From 8143c39240c5773cc2dfb30b4a8b19f59e4a8d1d Mon Sep 17 00:00:00 2001
From: vogelor <vogelor@ispconfig3>
Date: Mon, 17 May 2010 12:51:20 -0400
Subject: [PATCH] Fixed a bug: if the domain-module is used and there are NO domains in the list, then the user was able to free edit the domain-name. This bug is fixed now and a empty list is generated, so the user can enter only a empty name!

---
 server/plugins-available/mysql_clientdb_plugin.inc.php |   14 +++++++++++++-
 1 files changed, 13 insertions(+), 1 deletions(-)

diff --git a/server/plugins-available/mysql_clientdb_plugin.inc.php b/server/plugins-available/mysql_clientdb_plugin.inc.php
index 493d80f..fdececf 100644
--- a/server/plugins-available/mysql_clientdb_plugin.inc.php
+++ b/server/plugins-available/mysql_clientdb_plugin.inc.php
@@ -85,7 +85,9 @@
           
           // check if entry is valid ip address
           $valid = true;
-          if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $db_host)) {
+		  if($db_host == "%") {
+		  	$valid = true;
+		  } elseif(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $db_host)) {
               $groups = explode(".", $db_host);
               foreach($groups as $group){
                 if($group<0 OR $group>255)
@@ -119,6 +121,11 @@
 		if($data["new"]["type"] == 'mysql') {
 			if(!include(ISPC_LIB_PATH.'/mysql_clientdb.conf')) {
 				$app->log('Unable to open'.ISPC_LIB_PATH.'/mysql_clientdb.conf',LOGLEVEL_ERROR);
+				return;
+			}
+			
+			if($data["new"]["database_user"] == 'root') {
+				$app->log('User root not allowed for Client databases',LOGLEVEL_WARNING);
 				return;
 			}
 		
@@ -170,6 +177,11 @@
 				return;
 			}
 			
+			if($data["new"]["database_user"] == 'root') {
+				$app->log('User root not allowed for Client databases',LOGLEVEL_WARNING);
+				return;
+			}
+			
 			//* Connect to the database
 			$link = mysql_connect($clientdb_host, $clientdb_user, $clientdb_password);
 			if (!$link) {

--
Gitblit v1.9.1