From 615a0a96618fa99e7e452523145d6c0f238d4473 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Wed, 31 Jul 2013 09:33:43 -0400
Subject: [PATCH] Merged revisions 3960-4065 from stable branch.
---
interface/lib/classes/remoting_lib.inc.php | 9 +++++----
1 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php
index 5186c3c..f9cf59d 100644
--- a/interface/lib/classes/remoting_lib.inc.php
+++ b/interface/lib/classes/remoting_lib.inc.php
@@ -783,9 +783,9 @@
} else {
if($primary_id != 0) {
// update client permissions only if client_id > 0
- if($this->formDef['auth'] == 'yes' && $this->client_id > 0) {
- $sql_update .= '`sys_userid` = "'.$this->sys_userid.'", ';
- $sql_update .= '`sys_groupid` = "'.$this->sys_default_group.'", ';
+ if($this->formDef['auth'] == 'yes' && $this->client_id > 0 && $this->sys_userid > 0 && $this->sys_default_group > 0) {
+ $sql_update .= '`sys_userid` = '.$this->sys_userid.', ';
+ $sql_update .= '`sys_groupid` = '.$this->sys_default_group.', ';
}
$sql_update = substr($sql_update,0,-2);
$sql = "UPDATE ".$escape.$this->formDef['db_table'].$escape." SET ".$sql_update." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id;
@@ -817,7 +817,8 @@
if(@is_numeric($primary_id)) {
$sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id;
return $app->db->queryOneRecord($sql);
- } elseif (@is_array($primary_id)) {
+ } elseif (@is_array($primary_id) || @is_object($primary_id)) {
+ if(@is_object($primary_id)) $primary_id = get_object_vars($primary_id); // do not use cast (array)xxx because it returns private and protected properties!
$sql_offset = 0;
$sql_limit = 0;
$sql_where = '';
--
Gitblit v1.9.1