From 3645f7602d29869f76839ff6d8411a4e7431b1df Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Tue, 01 Jul 2014 12:39:40 -0400
Subject: [PATCH] Merge branch 'Cambra/ispconfig3-master'

---
 interface/web/client/domain_edit.php |   30 ++++++++++++++++++++++++++----
 1 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/interface/web/client/domain_edit.php b/interface/web/client/domain_edit.php
index cca5c2d..a79ba85 100644
--- a/interface/web/client/domain_edit.php
+++ b/interface/web/client/domain_edit.php
@@ -147,9 +147,10 @@
 			}
 			else {
 				/*
-				 * We edit a existing one, but there is nothing to edit
+				 * We edit a existing one, but domain name can't be changed
 				*/
-				$this->dataRecord = $app->tform->getDataRecord($this->id);
+				$oldData = $app->tform->getDataRecord($this->id);
+				$this->dataRecord["domain"] = $oldData["domain"];
 			}
 		} elseif ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
 			if ($this->id == 0) {
@@ -165,9 +166,10 @@
 			}
 			else {
 				/*
-				 * We edit a existing one, but there is nothing to edit
+				 * We edit a existing one, but domain name can't be changed
 				*/
-				$this->dataRecord = $app->tform->getDataRecord($this->id);
+				$oldData = $app->tform->getDataRecord($this->id);
+				$this->dataRecord["domain"] = $oldData["domain"];
 			}
 		} else {
 			if($this->id > 0) {
@@ -199,6 +201,26 @@
 		}
 	}
 
+	function onAfterUpdate() {
+		global $app, $conf;
+
+		if($_SESSION["s"]["user"]["typ"] != 'admin' && isset($this->dataRecord["client_group_id"])) {
+			$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
+			$client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+			$group = $app->db->queryOneRecord("SELECT sys_group.groupid FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id']." AND sys_group.groupid = ".$this->dataRecord["client_group_id"]." ORDER BY client.company_name, client.contact_name, sys_group.name";
+			$this->dataRecord["client_group_id"] = $group["groupid"];
+                }
+
+		// make sure that the record belongs to the client group and not the admin group when admin inserts it
+		// also make sure that the user can not delete domain created by a admin
+		if(isset($this->dataRecord["client_group_id"])) {
+			$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
+			$app->db->query("UPDATE domain SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE domain_id = ".$this->id);
+			$lng_text = $app->lng("domain_owner_changed");
+			$_SESSION['show_warning_msg'] = str_replace("{domain}", $this->dataRecord["domain"], $lng_text);
+		}
+	}
+
 }
 
 $page = new page_action;

--
Gitblit v1.9.1