From aa370627b211a51dc46891cfa4b6e3d2ef3e52db Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Tue, 16 Jul 2013 10:45:17 -0400
Subject: [PATCH] - Fixed FS#2924 - the month will not set automatically in the autoresponder by click now   Along with this fixed some display problems with the combo boxes introduced in 3.0.5.   Some fields were not correctly displayed with the predefined values if value and text of the underlying option element differ.

---
 interface/web/mail/mail_get_edit.php |   26 +++++++++++++-------------
 1 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/interface/web/mail/mail_get_edit.php b/interface/web/mail/mail_get_edit.php
index 4cc301c..41434c0 100644
--- a/interface/web/mail/mail_get_edit.php
+++ b/interface/web/mail/mail_get_edit.php
@@ -55,17 +55,11 @@
 		
 		// we will check only users, not admins
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
-		
-			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
-			$client = $app->db->queryOneRecord("SELECT limit_fetchmail FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-			
-			// Check if the user may add another transport.
-			if($client["limit_fetchmail"] >= 0) {
-				$tmp = $app->db->queryOneRecord("SELECT count(mailget_id) as number FROM mail_get WHERE sys_groupid = $client_group_id");
-				if($tmp["number"] >= $client["limit_fetchmail"]) {
-					$app->error($app->tform->wordbook["limit_fetchmail_txt"]);
-				}
+			if(!$app->tform->checkClientLimit('limit_fetchmail')) {
+				$app->error($app->tform->wordbook["limit_fetchmail_txt"]);
+			}
+			if(!$app->tform->checkResellerLimit('limit_fetchmail')) {
+				$app->error('Reseller: '.$app->tform->wordbook["limit_fetchmail_txt"]);
 			}
 		}
 		
@@ -91,10 +85,16 @@
 			}
 		} // end if user is not admin
 		
+		
 		// Set the server ID according to the selected destination
-		$tmp = $app->db->queryOneRecord("SELECT server_id FROM mail_user WHERE email = '".mysql_real_escape_string($this->dataRecord["destination"])."'");
+		$tmp = $app->db->queryOneRecord("SELECT server_id FROM mail_user WHERE email = '".$app->db->quote($this->dataRecord["destination"])."'");
 		$this->dataRecord["server_id"] = $tmp["server_id"];
 		unset($tmp);
+		
+		//* Check that no illegal combination of options is set
+		if((!isset($this->dataRecord['source_delete']) || @$this->dataRecord['source_delete'] == 'n') && $this->dataRecord['source_read_all'] == 'y') {
+			$app->tform->errorMessage .= $app->tform->lng('error_delete_read_all_combination')."<br>";
+		}
 		
 		parent::onSubmit();
 	}
@@ -102,7 +102,7 @@
 	function onAfterInsert() {
 		global $app;
 		
-		$tmp = $app->db->queryOneRecord("SELECT sys_groupid FROM mail_user WHERE email = '".mysql_real_escape_string($this->dataRecord["destination"])."'");
+		$tmp = $app->db->queryOneRecord("SELECT sys_groupid FROM mail_user WHERE email = '".$app->db->quote($this->dataRecord["destination"])."'");
 		$app->db->query("update mail_get SET sys_groupid = ".$tmp['sys_groupid']." WHERE mailget_id = ".$this->id);
 		
 	}

--
Gitblit v1.9.1