From e1a419ea117f6ea93fc2cfe3f559e914fe2a7c33 Mon Sep 17 00:00:00 2001
From: Marcus Hill <bcf8c9f2@opayq.com>
Date: Mon, 7 Mar 2022 22:31:19 +0000
Subject: [PATCH] Refactor domains modals so they are dyanmically populated.
 Implement basic NS, MX and WHOIS scraping for domains on add/edit

---
 ajax.php                     |  22 +++++
 client_domain_edit_modal.php | 162 ++++++++++++++++++++---------------
 client_domains.php           |  91 ++++++++++++++++++--
 post.php                     |  30 ++++++-
 4 files changed, 228 insertions(+), 77 deletions(-)

diff --git a/ajax.php b/ajax.php
index 07a56ad8..78c7c877 100644
--- a/ajax.php
+++ b/ajax.php
@@ -76,6 +76,28 @@ if(isset($_GET['certificate_get_json_details'])){
   echo json_encode($response);
 }
 
+/*
+ * Looks up info for a given domain ID from the database, used to dynamically populate modal fields
+ */
+if(isset($_GET['domain_get_json_details'])){
+  $domain_id = intval($_GET['domain_id']);
+  $client_id = intval($_GET['client_id']);
+
+  // Individual domain lookup
+  $cert_sql = mysqli_query($mysqli,"SELECT * FROM domains WHERE domain_id = $domain_id AND domain_client_id = $client_id");
+  while($row = mysqli_fetch_array($cert_sql)){
+    $response['domain'][] = $row;
+  }
+
+  // Get all registrars/webhosts (vendors) for this client that could be linked to this domain
+  $vendor_sql = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = $client_id");
+  while($row = mysqli_fetch_array($vendor_sql)){
+    $response['vendors'][] = $row;
+  }
+
+  echo json_encode($response);
+}
+
 /*
  * Looks up info on the ticket number provided, used to populate the ticket merge modal
  */
diff --git a/client_domain_edit_modal.php b/client_domain_edit_modal.php
index 0f10ea49..5871abc9 100644
--- a/client_domain_edit_modal.php
+++ b/client_domain_edit_modal.php
@@ -1,82 +1,110 @@
-<div class="modal" id="editDomainModal<?php echo $domain_id; ?>" tabindex="-1">
+<div class="modal" id="editDomainModal" tabindex="-1">
   <div class="modal-dialog">
     <div class="modal-content bg-dark">
       <div class="modal-header">
-        <h5 class="modal-title"><i class="fa fa-fw fa-globe"></i> <?php echo $domain_name ?></h5>
+        <h5 class="modal-title"><i class="fa fa-fw fa-lock"></i><span id="editHeader"></span></h5>
         <button type="button" class="close text-white" data-dismiss="modal">
           <span>&times;</span>
         </button>
       </div>
       <form action="post.php" method="post" autocomplete="off">
-        <input type="hidden" name="domain_id" value="<?php echo $domain_id; ?>">
-        <div class="modal-body bg-white">    
-          
-          <div class="form-group">
-            <label>Domain Name <strong class="text-danger">*</strong></label>
-            <div class="input-group">
-              <div class="input-group-prepend">
-                <span class="input-group-text"><i class="fa fa-fw fa-globe"></i></span>
-              </div>
-              <input type="text" class="form-control" name="name" placeholder="Domain name exmaple.com" value="<?php echo $domain_name; ?>" required>
-            </div>
-          </div>
-          
-          <div class="form-group">
-            <label>Domain Registrar</label>
-            <div class="input-group">
-              <div class="input-group-prepend">
-                <span class="input-group-text"><i class="fa fa-fw fa-server"></i></span>
-              </div>
-              <select class="form-control select2" name="registrar">
-                <option value="">- Vendor -</option>
-                <?php 
-                
-                $sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = $client_id"); 
-                while($row = mysqli_fetch_array($sql_vendors)){
-                  $vendor_id_select = $row['vendor_id'];
-                  $vendor_name_select = $row['vendor_name'];
-                ?>
-                <option <?php if($domain_registrar == $vendor_id_select) { echo "selected"; } ?> value="<?php echo $vendor_id_select; ?>"><?php echo $vendor_name_select; ?></option>
-                
-                <?php
-                }
-                ?>
-              </select>
-            </div>
-          </div>
+        <input type="hidden" name="domain_id" value="" id="editDomainId">
+        <div class="modal-body bg-white">
 
-          <div class="form-group">
-            <label>Webhost</label>
-            <div class="input-group">
-              <div class="input-group-prepend">
-                <span class="input-group-text"><i class="fa fa-fw fa-server"></i></span>
+          <ul class="nav nav-pills nav-justified mb-3">
+            <li class="nav-item">
+              <a class="nav-link active" data-toggle="pill" href="#pills-overview">Overview</a>
+            </li>
+            <li class="nav-item">
+              <a class="nav-link" data-toggle="pill" href="#pills-records">Records</a>
+            </li>
+          </ul>
+
+          <hr>
+
+          <div class="tab-content">
+
+            <div class="tab-pane fade show active" id="pills-overview">
+
+              <div class="form-group">
+                <label>Domain Name <strong class="text-danger">*</strong></label>
+                <div class="input-group">
+                  <div class="input-group-prepend">
+                    <span class="input-group-text"><i class="fa fa-fw fa-globe"></i></span>
+                  </div>
+                  <input type="text" class="form-control" name="name" id="editDomainName"  placeholder="Domain name example.com" value="" required>
+                </div>
               </div>
-              <select class="form-control select2" name="webhost">
-                <option value="">- Vendor -</option>
-                <?php 
-                
-                $sql_vendors = mysqli_query($mysqli,"SELECT * FROM vendors WHERE vendor_client_id = $client_id"); 
-                while($row = mysqli_fetch_array($sql_vendors)){
-                  $vendor_id_select = $row['vendor_id'];
-                  $vendor_name_select = $row['vendor_name'];
-                ?>
-                <option <?php if($domain_webhost == $vendor_id_select){ echo "selected"; } ?> value="<?php echo $vendor_id_select; ?>"><?php echo $vendor_name_select; ?></option>
-                
-                <?php
-                }
-                ?>
-              </select>
-            </div>
-          </div>
-        
-          <div class="form-group">
-            <label>Expire Date</label>
-            <div class="input-group">
-              <div class="input-group-prepend">
-                <span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
+
+              <div class="form-group">
+                <label>Domain Registrar</label>
+                <div class="input-group">
+                  <div class="input-group-prepend">
+                    <span class="input-group-text"><i class="fa fa-fw fa-server"></i></span>
+                  </div>
+                  <select class="form-control select2" name="registrar" id="editRegistrarId">
+                  </select>
+                </div>
               </div>
-              <input type="date" class="form-control" name="expire" value="<?php echo $domain_expire; ?>"> 
+
+              <div class="form-group">
+                <label>Webhost</label>
+                <div class="input-group">
+                  <div class="input-group-prepend">
+                    <span class="input-group-text"><i class="fa fa-fw fa-server"></i></span>
+                  </div>
+                  <select class="form-control select2" name="webhost" id="editWebhostId">
+                  </select>
+                </div>
+              </div>
+
+              <div class="form-group">
+                <label>Expire Date</label>
+                <div class="input-group">
+                  <div class="input-group-prepend">
+                    <span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
+                  </div>
+                  <input type="date" class="form-control" id="editExpire" name="expire" value="">
+                </div>
+              </div>
+
             </div>
+
+            <div class="tab-pane fade" id="pills-records">
+
+              <div class="form-group">
+                <label>Name Servers</label>
+                <div class="input-group">
+                  <div class="input-group-prepend">
+                    <span class="input-group-text"><i class="fa fa-fw fa-crown"></i></span>
+                  </div>
+                  <textarea class="form-control" id="editNameServers" name="name_servers" disabled></textarea>
+                </div>
+              </div>
+
+
+              <div class="form-group">
+                <label>MX Records</label>
+                <div class="input-group">
+                  <div class="input-group-prepend">
+                    <span class="input-group-text"><i class="fa fa-fw fa-mail-bulk"></i></span>
+                  </div>
+                  <textarea class="form-control" id="editMailServers" name="mail_servers" disabled></textarea>
+                </div>
+              </div>
+
+              <div class="form-group">
+                <label>Raw WHOIS</label>
+                <div class="input-group">
+                  <div class="input-group-prepend">
+                    <span class="input-group-text"><i class="fa fa-fw fa-search-plus"></i></span>
+                  </div>
+                  <textarea class="form-control" id="editRawWhois" name="raw_whois" rows="8" disabled></textarea>
+                </div>
+              </div>
+
+            </div>
+
           </div>
 
         </div>
diff --git a/client_domains.php b/client_domains.php
index af89d631..41c2c87c 100644
--- a/client_domains.php
+++ b/client_domains.php
@@ -85,8 +85,8 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
           <tr>
             <th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=domain_name&o=<?php echo $disp; ?>">Domain</a></th>
             <th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=vendor_name&o=<?php echo $disp; ?>">Registrar</a></th>
-            <th>WebHost</th>
-            <th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=domain_expire&o=<?php echo $disp; ?>">Expire</a></th>
+            <th>Web Host</th>
+            <th><a class="text-secondary" href="?<?php echo $url_query_strings_sb; ?>&sb=domain_expire&o=<?php echo $disp; ?>">Expires</a></th>
             <th class="text-center">Action</th>
           </tr>
         </thead>
@@ -113,7 +113,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
 
           ?>
           <tr>
-            <td><a class="text-dark" href="#" data-toggle="modal" data-target="#editDomainModal<?php echo $domain_id; ?>"><?php echo $domain_name; ?></a></td>
+            <td><a class="text-dark" href="#" data-toggle="modal" onclick="populateDomainEditModal(<?php echo $client_id, ",", $domain_id ?>)" data-target="#editDomainModal"><?php echo $domain_name; ?></a></td>
             <td><?php echo $domain_registrar_name; ?></td>
             <td><?php echo $domain_webhost_name; ?></td>
             <td><?php echo $domain_expire; ?></td>
@@ -123,7 +123,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
                   <i class="fas fa-ellipsis-h"></i>
                 </button>
                 <div class="dropdown-menu">
-                  <a class="dropdown-item" href="#" data-toggle="modal" data-target="#editDomainModal<?php echo $domain_id; ?>">Edit</a>
+                  <a class="dropdown-item" href="#" data-toggle="modal" onclick="populateDomainEditModal(<?php echo $client_id, ",", $domain_id ?>)" data-target="#editDomainModal">Edit</a>
                   <div class="dropdown-divider"></div>
                   <a class="dropdown-item text-danger" href="post.php?delete_domain=<?php echo $domain_id; ?>">Delete</a>
                 </div>
@@ -132,10 +132,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
           </tr>
 
           <?php
-
-          include("client_domain_edit_modal.php");
           }
-          
           ?>
 
         </tbody>
@@ -145,4 +142,82 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
   </div>
 </div>
 
-<?php include("client_domain_add_modal.php"); ?>
\ No newline at end of file
+<?php
+include("client_domain_edit_modal.php");
+include("client_domain_add_modal.php");
+?>
+
+<script>
+    function populateDomainEditModal(client_id, domain_id) {
+
+        // Send a GET request to post.php as post.php?domain_get_json_details=true&client_id=NUM&domain_id=NUM
+        jQuery.get(
+            "ajax.php",
+            {domain_get_json_details: 'true', client_id: client_id, domain_id: domain_id},
+            function(data){
+
+                // If we get a response from post.php, parse it as JSON
+                const response = JSON.parse(data);
+
+                // Access the domain info (one), registrars (multiple) and webhosts (multiple_
+                const domain = response.domain[0];
+                const vendors = response.vendors;
+
+                // Populate the domain modal fields
+                document.getElementById("editHeader").innerText = " " + domain.domain_name;
+                document.getElementById("editDomainId").value = domain_id;
+                document.getElementById("editDomainName").value = domain.domain_name;
+                document.getElementById("editExpire").value = domain.domain_expire;
+                document.getElementById("editNameServers").value = domain.domain_name_servers;
+                document.getElementById("editMailServers").value = domain.domain_mail_servers;
+                document.getElementById("editRawWhois").value = domain.domain_raw_whois;
+
+                /* DROPDOWNS */
+
+                // Registrar dropdown
+                var registrarDropdown = document.getElementById("editRegistrarId");
+
+                // Clear registrar dropdown
+                var i, L = registrarDropdown.options.length -1;
+                for(i = L; i >= 0; i--) {
+                    registrarDropdown.remove(i);
+                }
+                registrarDropdown[registrarDropdown.length] = new Option('- Vendor -', '0');
+
+                // Populate dropdown
+                vendors.forEach(vendor => {
+                    if(parseInt(vendor.vendor_id) == parseInt(domain.domain_registrar)){
+                        // Selected domain
+                        registrarDropdown[registrarDropdown.length] = new Option(vendor.vendor_name, vendor.vendor_id, true, true);
+                    }
+                    else{
+                        registrarDropdown[registrarDropdown.length] = new Option(vendor.vendor_name, vendor.vendor_id);
+                    }
+                });
+
+                // Webhost dropdown
+                var webhostDropdown = document.getElementById("editWebhostId");
+
+                // Clear registrar dropdown
+                var i, L = webhostDropdown.options.length -1;
+                for(i = L; i >= 0; i--) {
+                    webhostDropdown.remove(i);
+                }
+                webhostDropdown[webhostDropdown.length] = new Option('- Vendor -', '0');
+
+                // Populate dropdown
+                vendors.forEach(vendor => {
+                    if(parseInt(vendor.vendor_id) == parseInt(domain.domain_webhost)){
+                        // Selected domain
+                        webhostDropdown[webhostDropdown.length] = new Option(vendor.vendor_name, vendor.vendor_id, true, true);
+                    }
+                    else{
+                        webhostDropdown[webhostDropdown.length] = new Option(vendor.vendor_name, vendor.vendor_id);
+                    }
+                });
+
+
+            }
+        );
+    }
+</script>
diff --git a/post.php b/post.php
index eb92f1ed..d3ef6358 100644
--- a/post.php
+++ b/post.php
@@ -5280,7 +5280,20 @@ if(isset($_POST['add_domain'])){
         $expire = "0000-00-00";
     }
 
-    mysqli_query($mysqli,"INSERT INTO domains SET domain_name = '$name', domain_registrar = $registrar,  domain_webhost = $webhost, domain_expire = '$expire', domain_created_at = NOW(), domain_client_id = $client_id, company_id = $session_company_id");
+    // NS, MX and WHOIS data
+    if(filter_var($name, FILTER_VALIDATE_DOMAIN) && (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN')){
+        $domain = escapeshellarg($name);
+        $ns = strip_tags(mysqli_real_escape_string($mysqli,shell_exec("dig +short NS $domain")));
+        $mx = strip_tags(mysqli_real_escape_string($mysqli,shell_exec("dig +short MX $domain")));
+        $whois = trim(strip_tags(mysqli_real_escape_string($mysqli,shell_exec("whois -H $domain | sed 's/   //g' | head -30"))));
+    }
+    else{
+      $ns = '';
+      $mx = '';
+      $whois = '';
+    }
+
+    mysqli_query($mysqli,"INSERT INTO domains SET domain_name = '$name', domain_registrar = $registrar,  domain_webhost = $webhost, domain_expire = '$expire', domain_name_servers = '$ns', domain_mail_servers = '$mx', domain_raw_whois = '$whois', domain_created_at = NOW(), domain_client_id = $client_id, company_id = $session_company_id");
 
     //Logging
     mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Created', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");
@@ -5302,7 +5315,20 @@ if(isset($_POST['edit_domain'])){
         $expire = "0000-00-00";
     }
 
-    mysqli_query($mysqli,"UPDATE domains SET domain_name = '$name', domain_registrar = $registrar,  domain_webhost = $webhost, domain_expire = '$expire', domain_updated_at = NOW() WHERE domain_id = $domain_id AND company_id = $session_company_id");
+    // NS, MX and WHOIS data
+    if(filter_var($name, FILTER_VALIDATE_DOMAIN) && (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN')){
+      $domain = escapeshellarg($name);
+      $ns = strip_tags(mysqli_real_escape_string($mysqli,shell_exec("dig +short NS $domain")));
+      $mx = strip_tags(mysqli_real_escape_string($mysqli,shell_exec("dig +short MX $domain")));
+      $whois = trim(strip_tags(mysqli_real_escape_string($mysqli,shell_exec("whois -H $domain | sed 's/   //g' | head -30"))));
+    }
+    else{
+      $ns = '';
+      $mx = '';
+      $whois = '';
+    }
+
+    mysqli_query($mysqli,"UPDATE domains SET domain_name = '$name', domain_registrar = $registrar,  domain_webhost = $webhost, domain_expire = '$expire', domain_name_servers = '$ns', domain_mail_servers = '$mx', domain_raw_whois = '$whois', domain_updated_at = NOW() WHERE domain_id = $domain_id AND company_id = $session_company_id");
 
     //Logging
     mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Modified', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id");