From b5f6a1a03de9343ffc718ce253f7730e4d8d6c19 Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Tue, 29 Mar 2016 13:36:35 -0400
Subject: [PATCH] Fix for #3812 Insufficient validation of PHP version selector for ISPConfig 3.1 branch.

---
 interface/web/admin/server_edit.php |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/interface/web/admin/server_edit.php b/interface/web/admin/server_edit.php
index c81c6ee..c2e746d 100644
--- a/interface/web/admin/server_edit.php
+++ b/interface/web/admin/server_edit.php
@@ -43,6 +43,7 @@
 
 //* Check permissions for module
 $app->auth->check_module_permissions('admin');
+$app->auth->check_security_permissions('admin_allow_server_services');
 
 // Loading classes
 $app->uses('tpl,tform,tform_actions');
@@ -54,8 +55,8 @@
 		global $app, $conf;
 
 		// Getting Servers
-		$sql = "SELECT server_id,server_name FROM server WHERE server_id != $this->id ORDER BY server_name";
-		$mirror_servers = $app->db->queryAllRecords($sql);
+		$sql = "SELECT server_id,server_name FROM server WHERE server_id != ? ORDER BY server_name";
+		$mirror_servers = $app->db->queryAllRecords($sql, $this->id);
 		$mirror_server_select = '<option value="0">'.$app->tform->lng('- None -').'</option>';
 		if(is_array($mirror_servers)) {
 			foreach( $mirror_servers as $mirror_server) {

--
Gitblit v1.9.1