From 5d93b3a4ecc8931eb8c2fcf619eb34c30068bccc Mon Sep 17 00:00:00 2001
From: Florian Schaal <florian@schaal-24.de>
Date: Fri, 09 Jan 2015 11:34:21 -0500
Subject: [PATCH] add missing sql-column mail_user.sender_cc to inc-updates

---
 interface/web/sites/ftp_user_edit.php |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/interface/web/sites/ftp_user_edit.php b/interface/web/sites/ftp_user_edit.php
index e4dec4a..bdbf3c2 100644
--- a/interface/web/sites/ftp_user_edit.php
+++ b/interface/web/sites/ftp_user_edit.php
@@ -142,6 +142,11 @@
 		$dir = $app->db->quote($web["document_root"]);
 		$uid = $app->db->quote($web["system_user"]);
 		$gid = $app->db->quote($web["system_group"]);
+		
+		// Check system user and group
+		if($app->functions->is_allowed_user($uid) == false || $app->functions->is_allowed_group($gid) == false) {
+			$app->error('Invalid system user or group');
+		}
 
 		// The FTP user shall be owned by the same group then the website
 		$sys_groupid = $app->functions->intval($web['sys_groupid']);
@@ -152,7 +157,7 @@
 
 	function onBeforeUpdate() {
 		global $app, $conf, $interfaceConf;
-
+		
 		/*
 		 * If the names should be restricted -> do it!
 		 */

--
Gitblit v1.9.1