From 3ee67a99739154fa5fab3a041edabc14415d4e70 Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Wed, 13 Aug 2014 11:49:30 -0400
Subject: [PATCH] Added additional username check in form files.
---
interface/lib/classes/tform.inc.php | 12 ++++++++----
1 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/interface/lib/classes/tform.inc.php b/interface/lib/classes/tform.inc.php
index 2604036..4522304 100644
--- a/interface/lib/classes/tform.inc.php
+++ b/interface/lib/classes/tform.inc.php
@@ -252,7 +252,9 @@
unset($tmp_recordid);
$querystring = str_replace("{AUTHSQL}", $this->getAuthSQL('r'), $querystring);
- $querystring = preg_replace_callback('@{AUTHSQL::(.+?)}@', "self::table_auth_sql", $querystring);
+ //$querystring = preg_replace_callback('@{AUTHSQL::(.+?)}@', "self::table_auth_sql", $querystring);
+ //*Used the ld form to be compatible with php < 5.3
+ $querystring = preg_replace_callback('@{AUTHSQL::(.+?)}@', create_function('$matches','global $app; $tmp = $app->tform->getAuthSQL("r", $matches[1]); return $tmp;'), $querystring);
// Getting the records
$tmp_records = $app->db->queryAllRecords($querystring);
@@ -293,10 +295,12 @@
return $values;
}
-
+
+ /*
function table_auth_sql($matches){
return $this->getAuthSQL('r', $matches[1]);
}
+ */
//* If the parameter 'valuelimit' is set
function applyValueLimit($limit, $values) {
@@ -1302,7 +1306,7 @@
$perm = $app->db->quote($perm);
$table = $app->db->quote($table);
- if($_SESSION["s"]["user"]["typ"] == 'admin') {
+ if($_SESSION["s"]["user"]["typ"] == 'admin' || $_SESSION['s']['user']['mailuser_id'] > 0) {
return '1';
} else {
if ($table != ''){
@@ -1509,7 +1513,7 @@
*/
function _getDateTimeHTML($form_element, $default_value, $display_seconds=false)
{
- $_datetime = strtotime($default_value);
+ $_datetime = ($default_value && $default_value != '0000-00-00 00:00:00' ? strtotime($default_value) : false);
$_showdate = ($_datetime === false) ? false : true;
$dselect = array('day', 'month', 'year', 'hour', 'minute');
--
Gitblit v1.9.1