From 84569173c9a21ebab5ecdb662d9b4fb98b7c336b Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Mon, 16 Apr 2012 08:19:56 -0400
Subject: [PATCH] Fixed: FS#2176 - collision between shell/ftp accounts and client accounts named webXX is not checked

---
 interface/lib/classes/db_mysql.inc.php |   34 ++++++++++++++++++++++++++++++----
 1 files changed, 30 insertions(+), 4 deletions(-)

diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php
index fc7b8b3..ae120c9 100644
--- a/interface/lib/classes/db_mysql.inc.php
+++ b/interface/lib/classes/db_mysql.inc.php
@@ -298,8 +298,20 @@
 	public function datalogInsert($tablename, $insert_data, $index_field) {
 		global $app;
 		
+		if(is_array($insert_data)) {
+			$key_str = '';
+			$val_str = '';
+			foreach($insert_data as $key => $val) {
+				$key_str .= "`".$key ."`,";
+				$val_str .= "'".$this->quote($val)."',";
+			}
+			$insert_data_str = '('.$key_str.') VALUES ('.$val_str.')';
+		} else {
+			$insert_data_str = $insert_data;
+		}
+		
 		$old_rec = array();
-		$this->query("INSERT INTO $tablename $insert_data");
+		$this->query("INSERT INTO $tablename $insert_data_str");
 		$index_value = $this->insertID();
 		$new_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
 		$this->datalogSave($tablename, 'INSERT', $index_field, $index_value, $old_rec, $new_rec);
@@ -308,11 +320,25 @@
 	}
 	
 	//** Updates a record and saves the changes into the datalog
-	public function datalogUpdate($tablename, $update_data, $index_field, $index_value) {
+	public function datalogUpdate($tablename, $update_data, $index_field, $index_value, $force_update = false) {
 		global $app;
 		
-		$old_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
-		$this->query("UPDATE $tablename SET $update_data WHERE $index_field = '$index_value'");
+		if($force_update == true) {
+			$old_rec = array();
+		} else {
+			$old_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
+		}
+		
+		if(is_array($update_data)) {
+			$update_data_str = '';
+			foreach($update_data as $key => $val) {
+				$update_data_str .= "`".$key ."` = '".$this->quote($val)."',";
+			}
+		} else {
+			$update_data_str = $update_data;
+		}
+		
+		$this->query("UPDATE $tablename SET $update_data_str WHERE $index_field = '$index_value'");
 		$new_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
 		$this->datalogSave($tablename, 'UPDATE', $index_field, $index_value, $old_rec, $new_rec);
 		

--
Gitblit v1.9.1