From 0cd87e682012f224e2b74531190bb983fdcbb430 Mon Sep 17 00:00:00 2001
From: Florian Schaal <florian@schaal-24.de>
Date: Sun, 10 Jan 2016 03:31:27 -0500
Subject: [PATCH] Revert "allow 0 for ISINT"

---
 interface/web/client/client_template_del.php |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/interface/web/client/client_template_del.php b/interface/web/client/client_template_del.php
index b57224f..359b5bb 100644
--- a/interface/web/client/client_template_del.php
+++ b/interface/web/client/client_template_del.php
@@ -44,7 +44,7 @@
 
 //* Check permissions for module
 $app->auth->check_module_permissions('client');
-if(!$_SESSION["s"]["user"]["typ"] == 'admin') die('Client-Templates are for Admins only.');
+if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) die('Client-Templates are for Admins and Resellers only.');
 
 $app->uses('tpl,tform');
 $app->load('tform_actions');
@@ -54,13 +54,13 @@
 		global $app;
 
 		// check new style
-		$rec = $app->db->queryOneRecord("SELECT count(client_id) as number FROM client_template_assigned WHERE client_template_id = ".$this->id);
+		$rec = $app->db->queryOneRecord("SELECT count(client_id) as number FROM client_template_assigned WHERE client_template_id = ?", $this->id);
 		if($rec['number'] > 0) {
 			$app->error($app->tform->lng('template_del_aborted_txt'));
 		}
 
 		// check old style
-		$rec = $app->db->queryOneRecord("SELECT count(client_id) as number FROM client WHERE template_master = ".$this->id." OR template_additional like '%/".$this->id."/%'");
+		$rec = $app->db->queryOneRecord("SELECT count(client_id) as number FROM client WHERE template_master = ? OR template_additional like ?", $this->id, '%/".$this->id."/%');
 		if($rec['number'] > 0) {
 			$app->error($app->tform->lng('template_del_aborted_txt'));
 		}

--
Gitblit v1.9.1