From 3fbdb9bd7b59e185fe7efd40c74f009bc4e97d2f Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Wed, 04 Mar 2009 10:21:24 -0500
Subject: [PATCH] changed vhost.conf.master
---
interface/web/client/client_edit.php | 32 ++++++++++++++++----------------
1 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/interface/web/client/client_edit.php b/interface/web/client/client_edit.php
index a35b663..085b6e0 100644
--- a/interface/web/client/client_edit.php
+++ b/interface/web/client/client_edit.php
@@ -1,6 +1,6 @@
<?php
/*
-Copyright (c) 2005, Till Brehm, projektfarm Gmbh
+Copyright (c) 2005 - 2008, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
@@ -72,7 +72,7 @@
$text = '';
foreach($tplAdd as $item){
if (trim($item) != ''){
- if ($text != '') $text .= '<br>';
+ if ($text != '') $text .= '<br />';
$text .= $tpl[$item];
}
}
@@ -90,20 +90,18 @@
function onAfterInsert() {
global $app;
// Create the group for the client
- $sql = "INSERT INTO sys_group (name,description,client_id) VALUES ('".mysql_real_escape_string($this->dataRecord["username"])."','',".$this->id.")";
- $app->db->query($sql);
- $groupid = $app->db->insertID();
+ $groupid = $app->db->datalogInsert('sys_group', "(name,description,client_id) VALUES ('".mysql_real_escape_string($this->dataRecord["username"])."','',".$this->id.")", 'groupid');
$groups = $groupid;
- $username = mysql_real_escape_string($this->dataRecord["username"]);
- $password = mysql_real_escape_string($this->dataRecord["password"]);
+ $username = $app->db->quote($this->dataRecord["username"]);
+ $password = $app->db->quote($this->dataRecord["password"]);
$modules = ISPC_INTERFACE_MODULES_ENABLED;
if($this->dataRecord["limit_client"] > 0) $modules .= ',client';
$startmodule = 'mail';
- $usertheme = mysql_real_escape_string($this->dataRecord["usertheme"]);
+ $usertheme = $app->db->quote($this->dataRecord["usertheme"]);
$type = 'user';
$active = 1;
- $language = mysql_real_escape_string($this->dataRecord["language"]);
+ $language = $app->db->quote($this->dataRecord["language"]);
// Create the controlpaneluser for the client
$sql = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
@@ -132,28 +130,30 @@
global $app;
// username changed
- if(isset($app->tform->diffrec['username'])) {
- $username = mysql_real_escape_string($this->dataRecord["username"]);
+ if(isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {
+ $username = $app->db->quote($this->dataRecord["username"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET username = '$username' WHERE client_id = $client_id";
$app->db->query($sql);
- $sql = "UPDATE sys_group SET name = '$username' WHERE client_id = $client_id";
- $app->db->query($sql);
+
+ $tmp = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = $client_id");
+ $app->db->datalogUpdate("sys_group", "name = '$username'", 'groupid', $tmp['groupid']);
+ unset($tmp);
}
// password changed
if(isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
- $password = mysql_real_escape_string($this->dataRecord["password"]);
+ $password = $app->db->quote($this->dataRecord["password"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET passwort = md5('$password') WHERE client_id = $client_id";
$app->db->query($sql);
}
// reseller status changed
- if(isset($this->dataRecord["limit_client"])) {
+ if(isset($this->dataRecord["limit_client"]) && $this->dataRecord["limit_client"] != $this->oldDataRecord["limit_client"]) {
$modules = ISPC_INTERFACE_MODULES_ENABLED;
if($this->dataRecord["limit_client"] > 0) $modules .= ',client';
- $modules = mysql_real_escape_string($modules);
+ $modules = $app->db->quote($modules);
$client_id = $this->id;
$sql = "UPDATE sys_user SET modules = '$modules' WHERE client_id = $client_id";
$app->db->query($sql);
--
Gitblit v1.9.1