From 404c729302f2536edb1cc9aebf63d9e89753438e Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Fri, 22 Apr 2016 03:41:06 -0400
Subject: [PATCH] Fixed 404 problem in HHVM PHP mode.

---
 interface/lib/classes/remote.d/client.inc.php |   19 ++++++++++---------
 1 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/interface/lib/classes/remote.d/client.inc.php b/interface/lib/classes/remote.d/client.inc.php
index d1c7532..c9441f5 100644
--- a/interface/lib/classes/remote.d/client.inc.php
+++ b/interface/lib/classes/remote.d/client.inc.php
@@ -400,20 +400,20 @@
 			$app->auth->remove_group_from_user($parent_user['userid'], $client_group['groupid']);
 
 			//* delete the group of the client
-			$app->db->query("DELETE FROM sys_group WHERE client_id = ", $client_id);
+			$app->db->query("DELETE FROM sys_group WHERE client_id = ?", $client_id);
 
 			//* delete the sys user(s) of the client
-			$app->db->query("DELETE FROM sys_user WHERE client_id = ", $client_id);
+			$app->db->query("DELETE FROM sys_user WHERE client_id = ?", $client_id);
 
 			//* Delete all records (sub-clients, mail, web, etc....)  of this client.
-			$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain,web_traffic';
+			$tables = 'cron,client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain,web_traffic,domain';
 			$tables_array = explode(',', $tables);
 			$client_group_id = $app->functions->intval($client_group['groupid']);
 
 			if($client_group_id > 1) {
 				foreach($tables_array as $table) {
 					if($table != '') {
-						$records = $app->db->queryAllRecords("SELECT * FROM $table WHERE sys_groupid = ", $client_group_id);
+						$records = $app->db->queryAllRecords("SELECT * FROM $table WHERE sys_groupid = ?", $client_group_id);
 						//* find the primary ID of the table
 						$table_info = $app->db->tableInfo($table);
 						$index_field = '';
@@ -526,22 +526,24 @@
 	 * @param int  client id
 	 * @param string new password
 	 * @return bool true if success
-	 * @author Julio Montoya <gugli100@gmail.com> BeezNest 2010
 	 *
 	 */
 	public function client_change_password($session_id, $client_id, $new_password) {
 		global $app;
 
+		$app->uses('auth');
+
 		if(!$this->checkPerm($session_id, 'client_change_password')) {
 			throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.');
 			return false;
 		}
-		$client_id = $app->functions->intval($client_id);
+
 		$client = $app->db->queryOneRecord("SELECT client_id FROM client WHERE client_id = ?", $client_id);
 		if($client['client_id'] > 0) {
-			$sql = "UPDATE client SET password = md5(?) 	WHERE client_id = ?";
+			$new_password = $app->auth->crypt_password($new_password);
+			$sql = "UPDATE client SET password = ? 	WHERE client_id = ?";
 			$app->db->query($sql, $new_password, $client_id);
-			$sql = "UPDATE sys_user SET passwort = md5(?) 	WHERE client_id = ?";
+			$sql = "UPDATE sys_user SET passwort = ? 	WHERE client_id = ?";
 			$app->db->query($sql, $new_password, $client_id);
 			return true;
 		} else {
@@ -681,7 +683,6 @@
 		
 		return $returnval;
 	}
-
 }
 
 ?>

--
Gitblit v1.9.1