From 3813fbf8f22c615fddf3051079953fbd9056c7b2 Mon Sep 17 00:00:00 2001
From: wrongecho <marcus@itflow.org>
Date: Thu, 6 Nov 2025 10:41:52 +0000
Subject: [PATCH] When adding a domain, flag if no SOA record exists (prevents
 most sub-domains)

---
 agent/ajax.php                       | 21 +++++++++++++++++++++
 agent/modals/contact/contact_add.php |  2 +-
 agent/modals/domain/domain_add.php   | 22 +++++++++++++++++++++-
 3 files changed, 43 insertions(+), 2 deletions(-)

diff --git a/agent/ajax.php b/agent/ajax.php
index eec7bdd2..4a37f0e0 100644
--- a/agent/ajax.php
+++ b/agent/ajax.php
@@ -971,3 +971,24 @@ if (isset($_GET['ai_ticket_summary'])) {
 
     echo $summary; // nl2br to convert newlines to <br>, htmlspecialchars to prevent XSS
 }
+
+// Stops people trying to use sub-domains in the domains tracker
+if (isset($_GET['apex_domain_check'])) {
+    enforceUserPermission('module_support', 2);
+
+    $domain = sanitizeInput($_GET['domain']);
+
+    $response['message'] = ""; // default
+
+    if (strlen($domain) >= 4) {
+
+        // SOA record check
+        //  This isn't 100%, as sub-domains can have their own SOA but will capture 99%
+        if (!checkdnsrr($domain, 'SOA')) {
+            $response['message'] = "<i class='fas fa-fw fa-exclamation-triangle mr-2'></i> Domain name is invalid.";
+        }
+
+    }
+
+    echo json_encode($response);
+}
diff --git a/agent/modals/contact/contact_add.php b/agent/modals/contact/contact_add.php
index 9e5df3ba..a6a919c4 100644
--- a/agent/modals/contact/contact_add.php
+++ b/agent/modals/contact/contact_add.php
@@ -349,7 +349,7 @@ $(document).ready(function() {
         //Send a GET request to ajax.php as ajax.php?contact_email_check=true&email=email
         jQuery.get(
             "ajax.php",
-            {contact_email_check: 'email', email: email},
+            {contact_email_check: 'true', email: email},
             function(data) {
                 //If we get a response from ajax.php, parse it as JSON
                 const contact_check_data = JSON.parse(data);
diff --git a/agent/modals/domain/domain_add.php b/agent/modals/domain/domain_add.php
index e8273d36..7a36a543 100644
--- a/agent/modals/domain/domain_add.php
+++ b/agent/modals/domain/domain_add.php
@@ -65,7 +65,10 @@ ob_start();
                         <div class="input-group-prepend">
                             <span class="input-group-text"><i class="fa fa-fw fa-globe"></i></span>
                         </div>
-                        <input type="text" class="form-control" name="name" placeholder="example.com" maxlength="200" required autofocus>
+                        <input type="text" class="form-control" name="name" id="domain_name" placeholder="example.com" maxlength="200" required autofocus onfocusout="domain_check()">
+                    </div>
+                    <div class="mt-2">
+                        <span class="text-info" id="domain_check_info"></span>
                     </div>
                 </div>
 
@@ -193,6 +196,23 @@ ob_start();
     </div>
 </form>
 
+<script>
+    // Checks domains aren't sub-domains (99%)
+    function domain_check() {
+        var domain = document.getElementById("domain_name").value;
+        //Send a GET request to ajax.php as ajax.php?apex_domain_check=true&domain=domain
+        jQuery.get(
+            "ajax.php",
+            {apex_domain_check: 'true', domain: domain},
+            function(data) {
+                //If we get a response from ajax.php, parse it as JSON
+                const domain_check_data = JSON.parse(data);
+                document.getElementById("domain_check_info").innerHTML = domain_check_data.message;
+            }
+        );
+    }
+</script>
+
 <?php
 
 require_once '../../../includes/modal_footer.php';