From b31c514ee2f1d25b4e5ff39bdef1765dbf14e106 Mon Sep 17 00:00:00 2001
From: jwarnier <jwarnier@ispconfig3>
Date: Thu, 19 Aug 2010 18:09:42 -0400
Subject: [PATCH] Fix typos.

---
 interface/web/client/client_edit.php |   94 +++++++++++++++++++++++++++++++++++++---------
 1 files changed, 75 insertions(+), 19 deletions(-)

diff --git a/interface/web/client/client_edit.php b/interface/web/client/client_edit.php
index b8f111b..5714220 100644
--- a/interface/web/client/client_edit.php
+++ b/interface/web/client/client_edit.php
@@ -1,6 +1,6 @@
 <?php
 /*
-Copyright (c) 2005, Till Brehm, projektfarm Gmbh
+Copyright (c) 2005 - 2008, Till Brehm, projektfarm Gmbh
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,
@@ -52,6 +52,52 @@
 class page_action extends tform_actions {
 
 
+	function onShowNew() {
+		global $app, $conf;
+		
+		// we will check only users, not admins
+		if($_SESSION["s"]["user"]["typ"] == 'user') {
+			
+			// Get the limits of the client
+			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client = $app->db->queryOneRecord("SELECT limit_client FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+			
+			// Check if the user may add another website.
+			if($client["limit_client"] >= 0) {
+				$tmp = $app->db->queryOneRecord("SELECT count(client_id) as number FROM client WHERE sys_groupid = $client_group_id");
+				if($tmp["number"] >= $client["limit_client"]) {
+					$app->error($app->tform->wordbook["limit_client_txt"]);
+				}
+			}
+		}
+		
+		parent::onShowNew();
+	}
+	
+	
+	function onSubmit() {
+		global $app, $conf;
+		
+		// we will check only users, not admins
+		if($_SESSION["s"]["user"]["typ"] == 'user' && $this->id == 0) {
+			
+			// Get the limits of the client
+			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client = $app->db->queryOneRecord("SELECT limit_client FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+			
+			// Check if the user may add another website.
+			if($client["limit_client"] >= 0) {
+				$tmp = $app->db->queryOneRecord("SELECT count(client_id) as number FROM client WHERE sys_groupid = $client_group_id");
+				if($tmp["number"] >= $client["limit_client"]) {
+					$app->error($app->tform->wordbook["limit_client_txt"]);
+				}
+			}
+		}
+		
+		parent::onSubmit();
+	}
+
+
 	function onShowEnd() {
 
 		global $app;
@@ -72,7 +118,7 @@
 		$text = '';
 		foreach($tplAdd as $item){
 			if (trim($item) != ''){
-				if ($text != '') $text .= '<br>';
+				if ($text != '') $text .= '<br />';
 				$text .= $tpl[$item];
 			}
 		}
@@ -88,22 +134,20 @@
 	 the data was successful inserted in the database.
 	*/
 	function onAfterInsert() {
-		global $app;
+		global $app, $conf;
 		// Create the group for the client
-		$sql = "INSERT INTO sys_group (name,description,client_id) VALUES ('".mysql_real_escape_string($this->dataRecord["username"])."','',".$this->id.")";
-		$app->db->query($sql);
-		$groupid = $app->db->insertID();
+		$groupid = $app->db->datalogInsert('sys_group', "(name,description,client_id) VALUES ('".mysql_real_escape_string($this->dataRecord["username"])."','',".$this->id.")", 'groupid');
 		$groups = $groupid;
 		
-		$username = mysql_real_escape_string($this->dataRecord["username"]);
-		$password = mysql_real_escape_string($this->dataRecord["password"]);
-		$modules = ISPC_INTERFACE_MODULES_ENABLED;
+		$username = $app->db->quote($this->dataRecord["username"]);
+		$password = $app->db->quote($this->dataRecord["password"]);
+		$modules = $conf['interface_modules_enabled'];
 		if($this->dataRecord["limit_client"] > 0) $modules .= ',client';
 		$startmodule = 'mail';
-		$usertheme = mysql_real_escape_string($this->dataRecord["usertheme"]);
+		$usertheme = $app->db->quote($this->dataRecord["usertheme"]);
 		$type = 'user';
 		$active = 1;
-		$language = mysql_real_escape_string($this->dataRecord["language"]);
+		$language = $app->db->quote($this->dataRecord["language"]);
 		
 		// Create the controlpaneluser for the client
 		$sql = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
@@ -116,6 +160,8 @@
 			$app->auth->add_group_to_user($_SESSION['s']['user']['userid'],$groupid);
 			$app->db->query("UPDATE client SET parent_client_id = ".intval($_SESSION['s']['user']['client_id'])." WHERE client_id = ".$this->id);
 		}
+		
+		$app->db->query("UPDATE client SET created_at = ".time()." WHERE client_id = ".$this->id);
 
 		/* If there is a client-template, process it */
 		applyClientTemplates($this->id);
@@ -132,28 +178,38 @@
 		global $app;
 		
 		// username changed
-		if($this->oldDataRecord['username'] != $this->dataRecord['username']) {
-			$username = mysql_real_escape_string($this->dataRecord["username"]);
+		if(isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {
+			$username = $app->db->quote($this->dataRecord["username"]);
 			$client_id = $this->id;
 			$sql = "UPDATE sys_user SET username = '$username' WHERE client_id = $client_id";
 			$app->db->query($sql);
-			$sql = "UPDATE sys_group SET name = '$username' WHERE client_id = $client_id";
-			$app->db->query($sql);
+			
+			$tmp = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = $client_id");
+			$app->db->datalogUpdate("sys_group", "name = '$username'", 'groupid', $tmp['groupid']);
+			unset($tmp);
 		}
 		
 		// password changed
 		if(isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
-			$password = mysql_real_escape_string($this->dataRecord["password"]);
+			$password = $app->db->quote($this->dataRecord["password"]);
 			$client_id = $this->id;
 			$sql = "UPDATE sys_user SET passwort = md5('$password') WHERE client_id = $client_id";
 			$app->db->query($sql);
 		}
 		
+		// language changed
+		if(isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) {
+			$language = $app->db->quote($this->dataRecord["language"]);
+			$client_id = $this->id;
+			$sql = "UPDATE sys_user SET language = '$language' WHERE client_id = $client_id";
+			$app->db->query($sql);
+		}
+		
 		// reseller status changed
-		if(isset($this->dataRecord["limit_client"])) {
-			$modules = ISPC_INTERFACE_MODULES_ENABLED;
+		if(isset($this->dataRecord["limit_client"]) && $this->dataRecord["limit_client"] != $this->oldDataRecord["limit_client"]) {
+			$modules = $conf['interface_modules_enabled'];
 			if($this->dataRecord["limit_client"] > 0) $modules .= ',client';
-			$modules = mysql_real_escape_string($modules);
+			$modules = $app->db->quote($modules);
 			$client_id = $this->id;
 			$sql = "UPDATE sys_user SET modules = '$modules' WHERE client_id = $client_id";
 			$app->db->query($sql);

--
Gitblit v1.9.1