From 2b81eb361ef2074d8ce60484e4a41a426be2ab23 Mon Sep 17 00:00:00 2001
From: Stuart Wyatt <stuart@gogglespisano.com>
Date: Tue, 7 Apr 2015 13:29:45 -0700
Subject: BIND package code clean up

Code cleanup to reflect coding style guidelines and consistency
Tabs only, always uses braces, spacing
C/C++ style comments
Use array_key_exists instead of key_exists
$config[] keys are always enclosed in quotes and use single quotes for literals
---
 config/bind/bind.inc | 1140 +++++++++++++++++++++++++++-----------------------
 1 file changed, 606 insertions(+), 534 deletions(-)

(limited to 'config/bind/bind.inc')

diff --git a/config/bind/bind.inc b/config/bind/bind.inc
index 54d536d0..dc4a9de9 100644
--- a/config/bind/bind.inc
+++ b/config/bind/bind.inc
@@ -36,107 +36,124 @@ require_once('util.inc');
 require_once('pfsense-utils.inc');
 require_once('pkg-utils.inc');
 require_once('service-utils.inc');
-if(!function_exists("filter_configure")) 
+if (!function_exists("filter_configure")) {
 	require_once("filter.inc");
+}
+
+$pf_version = substr(trim(file_get_contents("/etc/version")), 0, 3);
+if ($pf_version > 2.0) {
+	define('BIND_LOCALBASE', '/usr/pbi/bind-'.php_uname("m"));
+} else {
+	define('BIND_LOCALBASE', '/usr/local');
+}
 
-$pf_version=substr(trim(file_get_contents("/etc/version")),0,3);
-if ($pf_version > 2.0)
-	define('BIND_LOCALBASE', '/usr/pbi/bind-' . php_uname("m"));
-else
-	define('BIND_LOCALBASE','/usr/local');
+define('CHROOT_LOCALBASE', '/cf/named');
 
-define('CHROOT_LOCALBASE','/cf/named');
+function bind_zone_validate($post, &$input_errors)
+{
+	if (array_key_exists("mail", $_POST)) {
+		$_POST['mail'] = preg_replace("/@/", ".", $post['mail']);
+	}
 
-function bind_zone_validate($post, &$input_errors){
-	if (key_exists("mail",$_POST))
-		$_POST['mail']=preg_replace("/@/",".",$post['mail']);
-		
-	switch ($_POST['type']){
+	switch ($_POST['type']) {
 		case 'slave':
-			if( $_POST['slaveip'] == "")
+			if ($_POST['slaveip'] == "") {
 				$input_errors[] = 'The field \'Master Zone IP\' is required for slave zones.';
-		break;
+			}
+			break;
 		case 'forward':
-			if( $_POST['forwarders'] == "")
-			$input_errors[] = 'The field \'Forwarders\' is required for forward zones.';
-		break;
+			if ($_POST['forwarders'] == "") {
+				$input_errors[] = 'The field \'Forwarders\' is required for forward zones.';
+			}
+			break;
 		case 'redirect':
-			$_POST['tll']=300;
-			$_POST['refresh']=0;
-			$_POST['serial']=0;
-			$_POST['retry']=0;
-			$_POST['expire']=0;
-			$_POST['minimum']=0;
-			if($_POST['mail']=='')
+			$_POST['tll'] = 300;
+			$_POST['refresh'] = 0;
+			$_POST['serial'] = 0;
+			$_POST['retry'] = 0;
+			$_POST['expire'] = 0;
+			$_POST['minimum'] = 0;
+			if ($_POST['mail'] == '') {
 				$input_errors[] = "The field 'Mail Admin Zone' is required for {$_POST['type']} zones.";
-			
+			}
 		default:
-			if($_POST['nameserver']=='')
+			if ($_POST['nameserver'] == '') {
 				$input_errors[] = "The field 'Name server' is required for {$_POST['type']} zones.";
-			for ($i=0;$i < count($_POST);$i++){
-				if (key_exists("hostname$i",$_POST)){
-					if ($_POST['reverso']=="on"){
-						$_POST["hostvalue$i"]="";
-						if (!preg_match("/(PTR|NS)/",$_POST["hosttype$i"]))
+			}
+			for ($i = 0; $i < count($_POST); $i++) {
+				if (array_key_exists("hostname$i", $_POST)) {
+					if ($_POST['reverso'] == "on") {
+						$_POST["hostvalue$i"] = "";
+						if (!preg_match("/(PTR|NS)/", $_POST["hosttype$i"])) {
 							$input_errors[] = 'On reverse zones, valid record types are NS or PTR';
 						}
-					if (preg_match("/(MX|NS)/",$_POST["hosttype$i"]))
-						$_POST["hostname$i"]="";
-					if (!preg_match("/(MX|NS)/",$_POST["hosttype$i"]) && $_POST["hostname$i"]=="")
+					}
+					if (preg_match("/(MX|NS)/", $_POST["hosttype$i"])) {
+						$_POST["hostname$i"] = "";
+					}
+					if (!preg_match("/(MX|NS)/", $_POST["hosttype$i"]) && $_POST["hostname$i"] == "") {
 						$input_errors[] = 'Record cannot be empty for '.$_POST["hosttype$i"].' type ';
-					if ($_POST["hosttype$i"]=="MX" && $_POST["hostvalue$i"]=="")
-						$_POST["hostvalue$i"]="10";
-					if ($_POST["hosttype$i"]!="MX" && $_POST["hostvalue$i"]!="")
-						$_POST["hostvalue$i"]="";
-					if ($_POST["hostdst$i"]=="")
+					}
+					if ($_POST["hosttype$i"] == "MX" && $_POST["hostvalue$i"] == "") {
+						$_POST["hostvalue$i"] = "10";
+					}
+					if ($_POST["hosttype$i"] != "MX" && $_POST["hostvalue$i"] != "") {
+						$_POST["hostvalue$i"] = "";
+					}
+					if ($_POST["hostdst$i"] == "") {
 						$input_errors[] = 'Alias or IP address cannot be empty.';
+					}
 				}
 			}
-		}
+			break;
+	}
 }
 
-function bind_sync(){
+function bind_sync()
+{
 	global $config;
 	conf_mount_rw();
 	//create rndc
-	$rndc_confgen="/usr/local/sbin/rndc-confgen";
-	if (!file_exists(BIND_LOCALBASE."/etc/rndc-confgen.pfsense") && file_exists($rndc_confgen)){
-		exec("$rndc_confgen ",$rndc_conf);
-		foreach($rndc_conf as $line)
-			$confgen_file.="$line\n";
-		file_put_contents(BIND_LOCALBASE."/etc/rndc-confgen.pfsense",$confgen_file);
+	$rndc_confgen = "/usr/local/sbin/rndc-confgen";
+	if (!file_exists(BIND_LOCALBASE."/etc/rndc-confgen.pfsense") && file_exists($rndc_confgen)) {
+		exec("$rndc_confgen ", $rndc_conf);
+		foreach ($rndc_conf as $line) {
+			$confgen_file .= "$line\n";
 		}
-	if (file_exists(BIND_LOCALBASE."/etc/rndc-confgen.pfsense")){
-		$rndc_conf=file(BIND_LOCALBASE."/etc/rndc-confgen.pfsense");
-		$confgen="rndc.conf";
-		$rndc_bindconf="";
-		foreach ($rndc_conf as $line){
-			if ($confgen =="rndc.conf"){
-				if (!preg_match ("/^#/",$line))
-					$rndc_file.=$line;
-				}
-			else{
-				if (!preg_match ("/named.conf/",$line))
-					$rndc_bindconf.=preg_replace('/#/',"",$line);
+		file_put_contents(BIND_LOCALBASE."/etc/rndc-confgen.pfsense", $confgen_file);
+	}
+	if (file_exists(BIND_LOCALBASE."/etc/rndc-confgen.pfsense")) {
+		$rndc_conf = file(BIND_LOCALBASE."/etc/rndc-confgen.pfsense");
+		$confgen = "rndc.conf";
+		$rndc_bindconf = "";
+		foreach ($rndc_conf as $line) {
+			if ($confgen == "rndc.conf") {
+				if (!preg_match("/^#/", $line)) {
+					$rndc_file .= $line;
 				}
-			if (preg_match("/named.conf/",$line)){
-				$confgen="named.conf";
-				file_put_contents(BIND_LOCALBASE."/etc/rndc.conf",$rndc_file);
+			} else {
+				if (!preg_match("/named.conf/", $line)) {
+					$rndc_bindconf .= preg_replace('/#/', "", $line);
 				}
+			}
+			if (preg_match("/named.conf/", $line)) {
+				$confgen = "named.conf";
+				file_put_contents(BIND_LOCALBASE."/etc/rndc.conf", $rndc_file);
+			}
 		}
 	}
-	 
-	$bind = $config["installedpackages"]["bind"]["config"][0];
+
+	$bind = $config['installedpackages']['bind']['config'][0];
 	$bind_enable = $bind['enable_bind'];
 	$bind_forwarder = $bind['bind_forwarder'];
 	$forwarder_ips = $bind['bind_forwarder_ips'];
-	$ram_limit = ($bind['bind_ram_limit']?$bind['bind_ram_limit']:"256M");
+	$ram_limit = ($bind['bind_ram_limit'] ? $bind['bind_ram_limit'] : "256M");
 	$hide_version = $bind['bind_hide_version'];
 	$bind_notify = $bind['bind_notify'];
 	$custom_options = base64_decode($bind['bind_custom_options']);
 	$bind_logging = $bind['bind_logging'];
-	$bind_conf ="#Bind pfsense configuration\n";
-	$bind_conf .="#Do not edit this file!!!\n\n";
+	$bind_conf = "#Bind pfsense configuration\n";
+	$bind_conf .= "#Do not edit this file!!!\n\n";
 	$bind_conf .= "$rndc_bindconf\n";
 	$bind_conf .= <<<EOD
 
@@ -145,280 +162,310 @@ options {
 	pid-file "/var/run/named/pid";
 	statistics-file "/var/log/named.stats";
 	max-cache-size {$ram_limit};
-	
+
 EOD;
 	// check response rate limit option
 	//https://kb.isc.org/article/AA-01000/0/A-Quick-Introduction-to-Response-Rate-Limiting.html
 	//http://ss.vix.su/~vjs/rl-arm.html
-	if ($bind['rate_enabled']=="on"){
-		$rate_limit=($bind['rate_limit']?$bind['rate_limit']:"15");
-		$log_only=($bind['log_only']=="no"?"no":"yes");
+	if ($bind['rate_enabled'] == "on") {
+		$rate_limit = ($bind['rate_limit'] ? $bind['rate_limit'] : "15");
+		$log_only = ($bind['log_only'] == "no" ? "no" : "yes");
 		$bind_conf .= <<<EOD
-		rate-limit {
-			responses-per-second {$rate_limit};
-			log-only {$log_only};
-    		};
-    	
+	rate-limit {
+		responses-per-second { $rate_limit };
+		log-only { $log_only };
+	};
+
 EOD;
 	}
 	//check ips to listen on
-	if (preg_match("/All/",$bind['listenon'])){
-		$bind_listenonv6="any;";
-		$bind_listenon="any;";
-		}
-	else{
-		$bind_listenonv6="";
-		$bind_listenon ="";
-		foreach (explode(',',$bind['listenon']) as $listenon){
-			if (is_ipaddrv6($listenon))
+	if (preg_match("/All/", $bind['listenon'])) {
+		$bind_listenonv6 = "any;";
+		$bind_listenon = "any;";
+	} else {
+		$bind_listenonv6 = "";
+		$bind_listenon = "";
+		foreach (explode(',', $bind['listenon']) as $listenon) {
+			if (is_ipaddrv6($listenon)) {
 				$bind_listenonv6 .= $listenon."; ";
-			elseif (is_ipaddr($listenon))
+			} elseif (is_ipaddr($listenon)) {
 				$bind_listenon .= $listenon."; ";
-			else{
-				$listenon=(pfSense_get_interface_addresses(convert_friendly_interface_to_real_interface_name($listenon)));
-				if (is_ipaddr($listenon['ipaddr']))
+			} else {
+				$listenon = (pfSense_get_interface_addresses(convert_friendly_interface_to_real_interface_name($listenon)));
+				if (is_ipaddr($listenon['ipaddr'])) {
 					$bind_listenon .= $listenon['ipaddr']."; ";
-				if(is_ipaddrv6($listenon['ipaddr6']))
+				}
+				if (is_ipaddrv6($listenon['ipaddr6'])) {
 					$bind_listenonv6 .= $listenon['ipaddr6']."; ";
-			}	
+				}
+			}
 		}
 	}
-	$bind_listenonv6=($bind_listenonv6==""?"none;":$bind_listenonv6);
-	$bind_listenon=($bind_listenon==""?"none;":$bind_listenon);
-	//print "<PRE>$bind_listenonv6 $bind_listenon";
-	if (key_exists("ipv6allow",$config['system'])){
-		$bind_conf .="\t\tlisten-on-v6 { $bind_listenonv6 };\n";
-		}
-	$bind_conf .="\t\tlisten-on { $bind_listenon };\n";
+	$bind_listenonv6 = ($bind_listenonv6 == "" ? "none;" : $bind_listenonv6);
+	$bind_listenon = ($bind_listenon == "" ? "none;" : $bind_listenon);
+	// print "<PRE>$bind_listenonv6 $bind_listenon";
+	if (array_key_exists("ipv6allow", $config['system'])) {
+		$bind_conf .= "\t\tlisten-on-v6 { $bind_listenonv6 };\n";
+	}
+	$bind_conf .= "\tlisten-on { $bind_listenon };\n";
 
-	#forwarder config
-	if ($bind_forwarder == on)
-		$bind_conf .="\t\tforwarders { $forwarder_ips };\n";
-	if ($bind_notify == on)
-		$bind_conf .="\t\tnotify yes;\n"; 
-	if ($hide_version == on)
-		$bind_conf .="\t\tversion none;\n";
+	// forwarder config
+	if ($bind_forwarder == 'on') {
+		$bind_conf .= "\t\tforwarders { $forwarder_ips };\n";
+	}
+	if ($bind_notify == 'on') {
+		$bind_conf .= "\t\tnotify yes;\n";
+	}
+	if ($hide_version == 'on') {
+		$bind_conf .= "\t\tversion none;\n";
+	}
 
-	$bind_conf .= preg_replace("/^/m","\t\t",$custom_options); 
+	$bind_conf .= preg_replace("/^/m", "\t", $custom_options);
 	$bind_conf .= "\n\t};\n\n";
-	
-	if ($bind_logging == on){
+
+	if ($bind_logging == 'on') {
 		//check if bind is included on syslog
-		$syslog_files=array("/etc/inc/system.inc","/var/etc/syslog.conf");
-		$restart_syslog=0;
-		foreach ($syslog_files as $syslog_file){
-			$syslog_file_data=file_get_contents($syslog_file);
-			if ( !preg_match("/dnsmasq,named,filterdns/",$syslog_file_data) || !preg_match("/'dnsmasq','named','filterdns'/",$syslog_file_data) ) {
-				$syslog_file_data=preg_replace("/dnsmasq,filterdns/","dnsmasq,named,filterdns",$syslog_file_data);
-				$syslog_file_data=preg_replace("/'dnsmasq','filterdns'/","'dnsmasq','named','filterdns'",$syslog_file_data);
-				file_put_contents($syslog_file,$syslog_file_data);
+		$syslog_files = array("/etc/inc/system.inc", "/var/etc/syslog.conf");
+		$restart_syslog = 0;
+		foreach ($syslog_files as $syslog_file) {
+			$syslog_file_data = file_get_contents($syslog_file);
+			if (!preg_match("/dnsmasq,named,filterdns/", $syslog_file_data) || !preg_match("/'dnsmasq','named','filterdns'/", $syslog_file_data)) {
+				$syslog_file_data = preg_replace("/dnsmasq,filterdns/", "dnsmasq,named,filterdns", $syslog_file_data);
+				$syslog_file_data = preg_replace("/'dnsmasq','filterdns'/", "'dnsmasq','named','filterdns'", $syslog_file_data);
+				file_put_contents($syslog_file, $syslog_file_data);
 				$restart_syslog++;
-				}
 			}
-		if ($restart_syslog > 0){
+		}
+		if ($restart_syslog > 0) {
 			system("/usr/bin/killall -HUP syslogd");
 		}
-		$log_categories=explode(",",$bind['log_options']);
-		$log_severity=($bind['log_severity']?$bind['log_severity']:'default');
-		if (sizeof($log_categories) > 0 && $log_categories[0]!=""){
+		$log_categories = explode(",", $bind['log_options']);
+		$log_severity = ($bind['log_severity'] ? $bind['log_severity'] : 'default');
+		if (sizeof($log_categories) > 0 && $log_categories[0] != "") {
 			$bind_conf .= <<<EOD
-			
-		logging {
-			channel custom {
-				syslog daemon;
-				print-time no;
-				print-severity yes;
-				print-category yes;
-				severity {$log_severity};
-				};
+
+logging {
+	channel custom {
+		syslog daemon;
+		print-time no;
+		print-severity yes;
+		print-category yes;
+		severity {$log_severity};
+		};
 
 EOD;
-		foreach ($log_categories as $category)
-			$bind_conf .="\t\t\tcategory $category\t{custom;};\n";
-		$bind_conf .="\t\t};\n\n";				
-				}
-		 }
-	else {
-		$bind_conf .="\t\tlogging { category default { null; }; };\n\n";				
-	}
-
-	#Config Zone domain
-	if(!is_array($config["installedpackages"]["bindacls"]) || !is_array($config["installedpackages"]["bindacls"]["config"])){
-		$config["installedpackages"]["bindacls"]["config"][] =
-			array("name"=>"none","description"=>"BIND Built-in ACL","row"=>array("value"=>"","description"=>""));
-		$config["installedpackages"]["bindacls"]["config"][] =
-			array("name"=>"any","description"=>"BIND Built-in ACL","row"=>array("value"=>"","description"=>""));
-		$config["installedpackages"]["bindacls"]["config"][] =
-			array("name"=>"localhost","description"=>"BIND Built-in ACL","row"=>array("value"=>"","description"=>""));
-		$config["installedpackages"]["bindacls"]["config"][] =
-			array("name"=>"localnets","description"=>"BIND Built-in ACL","row"=>array("value"=>"","description"=>""));
-		write_config("Create BIND Built-in ACLs");
+			foreach ($log_categories as $category) {
+				$bind_conf .= "\t\t\tcategory $category\t{custom;};\n";
+			}
+			$bind_conf .= "\t\t};\n\n";
 		}
-	$bindacls = $config["installedpackages"]["bindacls"]["config"];
-	for ($i=0; $i<sizeof($bindacls); $i++)
-	{
+	} else {
+		$bind_conf .= "\t\tlogging { category default { null; }; };\n\n";
+	}
+
+	// Config Zone domain
+
+	// Add ACLS
+	if (!is_array($config['installedpackages']['bindacls']) || !is_array($config['installedpackages']['bindacls']['config'])) {
+		$config['installedpackages']['bindacls']['config'][] =
+			array("name" => "none", "description" => "BIND Built-in ACL", "row" => array("value" => "", "description" => ""));
+		$config['installedpackages']['bindacls']['config'][] =
+			array("name" => "any", "description" => "BIND Built-in ACL", "row" => array("value" => "", "description" => ""));
+		$config['installedpackages']['bindacls']['config'][] =
+			array("name" => "localhost", "description" => "BIND Built-in ACL", "row" => array("value" => "", "description" => ""));
+		$config['installedpackages']['bindacls']['config'][] =
+			array("name" => "localnets", "description" => "BIND Built-in ACL", "row" => array("value" => "", "description" => ""));
+		write_config("Create BIND Built-in ACLs");
+	}
+	$bindacls = $config['installedpackages']['bindacls']['config'];
+	for ($i = 0; $i < sizeof($bindacls); $i++) {
 		$aclname = $bindacls[$i]['name'];
 		$aclhost = $bindacls[$i]['row'];
-		if($aclname != "none" && $aclname != "any" && $aclname != "localhost" && $aclname != "localnets"){
-			$bind_conf .= "acl \"$aclname\" {\n";	
-			for ($u=0; $u<sizeof($aclhost); $u++)
-			{
+		if ($aclname != "none" && $aclname != "any" && $aclname != "localhost" && $aclname != "localnets") {
+			$bind_conf .= "acl \"$aclname\" {\n";
+			for ($u = 0; $u < sizeof($aclhost); $u++) {
 				$aclhostvalue = $aclhost[$u]['value'];
 				$bind_conf .= "\t$aclhostvalue;\n";
 			}
 			$bind_conf .= "};\n\n";
-		}	
-	}
- 
-	if(is_array($config["installedpackages"]["bindviews"]))
-		$bindview = $config["installedpackages"]["bindviews"]["config"];
-	else
-		$bindview =array();
-		
-	for ($i=0; $i<sizeof($bindview); $i++) 
-	{
-		$views = $config["installedpackages"]["bindviews"]["config"][$i];
+		}
+	}
+
+	// Add Views
+	if (is_array($config['installedpackages']['bindviews'])) {
+		$bindview = $config['installedpackages']['bindviews']['config'];
+	} else {
+		$bindview = array();
+	}
+
+	for ($i = 0; $i < sizeof($bindview); $i++) {
+		$views = $config['installedpackages']['bindviews']['config'][$i];
 		$viewname = $views['name'];
-		$viewrecursion = $views['recursion']; 
-		if($views['match-clients'] == '')
+		$viewrecursion = $views['recursion'];
+		if ($views['match-clients'] == '') {
 			$viewmatchclients = "none";
-		else
-			$viewmatchclients = str_replace(',','; ',$views['match-clients']); 	
-		if($views['allow-recursion'] == '')
+		} else {
+			$viewmatchclients = str_replace(',', '; ', $views['match-clients']);
+		}
+		if ($views['allow-recursion'] == '') {
 			$viewallowrecursion = "none";
-		else
-			$viewallowrecursion = str_replace(',','; ',$views['allow-recursion']); 	
+		} else {
+			$viewallowrecursion = str_replace(',', '; ', $views['allow-recursion']);
+		}
 		$viewcustomoptions = base64_decode($views['bind_custom_options']);
-		
-		$bind_conf .= "view \"$viewname\" { \n\n"; 
-		$bind_conf .= "\trecursion $viewrecursion;\n"; 
-		$bind_conf .= "\tmatch-clients { $viewmatchclients;};\n"; 
-		$bind_conf .= "\tallow-recursion { $viewallowrecursion;};\n"; 
-		$bind_conf .= "\t$viewcustomoptions\n\n"; 
-			
-		if(is_array($config["installedpackages"]["bindzone"])) 
-			$bindzone = $config["installedpackages"]["bindzone"]["config"];
-		else
-			$bindzone =array();
 
-		$write_config=0;
-		for ($x=0; $x<sizeof($bindzone); $x++)
-		{
+		$bind_conf .= "view \"$viewname\" { \n\n";
+		$bind_conf .= "\trecursion $viewrecursion;\n";
+		$bind_conf .= "\tmatch-clients { $viewmatchclients; };\n";
+		$bind_conf .= "\tallow-recursion { $viewallowrecursion; };\n";
+		$bind_conf .= "\t$viewcustomoptions\n\n";
+
+		if (is_array($config['installedpackages']['bindzone'])) {
+			$bindzone = $config['installedpackages']['bindzone']['config'];
+		} else {
+			$bindzone = array();
+		}
+
+		// Add Zones in View
+		$write_config = 0;
+		for ($x = 0; $x < sizeof($bindzone); $x++) {
 			$zone = $bindzone[$x];
-			if ($zone['disabled']=="on"){
+			if ($zone['disabled'] == "on") {
 				continue;
-				}
+			}
 			$zonename = $zone['name'];
-			if ($zonename=="."){
-				$custom_root_zone[$i]=true;
+			if ($zonename == ".") {
+				$custom_root_zone[$i] = true;
 			}
 			$zonetype = $zone['type'];
 			$zoneview = $zone['view'];
 			$zonecustom = base64_decode($zone['custom']);
 			$zoneipslave = $zone['slaveip'];
-			$zoneforwarders=$zone['forwarders'];
+			$zoneforwarders = $zone['forwarders'];
 			$zonereverso = $zone['reverso'];
-			
-			if (!(is_dir(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview")))
-            	mkdir(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview",0755,true);
-            					
-			if($zone['allowupdate'] == '')
+
+			// Ensure zone view folder exists
+			if (!(is_dir(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview"))) {
+				mkdir(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview", 0755, true);
+			}
+
+			if ($zone['allowupdate'] == '') {
 				$zoneallowupdate = "none";
-			else
-				$zoneallowupdate = str_replace(',','; ',$zone['allowupdate']); 	
-			if($zone['allowquery'] == '')
+			} else {
+				$zoneallowupdate = str_replace(',', '; ', $zone['allowupdate']);
+			}
+			if ($zone['allowquery'] == '') {
 				$zoneallowquery = "none";
-			else
-				$zoneallowquery = str_replace(',','; ',$zone['allowquery']); 	
-			if($zone['allowtransfer'] == '')
+			} else {
+				$zoneallowquery = str_replace(',', '; ', $zone['allowquery']);
+			}
+			if ($zone['allowtransfer'] == '') {
 				$zoneallowtransfer = "none";
-			else
-				$zoneallowtransfer = str_replace(',','; ',$zone['allowtransfer']); 	
-
-				if ($zoneview == $viewname){
-					if($zonereverso == "on")
-				 		$bind_conf .= "\tzone \"$zonename.in-addr.arpa\" {\n";
-				  	else
-						$bind_conf .= "\tzone \"$zonename\" {\n";
-        		
-					$bind_conf .= "\t\ttype $zonetype;\n";
-					if ($zonetype != "forward")
-        				$bind_conf .= "\t\tfile \"/etc/namedb/$zonetype/$zoneview/$zonename.DB\";\n";
-        			switch ($zonetype){
-        				case "slave":
-        				$bind_conf .= "\t\tmasters { $zoneipslave; };\n";
-        				$bind_conf .= "\t\tallow-transfer { $zoneallowtransfer;};\n";
-        				$bind_conf .= "\t\tnotify no;\n";
-        				break;
-        				case "forward":
-        				$bind_conf .= "\t\tforward only;\n";
-        				$bind_conf .= "\t\tforwarders { $zoneforwarders; };\n";
-        				break;
-        				case "redirect":
-							$bind_conf .= "\t\t# While using redirect zones,NXDOMAIN Redirection will not override DNSSEC\n";
-							$bind_conf .= "\t\t# If the client has requested DNSSEC records (DO=1) and the NXDOMAIN response is signed then no substitution will occur\n";
-							$bind_conf .= "\t\t# https://kb.isc.org/article/AA-00376/192/BIND-9.9-redirect-zones-for-NXDOMAIN-redirection.html\n";
-        				break;
-        				default:
-						$bind_conf .= "\t\tallow-update { $zoneallowupdate;};\n"; 
-						$bind_conf .= "\t\tallow-query { $zoneallowquery;};\n"; 
-						$bind_conf .= "\t\tallow-transfer { $zoneallowtransfer;};\n";
-	        			if ($zone['dnssec']=="on"){
-	        				//https://kb.isc.org/article/AA-00626/
-	        				$bind_conf .="\n\t\t# look for dnssec keys here:\n";
-	        				$bind_conf .="\t\tkey-directory \"/etc/namedb/keys\";\n\n";
-	        				$bind_conf .="\t\t# publish and activate dnssec keys:\n";
-	        				$bind_conf .="\t\tauto-dnssec maintain;\n\n";
-	        				$bind_conf .="\t\t# use inline signing:\n";
-	        				$bind_conf .="\t\tinline-signing yes;\n\n";
-	        				}
-	        			}
-				 	if ($zonecustom != '')
-        				$bind_conf .= "\t\t$zonecustom\n";
-        				
-					$bind_conf .= "\t};\n\n";
-        
-					switch($zonetype){
-					  case "redirect":
-					  case "master":
-					  	//check/update slave dir permission
-						chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype","bind");
-						chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview","bind");
-						$zonetll = ($zone['tll']?$zone['tll']:"43200");
-						$zonemail = ($zone['mail']?$zone['mail']:"zonemaster.{$zonename}");
-						$zonemail = preg_replace("/@/",".",$zonemail);				
+			} else {
+				$zoneallowtransfer = str_replace(',', '; ', $zone['allowtransfer']);
+			}
+
+			if ($zoneview == $viewname) {
+				// Add zone name
+				if ($zonereverso == "on") {
+					$bind_conf .= "\tzone \"$zonename.in-addr.arpa\" {\n";
+				} else {
+					$bind_conf .= "\tzone \"$zonename\" {\n";
+				}
+
+				// Add zone file (if not forwarder)
+				$bind_conf .= "\t\ttype $zonetype;\n";
+				if ($zonetype != "forward") {
+					$bind_conf .= "\t\tfile \"/etc/namedb/$zonetype/$zoneview/$zonename.DB\";\n";
+				}
+
+				// Add zone statements
+				switch ($zonetype) {
+					case 'slave':
+						$bind_conf .= "\t\tmasters { $zoneipslave; };\n";
+						$bind_conf .= "\t\tallow-transfer { $zoneallowtransfer; };\n";
+						$bind_conf .= "\t\tnotify no;\n";
+						break;
+					case 'forward':
+						$bind_conf .= "\t\tforward only;\n";
+						$bind_conf .= "\t\tforwarders { $zoneforwarders; };\n";
+						break;
+					case 'redirect':
+						$bind_conf .= "\t\t# While using redirect zones,NXDOMAIN Redirection will not override DNSSEC\n";
+						$bind_conf .= "\t\t# If the client has requested DNSSEC records (DO=1) and the NXDOMAIN response is signed then no substitution will occur\n";
+						$bind_conf .= "\t\t# https://kb.isc.org/article/AA-00376/192/BIND-9.9-redirect-zones-for-NXDOMAIN-redirection.html\n";
+						break;
+					default:
+						$bind_conf .= "\t\tallow-update { $zoneallowupdate; };\n";
+						$bind_conf .= "\t\tallow-query { $zoneallowquery; };\n";
+						$bind_conf .= "\t\tallow-transfer { $zoneallowtransfer; };\n";
+						if ($zone['dnssec'] == "on") {
+							//https://kb.isc.org/article/AA-00626/
+							$bind_conf .= "\n\t\t# look for dnssec keys here:\n";
+							$bind_conf .= "\t\tkey-directory \"/etc/namedb/keys\";\n\n";
+							$bind_conf .= "\t\t# publish and activate dnssec keys:\n";
+							$bind_conf .= "\t\tauto-dnssec maintain;\n\n";
+							$bind_conf .= "\t\t# use inline signing:\n";
+							$bind_conf .= "\t\tinline-signing yes;\n\n";
+						}
+						break;
+				}
+
+				// Add custom zone statements
+				if ($zonecustom != '') {
+					$bind_conf .= "\t\t$zonecustom\n";
+				}
+
+				$bind_conf .= "\t};\n\n";
+
+				// Create zone config DB file
+				switch ($zonetype) {
+					case 'master':
+					case 'redirect':
+						// check/update slave dir permission
+						chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype", "bind");
+						chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview", "bind");
+						$zonetll = ($zone['tll'] ? $zone['tll'] : "43200");
+						$zonemail = ($zone['mail'] ? $zone['mail'] : "zonemaster.{$zonename}");
+						$zonemail = preg_replace("/@/", ".", $zonemail);
 						$zoneserial = $zone['serial'];
-						$zonerefresh = ($zone['refresh']?$zone['refresh']:"3600");		
-						$zoneretry = ($zone['retry']?$zone['retry']:"600");
-						$zoneexpire = ($zone['expire']?$zone['expire']:"86400");
-						$zoneminimum = ($zone['minimum']?$zone['minimum']:"3600");
+						$zonerefresh = ($zone['refresh'] ? $zone['refresh'] : "3600");
+						$zoneretry = ($zone['retry'] ? $zone['retry'] : "600");
+						$zoneexpire = ($zone['expire'] ? $zone['expire'] : "86400");
+						$zoneminimum = ($zone['minimum'] ? $zone['minimum'] : "3600");
 						$zonenameserver = $zone['nameserver'];
 						$zoneipns = $zone['ipns'];
 						$zonereverso = $zone['reverso'];
-						if($zone['allowupdate'] == '')
+						if ($zone['allowupdate'] == '') {
 							$zoneallowupdate = "none";
-						else
-							$zoneallowupdate = str_replace(',','; ',$zone['allowupdate']);
-						if($zone['allowquery'] == '')
+						} else {
+							$zoneallowupdate = str_replace(',', '; ', $zone['allowupdate']);
+						}
+						if ($zone['allowquery'] == '') {
 							$zoneallowquery = "none";
-						else
-							$zoneallowquery = str_replace(',','; ',$zone['allowquery']);
-						if($zone['allowtransfer'] == '')
+						} else {
+							$zoneallowquery = str_replace(',', '; ', $zone['allowquery']);
+						}
+						if ($zone['allowtransfer'] == '') {
 							$zoneallowtransfer = "none";
-						else
-							$zoneallowtransfer = str_replace(',','; ',$zone['allowtransfer']);
+						} else {
+							$zoneallowtransfer = str_replace(',', '; ', $zone['allowtransfer']);
+						}
+
 						$zone_conf = "\$TTL {$zonetll}\n;\n";
-						if($zonereverso == "on")
+						if ($zonereverso == "on") {
 							$zone_conf .= "\$ORIGIN {$zonename}.in-addr.arpa.\n\n";
-						else
+						} else {
 							$zone_conf .= "\$ORIGIN {$zonename}.\n\n";
+						}
 						$zone_conf .= ";\tDatabase file {$zonename}.DB for {$zonename} zone.\n";
 						$zone_conf .= ";\tDo not edit this file!!!\n";
 						$zone_conf .= ";\tZone version {$zoneserial}\n;\n";
-					 	if($zonereverso == "on" || $zonetype =="redirect")
+						if ($zonereverso == "on" || $zonetype == "redirect") {
 							$zone_conf .= "@\t IN  SOA $zonenameserver. \t $zonemail. (\n";
-						else
+						} else {
 							$zone_conf .= "$zonename.\t IN  SOA $zonenameserver. \t $zonemail. (\n";
+						}
 
 						$zone_conf .= "\t\t$zoneserial ; serial\n";
 						$zone_conf .= "\t\t$zonerefresh ; refresh\n";
@@ -427,30 +474,31 @@ EOD;
 						$zone_conf .= "\t\t$zoneminimum ; default_ttl\n\t\t)\n\n";
 						$zone_conf .= ";\n; Zone Records\n;\n";
 
-					 	if($zonereverso == "on")
+						if ($zonereverso == "on") {
 							$zone_conf .= "\t IN NS \t$zonenameserver.\n";
-						else{
+						} else {
 							$zone_conf .= "@ \t IN NS \t$zonenameserver.\n";
-							if ($zoneipns !="")
+							if ($zoneipns != "") {
 								$zone_conf .= "@ \t IN A \t$zoneipns\n";
+							}
 						}
-						for ($y=0; $y<sizeof($zone['row']); $y++)
-						{
-							$hostname = (preg_match("/(MX|NS)/",$zone['row'][$y]['hosttype'])?"@":$zone['row'][$y]['hostname']);
+						for ($y = 0; $y < sizeof($zone['row']); $y++) {
+							$hostname = (preg_match("/(MX|NS)/", $zone['row'][$y]['hosttype']) ? "@" : $zone['row'][$y]['hostname']);
 							$hosttype = $zone['row'][$y]['hosttype'];
 							$hostdst = $zone['row'][$y]['hostdst'];
-							if (preg_match("/[a-zA-Z]/",$hostdst) && !preg_match("/(TXT|SPF|AAAA)/",$hosttype))
+							if (preg_match("/[a-zA-Z]/", $hostdst) && !preg_match("/(TXT|SPF|AAAA)/", $hosttype)) {
 								$hostdst .= ".";
+							}
 							$hostvalue = $zone['row'][$y]['hostvalue'];
-							
+
 							$zone_conf .= "$hostname \t IN $hosttype $hostvalue \t$hostdst\n";
 						}
 
-						# Register DHCP static mappings
-						if (($zone[regdhcpstatic] == 'on') && is_array($config['dhcpd'])) {
-							$zoneparts = array_reverse(explode('.',$zonename));
+						// Register DHCP static mappings
+						if (($zone['regdhcpstatic'] == 'on') && is_array($config['dhcpd'])) {
+							$zoneparts = array_reverse(explode('.', $zonename));
 							foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf) {
-								if (!isset($dhcpifconf['enable']) || !is_array($dhcpifconf['staticmap']))  {
+								if (!isset($dhcpifconf['enable']) || !is_array($dhcpifconf['staticmap'])) {
 									continue;
 								}
 								foreach ($dhcpifconf['staticmap'] as $host) {
@@ -463,20 +511,20 @@ EOD;
 									} else {
 										continue;
 									}
-									if (!is_hostname($host['hostname']) || !is_ipaddr($host['ipaddr']))  {
+									if (!is_hostname($host['hostname']) || !is_ipaddr($host['ipaddr'])) {
 										continue;
 									}
 									if ($zonereverso == "on") {
-										$parts = explode('.',$host['ipaddr']);
-										$intersect = array_intersect_assoc($parts,$zoneparts);
+										$parts = explode('.', $host['ipaddr']);
+										$intersect = array_intersect_assoc($parts, $zoneparts);
 										if (count($zoneparts) == count($intersect)) {
-											$diff = array_diff_assoc($parts,$zoneparts);
-											$shortaddr = implode('.',array_reverse($diff));
+											$diff = array_diff_assoc($parts, $zoneparts);
+											$shortaddr = implode('.', array_reverse($diff));
 											$zone_conf .= "{$shortaddr}\tIN PTR\t{$host['hostname']}.{$domain}.\n";
 										}
 									} else {
-										$parts = array_reverse(explode('.',$domain));
-										$diff = array_diff_assoc($parts,$zoneparts);
+										$parts = array_reverse(explode('.', $domain));
+										$diff = array_diff_assoc($parts, $zoneparts);
 										if (count($diff) == 0) {
 											$zone_conf .= "{$host['hostname']}\tIN A\t{$host['ipaddr']}\n";
 										}
@@ -485,173 +533,184 @@ EOD;
 							}
 						}
 
-						if ($zone['customzonerecords']!=""){
+						// Add custom zone records
+						if ($zone['customzonerecords'] != "") {
 							$zone_conf .= "\n\n;\n;custom zone records\n;\n".base64_decode($zone['customzonerecords'])."\n";
 						}
+
+						// Save zone configuration DB file
 						file_put_contents(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB", $zone_conf);
-						$config["installedpackages"]["bindzone"]["config"][$x][resultconfig]=base64_encode($zone_conf);
+
+						$config['installedpackages']['bindzone']['config'][$x]['resultconfig'] = base64_encode($zone_conf);
 						$write_config++;
 						//check dnssec keys creation for master zones
-        				if($zone['dnssec']=="on"){
-	        				$zone_found=0;
-	        				foreach (glob(CHROOT_LOCALBASE."/etc/namedb/keys/*{$zonename}*key",GLOB_NOSORT) as $filename){
+						if ($zone['dnssec'] == "on") {
+							$zone_found = 0;
+							foreach (glob(CHROOT_LOCALBASE."/etc/namedb/keys/*{$zonename}*key", GLOB_NOSORT) as $filename) {
 								$zone_found++;
-	        					}
-							if ($zone_found==0){
-								$key_restored=0;
-								if(is_array($config['installedpackages']['dnsseckeys']) && is_array($config['installedpackages']['dnsseckeys']['config'])){
-									foreach ($config['installedpackages']['dnsseckeys']['config']as $filer)
-										if (preg_match ("/K$zonename\.+/",$filer['fullfile'])){
-											file_put_contents($filer['fullfile'],base64_decode($filer['filedata']),LOCK_EX);
-											chmod($filer['fullfile'],0700);
-											chown($filer['fullfile'],"bind");
+							}
+							if ($zone_found == 0) {
+								$key_restored = 0;
+								if (is_array($config['installedpackages']['dnsseckeys']) && is_array($config['installedpackages']['dnsseckeys']['config'])) {
+									foreach ($config['installedpackages']['dnsseckeys']['config'] as $filer) {
+										if (preg_match("/K$zonename\.+/", $filer['fullfile'])) {
+											file_put_contents($filer['fullfile'], base64_decode($filer['filedata']), LOCK_EX);
+											chmod($filer['fullfile'], 0700);
+											chown($filer['fullfile'], "bind");
 											$key_restored++;
-											}
 										}
-								if ($key_restored > 0){
+									}
+								}
+								if ($key_restored > 0) {
 									log_error("[bind] {$key_restored} DNSSEC keys restored from XML backup for {$zonename} zone.");
+								}
+								$dnssec_bin = "/usr/local/sbin/dnssec-keygen";
+								if (file_exists($dnssec_bin) && $key_restored == 0) {
+									exec("{$dnssec_bin} -K ".CHROOT_LOCALBASE."/etc/namedb/keys {$zonename}", $kout);
+									exec("{$dnssec_bin} -K ".CHROOT_LOCALBASE."/etc/namedb/keys -fk {$zonename}", $kout);
+									foreach ($kout as $filename) {
+										chown(CHROOT_LOCALBASE."/etc/namedb/keys/{$filename}.key", "bind");
+										chown(CHROOT_LOCALBASE."/etc/namedb/keys/{$filename}.private", "bind");
 									}
-								$dnssec_bin="/usr/local/sbin/dnssec-keygen";
-								if (file_exists($dnssec_bin) && $key_restored==0){
-									exec("{$dnssec_bin} -K ".CHROOT_LOCALBASE."/etc/namedb/keys {$zonename}",$kout);
-									exec("{$dnssec_bin} -K ".CHROOT_LOCALBASE."/etc/namedb/keys -fk {$zonename}",$kout);
-									foreach($kout as $filename){
-										chown(CHROOT_LOCALBASE."/etc/namedb/keys/{$filename}.key","bind");
-										chown(CHROOT_LOCALBASE."/etc/namedb/keys/{$filename}.private","bind");
-										}
 									log_error("[bind] DNSSEC keys for {$zonename} created.");
-									}
-	        					}
-	        				//get ds keys
-	        				$dsfromkey="/usr/local/sbin/dnssec-dsfromkey";
-	        				foreach (glob(CHROOT_LOCALBASE."/etc/namedb/keys/*{$zonename}*key",GLOB_NOSORT) as $filename) {
-	        						$zone_key=file_get_contents($filename);
-	        						if (preg_match("/IN DNSKEY 257 /",$zone_key) && file_exists($dsfromkey)){
-	        							exec("$dsfromkey $filename",$dsset);
-	        							$config["installedpackages"]["bindzone"]["config"][$x]['dsset']=base64_encode(array_pop($dsset)."\n".array_pop($dsset));
-	        							$write_config++;
-	        							}
 								}
-							//save dnssec keys to xml
-							
-							if($zone['backupkeys']=="on"){
-								$dnssec_keys=0;
-								foreach (glob(CHROOT_LOCALBASE."/etc/namedb/keys/*{$zonename}*",GLOB_NOSORT) as $filename){
-									$file_found=0;
-									if(is_array($config['installedpackages']['dnsseckeys']) && is_array($config['installedpackages']['dnsseckeys']['config'])){
-										foreach ($config['installedpackages']['dnsseckeys']['config']as $filer){
-											if ($filer['fullfile']==$filename)
+							}
+							// get ds keys
+							$dsfromkey = "/usr/local/sbin/dnssec-dsfromkey";
+							foreach (glob(CHROOT_LOCALBASE."/etc/namedb/keys/*{$zonename}*key", GLOB_NOSORT) as $filename) {
+								$zone_key = file_get_contents($filename);
+								if (preg_match("/IN DNSKEY 257 /", $zone_key) && file_exists($dsfromkey)) {
+									exec("$dsfromkey $filename", $dsset);
+									$config['installedpackages']['bindzone']['config'][$x]['dsset'] = base64_encode(array_pop($dsset)."\n".array_pop($dsset));
+									$write_config++;
+								}
+							}
+
+							// save dnssec keys to xml
+							if ($zone['backupkeys'] == "on") {
+								$dnssec_keys = 0;
+								foreach (glob(CHROOT_LOCALBASE."/etc/namedb/keys/*{$zonename}*", GLOB_NOSORT) as $filename) {
+									$file_found = 0;
+									if (is_array($config['installedpackages']['dnsseckeys']) && is_array($config['installedpackages']['dnsseckeys']['config'])) {
+										foreach ($config['installedpackages']['dnsseckeys']['config'] as $filer) {
+											if ($filer['fullfile'] == $filename) {
 												$file_found++;
 											}
 										}
-									if ($file_found==0){
-										$config['installedpackages']['dnsseckeys']['config'][]=array('fullfile'=> $filename,
-																								'description'=> "bind {$zonename} DNSSEC backup file",
-																								'filedata'=> base64_encode(file_get_contents($filename)));
+									}
+									if ($file_found == 0) {
+										$config['installedpackages']['dnsseckeys']['config'][] = array('fullfile' => $filename,
+											'description' => "bind {$zonename} DNSSEC backup file",
+											'filedata' => base64_encode(file_get_contents($filename)));
 										$write_config++;
 										$dnssec_keys++;
-										}
-									}
-									if($dnssec_keys>0){
-										log_error("[bind] {$dnssec_keys} DNSSEC keys for {$zonename} zone saved on XML config.");
 									}
 								}
-        					}
-					break;
-					case "slave":
-					//check/update slave dir permission
-					chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype","bind");
-					chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview","bind");
-					//check if exists slave zone file
-					$rsconfig="";
-					if ($zone['dnssec']=="on"){
-						if (file_exists(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed"))
-						exec("/usr/local/sbin/named-checkzone -D -f raw -o - {$zonename} ".CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed",$slave_file);
+								if ($dnssec_keys > 0) {
+									log_error("[bind] {$dnssec_keys} DNSSEC keys for {$zonename} zone saved on XML config.");
+								}
+							}
 						}
-					else{
-						if (file_exists(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB"))
-							$slave_file=file(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB");
+						break;
+					case 'slave':
+						// check/update slave dir permission
+						chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype", "bind");
+						chown(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview", "bind");
+						// check if exists slave zone file
+						$rsconfig = "";
+						if ($zone['dnssec'] == "on") {
+							if (file_exists(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed")) {
+								exec("/usr/local/sbin/named-checkzone -D -f raw -o - {$zonename} ".CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB.signed", $slave_file);
+							}
+						} else {
+							if (file_exists(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB")) {
+								$slave_file = file(CHROOT_LOCALBASE."/etc/namedb/$zonetype/$zoneview/$zonename.DB");
+							}
 						}
-					if (is_array($slave_file)){
-					foreach ($slave_file as $zfile)
-						$rsconfig.= $zfile;
-					$config["installedpackages"]["bindzone"]["config"][$x][resultconfig]=base64_encode($rsconfig);
-					$write_config++;
-					}
-					break;
-					}
+						// TODO is is_array() the best test to use?  is it only checking for existence?
+						if (is_array($slave_file)) {
+							foreach ($slave_file as $zfile) {
+								$rsconfig .= $zfile;
+							}
+						}
+						$config['installedpackages']['bindzone']['config'][$x]['resultconfig'] = base64_encode($rsconfig);
+						$write_config++;
+						break;
 				}
+			}
 		}
-		if (!$custom_root_zone[$i]){
-			$bind_conf .="\tzone \".\" {\n";
-			$bind_conf .="\t\ttype hint;\n";
-			$bind_conf .="\t\tfile \"/etc/namedb/named.root\";\n";
+		if (!$custom_root_zone[$i]) {
+			$bind_conf .= "\tzone \".\" {\n";
+			$bind_conf .= "\t\ttype hint;\n";
+			$bind_conf .= "\t\tfile \"/etc/namedb/named.root\";\n";
 			$bind_conf .= "\t};\n\n";
-			}
-		if($write_config > 0){
+		}
+		if ($write_config > 0) {
 			write_config("save result config file for zone on xml");
 		}
 		$bind_conf .= "};\n";
 	}
-	$dirs=array("/etc/namedb/keys","/var/run/named","/var/dump","/var/log","/var/stats","/dev");
-	foreach ($dirs as $dir){
-		if (!is_dir(CHROOT_LOCALBASE .$dir))
-			mkdir(CHROOT_LOCALBASE .$dir,0755,true);
+	$dirs = array("/etc/namedb/keys", "/var/run/named", "/var/dump", "/var/log", "/var/stats", "/dev");
+	foreach ($dirs as $dir) {
+		if (!is_dir(CHROOT_LOCALBASE.$dir)) {
+			mkdir(CHROOT_LOCALBASE.$dir, 0755, true);
 		}
-	//dev dirs for chroot
-	$bind_dev_dir=CHROOT_LOCALBASE."/dev";
-	if (!file_exists("$bind_dev_dir/random")){
-		$dev_dirs=array("null","zero","random","urandom");
-		exec("/sbin/mount -t devfs devfs {$bind_dev_dir}",$dout);
-		exec("/sbin/devfs -m {$bind_dev_dir} ruleset 1",$dout);
-		exec("/sbin/devfs -m {$bind_dev_dir} rule add hide",$dout);
-		foreach ($dev_dirs as $dev_dir)
-			exec("/sbin/devfs -m {$bind_dev_dir} rule add path $dev_dir unhide",$dout);
-		exec("/sbin/devfs -m {$bind_dev_dir} rule applyset",$dout);
-	}
-	//http://www.unixwiz.net/techtips/bind9-chroot.html
-    file_put_contents(CHROOT_LOCALBASE.'/etc/namedb/named.conf', $bind_conf);
-    file_put_contents(CHROOT_LOCALBASE.'/etc/namedb/rndc.conf', $rndc_file);
-    
-	if (!file_exists(CHROOT_LOCALBASE."/etc/namedb/named.root")){
-		//dig +tcp @a.root-servers.net > CHROOT_LOCALBASE."/etc/namedb/named.root"
-		$named_root=file_get_contents("http://www.internic.net/domain/named.root");
-		file_put_contents(CHROOT_LOCALBASE."/etc/namedb/named.root",$named_root,LOCK_EX);
-	}
-	if (!file_exists(CHROOT_LOCALBASE."/etc/localtime")){
+	}
+	// dev dirs for chroot
+	$bind_dev_dir = CHROOT_LOCALBASE."/dev";
+	if (!file_exists("$bind_dev_dir/random")) {
+		$dev_dirs = array("null", "zero", "random", "urandom");
+		exec("/sbin/mount -t devfs devfs {$bind_dev_dir}", $dout);
+		exec("/sbin/devfs -m {$bind_dev_dir} ruleset 1", $dout);
+		exec("/sbin/devfs -m {$bind_dev_dir} rule add hide", $dout);
+		foreach ($dev_dirs as $dev_dir) {
+			exec("/sbin/devfs -m {$bind_dev_dir} rule add path $dev_dir unhide", $dout);
+		}
+		exec("/sbin/devfs -m {$bind_dev_dir} rule applyset", $dout);
+	}
+	// http://www.unixwiz.net/techtips/bind9-chroot.html
+	file_put_contents(CHROOT_LOCALBASE.'/etc/namedb/named.conf', $bind_conf);
+	file_put_contents(CHROOT_LOCALBASE.'/etc/namedb/rndc.conf', $rndc_file);
+
+	if (!file_exists(CHROOT_LOCALBASE."/etc/namedb/named.root")) {
+		// dig +tcp @a.root-servers.net > CHROOT_LOCALBASE."/etc/namedb/named.root"
+		$named_root = file_get_contents("http://www.internic.net/domain/named.root");
+		file_put_contents(CHROOT_LOCALBASE."/etc/namedb/named.root", $named_root, LOCK_EX);
+	}
+	if (!file_exists(CHROOT_LOCALBASE."/etc/localtime")) {
 		copy("/etc/localtime", CHROOT_LOCALBASE."/etc/localtime");
 	}
-	
+
 	bind_write_rcfile();
-	chown(CHROOT_LOCALBASE."/etc/namedb/keys","bind");
-	chown(CHROOT_LOCALBASE."/etc/namedb","bind");
-	chown(CHROOT_LOCALBASE."/var/log","bind");
-	chown(CHROOT_LOCALBASE."/var/run/named","bind");
-	chgrp(CHROOT_LOCALBASE."/var/log","bind");
-	$bind_sh="/usr/local/etc/rc.d/named.sh";
- 	if($bind_enable == "on"){
- 		chmod ($bind_sh,0755);
- 		mwexec("{$bind_sh} restart");
- 		}
- 	elseif (is_service_running('named')){
- 		mwexec("{$bind_sh} stop");
-		chmod ($bind_sh,0644); 		
- 		}
- 	//sync to backup servers
- 	bind_sync_on_changes();
- 	conf_mount_ro();
+	chown(CHROOT_LOCALBASE."/etc/namedb/keys", "bind");
+	chown(CHROOT_LOCALBASE."/etc/namedb", "bind");
+	chown(CHROOT_LOCALBASE."/var/log", "bind");
+	chown(CHROOT_LOCALBASE."/var/run/named", "bind");
+	chgrp(CHROOT_LOCALBASE."/var/log", "bind");
+	$bind_sh = "/usr/local/etc/rc.d/named.sh";
+	if ($bind_enable == "on") {
+		chmod($bind_sh, 0755);
+		mwexec("{$bind_sh} restart");
+	} elseif (is_service_running('named')) {
+		mwexec("{$bind_sh} stop");
+		chmod($bind_sh, 0644);
+	}
+	// sync to backup servers
+	bind_sync_on_changes();
+	conf_mount_ro();
 }
 
-function bind_print_javascript_type_zone(){
-?>
-        <script language="JavaScript">
-        <!--
-        function on_type_zone_changed() {
-
-		var field = document.iform.type;
-       		var tipo = field.options[field.selectedIndex].value;
-       			switch (tipo){
-       			case 'master':
+function bind_print_javascript_type_zone()
+{
+	?>
+	<script language="JavaScript">
+		<!--
+		function on_type_zone_changed() {
+
+			var field = document.iform.type;
+			var tipo = field.options[field.selectedIndex].value;
+			switch (tipo) {
+				case 'master':
 					document.iform.slaveip.disabled = 1;
 					document.iform.tll.disabled = 0;
 					document.iform.nameserver.disabled = 0;
@@ -667,8 +726,8 @@ function bind_print_javascript_type_zone(){
 					document.iform.retry.disabled = 0;
 					document.iform.expire.disabled = 0;
 					document.iform.minimum.disabled = 0;
-               	break;
-               	case 'slave':
+					break;
+				case 'slave':
 					document.iform.slaveip.disabled = 0;
 					document.iform.tll.disabled = 1;
 					document.iform.nameserver.disabled = 1;
@@ -685,7 +744,7 @@ function bind_print_javascript_type_zone(){
 					document.iform.expire.disabled = 1;
 					document.iform.minimum.disabled = 1;
 					break;
-               	case 'forward':
+				case 'forward':
 					document.iform.slaveip.disabled = 1;
 					document.iform.tll.disabled = 1;
 					document.iform.nameserver.disabled = 1;
@@ -701,8 +760,8 @@ function bind_print_javascript_type_zone(){
 					document.iform.retry.disabled = 1;
 					document.iform.expire.disabled = 1;
 					document.iform.minimum.disabled = 1;
-				break;
-               	case 'redirect':
+					break;
+				case 'redirect':
 					document.iform.slaveip.disabled = 1;
 					document.iform.tll.disabled = 1;
 					document.iform.nameserver.disabled = 0;
@@ -718,127 +777,137 @@ function bind_print_javascript_type_zone(){
 					document.iform.retry.disabled = 0;
 					document.iform.expire.disabled = 0;
 					document.iform.minimum.disabled = 0;
-				break;
-       			}
-        }
-        -->
-        </script>
-<?php
+					break;
+				default:
+					break;
+			}
+		}
+		-->
+	</script>
+	<?php
 }
 
-function bind_print_javascript_type_zone2(){
-        print("<script language=\"JavaScript\">on_type_zone_changed();document.iform.resultconfig.disabled = 1;document.iform.dsset.disabled = 1;</script>\n");
+function bind_print_javascript_type_zone2()
+{
+	print("<script language=\"JavaScript\">on_type_zone_changed();document.iform.resultconfig.disabled = 1;document.iform.dsset.disabled = 1;</script>\n");
 }
 
-function bind_write_rcfile() {
-        $rc = array();
-        $BIND_LOCALBASE = "/usr/local";
-        $rc['file'] = 'named.sh';
-        $rc['start'] = <<<EOD
-if [ -z "`ps auxw | grep "[n]amed -c /etc/namedb/named.conf"|awk '{print $2}'`" ];then
-        {$BIND_LOCALBASE}/sbin/named -c /etc/namedb/named.conf -u bind -t /cf/named/
-fi
-
-EOD;
-        $rc['stop'] = <<<EOD
-killall -9 named 2>/dev/null
-sleep 2
+function bind_write_rcfile()
+{
+	$rc = array();
+	$BIND_LOCALBASE = "/usr/local";
+	$rc['file'] = 'named.sh';
+	$rc['start'] = <<<EOD
+		if [ -z "`ps auxw | grep "[n]amed -c /etc/namedb/named.conf"|awk '{print $2}'`" ];then
+			{$BIND_LOCALBASE}/sbin/named -c /etc/namedb/named.conf -u bind -t /cf/named/
+		fi
 EOD;
-        $rc['restart'] = <<<EOD
-if [ -z "`ps auxw | grep "[n]amed -c /etc/namedb/named.conf"|awk '{print $2}'`" ];then
-        	{$BIND_LOCALBASE}/sbin/named -c /etc/namedb/named.conf -u bind -t /cf/named/
-        else
+	$rc['stop'] = <<<EOD
 		killall -9 named 2>/dev/null
-         	sleep 3	
-        	{$BIND_LOCALBASE}/sbin/named -c /etc/namedb/named.conf -u bind -t /cf/named/
-        fi
-
+		sleep 2
+EOD;
+	$rc['restart'] = <<<EOD
+		if [ -z "`ps auxw | grep "[n]amed -c /etc/namedb/named.conf"|awk '{print $2}'`" ];then
+			{$BIND_LOCALBASE}/sbin/named -c /etc/namedb/named.conf -u bind -t /cf/named/
+		else
+			killall -9 named 2>/dev/null
+		        sleep 3
+			{$BIND_LOCALBASE}/sbin/named -c /etc/namedb/named.conf -u bind -t /cf/named/
+		fi
 EOD;
-        conf_mount_rw();
-        write_rcfile($rc);
-        conf_mount_ro();
+	conf_mount_rw();
+	write_rcfile($rc);
+	conf_mount_ro();
 }
 
 /* Uses XMLRPC to synchronize the changes to a remote node */
-function bind_sync_on_changes() {
+function bind_sync_on_changes()
+{
 	global $config, $g;
-	if (is_array($config['installedpackages']['bindsync']['config'])){
-		$bind_sync=$config['installedpackages']['bindsync']['config'][0];
+	if (is_array($config['installedpackages']['bindsync']['config'])) {
+		$bind_sync = $config['installedpackages']['bindsync']['config'][0];
 		$synconchanges = $bind_sync['synconchanges'];
 		$synctimeout = $bind_sync['synctimeout'];
-		$master_zone_ip=$bind_sync['masterip'];
-		switch ($synconchanges){
-			case "manual":
-				if (is_array($bind_sync[row])){
-					$rs=$bind_sync[row];
-					}
-				else{
+		$master_zone_ip = $bind_sync['masterip'];
+		switch ($synconchanges) {
+			case 'manual':
+				if (is_array($bind_sync['row'])) {
+					$rs = $bind_sync['row'];
+				} else {
 					log_error("[bind] xmlrpc sync is enabled but there is no hosts to push on bind config.");
 					return;
-					}
+				}
+				break;
+			case 'auto':
+				if (is_array($config['hasync'])) {
+					$hasync = $config['hasync'][0];
+					$rs[0]['ipaddress'] = $hasync['synchronizetoip'];
+					$rs[0]['username'] = $hasync['username'];
+					$rs[0]['password'] = $hasync['password'];
+				} else {
+					log_error("[bind] xmlrpc sync is enabled but there is no system backup hosts to push bind config.");
+					return;
+				}
 				break;
-			case "auto":
-					if (is_array($config['hasync'])){
-						$hasync=$config['hasync'][0];
-						$rs[0]['ipaddress']=$hasync['synchronizetoip'];
-						$rs[0]['username']=$hasync['username'];
-						$rs[0]['password']=$hasync['password'];
-					}
-					else{
-						log_error("[bind] xmlrpc sync is enabled but there is no system backup hosts to push bind config.");
-						return;
-					}
-				break;			
 			default:
 				return;
-			break;
+				break;
 		}
-		if (is_array($rs)){
+		if (is_array($rs)) {
 			log_error("[bind] xmlrpc sync is starting.");
-			foreach($rs as $sh){
+			foreach ($rs as $sh) {
 				$sync_to_ip = $sh['ipaddress'];
 				$password = $sh['password'];
-				if($sh['username'])
+				if ($sh['username']) {
 					$username = $sh['username'];
-				else
+				} else {
 					$username = 'admin';
-				if($password && $sync_to_ip)
-					bind_do_xmlrpc_sync($sync_to_ip, $username, $password,$synctimeout,$master_zone_ip);
 				}
-			log_error("[bind] xmlrpc sync is ending.");
+				if ($password && $sync_to_ip) {
+					bind_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout, $master_zone_ip);
+				}
 			}
- 		}
+			log_error("[bind] xmlrpc sync is ending.");
+		}
+	}
 }
+
 /* Do the actual XMLRPC sync */
-function bind_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout,$master_zone_ip) {
+function bind_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout, $master_zone_ip)
+{
 	global $config, $g;
 
-	if(!$username)
+	if (!$username) {
 		return;
-		
-	if(!$password)
+	}
+
+	if (!$password) {
 		return;
+	}
 
-	if(!$sync_to_ip)
+	if (!$sync_to_ip) {
 		return;
+	}
+
+	if (!$synctimeout) {
+		$synctimeout = 25;
+	}
+
 
-	if(!$synctimeout)
-		$synctimeout=25;
-		
-		
 	$xmlrpc_sync_neighbor = $sync_to_ip;
-    if($config['system']['webgui']['protocol'] != "") {
+	if ($config['system']['webgui']['protocol'] != "") {
 		$synchronizetoip = $config['system']['webgui']['protocol'];
 		$synchronizetoip .= "://";
-    }
-    $port = $config['system']['webgui']['port'];
-    /* if port is empty lets rely on the protocol selection */
-    if($port == "") {
-		if($config['system']['webgui']['protocol'] == "http") 
+	}
+	$port = $config['system']['webgui']['port'];
+	/* if port is empty lets rely on the protocol selection */
+	if ($port == "") {
+		if ($config['system']['webgui']['protocol'] == "http") {
 			$port = "80";
-		else 
+		} else {
 			$port = "443";
-    }
+		}
+	}
 	$synchronizetoip .= $sync_to_ip;
 
 	/* xml will hold the sections to sync */
@@ -847,17 +916,19 @@ function bind_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout,$ma
 	$xml['bindacls'] = $config['installedpackages']['bindacls'];
 	$xml['bindviews'] = $config['installedpackages']['bindviews'];
 	$xml['bindzone'] = $config['installedpackages']['bindzone'];
-	if (is_array($config['installedpackages']['dnsseckeys']))
-		$xml['dnsseckeys']=$config['installedpackages']['dnsseckeys'];
+	if (is_array($config['installedpackages']['dnsseckeys'])) {
+		$xml['dnsseckeys'] = $config['installedpackages']['dnsseckeys'];
+	}
 	//change master zone to slave on backup servers
-	if(is_array($xml['bindzone']["config"])) 
-		for ($x=0; $x<sizeof($xml['bindzone']["config"]); $x++){
-			if ($xml['bindzone']["config"][$x]['type']=="master"){
-				$xml['bindzone']["config"][$x]['type']="slave";
-				$xml['bindzone']["config"][$x]['slaveip']=$master_zone_ip;
+	if (is_array($xml['bindzone']["config"])) {
+		for ($x = 0; $x < sizeof($xml['bindzone']["config"]); $x++) {
+			if ($xml['bindzone']["config"][$x]['type'] == "master") {
+				$xml['bindzone']["config"][$x]['type'] = "slave";
+				$xml['bindzone']["config"][$x]['slaveip'] = $master_zone_ip;
 			}
-			
+
 		}
+	}
 	/* assemble xmlrpc payload */
 	$params = array(
 		XML_RPC_encode($password),
@@ -871,52 +942,53 @@ function bind_do_xmlrpc_sync($sync_to_ip, $username, $password, $synctimeout,$ma
 	$msg = new XML_RPC_Message($method, $params);
 	$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
 	$cli->setCredentials($username, $password);
-	if($g['debug'])
+	if ($g['debug']) {
 		$cli->setDebug(1);
+	}
 	/* send our XMLRPC message and timeout after defined sync timeout value*/
 	$resp = $cli->send($msg, $synctimeout);
-	if(!$resp) {
+	if (!$resp) {
 		$error = "A communications error occurred while attempting BIND XMLRPC sync with {$url}:{$port}.";
 		log_error($error);
 		file_notice("sync_settings", $error, "bind Settings Sync", "");
-	} elseif($resp->faultCode()) {
+	} elseif ($resp->faultCode()) {
 		$cli->setDebug(1);
 		$resp = $cli->send($msg, $synctimeout);
-		$error = "An error code was received while attempting BIND XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
+		$error = "An error code was received while attempting BIND XMLRPC sync with {$url}:{$port} - Code ".$resp->faultCode().": ".$resp->faultString();
 		log_error($error);
 		file_notice("sync_settings", $error, "bind Settings Sync", "");
 	} else {
 		log_error("[bind] XMLRPC sync successfully completed with {$url}:{$port}.");
 	}
-	
+
 	/* tell bind to reload our settings on the destination sync host. */
 	$method = 'pfsense.exec_php';
-	$execcmd  = "require_once('/usr/local/pkg/bind.inc');\n";
+	$execcmd = "require_once('/usr/local/pkg/bind.inc');\n";
 	$execcmd .= "bind_sync('yes');";
 	/* assemble xmlrpc payload */
 	$params = array(
 		XML_RPC_encode($password),
 		XML_RPC_encode($execcmd)
 	);
-	
+
 	log_error("[bind] XMLRPC reload data {$url}:{$port}.");
 	$msg = new XML_RPC_Message($method, $params);
 	$cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
 	$cli->setCredentials($username, $password);
 	$resp = $cli->send($msg, $synctimeout);
-	if(!$resp) {
+	if (!$resp) {
 		$error = "A communications error occurred while attempting BIND XMLRPC sync with {$url}:{$port} (pfsense.exec_php).";
 		log_error($error);
 		file_notice("sync_settings", $error, "Bind Settings Sync", "");
-	} elseif($resp->faultCode()) {
+	} elseif ($resp->faultCode()) {
 		$cli->setDebug(1);
 		$resp = $cli->send($msg, $synctimeout);
-		$error = "[Bind] An error code was received while attempting BIND XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
+		$error = "[Bind] An error code was received while attempting BIND XMLRPC sync with {$url}:{$port} - Code ".$resp->faultCode().": ".$resp->faultString();
 		log_error($error);
 		file_notice("sync_settings", $error, "bind Settings Sync", "");
 	} else {
 		log_error("BIND XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php).");
 	}
-	
 }
+
 ?>
-- 
cgit v1.2.3