From 620df024f3d8960a89eb4ed71d3ea61e2b9aa3db Mon Sep 17 00:00:00 2001
From: quentusrex <quentusrex@ispconfig3>
Date: Thu, 30 Oct 2008 13:59:40 -0400
Subject: [PATCH] Now a client can view e-mail filters created by admin, but the client can't edit them. The client can submit a change, but it isn't input in the database, nor is the client told that the changes aren't made.
---
interface/web/sites/web_domain_edit.php | 18 ++++++++----------
1 files changed, 8 insertions(+), 10 deletions(-)
diff --git a/interface/web/sites/web_domain_edit.php b/interface/web/sites/web_domain_edit.php
index 5c571c2..6d5e92b 100644
--- a/interface/web/sites/web_domain_edit.php
+++ b/interface/web/sites/web_domain_edit.php
@@ -41,11 +41,8 @@
require_once('../../lib/config.inc.php');
require_once('../../lib/app.inc.php');
-// Checking module permissions
-if(!stristr($_SESSION["s"]["user"]["modules"],'sites')) {
- header("Location: ../index.php");
- exit;
-}
+//* Check permissions for module
+$app->auth->check_module_permissions('sites');
// Loading classes
$app->uses('tpl,tform,tform_actions');
@@ -97,7 +94,7 @@
// Get the limits of the client
$client_group_id = $_SESSION["s"]["user"]["default_group"];
- $client = $app->db->queryOneRecord("SELECT limit_web_domain, default_webserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+ $client = $app->db->queryOneRecord("SELECT client_id, limit_web_domain, default_webserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
// Set the webserver to the default server of the client
$tmp = $app->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = $client[default_webserver]");
@@ -105,7 +102,7 @@
unset($tmp);
// Fill the client select field
- $sql = "SELECT groupid, name FROM sys_group WHERE client_id > 0";
+ $sql = "SELECT groupid, name FROM sys_group, client WHERE sys_group.client_id = client.parent_client_id AND client.parent_client_id = ".$client['client_id'];
$clients = $app->db->queryAllRecords($sql);
$client_select = '';
if(is_array($clients)) {
@@ -156,7 +153,6 @@
}
}
$app->tpl->setVar("client_group_id",$client_select);
-
}
@@ -233,7 +229,7 @@
$client_id = intval($client["client_id"]);
} else {
//$client_id = intval($this->dataRecord["client_group_id"]);
- $client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($this->dataRecord["sys_groupid"]));
+ $client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($this->dataRecord["client_group_id"]));
$client_id = intval($client["client_id"]);
}
@@ -273,10 +269,11 @@
$client_id = intval($client["client_id"]);
} else {
//$client_id = intval(@$web_rec["client_group_id"]);
- $client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval(@$this->dataRecord["sys_groupid"]));
+ $client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval(@$this->dataRecord["client_group_id"]));
$client_id = intval($client["client_id"]);
}
+ /*
// Set the values for document_root, system_user and system_group
$system_user = 'web'.$this->id;
$system_group = 'client'.$client_id;
@@ -284,6 +281,7 @@
$sql = "UPDATE web_domain SET system_user = '$system_user', system_group = '$system_group', document_root = '$document_root' WHERE domain_id = ".$this->id;
$app->db->query($sql);
+ */
}
--
Gitblit v1.9.1