From 7ee336c7ccb5f8d35b8eb05cf5e812a42154cbc2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Wed, 15 Apr 2015 09:19:30 -0400
Subject: [PATCH] - ported some patches

---
 interface/web/sites/ajax_get_json.php |   69 ++++++++++++++++++++++++++--------
 1 files changed, 53 insertions(+), 16 deletions(-)

diff --git a/interface/web/sites/ajax_get_json.php b/interface/web/sites/ajax_get_json.php
index fb2f1c0..5e93843 100644
--- a/interface/web/sites/ajax_get_json.php
+++ b/interface/web/sites/ajax_get_json.php
@@ -56,8 +56,8 @@
 
 if($type == 'getserverid'){
 	$json = '{"serverid":"';
-	$sql = "SELECT server_id FROM web_domain WHERE domain_id = $web_id AND ".$app->tform->getAuthSQL('r');
-	$server = $app->db->queryOneRecord($sql);
+	$sql = "SELECT server_id FROM web_domain WHERE domain_id = ?? AND ".$app->tform->getAuthSQL('r');
+	$server = $app->db->queryOneRecord($sql, $web_id);
 	$json .= $server['server_id'];
 	unset($server);
 	$json .= '"}';
@@ -77,7 +77,7 @@
 		$sql_where = " AND (client_id = 0 OR client_id = ".$app->functions->intval($_SESSION["s"]["user"]["client_id"]) . ")";
 		//* Reseller: If the logged in user is not admin and has sub clients (is a reseller)
 	} elseif ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
-		$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE groupid = $client_group_id");
+		$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE groupid = ?", $client_group_id);
 		//$sql_where = " AND (client_id = 0 OR client_id = ".$_SESSION["s"]["user"]["client_id"];
 		$sql_where = " AND (client_id = 0";
 		if($app->functions->intval($client['client_id']) > 0) $sql_where .= " OR client_id = ".$app->functions->intval($client['client_id']);
@@ -85,7 +85,7 @@
 		//* Admin: If the logged in user is admin
 	} else {
 		//$sql_where = '';
-		$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE groupid = $client_group_id");
+		$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE groupid = ?", $client_group_id);
 		//$sql_where = " AND (client_id = 0 OR client_id = ".$_SESSION["s"]["user"]["client_id"];
 		$sql_where = " AND (client_id = 0";
 		if($app->functions->intval($client['client_id']) > 0) $sql_where .= " OR client_id = ".$app->functions->intval($client['client_id']);
@@ -93,10 +93,9 @@
 	}
 
 	if($php_type == 'php-fpm'){
-		$php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fpm_init_script != '' AND php_fpm_ini_dir != '' AND php_fpm_pool_dir != '' AND server_id = $server_id".$sql_where);
-	}
-	if($php_type == 'fast-cgi'){
-		$php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fastcgi_binary != '' AND php_fastcgi_ini_dir != '' AND server_id = $server_id".$sql_where);
+		$php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fpm_init_script != '' AND php_fpm_ini_dir != '' AND php_fpm_pool_dir != '' AND server_id = ?".$sql_where, $server_id);
+	} elseif($php_type == 'fast-cgi'){
+		$php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fastcgi_binary != '' AND php_fastcgi_ini_dir != '' AND server_id = ?".$sql_where, $server_id);
 	}
 	$php_select = "";
 	if(is_array($php_records) && !empty($php_records)) {
@@ -116,8 +115,8 @@
 
 if($type == 'getphptype'){
 	$json = '{"phptype":"';
-	$sql = "SELECT php FROM web_domain WHERE domain_id = $web_id AND ".$app->tform->getAuthSQL('r');
-	$php = $app->db->queryOneRecord($sql);
+	$sql = "SELECT php FROM web_domain WHERE domain_id = ? AND ".$app->tform->getAuthSQL('r');
+	$php = $app->db->queryOneRecord($sql, $web_id);
 	$json .= $php['php'];
 	unset($php);
 	$json .= '"}';
@@ -125,8 +124,8 @@
 
 if($type == 'getredirecttype'){
 	$json = '{"redirecttype":"';
-	$sql = "SELECT redirect_type FROM web_domain WHERE domain_id = $web_id AND ".$app->tform->getAuthSQL('r');
-	$redirect = $app->db->queryOneRecord($sql);
+	$sql = "SELECT redirect_type FROM web_domain WHERE domain_id = ? AND ".$app->tform->getAuthSQL('r');
+	$redirect = $app->db->queryOneRecord($sql, $web_id);
 	$json .= $redirect['redirect_type'];
 	unset($redirect);
 	$json .= '"}';
@@ -155,11 +154,11 @@
 if($type == 'getdatabaseusers') {
 	$json = '{}';
 
-	$sql = "SELECT sys_groupid FROM web_domain WHERE domain_id = $web_id AND ".$app->tform->getAuthSQL('r');
-	$group = $app->db->queryOneRecord($sql);
+	$sql = "SELECT sys_groupid FROM web_domain WHERE domain_id = ? AND ".$app->tform->getAuthSQL('r');
+	$group = $app->db->queryOneRecord($sql, $web_id);
 	if($group) {
-		$sql = "SELECT database_user_id, database_user FROM web_database_user WHERE sys_groupid = '" . $app->functions->intval($group['sys_groupid']) . "'";
-		$records = $app->db->queryAllRecords($sql);
+		$sql = "SELECT database_user_id, database_user FROM web_database_user WHERE sys_groupid = ?";
+		$records = $app->db->queryAllRecords($sql, $group['sys_groupid']);
 
 		$tmp_array = array();
 		foreach($records as $record) {
@@ -201,6 +200,44 @@
 	$json = json_encode($snippets);
 }
 
+if($type == 'getclientssldata'){
+	$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $web_id);
+	$sys_group = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE groupid = ?", $web['sys_groupid']);
+	$client = $app->db->queryOneRecord("SELECT * FROM client WHERE client_id = ?", $sys_group['client_id']);
+	if(is_array($client) && !empty($client)){
+		if($client['telephone'] == '' && $client['mobile'] != '') $client['telephone'] = $client['mobile'];
+		
+		$fname = '';
+		$lname = '';
+		$parts = preg_split("/\s+/", $client['contact_name']);
+		if(sizeof($parts) == 2){
+			$fname = $parts[0];
+			$lname = $parts[1];
+		}
+		if(sizeof($parts) > 2){
+			$fname = $parts[0].' ';
+			for($i=1;$i<sizeof($parts);$i++){
+				if($i == (sizeof($parts) - 1)){
+					$lname .= $parts[$i];
+				} else {
+					if(preg_match('@^(von|van|ten|ter|zur|zu|auf|sieber)$@i', $parts[$i])){
+						$lname .= implode(' ', array_slice($parts, $i));
+						break;
+					} else {
+						$fname .= $parts[$i].' ';
+					}
+				}
+			}
+		}
+		$fname = trim($fname);
+		$lname = trim($lname);
+		$client['fname'] = $fname;
+		$client['lname'] = $lname;
+		if(trim($client['company_name']) == '') $client['company_name'] = $fname.' '.$lname;
+	}
+	$json = $app->functions->json_encode($client);
+}
+
 //}
 
 header('Content-type: application/json');

--
Gitblit v1.9.1