From 33f1938b505d40a56b13d0b76e9635768d9b813e Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Wed, 02 Mar 2016 05:21:00 -0500
Subject: [PATCH] - another addition on coding guidelines (PHP 5.3)
---
interface/web/admin/server_config_edit.php | 54 ++++++++++++++++++++++++++++++------------------------
1 files changed, 30 insertions(+), 24 deletions(-)
diff --git a/interface/web/admin/server_config_edit.php b/interface/web/admin/server_config_edit.php
index 2ebf0a1..4c03e7e 100644
--- a/interface/web/admin/server_config_edit.php
+++ b/interface/web/admin/server_config_edit.php
@@ -38,50 +38,52 @@
* End Form configuration
******************************************/
-require_once('../../lib/config.inc.php');
-require_once('../../lib/app.inc.php');
+require_once '../../lib/config.inc.php';
+require_once '../../lib/app.inc.php';
//* Check permissions for module
$app->auth->check_module_permissions('admin');
+$app->auth->check_security_permissions('admin_allow_server_config');
+
// Loading classes
$app->uses('tpl,tform,tform_actions');
$app->load('tform_actions');
class page_action extends tform_actions {
-
+
function onShowEdit() {
global $app, $conf;
-
+
if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
-
+
if($app->tform->errorMessage == '') {
$app->uses('ini_parser,getconf');
-
+
$section = $this->active_tab;
$server_id = $this->id;
-
- $this->dataRecord = $app->getconf->get_server_config($server_id,$section);
+
+ $this->dataRecord = $app->getconf->get_server_config($server_id, $section);
}
-
- $record = $app->tform->getHTML($this->dataRecord, $this->active_tab,'EDIT');
-
+
+ $record = $app->tform->getHTML($this->dataRecord, $this->active_tab, 'EDIT');
+
$record['id'] = $this->id;
$app->tpl->setVar($record);
}
-
+
function onUpdateSave($sql) {
- global $app,$conf;
-
+ global $app, $conf;
+
if($_SESSION["s"]["user"]["typ"] != 'admin') die('This function needs admin priveliges');
$app->uses('ini_parser,getconf');
-
+
if($conf['demo_mode'] != true) {
$section = $app->tform->getCurrentTab();
$server_id = $this->id;
-
+
$server_config_array = $app->getconf->get_server_config($server_id);
-
+
foreach($app->tform->formDef['tabs'][$section]['fields'] as $key => $field) {
if ($field['formtype'] == 'CHECKBOX') {
if($this->dataRecord[$key] == '') {
@@ -90,18 +92,22 @@
}
}
}
-
- $server_config_array[$section] = $app->tform->encode($this->dataRecord,$section);
- $server_config_str = $app->ini_parser->get_ini_string($server_config_array);
-
- $app->db->datalogUpdate('server', "config = '".$app->db->quote($server_config_str)."'", 'server_id', $server_id);
+
+ if($app->tform->errorMessage == '') {
+ $server_config_array[$section] = $app->tform->encode($this->dataRecord, $section);
+ $server_config_str = $app->ini_parser->get_ini_string($server_config_array);
+
+ $app->db->datalogUpdate('server', array("config" => $server_config_str), 'server_id', $server_id);
+ } else {
+ $app->error('Security breach!');
+ }
}
}
-
+
}
$app->tform_actions = new page_action;
$app->tform_actions->onLoad();
-?>
\ No newline at end of file
+?>
--
Gitblit v1.9.1