--- poweradmin-2.1.5/inc/auth.inc.php.orig	2013-07-29 12:38:02.000000000 +0200
+++ poweradmin-2.1.5/inc/auth.inc.php	2013-07-29 14:41:24.000000000 +0200
@@ -64,6 +64,17 @@ function doAuthenticate() {
 		}
 		else
 		{
+			//Log to syslog for fail2ban
+			//(do this before auth() because that exits)
+			$nonsafe_re = '/[^A-Za-z0-9_.-]|^$/';
+			$user = preg_replace($nonsafe_re, '?', @$_SESSION['userlogin']);
+			$ip = preg_replace($nonsafe_re, '?', @$_SERVER['REMOTE_ADDR']);
+			$port = preg_replace($nonsafe_re, '?', @$_SERVER['REMOTE_PORT']);
+			$host = preg_replace($nonsafe_re, '?', @$_SERVER['HTTP_HOST']);
+			openlog('webserver', 0, LOG_AUTH);
+			syslog(LOG_WARNING, "[php] Failed login for $user from $ip port $port (Host: $host)");
+			closelog();
+
 			//Authentication failed, retry.
 			auth( _('Authentication failed!'),"error");
 		}
--- poweradmin-2.1.5/inc/record.inc.php.orig	2011-03-01 14:56:40.000000000 +0100
+++ poweradmin-2.1.5/inc/record.inc.php	2013-09-11 12:01:41.000000000 +0200
@@ -19,6 +19,35 @@
  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+/*
+
+Add this, see below:
+
+DROP FUNCTION IF EXISTS OCCURRENCES;
+
+delimiter //
+CREATE FUNCTION OCCURRENCES (`needle` VARCHAR(255), `hackstack` TEXT)
+  RETURNS INT
+  NOT DETERMINISTIC READS SQL DATA
+  SQL SECURITY INVOKER
+BEGIN
+  DECLARE `result` INT DEFAULT -1;
+  DECLARE `pos` INT DEFAULT 0;
+  DECLARE `skip` INT DEFAULT LENGTH(`needle`);
+  REPEAT
+    SET `pos` = (SELECT LOCATE(`needle`, `hackstack`, `pos` + `skip`));
+    SET `result` = `result` + 1;
+  UNTIL `pos` = 0 END REPEAT;
+  RETURN `result`;
+END;
+//
+delimiter ;
+
+GRANT EXECUTE ON FUNCTION powerdns.occurrences TO 'dnsmeister'@'localhost';
+select occurrences('11', '1.11.111.1111');
+
+*/
+
 function zone_id_exists($zid) {
 	global $db;
 	$query = "SELECT COUNT(id) FROM domains WHERE id = " . $db->quote($zid, 'integer');
@@ -931,7 +960,8 @@ function get_records_from_domain_id($id,
 					WHERE record_owners.user_id = " . $db->quote($_SESSION["userid"], 'integer') . "
 					AND record_owners.record_id = records.id
 					AND records.domain_id = " . $db->quote($id, 'integer') . "
-					GROUP BY record_owners.record_id ORDER BY records.".$sortby);
+					GROUP BY record_owners.record_id
+					ORDER BY OCCURRENCES('.', records.name), CAST(SUBSTRING_INDEX(records." . $sortby . ", '.', 1) AS UNSIGNED), records." . $sortby . ", records.type");
 
 			$ret = array();
 			if($result->numRows() == 0) {
@@ -950,7 +980,9 @@ function get_records_from_domain_id($id,
 
 		} else {
 			$db->setLimit($rowamount, $rowstart);
-			$result = $db->query("SELECT id FROM records WHERE domain_id=".$db->quote($id, 'integer')." ORDER BY records.".$sortby);
+			$result = $db->query("SELECT id FROM records
+					WHERE domain_id = " . $db->quote($id, 'integer') . "
+					ORDER BY OCCURRENCES('.', records.name), CAST(SUBSTRING_INDEX(records." . $sortby . ", '.', 1) AS UNSIGNED), records." . $sortby . ", records.type");
 			$ret = array();
 			if($result->numRows() == 0)
 			{
@@ -998,6 +1030,7 @@ function order_domain_results($domains,
                 }
         }
 
+if (0) { // DISABLED
         switch ($sortby)
         {
           case 'name':
@@ -1019,6 +1052,7 @@ function order_domain_results($domains,
             usort($domains, 'sort_domain_results_by_name');
             break;
         }
+} // END DISABLED
 
         $results = array_merge($soa, $ns);
         $results = array_merge($results, $domains);
@@ -1086,9 +1120,12 @@ function search_zone_and_record($holy_gr
 	else { $perm_content_edit = "none" ; }
 
 	// Search for matching domains
-	if ($perm == "own" || $perm == "all") {
+	if ($perm == "own") {# || $perm == "all") {
 		$sql_add_from = ", users ";
 		$sql_add_where = " AND users.id = " . $db->quote($_SESSION['userid'], 'integer');
+	} else if ($perm == "all") {
+		$sql_add_from = ", zones, users ";
+		$sql_add_where = " AND zones.domain_id = domains.id AND users.id = zones.owner";
 	}
 	
 	$query = "SELECT 
@@ -1135,7 +1172,7 @@ function search_zone_and_record($holy_gr
 			FROM records" . $sql_add_from . "
 			WHERE (records.name LIKE " . $db->quote($holy_grail, 'text') . " OR records.content LIKE " . $db->quote($holy_grail, 'text') . ")"
 			. $sql_add_where . "
-			ORDER BY " . $record_sortby; 
+			ORDER BY OCCURRENCES('.', records.name), " . $record_sortby . ", records.type";
 
 	$response = $db->query($query);
 	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
--- poweradmin-2.1.5/inc/templates.inc.php.orig	2011-03-01 10:20:34.000000000 +0100
+++ poweradmin-2.1.5/inc/templates.inc.php	2011-03-01 10:20:49.000000000 +0100
@@ -28,7 +28,7 @@ function get_list_zone_templ($userid) {
 	global $db;
 
 	$query = "SELECT * FROM zone_templ "
-					. "WHERE owner = '" . $userid . "' "
+					. "WHERE owner = '" . $userid . "' OR owner = 0 "
 					. "ORDER BY name";
 	$result = $db->query($query);
 	if (PEAR::isError($result)) { error("Not all tables available in database, please make sure all upgrade/install proceedures were followed"); return false; }