From 6250b7ea002fd99e40d0170d31e7e19e69f97ccd Mon Sep 17 00:00:00 2001
From: Dominik <info@profi-webdesign.net>
Date: Thu, 23 Jan 2014 13:53:43 -0500
Subject: [PATCH] Merge remote-tracking branch 'ispc3master/master'
---
interface/web/sites/web_domain_edit.php | 91 ++++++++++++++++++++++++++++++---------------
1 files changed, 60 insertions(+), 31 deletions(-)
diff --git a/interface/web/sites/web_domain_edit.php b/interface/web/sites/web_domain_edit.php
index 98bb9f4..7673895 100644
--- a/interface/web/sites/web_domain_edit.php
+++ b/interface/web/sites/web_domain_edit.php
@@ -133,11 +133,21 @@
} else {
$server_id = (isset($web_servers[0])) ? intval($web_servers[0]) : 0;
}
-
+
+ if($app->functions->intval($this->dataRecord["server_id"]) > 0) {
+ // check if server is in client's servers or add it.
+ $chk_sid = explode(',', $client['web_servers']);
+ if(in_array($this->dataRecord["server_id"], $client['web_servers']) == false) {
+ if($client['web_servers'] != '') $client['web_servers'] .= ',';
+ $client['web_servers'] .= $app->functions->intval($this->dataRecord["server_id"]);
+ }
+ }
+
//* Fill the IPv4 select field with the IP addresses that are allowed for this client
$sql = "SELECT ip_address FROM server_ip WHERE server_id IN (" . $client['web_servers'] . ") AND ip_type = 'IPv4' AND (client_id = 0 OR client_id=".$_SESSION['s']['user']['client_id'].")";
$ips = $app->db->queryAllRecords($sql);
$ip_select = ($web_config['enable_ip_wildcard'] == 'y')?"<option value='*'>*</option>":"";
+ //if(!in_array($this->dataRecord["ip_address"], $ips)) $ip_select .= "<option value='".$this->dataRecord["ip_address"]."' SELECTED>".$this->dataRecord["ip_address"]."</option>\r\n";
//$ip_select = "";
if(is_array($ips)) {
foreach( $ips as $ip) {
@@ -169,10 +179,10 @@
if(!empty($web_config['server_type'])) $server_type = $web_config['server_type'];
if($server_type == 'nginx' && $this->dataRecord['php'] == 'fast-cgi') $this->dataRecord['php'] = 'php-fpm';
if($this->dataRecord['php'] == 'php-fpm'){
- $php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fpm_init_script != '' AND php_fpm_ini_dir != '' AND php_fpm_pool_dir != '' AND server_id = ".($this->id > 0 ? $this->dataRecord['server_id'] : intval($client['default_webserver']))." AND (client_id = 0 OR client_id=".$_SESSION['s']['user']['client_id'].")");
+ $php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fpm_init_script != '' AND php_fpm_ini_dir != '' AND php_fpm_pool_dir != '' AND server_id = ".($this->id > 0 ? $app->functions->intval($this->dataRecord['server_id']) : $app->functions->intval($client['default_webserver']))." AND (client_id = 0 OR client_id=".$app->functions->intval($_SESSION['s']['user']['client_id']).")");
}
if($this->dataRecord['php'] == 'fast-cgi'){
- $php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fastcgi_binary != '' AND php_fastcgi_ini_dir != '' AND server_id = ".($this->id > 0 ? $this->dataRecord['server_id'] : intval($client['default_webserver']))." AND (client_id = 0 OR client_id=".$_SESSION['s']['user']['client_id'].")");
+ $php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fastcgi_binary != '' AND php_fastcgi_ini_dir != '' AND server_id = ".($this->id > 0 ? $app->functions->intval($this->dataRecord['server_id']) : $app->functions->intval($client['default_webserver']))." AND (client_id = 0 OR client_id=".$app->functions->intval($_SESSION['s']['user']['client_id']).")");
}
$php_select = "<option value=''>Default</option>";
if(is_array($php_records) && !empty($php_records)) {
@@ -197,7 +207,7 @@
} elseif ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
// Get the limits of the client
- $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT client.client_id, client.limit_web_domain, client.default_webserver, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name, client." . implode(", client.", $read_limits) . " FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
//* Get global web config
@@ -220,7 +230,7 @@
// Fill the client select field
$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id']." ORDER BY sys_group.name";
$records = $app->db->queryAllRecords($sql);
- $tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$client['client_id']);
+ $tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$app->functions->intval($client['client_id']));
$client_select = '<option value="'.$tmp['groupid'].'">'.$client['contactname'].'</option>';
//$tmp_data_record = $app->tform->getDataRecord($this->id);
if(is_array($records)) {
@@ -234,10 +244,20 @@
}
$app->tpl->setVar("client_group_id", $client_select);
+ if($app->functions->intval($this->dataRecord["server_id"]) > 0) {
+ // check if server is in client's servers or add it.
+ $chk_sid = explode(',', $client['web_servers']);
+ if(in_array($this->dataRecord["server_id"], $client['web_servers']) == false) {
+ if($client['web_servers'] != '') $client['web_servers'] .= ',';
+ $client['web_servers'] .= $app->functions->intval($this->dataRecord["server_id"]);
+ }
+ }
+
//* Fill the IPv4 select field with the IP addresses that are allowed for this client
$sql = "SELECT ip_address FROM server_ip WHERE server_id IN (" . $client['web_servers'] . ") AND ip_type = 'IPv4' AND (client_id = 0 OR client_id=".$_SESSION['s']['user']['client_id'].")";
$ips = $app->db->queryAllRecords($sql);
$ip_select = ($web_config['enable_ip_wildcard'] == 'y')?"<option value='*'>*</option>":"";
+ //if(!in_array($this->dataRecord["ip_address"], $ips)) $ip_select .= "<option value='".$this->dataRecord["ip_address"]."' SELECTED>".$this->dataRecord["ip_address"]."</option>\r\n";
//$ip_select = "";
if(is_array($ips)) {
foreach( $ips as $ip) {
@@ -268,14 +288,14 @@
$server_type = 'apache';
if(!empty($web_config['server_type'])) $server_type = $web_config['server_type'];
if($server_type == 'nginx' && $this->dataRecord['php'] == 'fast-cgi') $this->dataRecord['php'] = 'php-fpm';
- $selected_client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE groupid = $selected_client_group_id");
+ $selected_client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE groupid = ".$app->functions->intval($selected_client_group_id));
//$sql_where = " AND (client_id = 0 OR client_id=".$_SESSION['s']['user']['client_id']." OR client_id = ".intval($selected_client['client_id']).")";
$sql_where = " AND (client_id = 0 OR client_id = ".intval($selected_client['client_id']).")";
if($this->dataRecord['php'] == 'php-fpm'){
- $php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fpm_init_script != '' AND php_fpm_ini_dir != '' AND php_fpm_pool_dir != '' AND server_id = ".($this->id > 0 ? $this->dataRecord['server_id'] : intval($client['default_webserver'])).$sql_where);
+ $php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fpm_init_script != '' AND php_fpm_ini_dir != '' AND php_fpm_pool_dir != '' AND server_id = ".($this->id > 0 ? $app->functions->intval($this->dataRecord['server_id']) : $app->functions->intval($client['default_webserver'])).$sql_where);
}
if($this->dataRecord['php'] == 'fast-cgi') {
- $php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fastcgi_binary != '' AND php_fastcgi_ini_dir != '' AND server_id = ".($this->id > 0 ? $this->dataRecord['server_id'] : intval($client['default_webserver'])).$sql_where);
+ $php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fastcgi_binary != '' AND php_fastcgi_ini_dir != '' AND server_id = ".($this->id > 0 ? $app->functions->intval($this->dataRecord['server_id']) : $app->functions->intval($client['default_webserver'])).$sql_where);
}
$php_select = "<option value=''>Default</option>";
if(is_array($php_records) && !empty($php_records)) {
@@ -364,7 +384,7 @@
$web_config = $app->getconf->get_server_config($server_id, 'web');
//* Fill the IPv4 select field
- $sql = "SELECT ip_address FROM server_ip WHERE ip_type = 'IPv4' AND server_id = $server_id";
+ $sql = "SELECT ip_address FROM server_ip WHERE ip_type = 'IPv4' AND server_id = ".$app->functions->intval($server_id);
$ips = $app->db->queryAllRecords($sql);
$ip_select = ($web_config['enable_ip_wildcard'] == 'y')?"<option value='*'>*</option>":"";
//$ip_select = "";
@@ -379,7 +399,7 @@
unset($ips);
//* Fill the IPv6 select field
- $sql = "SELECT ip_address FROM server_ip WHERE ip_type = 'IPv6' AND server_id = $server_id";
+ $sql = "SELECT ip_address FROM server_ip WHERE ip_type = 'IPv6' AND server_id = ".$app->functions->intval($server_id);
$ips = $app->db->queryAllRecords($sql);
$ip_select = "<option value=''></option>";
//$ip_select = "";
@@ -414,14 +434,14 @@
$server_type = 'apache';
if(!empty($web_config['server_type'])) $server_type = $web_config['server_type'];
if($server_type == 'nginx' && $this->dataRecord['php'] == 'fast-cgi') $this->dataRecord['php'] = 'php-fpm';
- $selected_client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE groupid = $selected_client_group_id");
+ $selected_client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE groupid = ".$app->functions->intval($selected_client_group_id));
//$sql_where = " AND (client_id = 0 OR client_id=".$_SESSION['s']['user']['client_id']." OR client_id = ".intval($selected_client['client_id']).")";
- $sql_where = " AND (client_id = 0 OR client_id = ".intval($selected_client['client_id']).")";
+ $sql_where = " AND (client_id = 0 OR client_id = ".$app->functions->intval($selected_client['client_id']).")";
if($this->dataRecord['php'] == 'php-fpm'){
$php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fpm_init_script != '' AND php_fpm_ini_dir != '' AND php_fpm_pool_dir != '' AND server_id = $server_id".$sql_where);
}
if($this->dataRecord['php'] == 'fast-cgi') {
- $php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fastcgi_binary != '' AND php_fastcgi_ini_dir != '' AND server_id = $server_id".$sql_where);
+ $php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fastcgi_binary != '' AND php_fastcgi_ini_dir != '' AND server_id = ".$app->functions->intval($server_id).$sql_where);
}
$php_select = "<option value=''>Default</option>";
if(is_array($php_records) && !empty($php_records)) {
@@ -545,7 +565,7 @@
// check for configuration errors in sys_datalog
if($this->id > 0) {
- $datalog = $app->db->queryOneRecord("SELECT sys_datalog.error, sys_log.tstamp FROM sys_datalog, sys_log WHERE sys_datalog.dbtable = 'web_domain' AND sys_datalog.dbidx = 'domain_id:".$this->id."' AND sys_datalog.datalog_id = sys_log.datalog_id AND sys_log.message = CONCAT('Processed datalog_id ',sys_log.datalog_id) ORDER BY sys_datalog.tstamp DESC");
+ $datalog = $app->db->queryOneRecord("SELECT sys_datalog.error, sys_log.tstamp FROM sys_datalog, sys_log WHERE sys_datalog.dbtable = 'web_domain' AND sys_datalog.dbidx = 'domain_id:".$app->functions->intval($this->id)."' AND sys_datalog.datalog_id = sys_log.datalog_id AND sys_log.message = CONCAT('Processed datalog_id ',sys_log.datalog_id) ORDER BY sys_datalog.tstamp DESC");
if(is_array($datalog) && !empty($datalog)){
if(trim($datalog['error']) != ''){
$app->tpl->setVar("config_error_msg", nl2br(htmlentities($datalog['error'])));
@@ -610,6 +630,13 @@
if($client['limit_hterror'] != 'y') $this->dataRecord['errordocs'] = '-';
if($client['limit_wildcard'] != 'y' && $this->dataRecord['subdomain'] == '*') $this->dataRecord['subdomain'] = '-';
if($client['limit_ssl'] != 'y') $this->dataRecord['ssl'] = '-';
+
+ // only generate quota and traffic warnings if value has changed
+ if($this->id > 0) {
+ $old_web_values = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($this->id));
+ } else {
+ $old_web_values = array();
+ }
//* Check the website quota of the client
if(isset($_POST["hd_quota"]) && $client["limit_web_quota"] >= 0 && $_POST["hd_quota"] != $old_web_values["hd_quota"]) {
@@ -834,7 +861,7 @@
// get the ID of the client
if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
- $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = $client_group_id");
$client_id = $app->functions->intval($client["client_id"]);
} else {
@@ -855,8 +882,10 @@
$php_open_basedir = str_replace("[website_path]", $document_root, $web_config["php_open_basedir"]);
$php_open_basedir = $app->db->quote(str_replace("[website_domain]", $web_rec['domain'], $php_open_basedir));
$htaccess_allow_override = $app->db->quote($web_config["htaccess_allow_override"]);
+ $added_date = date($app->lng('conf_format_dateshort'));
+ $added_by = $app->db->quote($_SESSION['s']['user']['username']);
- $sql = "UPDATE web_domain SET system_user = '$system_user', system_group = '$system_group', document_root = '$document_root', allow_override = '$htaccess_allow_override', php_open_basedir = '$php_open_basedir' WHERE domain_id = ".$this->id;
+ $sql = "UPDATE web_domain SET system_user = '$system_user', system_group = '$system_group', document_root = '$document_root', allow_override = '$htaccess_allow_override', php_open_basedir = '$php_open_basedir', added_date = '$added_date', added_by = '$added_by' WHERE domain_id = ".$this->id;
$app->db->query($sql);
}
@@ -935,7 +964,7 @@
// get the ID of the client
if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
- $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = $client_group_id");
$client_id = $app->functions->intval($client["client_id"]);
} elseif (isset($this->dataRecord["client_group_id"])) {
@@ -966,7 +995,7 @@
// Update the FTP user(s) too
$records = $app->db->queryAllRecords("SELECT ftp_user_id FROM ftp_user WHERE parent_domain_id = ".$this->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('ftp_user', "sys_userid = '".$web_rec['sys_userid']."', sys_groupid = '".$web_rec['sys_groupid']."', uid = '$system_user', gid = '$system_group', dir = '$document_root'", 'ftp_user_id', $rec['ftp_user_id']);
+ $app->db->datalogUpdate('ftp_user', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."', uid = '$system_user', gid = '$system_group', dir = '$document_root'", 'ftp_user_id', $app->functions->intval($rec['ftp_user_id']));
}
unset($records);
unset($rec);
@@ -974,7 +1003,7 @@
// Update the Shell user(s) too
$records = $app->db->queryAllRecords("SELECT shell_user_id FROM shell_user WHERE parent_domain_id = ".$this->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('shell_user', "sys_userid = '".$web_rec['sys_userid']."', sys_groupid = '".$web_rec['sys_groupid']."', puser = '$system_user', pgroup = '$system_group', dir = '$document_root'", 'shell_user_id', $rec['shell_user_id']);
+ $app->db->datalogUpdate('shell_user', "sys_userid = '".$web_rec['sys_userid']."', sys_groupid = '".$web_rec['sys_groupid']."', puser = '$system_user', pgroup = '$system_group', dir = '$document_root'", 'shell_user_id', $app->functions->intval($rec['shell_user_id']));
}
unset($records);
unset($rec);
@@ -983,7 +1012,7 @@
$records = $app->db->queryAllRecords("SELECT domain_id, `domain`, `type`, `web_folder` FROM web_domain WHERE parent_domain_id = ".$this->id);
foreach($records as $rec) {
$update_columns = "sys_userid = '".$web_rec['sys_userid']."', sys_groupid = '".$web_rec['sys_groupid']."'";
- if($rec['type'] == 'vhostsubdomain') {
+ if($rec['type'] == 'vhostsubdomain' || $rec['type'] == 'vhostalias') {
$php_open_basedir = str_replace("[website_path]/web", $document_root.'/'.$rec['web_folder'], $web_config["php_open_basedir"]);
$php_open_basedir = str_replace("[website_domain]/web", $rec['domain'].'/'.$rec['web_folder'], $php_open_basedir);
$php_open_basedir = str_replace("[website_path]", $document_root, $php_open_basedir);
@@ -999,7 +1028,7 @@
//* Update all databases
$records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE parent_domain_id = ".$this->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('web_database', "sys_userid = '".$web_rec['sys_userid']."', sys_groupid = '".$web_rec['sys_groupid']."'", 'database_id', $rec['database_id']);
+ $app->db->datalogUpdate('web_database', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."'", 'database_id', $app->functions->intval($rec['database_id']));
}
unset($records);
unset($rec);
@@ -1008,7 +1037,7 @@
//* If the domain name has been changed, we will have to change all subdomains + APS instances
if(!empty($this->dataRecord["domain"]) && !empty($this->oldDataRecord["domain"]) && $this->dataRecord["domain"] != $this->oldDataRecord["domain"]) {
- $records = $app->db->queryAllRecords("SELECT domain_id,domain FROM web_domain WHERE (type = 'subdomain' OR type = 'vhostsubdomain') AND domain LIKE '%.".$app->db->quote($this->oldDataRecord["domain"])."'");
+ $records = $app->db->queryAllRecords("SELECT domain_id,domain FROM web_domain WHERE (type = 'subdomain' OR type = 'vhostsubdomain' OR type = 'vhostalias') AND domain LIKE '%.".$app->db->quote($this->oldDataRecord["domain"])."'");
foreach($records as $rec) {
$subdomain = $app->db->quote(str_replace($this->oldDataRecord["domain"], $this->dataRecord["domain"], $rec['domain']));
$app->db->datalogUpdate('web_domain', "domain = '".$subdomain."'", 'domain_id', $rec['domain_id']);
@@ -1018,10 +1047,10 @@
unset($subdomain);
// Update APS instances
- $records = $app->db->queryAllRecords("SELECT id, instance_id FROM aps_instances_settings WHERE name = 'main_domain' AND value = '".$this->oldDataRecord["domain"]."'");
+ $records = $app->db->queryAllRecords("SELECT id, instance_id FROM aps_instances_settings WHERE name = 'main_domain' AND value = '".$app->db->quote($this->oldDataRecord["domain"])."'");
if(is_array($records) && !empty($records)){
foreach($records as $rec){
- $app->db->datalogUpdate('aps_instances_settings', "value = '".$this->dataRecord["domain"]."'", 'id', $rec['id']);
+ $app->db->datalogUpdate('aps_instances_settings', "value = '".$app->db->quote($this->dataRecord["domain"])."'", 'id', $rec['id']);
// Reinstall of package needed?
//$app->db->datalogUpdate('aps_instances', "instance_status = '1'", 'id', $rec['instance_id']);
}
@@ -1040,7 +1069,7 @@
if(empty($web_rec['php_open_basedir']) ||
(!empty($this->dataRecord["domain"]) && !empty($this->oldDataRecord["domain"]) && $this->dataRecord["domain"] != $this->oldDataRecord["domain"])) {
$php_open_basedir = $web_rec['php_open_basedir'];
- $php_open_basedir = str_replace($this->oldDataRecord['domain'], $web_rec['domain'], $php_open_basedir);
+ $php_open_basedir = $app->db->quote(str_replace($this->oldDataRecord['domain'], $web_rec['domain'], $php_open_basedir));
$sql = "UPDATE web_domain SET php_open_basedir = '$php_open_basedir' WHERE domain_id = ".$this->id;
$app->db->query($sql);
}
@@ -1056,8 +1085,8 @@
//* Change database backup options when web backup options have been changed
if(isset($this->dataRecord['backup_interval']) && ($this->dataRecord['backup_interval'] != $this->oldDataRecord['backup_interval'] || $this->dataRecord['backup_copies'] != $this->oldDataRecord['backup_copies'])) {
//* Update all databases
- $backup_interval = $this->dataRecord['backup_interval'];
- $backup_copies = $this->dataRecord['backup_copies'];
+ $backup_interval = $app->functions->intval($this->dataRecord['backup_interval']);
+ $backup_copies = $app->functions->intval($this->dataRecord['backup_copies']);
$records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE parent_domain_id = ".$this->id);
foreach($records as $rec) {
$app->db->datalogUpdate('web_database', "backup_interval = '$backup_interval', backup_copies = '$backup_copies'", 'database_id', $rec['database_id']);
@@ -1068,11 +1097,11 @@
unset($backup_interval);
}
- //* Change vhost subdomain ip/ipv6 if domain ip/ipv6 has changed
+ //* Change vhost subdomain and alias ip/ipv6 if domain ip/ipv6 has changed
if(isset($this->dataRecord['ip_address']) && ($this->dataRecord['ip_address'] != $this->oldDataRecord['ip_address'] || $this->dataRecord['ipv6_address'] != $this->oldDataRecord['ipv6_address'])) {
- $records = $app->db->queryAllRecords("SELECT domain_id FROM web_domain WHERE type = 'vhostsubdomain' AND parent_domain_id = ".$this->id);
+ $records = $app->db->queryAllRecords("SELECT domain_id FROM web_domain WHERE (type = 'vhostsubdomain' OR type = 'vhostalias') AND parent_domain_id = ".$this->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('web_domain', "ip_address = '".$web_rec['ip_address']."', ipv6_address = '".$web_rec['ipv6_address']."'", 'domain_id', $rec['domain_id']);
+ $app->db->datalogUpdate('web_domain', "ip_address = '".$app->db->quote($web_rec['ip_address'])."', ipv6_address = '".$app->db->quote($web_rec['ipv6_address'])."'", 'domain_id', $rec['domain_id']);
}
unset($records);
unset($rec);
@@ -1090,7 +1119,7 @@
$app->tform->datalogSave('DELETE', $d["domain_id"], $d, array());
}
- $app->db->query("DELETE FROM web_domain WHERE domain_id = ".$d["domain_id"]." LIMIT 0,1");
+ $app->db->query("DELETE FROM web_domain WHERE domain_id = ".$app->functions->intval($d["domain_id"])." LIMIT 0,1");
}
unset($child_domains);
unset($d);
--
Gitblit v1.9.1