From a4262c618cfe8b15b4b0b4c3847e77c9f65552c9 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Wed, 23 Apr 2008 16:43:17 -0400
Subject: [PATCH] Updated Debian installation instructions.
---
interface/lib/classes/tform.inc.php | 32 +++++++++-----------------------
1 files changed, 9 insertions(+), 23 deletions(-)
diff --git a/interface/lib/classes/tform.inc.php b/interface/lib/classes/tform.inc.php
index c190512..251a9f9 100644
--- a/interface/lib/classes/tform.inc.php
+++ b/interface/lib/classes/tform.inc.php
@@ -693,7 +693,7 @@
$sql_insert_key .= "`$key`, ";
if($field['encryption'] == 'CRYPT') {
$salt="$1$";
- for ($n=0;$n<8;$n++) {
+ for ($n=0;$n<11;$n++) {
$salt.=chr(mt_rand(64,126));
}
$salt.="$";
@@ -702,7 +702,7 @@
} else {
$record[$key] = md5($record[$key]);
}
- $sql_insert_val .= "'".$record[$key]."', ";
+ $sql_insert_val .= "'".addslashes($record[$key])."', ";
} elseif ($field['formtype'] == 'CHECKBOX') {
$sql_insert_key .= "`$key`, ";
if($record[$key] == '') {
@@ -718,9 +718,9 @@
}
} else {
if($field['formtype'] == 'PASSWORD') {
- if($field['encryption'] == 'CRYPT') {
+ if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') {
$salt="$1$";
- for ($n=0;$n<8;$n++) {
+ for ($n=0;$n<11;$n++) {
$salt.=chr(mt_rand(64,126));
}
$salt.="$";
@@ -729,7 +729,7 @@
} else {
$record[$key] = md5($record[$key]);
}
- $sql_update .= "`$key` = '".$record[$key]."', ";
+ $sql_update .= "`$key` = '".addslashes($record[$key])."', ";
} elseif ($field['formtype'] == 'CHECKBOX') {
if($record[$key] == '') {
// if a checkbox is not set, we set it to the unchecked value
@@ -875,15 +875,6 @@
} else {
$escape = '`';
}
-
- /*
- if($action == "UPDATE" or $action == "DELETE") {
- $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id;
- $record_old = $app->db->queryOneRecord($sql);
- } else {
- $record_old = array();
- }
- */
$diffrec = array();
@@ -912,7 +903,8 @@
if(is_array($record_old) && count($record_old) > 0) {
foreach($record_old as $key => $val) {
- if(isset($record_new[$key]) && $record_new[$key] != $val) {
+ //if(isset($record_new[$key]) && $record_new[$key] != $val) {
+ if(!isset($record_new[$key]) || $record_new[$key] != $val) {
// Record has changed
$diffrec_full['old'][$key] = $val;
$diffrec_full['new'][$key] = $record_new[$key];
@@ -933,12 +925,6 @@
}
}
}
-
- /*
- echo "<pre>";
- print_r($diffrec_full);
- echo "</pre>";
- */
// Insert the server_id, if the record has a server_id
$server_id = (isset($record_old["server_id"]) && $record_old["server_id"] > 0)?$record_old["server_id"]:0;
@@ -999,8 +985,8 @@
}
} else {
$result = false;
- if($this->formDef["auth_preset"]["userid"] == $_SESSION["s"]["user"]["userid"] && stristr($perm,$this->formDef["auth_preset"]["perm_user"])) $result = true;
- if($this->formDef["auth_preset"]["groupid"] == $_SESSION["s"]["user"]["groupid"] && stristr($perm,$this->formDef["auth_preset"]["perm_group"])) $result = true;
+ if(@$this->formDef["auth_preset"]["userid"] == $_SESSION["s"]["user"]["userid"] && stristr($perm,$this->formDef["auth_preset"]["perm_user"])) $result = true;
+ if(@$this->formDef["auth_preset"]["groupid"] == $_SESSION["s"]["user"]["groupid"] && stristr($perm,$this->formDef["auth_preset"]["perm_group"])) $result = true;
if(@stristr($this->formDef["auth_preset"]["perm_other"],$perm)) $result = true;
// if preset == 0, everyone can insert a record of this type
--
Gitblit v1.9.1