
+<form action="<TMPL_VAR NAME=script_self>" method="post">
 <fieldset>
-<input type="hidden" name="sid" value="<TMPL_VAR NAME=sid>" />
 <input type="hidden" name="page" value="edgroup" />
 <input type="hidden" name="grpaction" value="updperms" />

branches/stable/templates/editsoa.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -11 +10 @@
 <div id="tableholder">
 
-<form action="dns.cgi" method="post">
+<form action="<TMPL_VAR NAME=script_self>" method="post">
 <fieldset>
-<input type="hidden" name="sid" value="<TMPL_VAR NAME=sid>" />
 <input type="hidden" name="page" value="updatesoa" />
 <input type="hidden" name="id" value="<TMPL_VAR NAME=id>" />

branches/stable/templates/footer.tmpl

@@ -5 +5 @@
 <div id="contact">
 <a href="https://secure.deepnet.cx/trac/dnsadmin">dnsadmin</a> <TMPL_VAR NAME=version>
-&copy; 2008-2012 <a href="mailto:kdeugau@deepnet.cx">Kris Deugau</a>/<a href="http://www.deepnet.cx">deepnet</a><br />
+&copy; 2008-2013 <a href="mailto:kdeugau@deepnet.cx">Kris Deugau</a>/<a href="http://www.deepnet.cx">deepnet</a><br />
 Written for standards-based browsers (eg <a href="http://www.firefox.com">FireFox</a>/<a href="http://www.mozilla.org">Mozilla</a>)
 </div>

branches/stable/templates/fpnla.tmpl

@@ -1 @@
-<TMPL_IF navfirst><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=<TMPL_VAR NAME=curpage>&amp;offset=0<TMPL_IF id>&amp;id=<TMPL_VAR NAME=id></TMPL_IF><TMPL_IF defrec>&amp;defrec=<TMPL_VAR NAME=defrec></TMPL_IF><TMPL_IF revrec>&amp;revrec=<TMPL_VAR NAME=revrec></TMPL_IF>"><img src="images/frev.png" alt="[ First ]" />First</a><TMPL_ELSE><img src="images/frev.png" alt="[ First ]" />First</TMPL_IF>&nbsp;
-<TMPL_IF navprev><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=<TMPL_VAR NAME=curpage>&amp;offset=<TMPL_VAR NAME=prevoffs><TMPL_IF id>&amp;id=<TMPL_VAR NAME=id></TMPL_IF><TMPL_IF defrec>&defrec=<TMPL_VAR NAME=defrec></TMPL_IF><TMPL_IF revrec>&amp;revrec=<TMPL_VAR NAME=revrec></TMPL_IF>"><img src="images/rev.png" alt="[ Previous ]" />Previous</a><TMPL_ELSE><img src="images/rev.png" alt="[ Previous ]" />Previous</TMPL_IF>&nbsp;
-<TMPL_IF navnext><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=<TMPL_VAR NAME=curpage>&amp;offset=<TMPL_VAR NAME=nextoffs><TMPL_IF id>&amp;id=<TMPL_VAR NAME=id></TMPL_IF><TMPL_IF defrec>&amp;defrec=<TMPL_VAR NAME=defrec></TMPL_IF><TMPL_IF revrec>&amp;revrec=<TMPL_VAR NAME=revrec></TMPL_IF>">Next<img src="images/fwd.png" alt="[ Next ]" /></a><TMPL_ELSE>Next<img src="images/fwd.png" alt="[ Next ]" /></TMPL_IF>&nbsp;
-<TMPL_IF navlast><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=<TMPL_VAR NAME=curpage>&amp;offset=<TMPL_VAR NAME=lastoffs><TMPL_IF id>&amp;id=<TMPL_VAR NAME=id></TMPL_IF><TMPL_IF defrec>&amp;defrec=<TMPL_VAR NAME=defrec></TMPL_IF><TMPL_IF revrec>&amp;revrec=<TMPL_VAR NAME=revrec></TMPL_IF>">Last<img src="images/ffwd.png" alt="[ Last ]" /></a><TMPL_ELSE>Last<img src="images/ffwd.png" alt="[ Last ]" /></TMPL_IF>&nbsp;
-<TMPL_IF navall><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=<TMPL_VAR NAME=curpage>&amp;offset=all<TMPL_IF id>&amp;id=<TMPL_VAR NAME=id></TMPL_IF><TMPL_IF defrec>&amp;defrec=<TMPL_VAR NAME=defrec></TMPL_IF><TMPL_IF revrec>&amp;revrec=<TMPL_VAR NAME=revrec></TMPL_IF>">All</a><TMPL_ELSE><TMPL_UNLESS onepage><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=<TMPL_VAR NAME=curpage>&amp;offset=0<TMPL_IF id>&amp;id=<TMPL_VAR NAME=id></TMPL_IF><TMPL_IF defrec>&amp;defrec=<TMPL_VAR NAME=defrec></TMPL_IF><TMPL_IF revrec>&amp;revrec=<TMPL_VARNAME=revrec></TMPL_IF>"><TMPL_VAR NAME=perpage> per page</a></TMPL_UNLESS></TMPL_IF>
+<TMPL_IF navfirst><a href="<TMPL_VAR NAME=script_self>&amp;page=<TMPL_VAR NAME=curpage>&amp;offset=0<TMPL_IF id>&amp;id=<TMPL_VAR NAME=id></TMPL_IF><TMPL_IF defrec>&amp;defrec=<TMPL_VAR NAME=defrec></TMPL_IF><TMPL_IF revrec>&amp;revrec=<TMPL_VAR NAME=revrec></TMPL_IF>"><img src="images/frev.png" alt="[ First ]" />First</a><TMPL_ELSE><img src="images/frev.png" alt="[ First ]" />First</TMPL_IF>&nbsp;
+<TMPL_IF navprev><a href="<TMPL_VAR NAME=script_self>&amp;page=<TMPL_VAR NAME=curpage>&amp;offset=<TMPL_VAR NAME=prevoffs><TMPL_IF id>&amp;id=<TMPL_VAR NAME=id></TMPL_IF><TMPL_IF defrec>&defrec=<TMPL_VAR NAME=defrec></TMPL_IF><TMPL_IF revrec>&amp;revrec=<TMPL_VAR NAME=revrec></TMPL_IF>"><img src="images/rev.png" alt="[ Previous ]" />Previous</a><TMPL_ELSE><img src="images/rev.png" alt="[ Previous ]" />Previous</TMPL_IF>&nbsp;
+<TMPL_IF navnext><a href="<TMPL_VAR NAME=script_self>&amp;page=<TMPL_VAR NAME=curpage>&amp;offset=<TMPL_VAR NAME=nextoffs><TMPL_IF id>&amp;id=<TMPL_VAR NAME=id></TMPL_IF><TMPL_IF defrec>&amp;defrec=<TMPL_VAR NAME=defrec></TMPL_IF><TMPL_IF revrec>&amp;revrec=<TMPL_VAR NAME=revrec></TMPL_IF>">Next<img src="images/fwd.png" alt="[ Next ]" /></a><TMPL_ELSE>Next<img src="images/fwd.png" alt="[ Next ]" /></TMPL_IF>&nbsp;
+<TMPL_IF navlast><a href="<TMPL_VAR NAME=script_self>&amp;page=<TMPL_VAR NAME=curpage>&amp;offset=<TMPL_VAR NAME=lastoffs><TMPL_IF id>&amp;id=<TMPL_VAR NAME=id></TMPL_IF><TMPL_IF defrec>&amp;defrec=<TMPL_VAR NAME=defrec></TMPL_IF><TMPL_IF revrec>&amp;revrec=<TMPL_VAR NAME=revrec></TMPL_IF>">Last<img src="images/ffwd.png" alt="[ Last ]" /></a><TMPL_ELSE>Last<img src="images/ffwd.png" alt="[ Last ]" /></TMPL_IF>&nbsp;
+<TMPL_IF navall><a href="<TMPL_VAR NAME=script_self>&amp;page=<TMPL_VAR NAME=curpage>&amp;offset=all<TMPL_IF id>&amp;id=<TMPL_VAR NAME=id></TMPL_IF><TMPL_IF defrec>&amp;defrec=<TMPL_VAR NAME=defrec></TMPL_IF><TMPL_IF revrec>&amp;revrec=<TMPL_VAR NAME=revrec></TMPL_IF>">All</a><TMPL_ELSE><TMPL_UNLESS onepage><a href="<TMPL_VAR NAME=script_self>&amp;page=<TMPL_VAR NAME=curpage>&amp;offset=0<TMPL_IF id>&amp;id=<TMPL_VAR NAME=id></TMPL_IF><TMPL_IF defrec>&amp;defrec=<TMPL_VAR NAME=defrec></TMPL_IF><TMPL_IF revrec>&amp;revrec=<TMPL_VARNAME=revrec></TMPL_IF>"><TMPL_VAR NAME=perpage> per page</a></TMPL_UNLESS></TMPL_IF>

branches/stable/templates/grpman.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -16 +15 @@
 <tr><td colspan="3" align="center"><TMPL_INCLUDE NAME="lettsearch.tmpl"></td></tr>
 <tr>
-        <td colspan="2"><TMPL_IF edgrp><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=edgroup&amp;gid=<TMPL_VAR NAME=gid>">Edit Current Group</a></TMPL_IF></td>
-        <td align="right"><TMPL_IF addgrp><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=newgrp">New Group</a></TMPL_IF>
+        <td colspan="2"><TMPL_IF edgrp><a href="<TMPL_VAR NAME=script_self>&amp;page=edgroup&amp;gid=<TMPL_VAR NAME=gid>">Edit Current Group</a></TMPL_IF></td>
+        <td align="right"><TMPL_IF addgrp><a href="<TMPL_VAR NAME=script_self>&amp;page=newgrp">New Group</a></TMPL_IF>
 </td>
 </tr>
@@ -24 +23 @@
 <table width="98%" border="0" cellspacing="4" cellpadding="3">
 <tr>
-<TMPL_LOOP NAME=colheads>       <td class="datahead_<TMPL_IF __first__>l<TMPL_ELSE>s</TMPL_IF>"><a href="dns.cgi?sid=<TMPL_VAR
- NAME=sid>&amp;page=<TMPL_VAR NAME=page><TMPL_IF NAME=offset>&amp;offset=<TMPL_VAR
+<TMPL_LOOP NAME=colheads>       <td class="datahead_<TMPL_IF __first__>l<TMPL_ELSE>s</TMPL_IF>"><a href="<TMPL_VAR
+ NAME=script_self>&amp;page=<TMPL_VAR NAME=page><TMPL_IF NAME=offset>&amp;offset=<TMPL_VAR
  NAME=offset></TMPL_IF>&amp;sortby=<TMPL_VAR NAME=sortby>&amp;order=<TMPL_VAR NAME=order>"><TMPL_VAR
  NAME=colname></a><TMPL_IF NAME=sortorder>&nbsp;<img alt="<TMPL_VAR NAME=sortorder>" src="images/<TMPL_VAR
@@ -37 +36 @@
 <TMPL_LOOP name=grouptable>
 <tr class="row<TMPL_IF __odd__>0<TMPL_ELSE>1</TMPL_IF>">
-        <td align="left"><TMPL_IF edgrp><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=edgroup&amp;gid=<TMPL_VAR NAME=groupid>"><TMPL_VAR NAME=groupname></a><TMPL_ELSE><TMPL_VAR NAME=groupname></TMPL_IF></td>
+        <td align="left"><TMPL_IF edgrp><a href="<TMPL_VAR NAME=script_self>&amp;page=edgroup&amp;gid=<TMPL_VAR NAME=groupid>"><TMPL_VAR NAME=groupname></a><TMPL_ELSE><TMPL_VAR NAME=groupname></TMPL_IF></td>
         <td><TMPL_VAR name=pgroup></td>
         <td><TMPL_VAR name=nusers></td>
@@ -43 +42 @@
         <td><TMPL_VAR NAME=nrevzones></td>
 <TMPL_IF delgrp>
-        <td align="center"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=delgrp&amp;id=<TMPL_VAR NAME=groupid>"><img src="images/trash2.png" alt="[ Delete ]" /></a></td>
+        <td align="center"><a href="<TMPL_VAR NAME=script_self>&amp;page=delgrp&amp;id=<TMPL_VAR NAME=groupid>"><img src="images/trash2.png" alt="[ Delete ]" /></a></td>
 </TMPL_IF>
 </tr>
 </TMPL_LOOP>
+<tr><td colspan="6" align="center"><TMPL_INCLUDE NAME="fpnla.tmpl"></td></tr>
 <TMPL_ELSE>
-<tr><td colspan="5" align="center">No groups found</td></tr>
+<tr><td colspan="6" align="center">No groups found</td></tr>
 </TMPL_IF>
 </table>

branches/stable/templates/header.tmpl

@@ -21 +21 @@
         <link rel="stylesheet" type="text/css" href="templates/grouptree.css" />
         <!-- [endif] -->
+
+        <!-- Custom local stylesheet, if desired -->
+        <link rel="stylesheet" type="text/css" href="local.css" />
     </head>
 <body>

branches/stable/templates/location.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -9 +8 @@
 <TMPL_ELSE>
 
-<form action="dns.cgi" method="post">
+<form action="<TMPL_VAR NAME=script_self>" method="post">
 <fieldset>
 
 <input type="hidden" name="page" value="location" />
-<input type="hidden" name="sid" value="<TMPL_VAR NAME=sid>" />
 <TMPL_IF id><input type="hidden" name="id" value="<TMPL_VAR NAME=id>" /></TMPL_IF>
 <input type="hidden" name="locact" value="<TMPL_VAR NAME=locact>" />

branches/stable/templates/loclist.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -15 +14 @@
 </tr>
 <TMPL_IF addloc>
-<tr><td colspan="3" align="right"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=location">New Location/View</a></td></tr>
+<tr><td colspan="3" align="right"><a href="<TMPL_VAR NAME=script_self>&amp;page=location">New Location/View</a></td></tr>
 </TMPL_IF>
 </table>
@@ -21 +20 @@
 <table width="98%" border="0" cellspacing="4" cellpadding="3" class="csubtable">
 <tr>
-<TMPL_LOOP NAME=colheads>       <td class="datahead_s"><a href="dns.cgi?sid=<TMPL_VAR
- NAME=sid>&amp;page=<TMPL_VAR NAME=page><TMPL_IF NAME=offset>&amp;offset=<TMPL_VAR
+<TMPL_LOOP NAME=colheads>       <td class="datahead_s"><a href="<TMPL_VAR
+ NAME=script_self>&amp;page=<TMPL_VAR NAME=page><TMPL_IF NAME=offset>&amp;offset=<TMPL_VAR
  NAME=offset></TMPL_IF>&amp;sortby=<TMPL_VAR NAME=sortby>&amp;order=<TMPL_VAR NAME=order>"><TMPL_VAR
  NAME=colname></a><TMPL_IF NAME=sortorder>&nbsp;<img alt="<TMPL_VAR NAME=sortorder>" src="images/<TMPL_VAR
@@ -32 +31 @@
 <TMPL_LOOP name=loctable>
 <tr class="row<TMPL_IF __odd__>0<TMPL_ELSE>1</TMPL_IF>">
-        <td align="left"><TMPL_IF edloc><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=location&amp;locact=edit&amp;loc=<TMPL_VAR NAME=location>"><TMPL_VAR NAME=description></a><TMPL_ELSE><TMPL_VAR NAME=description></TMPL_IF></td>
+        <td align="left"><TMPL_IF edloc><a href="<TMPL_VAR NAME=script_self>&amp;page=location&amp;locact=edit&amp;loc=<TMPL_VAR NAME=location>"><TMPL_VAR NAME=description></a><TMPL_ELSE><TMPL_VAR NAME=description></TMPL_IF></td>
         <td><TMPL_VAR name=iplist></td>
         <td><TMPL_VAR name=group_name></td>
 <TMPL_IF delloc>
-        <td align="center"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=delloc&amp;locid=<TMPL_VAR 
+        <td align="center"><a href="<TMPL_VAR NAME=script_self>&amp;page=delloc&amp;locid=<TMPL_VAR 
 NAME=location>"><img src="images/trash2.png" alt="[ Delete ]" /></a></td>
 </TMPL_IF>

branches/stable/templates/log.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -21 +20 @@
       <!-- td>Customer ID</td -->
 <tr class="darkrowheader">
-<TMPL_LOOP NAME=colheads>       <td><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=<TMPL_VAR NAME=page><TMPL_IF
+<TMPL_LOOP NAME=colheads>       <td><a href="<TMPL_VAR NAME=script_self>&amp;page=<TMPL_VAR NAME=page><TMPL_IF
  NAME=offset>&amp;offset=<TMPL_VAR NAME=offset></TMPL_IF>&amp;sortby=<TMPL_VAR
  NAME=sortby>&amp;order=<TMPL_VAR NAME=order>&amp;id=<TMPL_VAR NAME=id>&amp;ltype=<TMPL_VAR
@@ -40 +39 @@
     </tr>
 </TMPL_LOOP>
+    <tr><td colspan="5" align="center"><TMPL_INCLUDE NAME="fpnla.tmpl"></td></tr>
 <TMPL_ELSE>
     <tr class="datalinelight">

branches/stable/templates/login.tmpl

@@ -1 @@
-<form method="post" action="dns.cgi">
+<form method="post" action="<TMPL_VAR NAME=script_self>">
 <fieldset>
 <input type="hidden" name="action" value="login" />
 <input type="hidden" name="page" value="login" />
+<input type="hidden" name="target" value="<TMPL_VAR NAME=target>" />
 
 <div id="login">

branches/stable/templates/menu.tmpl

@@ -1 +1 @@
 <td class="menu">
 <TMPL_VAR NAME=username> logged in<br />
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;action=logout">Log out</a>
+<a href="<TMPL_VAR NAME=script_self>&amp;action=logout">Log out</a>
 <hr />
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=domlist">Domains</a><br />
-<TMPL_IF mayrdns><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=revzones">Reverse Zones</a><br /></TMPL_IF>
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=useradmin">Users</a><br />
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=log">Log</a><br />
-<TMPL_IF maydefrec><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=reclist&amp;id=<TMPL_VAR NAME=group>&amp;defrec=y">Default Records</a><br />
-<TMPL_IF mayrdns><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=reclist&amp;id=<TMPL_VAR NAME=group>&amp;defrec=y&amp;revrec=y">Default Reverse Records</a><br /></TMPL_IF></TMPL_IF>
-<TMPL_IF mayloc><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=loclist&amp;id=<TMPL_VAR NAME=group>">Locations/Views</a><br /></TMPL_IF>
-<TMPL_IF mayimport><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=axfr">AXFR Import</a><br /></TMPL_IF>
-<TMPL_IF maybulk><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=bulkdomain">Bulk Domain Operations</a><br /></TMPL_IF>
+<a href="<TMPL_VAR NAME=script_self>&amp;page=domlist">Domains</a><br />
+<TMPL_IF mayrdns><a href="<TMPL_VAR NAME=script_self>&amp;page=revzones">Reverse Zones</a><br /></TMPL_IF>
+<a href="<TMPL_VAR NAME=script_self>&amp;page=useradmin">Users</a><br />
+<a href="<TMPL_VAR NAME=script_self>&amp;page=log">Log</a><br />
+<TMPL_IF maydefrec><a href="<TMPL_VAR NAME=script_self>&amp;page=reclist&amp;id=<TMPL_VAR NAME=group>&amp;defrec=y">Default Records</a><br />
+<TMPL_IF mayrdns><a href="<TMPL_VAR NAME=script_self>&amp;page=reclist&amp;id=<TMPL_VAR NAME=group>&amp;defrec=y&amp;revrec=y">Default Reverse Records</a><br /></TMPL_IF></TMPL_IF>
+<TMPL_IF mayloc><a href="<TMPL_VAR NAME=script_self>&amp;page=loclist&amp;id=<TMPL_VAR NAME=group>">Locations/Views</a><br /></TMPL_IF>
+<TMPL_IF mayimport><a href="<TMPL_VAR NAME=script_self>&amp;page=axfr">AXFR Import</a><br /></TMPL_IF>
+<TMPL_IF maybulk><a href="<TMPL_VAR NAME=script_self>&amp;page=bulkdomain">Bulk Domain Operations</a><br /></TMPL_IF>
 <br />
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=grpman"><TMPL_IF chggrps>Manage<TMPL_ELSE>View</TMPL_IF> groups</a><br />
+<a href="<TMPL_VAR NAME=script_self>&amp;page=grpman"><TMPL_IF chggrps>Manage<TMPL_ELSE>View</TMPL_IF> groups</a><br />
 <hr />
 <div id="grptree">
@@ -30 +30 @@
 <!-- hmm:  <TMPL_VAR NAME=groupname> -->
 <hr />
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=dnsq">DNS Query</a><br />
-<a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=whoisq">WHOIS Query</a><br />
+<a href="<TMPL_VAR NAME=script_self>&amp;page=dnsq">DNS Query</a><br />
+<a href="<TMPL_VAR NAME=script_self>&amp;page=whoisq">WHOIS Query</a><br />
+
 </td>

branches/stable/templates/newdomain.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -5 +4 @@
 <td align="center" valign="top">
 
-<form action="dns.cgi">
+<form action="<TMPL_VAR NAME=script_self>">
 <fieldset>
 
-<input type="hidden" name="sid" value="<TMPL_VAR NAME=sid>" />
 <input type="hidden" name="page" value="adddomain" />
 <input type="hidden" name="newdomain" value="yes" />
@@ -34 +32 @@
 <TMPL_IF location_view><TMPL_IF record_locchg>
         <tr class="datalinelight">
-                <td>Default location/view:</td>
+                <td>Location/view:</td>
                 <td><select name="defloc">
 <TMPL_LOOP name=loclist>                <option value="<TMPL_VAR NAME=loc>"<TMPL_IF selected> selected="selected"</TMPL_IF>><TMPL_VAR NAME=locname></option>

branches/stable/templates/newgrp.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -5 +4 @@
 <td align="center" valign="top">
 
-<form action="dns.cgi">
+<form action="<TMPL_VAR NAME=script_self>">
 <fieldset>
 
-<input type="hidden" name="sid" value="<TMPL_VAR NAME=sid>" />
 <input type="hidden" name="page" value="newgrp" />
 <input type="hidden" name="grpaction" value="add" />

branches/stable/templates/newrevzone.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -5 +4 @@
 <td align="center" valign="top">
 
-<form action="dns.cgi">
+<form action="<TMPL_VAR NAME=script_self>">
 <fieldset>
 
-<input type="hidden" name="sid" value="<TMPL_VAR NAME=sid>" />
 <input type="hidden" name="page" value="addrevzone" />
 <input type="hidden" name="newrevzone" value="yes" />
@@ -28 +26 @@
         </tr>
         <tr class="datalinelight">
-                <td>Default location/view:</td>
-                <td align="left">
-                        <select name="location">
-                        <TMPL_LOOP loclist>
-                        <option value="<TMPL_VAR NAME=loc>"<TMPL_IF selected> selected</TMPL_IF>><TMPL_VAR NAME=locname></option>
-                        </TMPL_LOOP>
-                        </select>
-                </td>
-        </tr>
-        <tr class="datalinelight">
                 <td>Add reverse zone to group:</td>
                 <td><select name="group">
@@ -47 +35 @@
                 <td>Make reverse zone active on next DNS propagation</td><td><input type="checkbox" name="makeactive" checked="checked" /></td>
         </tr>
+<TMPL_IF location_view><TMPL_IF record_locchg>
+        <tr class="datalinelight">
+                <td>Location/view:</td>
+                <td align="left">
+                        <select name="location">
+                        <TMPL_LOOP loclist>
+                        <option value="<TMPL_VAR NAME=loc>"<TMPL_IF selected> selected="selected"</TMPL_IF>><TMPL_VAR NAME=locname></option>
+                        </TMPL_LOOP>
+                        </select>
+                </td>
+        </tr>
+</TMPL_IF></TMPL_IF>
         <tr><td colspan="2" class="tblsubmit"><input type="submit" value="Add reverse zone" /></td></tr>
     </table>

branches/stable/templates/reclist.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -25 +24 @@
         </td>
         <td colspan="2" align="right">
-                <form action="dns.cgi">
+                <form action="<TMPL_VAR NAME=script_self>">
                 <fieldset>
-                <input type="hidden" name="sid" value="<TMPL_VAR NAME=sid>" />
                 <input type="hidden" name="page" value="reclist" />
                 <input type="hidden" name="offset" value="0" />
@@ -41 +39 @@
 <tr class="darkrowheader">
         <td colspan="3">Records</td>
-        <td align="center"><a href="textrecs.cgi?sid=<TMPL_VAR NAME=sid>&amp;id=<TMPL_VAR NAME=id>&amp;defrec=<TMPL_VAR NAME=defrec>">Plain text</a></td>
-<TMPL_IF record_create> <td align="right"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=record&amp;parentid=<TMPL_VAR NAME=id>&amp;defrec=<TMPL_VAR NAME=defrec>&amp;revrec=<TMPL_VAR NAME=revrec>&amp;recact=new">Add record</a></td></TMPL_IF>
-        <td align="right"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=log&amp;id=<TMPL_VAR NAME=id><TMPL_IF logdom>&amp;ltype=dom</TMPL_IF><TMPL_IF logrdns>&amp;ltype=rdns</TMPL_IF>">View log</a></td>
+        <td align="center"><a href="textrecs.cgi?id=<TMPL_VAR NAME=id>&amp;defrec=<TMPL_VAR NAME=defrec>&amp;revrec=<TMPL_VAR NAME=revrec>">Plain text</a></td>
+<TMPL_IF record_create> <td align="right"><a href="<TMPL_VAR NAME=script_self>&amp;page=record&amp;parentid=<TMPL_VAR NAME=id>&amp;defrec=<TMPL_VAR NAME=defrec>&amp;revrec=<TMPL_VAR NAME=revrec>&amp;recact=new">Add record</a></td></TMPL_IF>
+        <td align="right"><a href="<TMPL_VAR NAME=script_self>&amp;page=log&amp;id=<TMPL_VAR NAME=id><TMPL_IF logdom>&amp;ltype=dom</TMPL_IF><TMPL_IF logrdns>&amp;ltype=rdns</TMPL_IF>">View log</a></td>
 </tr>
 
@@ -51 +49 @@
 <TMPL_IF reclist>
 <tr class="darkrowheader">
-<TMPL_LOOP NAME=colheads>       <td><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=<TMPL_VAR NAME=page><TMPL_IF
+<TMPL_LOOP NAME=colheads>       <td><a href="<TMPL_VAR NAME=script_self>&amp;page=<TMPL_VAR NAME=page><TMPL_IF
  NAME=offset>&amp;offset=<TMPL_VAR NAME=offset></TMPL_IF>&amp;sortby=<TMPL_VAR
  NAME=sortby>&amp;order=<TMPL_VAR NAME=order>&amp;id=<TMPL_VAR NAME=id>&amp;defrec=<TMPL_VAR
@@ -63 +61 @@
 <tr class="row<TMPL_IF __odd__>0<TMPL_ELSE>1</TMPL_IF>">
 <TMPL_IF fwdzone>
-        <td><TMPL_IF record_edit><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=record&amp;parentid=<TMPL_VAR NAME=id>&amp;defrec=<TMPL_VAR NAME=defrec>&amp;revrec=<TMPL_VAR NAME=revrec>&amp;recact=edit&amp;id=<TMPL_VAR NAME=record_id>"><TMPL_VAR NAME=host></a><TMPL_IF locname> (<TMPL_VAR NAME=locname>)</TMPL_IF><TMPL_ELSE><TMPL_VAR NAME=host><TMPL_IF locname> (<TMPL_VAR NAME=locname>)</TMPL_IF></TMPL_IF></td>
+        <td><TMPL_IF record_edit><a href="<TMPL_VAR NAME=script_self>&amp;page=record&amp;parentid=<TMPL_VAR
+ NAME=id>&amp;defrec=<TMPL_VAR NAME=defrec>&amp;revrec=<TMPL_VAR NAME=revrec>&amp;recact=edit&amp;id=<TMPL_VAR
+ NAME=record_id>"><TMPL_VAR NAME=host></a><TMPL_IF locname> (<TMPL_VAR
+ NAME=locname>)</TMPL_IF><TMPL_ELSE><TMPL_VAR NAME=host><TMPL_IF locname> (<TMPL_VAR
+ NAME=locname>)</TMPL_IF></TMPL_IF><TMPL_IF stampactive><br />(<TMPL_VAR NAME=stamptype> <TMPL_VAR
+ NAME=stamp>)</TMPL_IF></td>
         <td><TMPL_VAR NAME=type></td>
         <td><TMPL_VAR NAME=val></td>
@@ -70 +73 @@
         <td><TMPL_VAR NAME=port></td>
 <TMPL_ELSE>
-        <td><TMPL_IF record_edit><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=record&amp;parentid=<TMPL_VAR NAME=id>&amp;defrec=<TMPL_VAR NAME=defrec>&amp;revrec=<TMPL_VAR NAME=revrec>&amp;recact=edit&amp;id=<TMPL_VAR NAME=record_id>"><TMPL_VAR NAME=val></a><TMPL_IF locname> (<TMPL_VAR NAME=locname>)</TMPL_IF><TMPL_ELSE><TMPL_VAR NAME=val><TMPL_IF locname> (<TMPL_VAR NAME=locname>)</TMPL_IF></TMPL_IF></td>
+        <td><TMPL_IF record_edit><a href="<TMPL_VAR NAME=script_self>&amp;page=record&amp;parentid=<TMPL_VAR
+ NAME=id>&amp;defrec=<TMPL_VAR NAME=defrec>&amp;revrec=<TMPL_VAR NAME=revrec>&amp;recact=edit&amp;id=<TMPL_VAR
+ NAME=record_id>"><TMPL_VAR NAME=val></a><TMPL_IF locname> (<TMPL_VAR
+ NAME=locname>)</TMPL_IF><TMPL_ELSE><TMPL_VAR NAME=val><TMPL_IF locname> (<TMPL_VAR
+ NAME=locname>)</TMPL_IF></TMPL_IF><TMPL_IF stampactive><br />(<TMPL_VAR NAME=stamptype> <TMPL_VAR
+ NAME=stamp>)</TMPL_IF></td>
         <td><TMPL_VAR NAME=type></td>
         <td><TMPL_VAR NAME=host></td>
 </TMPL_IF>
         <td><TMPL_VAR NAME=ttl></td>
-<TMPL_IF record_delete> <td align="center"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=delrec&amp;id=<TMPL_VAR NAME=record_id>&amp;defrec=<TMPL_VAR NAME=defrec>&amp;revrec=<TMPL_VAR NAME=revrec>&amp;parentid=<TMPL_VAR NAME=id>"><img src="images/trash2.png" alt="[ Delete ]" /></a></td></TMPL_IF>
+<TMPL_IF record_delete> <td align="center"><a href="<TMPL_VAR NAME=script_self>&amp;page=delrec&amp;id=<TMPL_VAR NAME=record_id>&amp;defrec=<TMPL_VAR NAME=defrec>&amp;revrec=<TMPL_VAR NAME=revrec>&amp;parentid=<TMPL_VAR NAME=id>"><img src="images/trash2.png" alt="[ Delete ]" /></a></td></TMPL_IF>
 </tr>
 </TMPL_LOOP>
+<tr class="darkrowheader"><td colspan="8" align="center"><TMPL_INCLUDE NAME="fpnla.tmpl"></td></tr>
 <TMPL_ELSE>
-<tr><td colspan="5">No records found</td></tr>
+<tr><td colspan="8" align="center">No records found</td></tr>
 </TMPL_IF>
 </table>

branches/stable/templates/record.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -9 +8 @@
 <TMPL_ELSE>
 
-<form action="dns.cgi" method="post">
+<form action="<TMPL_VAR NAME=script_self>" method="post">
 <fieldset>
 
@@ -15 +14 @@
 <input type="hidden" name="defrec" value="<TMPL_VAR NAME=defrec>" />
 <input type="hidden" name="revrec" value="<TMPL_VAR NAME=revrec>" />
-<input type="hidden" name="sid" value="<TMPL_VAR NAME=sid>" />
 <input type="hidden" name="parentid" value="<TMPL_VAR NAME=parentid>" />
 <input type="hidden" name="id" value="<TMPL_VAR NAME=id>" />
 <input type="hidden" name="recact" value="<TMPL_VAR NAME=recact>" />
 
-<table class="container" width="450">
+<table class="container" width="520">
 <tr><td>
 
@@ -29 +27 @@
 <TMPL_IF fwdzone>
                 <td>Hostname</td>
-                <td><input type="text" name="name" value="<TMPL_VAR NAME=name>" size="30" /></td>
+                <td><input type="text" name="name" value="<TMPL_VAR NAME=name>" size="30" />&nbsp; &nbsp; <a href="reverse-patterns.html">?</a></td>
 <TMPL_ELSE>
                 <td>IP Address</td>
@@ -49 +47 @@
 <TMPL_ELSE>
                 <td>Hostname</td>
-                <td><input type="text" name="name" value="<TMPL_VAR NAME=name>" size="30" /></td>
+                <td><input type="text" name="name" value="<TMPL_VAR NAME=name>" size="30" />&nbsp; &nbsp; <a href="reverse-patterns.html">?</a></td>
 </TMPL_IF>
         </tr>
@@ -83 +81 @@
         </tr>
 </TMPL_IF>
+<TMPL_UNLESS is_default>
+        <tr class="datalinelight">
+                <td>Timestamp<br />(blank or 0 disables timestamp)</td>
+                <td>Valid <input type="radio" name="expires" value="until"<TMPL_IF stamp_until> checked="checked"</TMPL_IF>>until
+                <input type="radio" name="expires" value="after"<TMPL_UNLESS stamp_until> checked="checked"</TMPL_UNLESS>>after:
+                <input type="text" name="stamp" value="<TMPL_VAR NAME=stamp>" />
+                </td>
+        </tr>
+</TMPL_UNLESS>
         <tr class="datalinelight">
                 <td colspan="2" align="center"><input type="submit" value=" <TMPL_VAR NAME=todo> " /></td>

branches/stable/templates/soadata.tmpl

@@ -3 +3 @@
         <td align="left">SOA:</td>
 <TMPL_IF mayeditsoa>
-        <td align="right"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=editsoa&amp;id=<TMPL_VAR NAME=id>&amp;defrec=<TMPL_VAR NAME=defrec>&amp;revrec=<TMPL_VAR NAME=revrec>">edit</a></td></TMPL_IF>
+        <td align="right"><a href="<TMPL_VAR NAME=script_self>&amp;page=editsoa&amp;id=<TMPL_VAR NAME=id>&amp;defrec=<TMPL_VAR NAME=defrec>&amp;revrec=<TMPL_VAR NAME=revrec>">edit</a></td></TMPL_IF>
 </tr>
 </table>

branches/stable/templates/template.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">

branches/stable/templates/user.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -5 +4 @@
 <td align="center" valign="top">
 
-<form action="dns.cgi" method="post">
+<form action="<TMPL_VAR NAME=script_self>" method="post">
 <fieldset>
 
-<input type="hidden" name="sid" value="<TMPL_VAR NAME=sid>" />
 <input type="hidden" name="page" value="user" />
 <input type="hidden" name="useraction" value="<TMPL_VAR NAME=action>" />

branches/stable/templates/useradmin.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -16 +15 @@
 <tr><td colspan="3" align="center"><TMPL_INCLUDE NAME="lettsearch.tmpl"></td></tr>
 <TMPL_IF adduser>
-<tr><td colspan="3" align="right"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=user">New User</a></td></tr>
+<tr><td colspan="3" align="right"><a href="<TMPL_VAR NAME=script_self>&amp;page=user">New User</a></td></tr>
 </TMPL_IF>
 </table>
@@ -22 +21 @@
 <table width="98%" border="0" cellspacing="4" cellpadding="3" class="csubtable">
 <tr>
-<TMPL_LOOP NAME=colheads>       <td class="datahead_<TMPL_IF __first__>l<TMPL_ELSE>s</TMPL_IF>"><a href="dns.cgi?sid=<TMPL_VAR
- NAME=sid>&amp;page=<TMPL_VAR NAME=page><TMPL_IF NAME=offset>&amp;offset=<TMPL_VAR
+<TMPL_LOOP NAME=colheads>       <td class="datahead_<TMPL_IF __first__>l<TMPL_ELSE>s</TMPL_IF>"><a href="<TMPL_VAR
+ NAME=script_self>&amp;page=<TMPL_VAR NAME=page><TMPL_IF NAME=offset>&amp;offset=<TMPL_VAR
  NAME=offset></TMPL_IF>&amp;sortby=<TMPL_VAR NAME=sortby>&amp;order=<TMPL_VAR NAME=order>"><TMPL_VAR
  NAME=colname></a><TMPL_IF NAME=sortorder>&nbsp;<img alt="<TMPL_VAR NAME=sortorder>" src="images/<TMPL_VAR
@@ -33 +32 @@
 <TMPL_LOOP name=usertable>
 <tr class="row<TMPL_IF __odd__>0<TMPL_ELSE>1</TMPL_IF>">
-        <td align="left"><TMPL_IF eduser><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=user&amp;useraction=edit&amp;user=<TMPL_VAR NAME=user_id>"><TMPL_VAR NAME=username></a><TMPL_ELSE><TMPL_VAR NAME=username></TMPL_IF></td>
+        <td align="left"><TMPL_IF eduser><a href="<TMPL_VAR NAME=script_self>&amp;page=user&amp;useraction=edit&amp;user=<TMPL_VAR NAME=user_id>"><TMPL_VAR NAME=username></a><TMPL_ELSE><TMPL_VAR NAME=username></TMPL_IF></td>
         <td class="data_nowrap"><TMPL_VAR name=fname></td>
         <td><TMPL_VAR name=type></td>
@@ -39 +38 @@
         <td align="center">
 <TMPL_IF eduser>
-                <a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=useradmin<TMPL_IF NAME=offset>&amp;offset=<TMPL_VAR NAME=offset></TMPL_IF>&amp;id=<TMPL_VAR NAME=user_id>&amp;userstatus=<TMPL_IF status>useroff<TMPL_ELSE>useron</TMPL_IF>"><TMPL_IF status>enabled<TMPL_ELSE>disabled</TMPL_IF></a>
+                <a href="<TMPL_VAR NAME=script_self>&amp;page=useradmin<TMPL_IF NAME=offset>&amp;offset=<TMPL_VAR NAME=offset></TMPL_IF>&amp;id=<TMPL_VAR NAME=user_id>&amp;userstatus=<TMPL_IF status>useroff<TMPL_ELSE>useron</TMPL_IF>"><TMPL_IF status>enabled<TMPL_ELSE>disabled</TMPL_IF></a>
 <TMPL_ELSE>
                 <TMPL_IF status>enabled<TMPL_ELSE>disabled</TMPL_IF>
@@ -45 +44 @@
 </td>
 <TMPL_IF deluser>
-        <td align="center"><a href="dns.cgi?sid=<TMPL_VAR NAME=sid>&amp;page=deluser&amp;id=<TMPL_VAR NAME=user_id>"><img src="images/trash2.png" alt="[ Delete ]" /></a></td>
+        <td align="center"><a href="<TMPL_VAR NAME=script_self>&amp;page=deluser&amp;id=<TMPL_VAR NAME=user_id>"><img src="images/trash2.png" alt="[ Delete ]" /></a></td>
 </TMPL_IF>
 </tr>
 </TMPL_LOOP>
+<tr><td colspan="6" align="center"><TMPL_INCLUDE NAME="fpnla.tmpl"></td></tr>
 <TMPL_ELSE>
-<tr><td colspan="6">No users found</td></tr>
+<tr><td colspan="6" align="center">No users found</td></tr>
 </TMPL_IF>
 </table>

branches/stable/templates/whoisq.tmpl

@@ -1 @@
-<!-- <TMPL_VAR NAME=sid> -->
 <table class="wholepage"><tr>
 <TMPL_INCLUDE NAME="menu.tmpl">
@@ -7 +6 @@
 <TMPL_IF errmsg><div class="errmsg">Query error: <TMPL_VARNAME=errmsg></div></TMPL_IF>
 
-<form action="dns.cgi" method="post">
+<form action="<TMPL_VAR NAME=script_self>" method="post">
 <fieldset>
-<input type="hidden" name="sid" value="<TMPL_VAR NAME=sid>" />
 <input type="hidden" name="page" value="whoisq" />
 <input type="hidden" name="askaway" value="y" />

branches/stable/textrecs.cgi

@@ -3 +3 @@
 ##
 # $Id$
-# Copyright 2012 Kris Deugau <kdeugau@deepnet.cx>
+# Copyright 2012,2013 Kris Deugau <kdeugau@deepnet.cx>
 # 
 #    This program is free software: you can redistribute it and/or modify
@@ -51 +51 @@
 
 # Check the session and if we have a zone ID to retrieve.  Call a failure sub if not.
-my $sid = ($webvar{sid} ? $webvar{sid} : undef);
+my $sid = $q->cookie('dnsadmin_session');
 my $session = new CGI::Session("driver:File", $sid, {Directory => $dnsdb->{sessiondir}})
         or die CGI::Session->errstr();
@@ -63 +63 @@
 
 ##fixme:  do we support both HTML-plain and true plaintext?  could be done, with another $webvar{}
-# Don't die on bad parameters.  Saves munging the return from getDomRecs.
+# Don't die on bad parameters.  Saves munging the return from getRecList.
 #my $page = HTML::Template->new(filename => "$templatedir/textrecs.tmpl",
 #       loop_context_vars => 1, global_vars => 1, die_on_bad_params => 0);
@@ -73 +73 @@
 print qq(Press the "Back" button to return to the standard record list.\n\n);
 
-my $reclist = $dnsdb->getDomRecs(defrec => $webvar{defrec}, revrec => $webvar{revrec}, id => $webvar{id},
+my $reclist = $dnsdb->getRecList(defrec => $webvar{defrec}, revrec => $webvar{revrec}, id => $webvar{id},
         sortby => ($webvar{revrec} eq 'n' ? 'type,host' : 'type,val'), sortorder => 'ASC');
 foreach my $rec (@$reclist) {
@@ -81 +81 @@
   $rec->{val} = "$rec->{distance}  $rec->{val}" if $rec->{type} eq 'MX';
   $rec->{val} = "$rec->{distance}  $rec->{weight}  $rec->{port}  $rec->{val}" if $rec->{type} eq 'SRV';
-  printf "%-45s\t%d\t%s\t%s\n", $rec->{host}, $rec->{ttl}, $rec->{type}, $rec->{val};
+  if ($webvar{revrec} eq 'y') {
+    printf "%-16s\t%d\t%s\t%s\n", $rec->{val}, $rec->{ttl}, $rec->{type}, $rec->{host};
+  } else {
+    printf "%-45s\t%d\t%s\t%s\n", $rec->{host}, $rec->{ttl}, $rec->{type}, $rec->{val};
+  }
 }
 #$page->param(defrec => ($webvar{defrec} eq 'y'));

branches/stable/tiny-import.pl

@@ -3 +3 @@
 ##
 # $Id$
-# Copyright 2012 Kris Deugau <kdeugau@deepnet.cx>
+# Copyright 2012,2013 Kris Deugau <kdeugau@deepnet.cx>
 #
 #    This program is free software: you can redistribute it and/or modify
@@ -25 +25 @@
 use strict;
 use warnings;
-
-use lib '.';
+use POSIX;
+use Time::TAI64 qw(:tai);
+
+use lib '.';    ##uselib##
 use DNSDB;
 
@@ -37 +39 @@
         conv    => 0,
         trial   => 0,
+        legacy  => 0,
         );
 # Handle some command-line arguments
 while ($ARGV[0] =~ /^-/) {
   my $arg = shift @ARGV;
-  usage() if $arg !~ /^-[rct]+$/;
+  usage() if $arg !~ /^-[rclt]+$/;
   # -r  rewrite imported files to comment imported records
   # -c  coerce/downconvert A+PTR = records to PTR
+  # -l  swallow A+PTR as-is
   # -t  trial mode;  don't commit to DB or actually rewrite flatfile (disables -r)
   $arg =~ s/^-//;
@@ -50 +54 @@
     $importcfg{rw} = 1 if $_ eq 'r';
     $importcfg{conv} = 1 if $_ eq 'c';
+    $importcfg{legacy} = 1 if $_ eq 'l';
     $importcfg{trial} = 1 if $_ eq 't';
   }
@@ -65 +70 @@
             Multiple passes may be necessary if SOA and = records are heavily
             intermixed and not clustered together.
+        -l  (for "legacy")  Force import of A+PTR records as-is.  Mutually exclusive
+            with -c.  -l takes precedence as -c is lossy.
         -t  Trial run mode;  spits out records that would be left unimported.
             Disables -r if set.
@@ -120 +127 @@
   }
 
-  our $recsth = $dbh->prepare("INSERT INTO records (domain_id,rdns_id,host,type,val,distance,weight,port,ttl,location) ".
-        " VALUES (?,?,?,?,?,?,?,?,?,?)");
+  our $recsth = $dbh->prepare("INSERT INTO records (domain_id,rdns_id,host,type,val,distance,weight,port,ttl,location,stamp,expires,stampactive) ".
+        " VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)");
 
   my %deleg;
@@ -243 +250 @@
   }
 
+  sub calcstamp {
+    my $stampin = shift;
+    my $ttl = shift;
+    my $pzone = shift;
+    my $revrec = shift;
+
+    return ($ttl, 'n', 'n', '1970-01-01 00:00:00 -0') if !$stampin;
+
+##fixme  Yes, this fails for records in 2038 sometime.  No, I'm not going to care for a while.
+    $stampin = "\@$stampin";    # Time::TAI64 needs the leading @.  Feh.
+    my $u = tai2unix($stampin);
+    $stampin = strftime("%Y-%m-%d %H:%M:%S %z", localtime($u));
+    my $expires = 'n';
+    if ($ttl) {
+      # TTL can stay put.
+    } else {
+      # TTL on import is 0, almost certainly wrong.  Get the parent zone's SOA and use the minttl.
+      my $soa = $dnsdb->getSOA('n', $revrec, $pzone);
+      $ttl = $soa->{minttl};
+      $expires = 'y';
+    } 
+    return ($ttl, 'y', $expires, $stampin);
+  }
 
   sub recslurp {
@@ -263 +293 @@
       $host =~ s/^=//;
       $host =~ s/\.$//;
-      $ttl = 0 if !$ttl;
+      $ttl = -1 if $ttl eq '';
       $stamp = '' if !$stamp;
       $loc = '' if !$loc;
@@ -269 +299 @@
       my $fparent = $dnsdb->_hostparent($host);
       my ($rparent) = $dbh->selectrow_array("SELECT rdns_id FROM revzones WHERE revnet >> ?", undef, ($ip));
+
+      my $stampactive = 'n';
+      my $expires = 'n';
+
+      # can't set a timestamp on an orphaned record.  we'll actually fail import of this record a little later.
+      if ($fparent || $rparent) {
+        if ($fparent) {
+          ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $fparent, 'n');
+        } else {
+          ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $rparent, 'y');
+        }
+      }
+
       if ($fparent && $rparent) {
-        $recsth->execute($fparent, $rparent, $host, 65280, $ip, 0, 0, 0, $ttl, $loc);
-      } else {
-        if ($importcfg{conv}) {
+        $recsth->execute($fparent, $rparent, $host, 65280, $ip, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
+      } else {
+        if ($importcfg{legacy}) {
+          # Just import it already!  Record may still be subject to downconversion on editing.
+          $fparent = 0 if !$fparent;
+          $rparent = 0 if !$rparent;
+          if ($fparent || $rparent) {
+            $recsth->execute($fparent, $rparent, $host, 65280, $ip, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
+          } else {
+            # No parents found, cowardly refusing to add a dangling record
+            push @deferred, $rec unless $nodefer;
+            $impok = 0;
+          }
+        } elsif ($importcfg{conv}) {
           # downconvert A+PTR if forward zone is not found
-          $recsth->execute(0, $rparent, $host, 12, $ip, 0, 0, 0, $ttl, $loc);
+          $recsth->execute(0, $rparent, $host, 12, $ip, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
           $converted++;
         } else {
@@ -290 +344 @@
       $host =~ s/\.$//;
       $host =~ s/^\\052/*/;
-      $ttl = 0 if !$ttl;
-      $stamp = '' if !$stamp;
-      $loc = '' if !$loc;
-      $loc = '' if $loc =~ /^:+$/;
+      $ttl = -1 if $ttl eq '';
+      $stamp = '' if !$stamp;
+      $loc = '' if !$loc;
+      $loc = '' if $loc =~ /^:+$/;
+
+      my $stampactive = 'n';
+      my $expires = 'n';
+
       if ($host =~ /\.arpa$/) {
         ($code,$msg) = DNSDB::_zone2cidr($host);
         my ($rparent) = $dbh->selectrow_array("SELECT rdns_id FROM revzones WHERE revnet >> ?", undef, ($msg));
-        $recsth->execute(0, $rparent, $targ, 5, $msg->addr, 0, 0, 0, $ttl, $loc);
+        if ($rparent) {
+          ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $rparent, 'y');
+          $recsth->execute(0, $rparent, $targ, 5, $msg->addr, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
+        } else {
+          push @deferred, $rec unless $nodefer;
+          $impok = 0;
+          #  print "$tmporig deferred;  can't find parent zone\n";
+        }
 
 ##fixme:  automagically convert manually maintained sub-/24 delegations
@@ -308 +373 @@
         my $fparent = $dnsdb->_hostparent($host);
         if ($fparent) {
-          $recsth->execute($fparent, 0, $host, 5, $targ, 0, 0, 0, $ttl, $loc);
+          ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $fparent, 'n');
+          $recsth->execute($fparent, 0, $host, 5, $targ, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
         } else {
           push @deferred, $rec unless $nodefer;
@@ -324 +390 @@
       $ns =~ s/\.$//;
       $ns = "$ns.ns.$zone" if $ns !~ /\./;
-      $ttl = 0 if !$ttl;
-      $stamp = '' if !$stamp;
-      $loc = '' if !$loc;
-      $loc = '' if $loc =~ /^:+$/;
+      $ttl = -1 if $ttl eq '';
+      $stamp = '' if !$stamp;
+      $loc = '' if !$loc;
+      $loc = '' if $loc =~ /^:+$/;
+
+      my $stampactive = 'n';
+      my $expires = 'n';
+
       if ($zone =~ /\.arpa$/) {
         ($code,$msg) = DNSDB::_zone2cidr($zone);
@@ -336 +406 @@
 #       if !$rparent;
         if ($rparent) {
-          $recsth->execute(0, $rparent, $ns, 2, $msg, 0, 0, 0, $ttl, $loc);
+          ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $rparent, 'y');
+          $recsth->execute(0, $rparent, $ns, 2, $msg, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
         } else {
           push @deferred, $rec unless $nodefer;
@@ -344 +415 @@
         my $fparent = $dnsdb->_hostparent($zone);
         if ($fparent) {
-          $recsth->execute($fparent, 0, $zone, 2, $ns, 0, 0, 0, $ttl, $loc);
-          $recsth->execute($fparent, 0, $ns, 2, $ip, 0, 0, 0, $ttl, $loc) if $ip;
+          ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $fparent, 'n');
+          $recsth->execute($fparent, 0, $zone, 2, $ns, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
+          $recsth->execute($fparent, 0, $ns, 2, $ip, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive) if $ip;
         } else {
           push @deferred, $rec unless $nodefer;
@@ -358 +430 @@
       $rip =~ s/^\^//;
       $rip =~ s/\.$//;
-      $ttl = 0 if !$ttl;
-      $stamp = '' if !$stamp;
-      $loc = '' if !$loc;
-      $loc = '' if $loc =~ /^:+$/;
+      $ttl = -1 if $ttl eq '';
+      $stamp = '' if !$stamp;
+      $loc = '' if !$loc;
+      $loc = '' if $loc =~ /^:+$/;
+
+      my $stampactive = 'n';
+      my $expires = 'n';
+
       my $rparent;
       if (my ($i, $z) = ($rip =~ /^(\d+)\.(\d+-(?:\d+\.){4}in-addr.arpa)$/) ) {
@@ -376 +452 @@
       }
       if ($rparent) {
-        $recsth->execute(0, $rparent, $host, 12, $msg->addr, 0, 0, 0, $ttl, $loc);
+        ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $rparent, 'y');
+        $recsth->execute(0, $rparent, $host, 12, $msg->addr, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
       } else {
         push @deferred, $rec unless $nodefer;
@@ -389 +466 @@
       $host =~ s/\.$//;
       $host =~ s/^\\052/*/;
-      $ttl = 0 if !$ttl;
-      $stamp = '' if !$stamp;
-      $loc = '' if !$loc;
-      $loc = '' if $loc =~ /^:+$/;
+      $ttl = -1 if $ttl eq '';
+      $stamp = '' if !$stamp;
+      $loc = '' if !$loc;
+      $loc = '' if $loc =~ /^:+$/;
+
+      my $stampactive = 'n';
+      my $expires = 'n';
 
       my $domid = $dnsdb->_hostparent($host);
       if ($domid) {
-        $recsth->execute($domid, 0, $host, 1, $ip, 0, 0, 0, $ttl, $loc);
+        ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $domid, 'n');
+        $recsth->execute($domid, 0, $host, 1, $ip, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
       } else {
         push @deferred, $rec unless $nodefer;
@@ -410 +491 @@
       $master =~ s/\.$//;
       $contact =~ s/\.$//;
-      $ttl = 0 if !$ttl;
-      $stamp = '' if !$stamp;
-      $loc = '' if !$loc;
-      $loc = '' if $loc =~ /^:+$/;
+      $ttl = -1 if $ttl eq '';
+      $stamp = '' if !$stamp;
+      $loc = '' if !$loc;
+      $loc = '' if $loc =~ /^:+$/;
+
+      my $stampactive = 'n';
+      my $expires = 'n';
+
+##fixme er... what do we do with an SOA with a timestamp?  O_o
+# fail for now, since there's no clean way I can see to handle this (yet)
+# maybe (ab)use the -l flag to import as-is?
+      if ($stamp) {
+        push @deferred, $rec unless $nodefer;
+        return 0;
+      }
+
+##fixme: need more magic on TTL, so we can decide whether to use the minttl or newttl
+#      my $newttl;
+#      ($newttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $minttl, 0, 'n');
+#      $ttl = $newttl if !$ttl;
+
       if ($zone =~ /\.arpa$/) {
         ($code,$msg) = DNSDB::_zone2cidr($zone);
@@ -419 +517 @@
                 undef, ($msg, $loc));
         my ($rdns) = $dbh->selectrow_array("SELECT currval('revzones_rdns_id_seq')");
-        $recsth->execute(0, $rdns, "$contact:$master", 6, "$refresh:$retry:$expire:$minttl", 0, 0, 0, $ttl, $loc);
+        my $newttl;
+        ($newttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $minttl, 0, 'y');
+        $ttl = $newttl if !$ttl;
+        $recsth->execute(0, $rdns, "$contact:$master", 6, "$refresh:$retry:$expire:$minttl", 0, 0, 0, $ttl,
+                $loc, $stamp, $expires, $stampactive);
       } else {
         $dbh->do("INSERT INTO domains (domain,group_id,status,default_location) VALUES (?,1,1,?)",
                 undef, ($zone, $loc));
         my ($domid) = $dbh->selectrow_array("SELECT currval('domains_domain_id_seq')");
-        $recsth->execute($domid, 0, "$contact:$master", 6, "$refresh:$retry:$expire:$minttl", 0, 0, 0, $ttl, $loc);
+        my $newttl;
+        ($newttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $minttl, 0, 'n');
+        $ttl = $newttl if !$ttl;
+        $recsth->execute($domid, 0, "$contact:$master", 6, "$refresh:$retry:$expire:$minttl", 0, 0, 0, $ttl,
+                $loc, $stamp, $expires, $stampactive);
       }
 
@@ -436 +542 @@
       $host =~ s/\.$//;
       $host = "$host.mx.$zone" if $host !~ /\./;
-      $ttl = 0 if !$ttl;
-      $stamp = '' if !$stamp;
-      $loc = '' if !$loc;
-      $loc = '' if $loc =~ /^:+$/;
+      $ttl = -1 if $ttl eq '';
+      $stamp = '' if !$stamp;
+      $loc = '' if !$loc;
+      $loc = '' if $loc =~ /^:+$/;
+
+      my $stampactive = 'n';
+      my $expires = 'n';
 
 # note we don't check for reverse domains here, because MX records don't make any sense in reverse zones.
@@ -447 +556 @@
       my $domid = $dnsdb->_hostparent($zone);
       if ($domid) {
-        $recsth->execute($domid, 0, $zone, 15, $host, $dist, 0, 0, $ttl, $loc);
-        $recsth->execute($domid, 0, $host, 1, $ip, 0, 0, 0, $ttl, $loc) if $ip;
+        ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $domid, 'n');
+        $recsth->execute($domid, 0, $zone, 15, $host, $dist, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
+        $recsth->execute($domid, 0, $host, 1, $ip, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive) if $ip;
       } else {
         push @deferred, $rec unless $nodefer;
@@ -461 +571 @@
       $fqdn =~ s/^\\052/*/;
       _deoctal(\$rdata);
-      $ttl = 0 if !$ttl;
-      $stamp = '' if !$stamp;
-      $loc = '' if !$loc;
-      $loc = '' if $loc =~ /^:+$/;
+      $ttl = -1 if $ttl eq '';
+      $stamp = '' if !$stamp;
+      $loc = '' if !$loc;
+      $loc = '' if $loc =~ /^:+$/;
+
+      my $stampactive = 'n';
+      my $expires = 'n';
 
       if ($fqdn =~ /\.arpa$/) {
         ($code,$msg) = DNSDB::_zone2cidr($fqdn);
         my ($rparent) = $dbh->selectrow_array("SELECT rdns_id FROM revzones WHERE revnet >> ?", undef, ($msg));
-        $recsth->execute(0, $rparent, $rdata, 16, "$msg", 0, 0, 0, $ttl, $loc);
+        ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $rparent, 'y');
+        $recsth->execute(0, $rparent, $rdata, 16, "$msg", 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
       } else {
         my $domid = $dnsdb->_hostparent($fqdn);
         if ($domid) {
-          $recsth->execute($domid, 0, $fqdn, 16, $rdata, 0, 0, 0, $ttl, $loc);
+          ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $domid, 'n');
+          $recsth->execute($domid, 0, $fqdn, 16, $rdata, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
         } else {
           push @deferred, $rec unless $nodefer;
@@ -488 +603 @@
       $ns =~ s/\.$//;
       $ns = "$ns.ns.$fqdn" if $ns !~ /\./;
-      $ttl = 0 if !$ttl;
-      $stamp = '' if !$stamp;
-      $loc = '' if !$loc;
-      $loc = '' if $loc =~ /^:+$/;
+      $ttl = -1 if $ttl eq '';
+      $stamp = '' if !$stamp;
+      $loc = '' if !$loc;
+      $loc = '' if $loc =~ /^:+$/;
+
+      my $stampactive = 'n';
+      my $expires = 'n';
+
+##fixme er... what do we do with an SOA with a timestamp?  O_o
+# fail for now, since there's no clean way I can see to handle this (yet)
+# maybe (ab)use the -l flag to import as-is?
+      if ($stamp) {
+        push @deferred, $rec unless $nodefer;
+        return 0;
+      }
+
+##fixme: need more magic on TTL, so we can decide whether to use the minttl or newttl
+#      my $newttl;
+#      ($newttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $minttl, 0, 'n');
 
       if ($fqdn =~ /\.arpa$/) {
@@ -501 +631 @@
                 undef, ($msg, $loc));
           ($rdns) = $dbh->selectrow_array("SELECT currval('revzones_rdns_id_seq')");
+          ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, 2560, 0, 'y');
 # this would probably make a lot more sense to do hostmaster.$config{admindomain}
-          $recsth->execute(0, $rdns, "hostmaster.$fqdn:$ns", 6, "16384:2048:1048576:2560", 0, 0, 0, "2560", $loc);
-        }
-        $recsth->execute(0, $rdns, $ns, 2, "$msg", 0, 0, 0, $ttl, $loc);
+# otherwise, it's as per the tinydns defaults that work tolerably well on a small scale
+# serial -> modtime of data file, ref -> 16384, ret -> 2048, exp -> 1048576, min -> 2560
+          $recsth->execute(0, $rdns, "hostmaster.$fqdn:$ns", 6, "16384:2048:1048576:2560", 0, 0, 0, "2560",
+                $loc, $stamp, $expires, $stampactive);
+        }
+        ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, 2560, $rdns, 'y') if !$stamp;
+        $recsth->execute(0, $rdns, $ns, 2, "$msg", 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
 ##fixme:  (?)  implement full conversion of tinydns . records?
 # -> problem:  A record for NS must be added to the appropriate *forward* zone, not the reverse
-#$recsth->execute(0, $rdns, $ns, 1, $ip, 0, 0, 0, $ttl)
+#$recsth->execute(0, $rdns, $ns, 1, $ip, 0, 0, 0, $ttl, $stamp, $expires, $stampactive)
 # ...  auto-A-record simply does not make sense in reverse zones.  Functionally
 # I think it would work, sort of, but it's a nasty mess and anyone hosting reverse
@@ -521 +656 @@
                 undef, ($fqdn, $loc));
           ($domid) = $dbh->selectrow_array("SELECT currval('domains_domain_id_seq')");
-          $recsth->execute($domid, 0, "hostmaster.$fqdn:$ns", 6, "16384:2048:1048576:2560", 0, 0, 0, "2560", $loc);
-        }
-        $recsth->execute($domid, 0, $fqdn, 2, $ns, 0, 0, 0, $ttl, $loc);
-        $recsth->execute($domid, 0, $ns, 1, $ip, 0, 0, 0, $ttl, $loc) if $ip;
+          ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, 2560, 0, 'n');
+          $recsth->execute($domid, 0, "hostmaster.$fqdn:$ns", 6, "16384:2048:1048576:2560", 0, 0, 0, "2560",
+                $loc, $stamp, $expires, $stampactive);
+        }
+        ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $domid, 'n') if !$stamp;
+        $recsth->execute($domid, 0, $fqdn, 2, $ns, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
+        $recsth->execute($domid, 0, $ns, 1, $ip, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive) if $ip;
       }
 
@@ -556 +694 @@
       $fqdn =~ s/\.$//;
       $fqdn =~ s/^\\052/*/;
-      $ttl = 0 if !$ttl;
-      $stamp = '' if !$stamp;
-      $loc = '' if !$loc;
-      $loc = '' if $loc =~ /^:+$/;
+      $ttl = -1 if $ttl eq '';
+      $stamp = '' if !$stamp;
+      $loc = '' if !$loc;
+      $loc = '' if $loc =~ /^:+$/;
+
+      my $stampactive = 'n';
+      my $expires = 'n';
 
       if ($type == 33) {
@@ -588 +729 @@
         my $domid = $dnsdb->_hostparent($fqdn);
         if ($domid) {
-          $recsth->execute($domid, 0, $fqdn, 33, $target, $prio, $weight, $port, $ttl, $loc) if $domid;
+          ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $domid, 'n');
+          $recsth->execute($domid, 0, $fqdn, 33, $target, $prio, $weight, $port, $ttl, $loc, $stamp, $expires, $stampactive) if $domid;
         } else {
           push @deferred, $rec unless $nodefer;
@@ -605 +747 @@
 
         my $fparent = $dnsdb->_hostparent($fqdn);
+
         if ($fparent) {
-          $recsth->execute($fparent, 0, $fqdn, 28, $val->addr, 0, 0, 0, $ttl, $loc);
+          ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $fparent, 'n');
+          $recsth->execute($fparent, 0, $fqdn, 28, $val->addr, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
         } else {
           push @deferred, $rec unless $nodefer;
@@ -620 +764 @@
           my ($rparent) = $dbh->selectrow_array("SELECT rdns_id FROM revzones WHERE revnet >> ?", undef, ($msg));
           if ($rparent) {
-            $recsth->execute(0, $rparent, $txtstring, 16, "$msg", 0, 0, 0, $ttl, $loc);
+            ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $rparent, 'y');
+            $recsth->execute(0, $rparent, $txtstring, 16, "$msg", 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
           } else {
             push @deferred, $rec unless $nodefer;
@@ -628 +773 @@
           my $domid = $dnsdb->_hostparent($fqdn);
           if ($domid) {
-            $recsth->execute($domid, 0, $fqdn, 16, $txtstring, 0, 0, 0, $ttl, $loc);
+            ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $domid, 'n');
+            $recsth->execute($domid, 0, $fqdn, 16, $txtstring, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
           } else {
             push @deferred, $rec unless $nodefer;
@@ -648 +794 @@
           my ($rparent) = $dbh->selectrow_array("SELECT rdns_id FROM revzones WHERE revnet >> ?", undef, ($msg));
           if ($rparent) {
-            $recsth->execute(0, $rparent, "$email $txtrec", 17, "$msg", 0, 0, 0, $ttl, $loc);
+            ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $rparent, 'y');
+            $recsth->execute(0, $rparent, "$email $txtrec", 17, "$msg", 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive );
           } else {
             push @deferred, $rec unless $nodefer;
@@ -656 +803 @@
           my $domid = $dnsdb->_hostparent($fqdn);
           if ($domid) {
-            $recsth->execute($domid, 0, $fqdn, 17, "$email $txtrec", 0, 0, 0, $ttl, $loc);
+            ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $domid, 'n');
+            $recsth->execute($domid, 0, $fqdn, 17, "$email $txtrec", 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
           } else {
             push @deferred, $rec unless $nodefer;
@@ -672 +820 @@
         my $domid = $dnsdb->_hostparent($fqdn);
         if ($domid) {
-          $recsth->execute($domid, 0, $fqdn, 44, $sshfp, 0, 0, 0, $ttl, $loc);
+          ($ttl, $stampactive, $expires, $stamp) = calcstamp($stamp, $ttl, $domid, 'n');
+          $recsth->execute($domid, 0, $fqdn, 44, $sshfp, 0, 0, 0, $ttl, $loc, $stamp, $expires, $stampactive);
         } else {
           push @deferred, $rec unless $nodefer;

branches/stable/vega-import.pl

@@ -3 +3 @@
 ##
 # $Id$
-# Copyright 2011,2012 Kris Deugau <kdeugau@deepnet.cx>
+# Copyright 2011-2013 Kris Deugau <kdeugau@deepnet.cx>
 # 
 #    This program is free software: you can redistribute it and/or modify