From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty

---
 interface/web/dashboard/dashboard.php |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/interface/web/dashboard/dashboard.php b/interface/web/dashboard/dashboard.php
index 29ef868..51068b1 100644
--- a/interface/web/dashboard/dashboard.php
+++ b/interface/web/dashboard/dashboard.php
@@ -51,7 +51,7 @@
 if($_SESSION['s']['user']['typ'] == 'admin') {
 	$name = $_SESSION['s']['user']['username'];
 } else {
-	$tmp = $app->db->queryOneRecord("SELECT contact_name FROM client WHERE username = '".$app->db->quote($_SESSION['s']['user']['username'])."'");
+	$tmp = $app->db->queryOneRecord("SELECT contact_name FROM client WHERE username = ?", $_SESSION['s']['user']['username']);
 	$name = $tmp['contact_name'];
 }
 
@@ -146,7 +146,7 @@
 $dashlet_list = array();
 $handle = @opendir(ISPC_WEB_PATH.'/dashboard/dashlets');
 while ($file = @readdir($handle)) {
-	if ($file != '.' && $file != '..' && !is_dir($file)) {
+	if ($file != '.' && $file != '..' && !is_dir(ISPC_WEB_PATH.'/dashboard/dashlets/'.$file)) {
 		$dashlet_name = substr($file, 0, -4);
 		$dashlet_class = 'dashlet_'.$dashlet_name;
 		include_once ISPC_WEB_PATH.'/dashboard/dashlets/'.$file;
@@ -157,7 +157,7 @@
 
 /* Which dashlets in which column */
 /******************************************************************************/
-$default_leftcol_dashlets = array('modules', 'invoices', 'quota', 'mailquota');
+$default_leftcol_dashlets = array('modules', 'invoices', 'quota', 'mailquota', 'databasequota');
 $default_rightcol_dashlets = array('customer', 'products', 'shop', 'limits');
 
 $app->uses('getconf');

--
Gitblit v1.9.1