From 7990f8881b085279269d35cf9dd2787b88ae1c08 Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Tue, 27 Nov 2012 14:47:43 -0500
Subject: [PATCH] Bugfix: _ispconfig_pw_crypted was ignored (stripped off in encoding method)
---
interface/lib/classes/remoting.inc.php | 236 +++++++++++++++++++++++++++++++++++++++-------------------
1 files changed, 159 insertions(+), 77 deletions(-)
diff --git a/interface/lib/classes/remoting.inc.php b/interface/lib/classes/remoting.inc.php
index c89f8ed..1b19a4b 100644
--- a/interface/lib/classes/remoting.inc.php
+++ b/interface/lib/classes/remoting.inc.php
@@ -244,6 +244,55 @@
return $affected_rows;
}
+ //* Get alias details
+ public function mail_aliasdomain_get($session_id, $primary_id)
+ {
+ global $app;
+
+ if(!$this->checkPerm($session_id, 'mail_aliasdomain_get')) {
+ $this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+ $app->uses('remoting_lib');
+ $app->remoting_lib->loadFormDef('../mail/form/mail_aliasdomain.tform.php');
+ return $app->remoting_lib->getDataRecord($primary_id);
+ }
+
+ //* aliasy email
+ public function mail_aliasdomain_add($session_id, $client_id, $params)
+ {
+ if (!$this->checkPerm($session_id, 'mail_aliasdomain_add'))
+ {
+ $this->server->fault('permission_denied','You do not have the permissions to access this function.');
+ return false;
+ }
+ $affected_rows = $this->insertQuery('../mail/form/mail_aliasdomain.tform.php', $client_id, $params);
+ return $affected_rows;
+ }
+
+
+ public function mail_aliasdomain_update($session_id, $client_id, $primary_id, $params)
+ {
+ if (!$this->checkPerm($session_id, 'mail_aliasdomain_update'))
+ {
+ $this->server->fault('permission_denied','You do not have the permissions to access this function.');
+ return false;
+ }
+ $affected_rows = $this->updateQuery('../mail/form/mail_aliasdomain.tform.php', $client_id, $primary_id, $params);
+ return $affected_rows;
+ }
+
+ public function mail_aliasdomain_delete($session_id, $primary_id)
+ {
+ if (!$this->checkPerm($session_id, 'mail_aliasdomain_delete'))
+ {
+ $this->server->fault('permission_denied','You do not have the permissions to access this function.');
+ return false;
+ }
+ $affected_rows = $this->deleteQuery('../mail/form/mail_aliasdomain.tform.php', $primary_id);
+ return $affected_rows;
+ }
+
//* Get mail mailinglist details
public function mail_mailinglist_get($session_id, $primary_id)
{
@@ -306,30 +355,52 @@
}
- //* dodanie uzytkownika email
+ //* Add mail domain
public function mail_user_add($session_id, $client_id, $params){
+ global $app;
+
if (!$this->checkPerm($session_id, 'mail_user_add')){
$this->server->fault('permission_denied','You do not have the permissions to access this function.');
return false;
}
+
+ //* Check if mail domain exists
+ $email_parts = explode('@',$params['email']);
+ $tmp = $app->db->queryOneRecord("SELECT domain FROM mail_domain WHERE domain = '".$app->db->quote($email_parts[1])."'");
+ if($tmp['domain'] != $email_parts[1]) {
+ $this->server->fault('mail_domain_does_not_exist','Mail domain - '.$email_parts[1].' - does not exist.');
+ return false;
+ }
+
$affected_rows = $this->insertQuery('../mail/form/mail_user.tform.php', $client_id, $params);
return $affected_rows;
}
- //* edycja uzytkownika email
+ //* Update mail user
public function mail_user_update($session_id, $client_id, $primary_id, $params)
{
+ global $app;
+
if (!$this->checkPerm($session_id, 'mail_user_update'))
{
$this->server->fault('permission_denied','You do not have the permissions to access this function.');
return false;
}
+
+ //* Check if mail domain exists
+ $email_parts = explode('@',$params['email']);
+ $tmp = $app->db->queryOneRecord("SELECT domain FROM mail_domain WHERE domain = '".$app->db->quote($email_parts[1])."'");
+ if($tmp['domain'] != $email_parts[1]) {
+ $this->server->fault('mail_domain_does_not_exist','Mail domain - '.$email_parts[1].' - does not exist.');
+ return false;
+ }
+
$affected_rows = $this->updateQuery('../mail/form/mail_user.tform.php', $client_id, $primary_id, $params);
return $affected_rows;
}
- //*usuniecie uzytkownika emial
+ //* Delete mail user
public function mail_user_delete($session_id, $primary_id)
{
if (!$this->checkPerm($session_id, 'mail_user_delete'))
@@ -1023,11 +1094,11 @@
return false;
}
- $sys_userid = intval($sys_userid);
+ $sys_userid = $app->functions->intval($sys_userid);
$rec = $app->db->queryOneRecord("SELECT client_id FROM sys_user WHERE userid = ".$sys_userid);
if(isset($rec['client_id'])) {
- return intval($rec['client_id']);
+ return $app->functions->intval($rec['client_id']);
} else {
$this->server->fault('no_client_found', 'There is no sysuser account for this client ID.');
return false;
@@ -1043,11 +1114,11 @@
return false;
}
- $client_id = intval($client_id);
+ $client_id = $app->functions->intval($client_id);
$rec = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$client_id);
if(isset($rec['groupid'])) {
- return intval($rec['groupid']);
+ return $app->functions->intval($rec['groupid']);
} else {
$this->server->fault('no_group_found', 'There is no group for this client ID.');
return false;
@@ -1063,7 +1134,8 @@
$this->server->fault('permission_denied','You do not have the permissions to access this function.');
return false;
}
- $affected_rows = $this->klientadd('../client/form/' . ($reseller_id ? 'reseller' : 'client') . '.tform.php',$reseller_id, $params);
+ if(!isset($params['parent_client_id']) || $params['parent_client_id'] == 0) $params['parent_client_id'] = $reseller_id;
+ $affected_rows = $this->klientadd('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . '.tform.php',$reseller_id, $params);
return $affected_rows;
}
@@ -1077,7 +1149,8 @@
$this->server->fault('permission_denied','You do not have the permissions to access this function.');
return false;
}
- $affected_rows = $this->updateQuery('../client/form/' . ($reseller_id ? 'reseller' : 'client') . '.tform.php', $reseller_id, $client_id, $params);
+ if(!isset($params['parent_client_id']) || $params['parent_client_id'] == 0) $params['parent_client_id'] = $reseller_id;
+ $affected_rows = $this->updateQuery('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . '.tform.php', $reseller_id, $client_id, $params, 'client:' . ($reseller_id ? 'reseller' : 'client') . ':on_after_update');
$app->remoting_lib->ispconfig_sysuser_update($params,$client_id);
@@ -1106,61 +1179,56 @@
public function client_delete_everything($session_id, $client_id)
{
global $app, $conf;
+
if(!$this->checkPerm($session_id, 'client_delete_everything')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $client_id = intval($client_id);
- $client_group = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = $client_id");
+
+ $client_id = $app->functions->intval($client_id);
- $tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain,web_traffic';
- $tables_array = explode(',',$tables);
- $client_group_id = intval($client_group['groupid']);
-
- $table_list = array();
- if($client_group_id > 1) {
- foreach($tables_array as $table) {
- if($table != '') {
- $records = $app->db->queryAllRecords("SELECT * FROM $table WHERE sys_groupid = ".$client_group_id);
- $number = count($records);
- if($number > 0) $table_list[] = array('table' => $table."(".$number.")");
- }
- }
- }
-
-
- if($client_id > 0) {
- // remove the group of the client from the resellers group
- $parent_client_id = intval($this->dataRecord['parent_client_id']);
+ if($client_id > 0) {
+ //* remove the group of the client from the resellers group
+ $parent_client_id = $app->functions->intval($this->dataRecord['parent_client_id']);
$parent_user = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE client_id = $parent_client_id");
$client_group = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = $client_id");
$app->auth->remove_group_from_user($parent_user['userid'],$client_group['groupid']);
- // delete the group of the client
+ //* delete the group of the client
$app->db->query("DELETE FROM sys_group WHERE client_id = $client_id");
- // delete the sys user(s) of the client
+ //* delete the sys user(s) of the client
$app->db->query("DELETE FROM sys_user WHERE client_id = $client_id");
- // Delete all records (sub-clients, mail, web, etc....) of this client.
+ //* Delete all records (sub-clients, mail, web, etc....) of this client.
$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain,web_traffic';
$tables_array = explode(',',$tables);
- $client_group_id = intval($client_group['groupid']);
+ $client_group_id = $app->functions->intval($client_group['groupid']);
+
if($client_group_id > 1) {
foreach($tables_array as $table) {
if($table != '') {
$records = $app->db->queryAllRecords("SELECT * FROM $table WHERE sys_groupid = ".$client_group_id);
- // find the primary ID of the table
+ //* find the primary ID of the table
$table_info = $app->db->tableInfo($table);
$index_field = '';
foreach($table_info as $tmp) {
if($tmp['option'] == 'primary') $index_field = $tmp['name'];
}
- // Delete the records
+
+ //* Delete the records
if($index_field != '') {
if(is_array($records)) {
foreach($records as $rec) {
$app->db->datalogDelete($table, $index_field, $rec[$index_field]);
+ //* Delete traffic records that dont have a sys_groupid column
+ if($table == 'web_domain') {
+ $app->db->query("DELETE FROM web_traffic WHERE hostname = '".$app->db->quote($rec['domain'])."'");
+ }
+ //* Delete mail_traffic records that dont have a sys_groupid
+ if($table == 'mail_user') {
+ $app->db->query("DELETE FROM mail_traffic WHERE mailuser_id = '".$app->db->quote($rec['mailuser_id'])."'");
+ }
}
}
}
@@ -1169,21 +1237,15 @@
}
}
-
-
}
- if (!$this->checkPerm($session_id, 'client_delete'))
- {
- $this->server->fault('permission_denied','You do not have the permissions to access this function.');
- return false;
- }
- $affected_rows = $this->deleteQuery('../client/form/client.tform.php',$client_id);
-
- // $app->remoting_lib->ispconfig_sysuser_delete($client_id);
+ if (!$this->checkPerm($session_id, 'client_delete')) {
+ $this->server->fault('permission_denied','You do not have the permissions to access this function.');
+ return false;
+ }
+ $affected_rows = $this->deleteQuery('../client/form/client.tform.php',$client_id);
-
- return false;
+ return $affected_rows;
}
// Website functions ---------------------------------------------------------------------------------------
@@ -1253,8 +1315,17 @@
//* Add a record
public function sites_database_add($session_id, $client_id, $params)
{
+ global $app;
+
if(!$this->checkPerm($session_id, 'sites_database_add')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
+ return false;
+ }
+
+ //* Check for duplicates
+ $tmp = $app->db->queryOneRecord("SELECT count(database_id) as dbnum FROM web_database WHERE database_name = '".$app->db->quote($params['database_name'])."' AND server_id = '".intval($params["server_id"])."'");
+ if($tmp['dbnum'] > 0) {
+ $this->server->fault('database_name_error_unique', 'There is already a database with that name on the same server.');
return false;
}
@@ -1275,6 +1346,8 @@
//* Update a record
public function sites_database_update($session_id, $client_id, $primary_id, $params)
{
+ global $app;
+
if(!$this->checkPerm($session_id, 'sites_database_update')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
@@ -1296,6 +1369,7 @@
//* Delete a record
public function sites_database_delete($session_id, $primary_id)
{
+ global $app;
if(!$this->checkPerm($session_id, 'sites_database_delete')) {
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
@@ -1500,7 +1574,7 @@
}
if(!isset($params['client_group_id']) or (isset($params['client_group_id']) && empty($params['client_group_id']))) {
- $rec = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".intval($client_id));
+ $rec = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$app->functions->intval($client_id));
$params['client_group_id'] = $rec['groupid'];
}
@@ -1762,7 +1836,7 @@
}
// Delete all users that belong to this folder. - taken from web_folder_delete.php
- $records = $app->db->queryAllRecords("SELECT web_folder_user_id FROM web_folder_user WHERE web_folder_id = '".intval($primary_id)."'");
+ $records = $app->db->queryAllRecords("SELECT web_folder_user_id FROM web_folder_user WHERE web_folder_id = '".$app->functions->intval($primary_id)."'");
foreach($records as $rec) {
$this->deleteQuery('../sites/form/web_folder_user.tform.php',$rec['web_folder_user_id']);
//$app->db->datalogDelete('web_folder_user','web_folder_user_id',$rec['web_folder_user_id']);
@@ -1833,7 +1907,7 @@
return false;
}
$app->uses('remoting_lib');
- $app->remoting_lib->loadFormDef('../domain/form/domain.tform.php');
+ $app->remoting_lib->loadFormDef('../client/form/domain.tform.php');
return $app->remoting_lib->getDataRecord($primary_id);
}
@@ -1844,7 +1918,7 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- return $this->insertQuery('../domain/form/domain.tform.php',$client_id,$params);
+ return $this->insertQuery('../client/form/domain.tform.php',$client_id,$params);
}
//* Delete a record
@@ -1854,7 +1928,7 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $affected_rows = $this->deleteQuery('../domain/form/domain.tform.php',$primary_id);
+ $affected_rows = $this->deleteQuery('../client/form/domain.tform.php',$primary_id);
return $affected_rows;
}
@@ -1867,7 +1941,7 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $group_id = intval($group_id);
+ $group_id = $app->functions->intval($group_id);
$sql = "SELECT domain_id, domain FROM domain WHERE sys_groupid = $group_id ";
$all = $app->db->queryAllRecords($sql);
return $all;
@@ -1885,7 +1959,7 @@
return false;
}
- $client = $app->db->queryOneRecord("SELECT default_dnsserver FROM client WHERE client_id = ".intval($client_id));
+ $client = $app->db->queryOneRecord("SELECT default_dnsserver FROM client WHERE client_id = ".$app->functions->intval($client_id));
$server_id = $client["default_dnsserver"];
$template_record = $app->db->queryOneRecord("SELECT * FROM dns_template WHERE template_id = '$template_id'");
$fields = explode(',',$template_record['fields']);
@@ -1952,7 +2026,7 @@
if($error == '') {
// Insert the soa record
- $tmp = $app->db->queryOneRecord("SELECT userid,default_group FROM sys_user WHERE client_id = ".intval($client_id));
+ $tmp = $app->db->queryOneRecord("SELECT userid,default_group FROM sys_user WHERE client_id = ".$app->functions->intval($client_id));
$sys_userid = $tmp['userid'];
$sys_groupid = $tmp['default_group'];
unset($tmp);
@@ -2017,7 +2091,7 @@
$rec = $app->db->queryOneRecord("SELECT id FROM dns_soa WHERE origin like '".$origin.'%');
if(isset($rec['id'])) {
- return intval($rec['id']);
+ return $app->functions->intval($rec['id']);
} else {
$this->server->fault('no_domain_found', 'There is no domain ID with informed domain name.');
return false;
@@ -2640,7 +2714,7 @@
$this->id = $insert_id;
$this->dataRecord = $params;
- $app->plugin->raiseEvent('client:' . ($reseller_id ? 'reseller' : 'client') . ':on_after_insert',$this);
+ $app->plugin->raiseEvent('client:' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . ':on_after_insert',$this);
/*
if($app->db->errorMessage != '') {
@@ -2649,6 +2723,12 @@
}
*/
+ /* copied from the client_edit php */
+ exec('ssh-keygen -t rsa -C '.$username.'-rsa-key-'.time().' -f /tmp/id_rsa -N ""');
+ $app->db->query("UPDATE client SET created_at = ".time().", id_rsa = '".$app->db->quote(@file_get_contents('/tmp/id_rsa'))."', ssh_rsa = '".$app->db->quote(@file_get_contents('/tmp/id_rsa.pub'))."' WHERE client_id = ".$this->id);
+ exec('rm -f /tmp/id_rsa /tmp/id_rsa.pub');
+
+
//$app->uses('tform');
//* Save changes to Datalog
@@ -2671,7 +2751,7 @@
protected function insertQuery($formdef_file, $client_id, $params,$event_identifier = '')
{
$sql = $this->insertQueryPrepare($formdef_file, $client_id, $params);
- if($sql !== false) return $this->insertQueryExecute($sql, $params,$event_identifier = '');
+ if($sql !== false) return $this->insertQueryExecute($sql, $params,$event_identifier);
else return false;
}
@@ -2693,7 +2773,7 @@
$this->server->fault('data_processing_error', $app->remoting_lib->errorMessage);
return false;
}
-
+ $app->log('Executed insertQueryPrepare', LOGLEVEL_DEBUG);
return $sql;
}
@@ -2715,7 +2795,7 @@
// set a few values for compatibility with tform actions, mostly used by plugins
$this->id = $insert_id;
$this->dataRecord = $params;
-
+ $app->log('Executed insertQueryExecute, raising events now if any: ' . $event_identifier, LOGLEVEL_DEBUG);
if($event_identifier != '') $app->plugin->raiseEvent($event_identifier,$this);
//$app->uses('tform');
@@ -2732,7 +2812,7 @@
global $app;
$sql = $this->updateQueryPrepare($formdef_file, $client_id, $primary_id, $params);
- if($sql !== false) return $this->updateQueryExecute($sql, $primary_id, $params,$event_identifier = '');
+ if($sql !== false) return $this->updateQueryExecute($sql, $primary_id, $params,$event_identifier);
else return false;
}
@@ -2780,6 +2860,7 @@
}
$affected_rows = $app->db->affectedRows();
+ $app->log('Executed updateQueryExecute, raising events now if any: ' . $event_identifier, LOGLEVEL_DEBUG);
if($event_identifier != '') $app->plugin->raiseEvent($event_identifier,$this);
@@ -2810,6 +2891,7 @@
$this->oldDataRecord = $old_rec;
$this->id = $primary_id;
$this->dataRecord = $old_rec;
+ $app->log('Executed deleteQuery, raising events now if any: ' . $event_identifier, LOGLEVEL_DEBUG);
//$this->dataRecord = $params;
//* Get the SQL query
@@ -2894,11 +2976,11 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $sys_userid = intval($sys_userid);
+ $sys_userid = $app->functions->intval($sys_userid);
$sys_groupid = explode(',', $sys_groupid);
$new_group = array();
foreach($sys_groupid as $group_id) {
- $new_group[] = intval( $group_id);
+ $new_group[] = $app->functions->intval( $group_id);
}
$group_list = implode(',', $new_group);
$sql ="SELECT domain, domain_id, document_root, active FROM web_domain WHERE ( (sys_userid = $sys_userid AND sys_perm_user LIKE '%r%') OR (sys_groupid IN ($group_list) AND sys_perm_group LIKE '%r%') OR sys_perm_other LIKE '%r%') AND type = 'vhost'";
@@ -2932,7 +3014,7 @@
} else {
$status = 'n';
}
- $sql = "UPDATE web_domain SET active = '$status' WHERE domain_id = ".intval($primary_id);
+ $sql = "UPDATE web_domain SET active = '$status' WHERE domain_id = ".$app->functions->intval($primary_id);
$app->db->query($sql);
$result = $app->db->affectedRows();
return $result;
@@ -3002,7 +3084,7 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $client_id = intval($client_id);
+ $client_id = $app->functions->intval($client_id);
$client = $app->db->queryOneRecord("SELECT client_id FROM client WHERE client_id = ".$client_id);
if($client['client_id'] > 0) {
$new_password = $app->db->quote($new_password);
@@ -3065,7 +3147,7 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $client_id = intval($client_id);
+ $client_id = $app->functions->intval($client_id);
$sql = "SELECT d.database_id, d.database_name, d.database_user_id, d.database_ro_user_id, du.database_user, du.database_password FROM web_database d LEFT JOIN web_database_user du ON (du.database_user_id = d.database_user_id) INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = $client_id";
$all = $app->db->queryAllRecords($sql);
return $all;
@@ -3098,8 +3180,8 @@
return false;
}
if (!empty($client_id) && !empty($server_id)) {
- $server_id = intval($server_id);
- $client_id = intval($client_id);
+ $server_id = $app->functions->intval($server_id);
+ $client_id = $app->functions->intval($client_id);
$sql = "SELECT id, origin FROM dns_soa d INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = $client_id AND server_id = $server_id";
$result = $app->db->queryAllRecords($sql);
return $result;
@@ -3119,7 +3201,7 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $sql = "SELECT * FROM dns_rr WHERE zone = ".intval($zone_id);;
+ $sql = "SELECT * FROM dns_rr WHERE zone = ".$app->functions->intval($zone_id);;
$result = $app->db->queryAllRecords($sql);
return $result;
}
@@ -3144,7 +3226,7 @@
} else {
$status = 'N';
}
- $sql = "UPDATE dns_soa SET active = '$status' WHERE id = ".intval($primary_id);
+ $sql = "UPDATE dns_soa SET active = '$status' WHERE id = ".$app->functions->intval($primary_id);
$app->db->query($sql);
$result = $app->db->affectedRows();
return $result;
@@ -3166,7 +3248,7 @@
} else {
$status = 'n';
}
- $sql = "UPDATE mail_domain SET active = '$status' WHERE domain_id = ".intval($primary_id);
+ $sql = "UPDATE mail_domain SET active = '$status' WHERE domain_id = ".$app->functions->intval($primary_id);
$app->db->query($sql);
$result = $app->db->affectedRows();
return $result;
@@ -3293,7 +3375,7 @@
$this->server->fault('permission_denied', 'You do not have the permissions to access this function.');
return false;
}
- $server_id = intval($server_id);
+ $server_id = $app->functions->intval($server_id);
if($server_id > 0) {
$tmp = $app->db->queryOneRecord("SELECT ip_address_id, server_id, ip_address FROM openvz_ip WHERE reserved = 'n' AND vm_id = 0 AND server_id = $server_id LIMIT 0,1");
@@ -3365,9 +3447,9 @@
}
if (!empty($client_id)) {
- $client_id = intval($client_id);
+ $client_id = $app->functions->intval($client_id);
$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = $client_id");
- $sql = "SELECT * FROM openvz_vm WHERE sys_groupid = ".intval($tmp['groupid']);
+ $sql = "SELECT * FROM openvz_vm WHERE sys_groupid = ".$app->functions->intval($tmp['groupid']);
$result = $app->db->queryAllRecords($sql);
return $result;
}
@@ -3395,8 +3477,8 @@
}
- $template_id = intval($template_id);
- $ostemplate_id = intval($ostemplate_id);
+ $template_id = $app->functions->intval($template_id);
+ $ostemplate_id = $app->functions->intval($ostemplate_id);
//* Verify parameters
if($template_id == 0) {
--
Gitblit v1.9.1