From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty

---
 interface/web/sites/ajax_get_ip.php |   20 ++++++++++----------
 1 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/interface/web/sites/ajax_get_ip.php b/interface/web/sites/ajax_get_ip.php
index bca24cc..205be48 100644
--- a/interface/web/sites/ajax_get_ip.php
+++ b/interface/web/sites/ajax_get_ip.php
@@ -28,24 +28,24 @@
 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 
-require_once('../../lib/config.inc.php');
-require_once('../../lib/app.inc.php');
+require_once '../../lib/config.inc.php';
+require_once '../../lib/app.inc.php';
 
 //* Check permissions for module
 $app->auth->check_module_permissions('sites');
 $app->uses('getconf');
 
-$server_id = intval($_GET["server_id"]);
-$client_group_id = intval($_GET["client_group_id"]);
-$ip_type = $app->db->quote($_GET['ip_type']);
+$server_id = $app->functions->intval($_GET["server_id"]);
+$client_group_id = $app->functions->intval($_GET["client_group_id"]);
+$ip_type = $_GET['ip_type'];
 
 if($_SESSION["s"]["user"]["typ"] == 'admin' or $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
 
 	//* Get global web config
 	$web_config = $app->getconf->get_server_config($server_id, 'web');
-	
-	$sql = "SELECT ip_address FROM server_ip WHERE ip_type = '$ip_type' AND server_id = $server_id";
-	$ips = $app->db->queryAllRecords($sql);
+
+	$sql = "SELECT ip_address FROM server_ip WHERE ip_type = ? AND server_id = ?";
+	$ips = $app->db->queryAllRecords($sql, $ip_type, $server_id);
 	// $ip_select = "<option value=''></option>";
 	if($ip_type == 'IPv4'){
 		$ip_select = ($web_config['enable_ip_wildcard'] == 'y')?"*#":"";
@@ -62,5 +62,5 @@
 	unset($ips);
 }
 
-echo substr($ip_select,0,-1);
-?>
\ No newline at end of file
+echo substr($ip_select, 0, -1);
+?>

--
Gitblit v1.9.1