From 334a9f66939fe7462357504fbfc2c712c52f7f7f Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Wed, 09 Jul 2008 15:02:29 -0400
Subject: [PATCH]
---
interface/lib/classes/tform.inc.php | 38 ++++++++++++--------------------------
1 files changed, 12 insertions(+), 26 deletions(-)
diff --git a/interface/lib/classes/tform.inc.php b/interface/lib/classes/tform.inc.php
index 0cb58c7..8e07f13 100644
--- a/interface/lib/classes/tform.inc.php
+++ b/interface/lib/classes/tform.inc.php
@@ -388,7 +388,7 @@
$out .= "<option value='$k'$selected>$v</option>\r\n";
}
}
- $new_record[$key] = $out;
+ if(isset($out)) $new_record[$key] = $out;
break;
case 'MULTIPLE':
if(is_array($field['value'])) {
@@ -693,7 +693,7 @@
$sql_insert_key .= "`$key`, ";
if($field['encryption'] == 'CRYPT') {
$salt="$1$";
- for ($n=0;$n<8;$n++) {
+ for ($n=0;$n<11;$n++) {
$salt.=chr(mt_rand(64,126));
}
$salt.="$";
@@ -702,7 +702,7 @@
} else {
$record[$key] = md5($record[$key]);
}
- $sql_insert_val .= "'".$record[$key]."', ";
+ $sql_insert_val .= "'".addslashes($record[$key])."', ";
} elseif ($field['formtype'] == 'CHECKBOX') {
$sql_insert_key .= "`$key`, ";
if($record[$key] == '') {
@@ -718,9 +718,9 @@
}
} else {
if($field['formtype'] == 'PASSWORD') {
- if($field['encryption'] == 'CRYPT') {
+ if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') {
$salt="$1$";
- for ($n=0;$n<8;$n++) {
+ for ($n=0;$n<11;$n++) {
$salt.=chr(mt_rand(64,126));
}
$salt.="$";
@@ -729,7 +729,7 @@
} else {
$record[$key] = md5($record[$key]);
}
- $sql_update .= "`$key` = '".$record[$key]."', ";
+ $sql_update .= "`$key` = '".addslashes($record[$key])."', ";
} elseif ($field['formtype'] == 'CHECKBOX') {
if($record[$key] == '') {
// if a checkbox is not set, we set it to the unchecked value
@@ -875,23 +875,14 @@
} else {
$escape = '`';
}
-
- /*
- if($action == "UPDATE" or $action == "DELETE") {
- $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id;
- $record_old = $app->db->queryOneRecord($sql);
- } else {
- $record_old = array();
- }
- */
$diffrec = array();
if(is_array($record_new) && count($record_new) > 0) {
foreach($record_new as $key => $val) {
- if($record_old[$key] != $val) {
+ if(@$record_old[$key] != $val) {
// Record has changed
- $diffrec[$key] = array('old' => $record_old[$key],
+ $diffrec[$key] = array('old' => @$record_old[$key],
'new' => $val);
}
}
@@ -912,7 +903,8 @@
if(is_array($record_old) && count($record_old) > 0) {
foreach($record_old as $key => $val) {
- if(isset($record_new[$key]) && $record_new[$key] != $val) {
+ //if(isset($record_new[$key]) && $record_new[$key] != $val) {
+ if(!isset($record_new[$key]) || $record_new[$key] != $val) {
// Record has changed
$diffrec_full['old'][$key] = $val;
$diffrec_full['new'][$key] = $record_new[$key];
@@ -933,12 +925,6 @@
}
}
}
-
- /*
- echo "<pre>";
- print_r($diffrec_full);
- echo "</pre>";
- */
// Insert the server_id, if the record has a server_id
$server_id = (isset($record_old["server_id"]) && $record_old["server_id"] > 0)?$record_old["server_id"]:0;
@@ -999,8 +985,8 @@
}
} else {
$result = false;
- if($this->formDef["auth_preset"]["userid"] == $_SESSION["s"]["user"]["userid"] && stristr($perm,$this->formDef["auth_preset"]["perm_user"])) $result = true;
- if($this->formDef["auth_preset"]["groupid"] == $_SESSION["s"]["user"]["groupid"] && stristr($perm,$this->formDef["auth_preset"]["perm_group"])) $result = true;
+ if(@$this->formDef["auth_preset"]["userid"] == $_SESSION["s"]["user"]["userid"] && stristr($perm,$this->formDef["auth_preset"]["perm_user"])) $result = true;
+ if(@$this->formDef["auth_preset"]["groupid"] == $_SESSION["s"]["user"]["groupid"] && stristr($perm,$this->formDef["auth_preset"]["perm_group"])) $result = true;
if(@stristr($this->formDef["auth_preset"]["perm_other"],$perm)) $result = true;
// if preset == 0, everyone can insert a record of this type
--
Gitblit v1.9.1