From c220da99596c4fbca3a4413dbf880dbfc8fd0121 Mon Sep 17 00:00:00 2001
From: Florian Schaal <florian@schaal-24.de>
Date: Fri, 24 Jan 2014 06:20:12 -0500
Subject: [PATCH] changed sql-query and make ure that the backup-sub-dir exists

---
 interface/web/dns/dns_import.php |   49 ++++++++++++++++++++++++++++++++++++++++---------
 1 files changed, 40 insertions(+), 9 deletions(-)

diff --git a/interface/web/dns/dns_import.php b/interface/web/dns/dns_import.php
index b015453..b8b4f1b 100644
--- a/interface/web/dns/dns_import.php
+++ b/interface/web/dns/dns_import.php
@@ -49,12 +49,15 @@
 $domain = (isset($_POST['domain'])&&!empty($_POST['domain']))?$_POST['domain']:NULL;
 
 // get the correct server_id
-if($_SESSION['s']['user']['typ'] == 'admin') {
-	$server_id = (isset($_POST['server_id']))?$app->functions->intval($_POST['server_id']):1;
+if (isset($_POST['server_id'])) {
+	$server_id = $app->functions->intval($_POST['server_id']);
+	$post_server_id = true;
+} elseif (isset($_POST['server_id_value'])) {
+	$server_id = $app->functions->intval($_POST['server_id_value']);
+	$post_server_id = true;
 } else {
-	$client_group_id = $_SESSION["s"]["user"]["default_group"];
-	$client = $app->db->queryOneRecord("SELECT default_dnsserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-	$server_id = $client["default_dnsserver"];
+	$server_id = 1;
+	$post_server_id = false;
 }
 
 
@@ -101,14 +104,14 @@
 if ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
 
 	// Get the limits of the client
-	$client_group_id = $_SESSION["s"]["user"]["default_group"];
+	$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 	$client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 
 	// load the list of clients
-	$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id'];
+	$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".intval($client['client_id']);
 	$clients = $app->db->queryAllRecords($sql);
-	$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$client['client_id']);
+	$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".intval($client['client_id']));
 	$client_select = '<option value="'.$tmp['groupid'].'">'.$client['contactname'].'</option>';
 	if(is_array($clients)) {
 		foreach( $clients as $client) {
@@ -118,6 +121,34 @@
 	}
 
 	$app->tpl->setVar("client_group_id", $client_select);
+}
+
+if($_SESSION["s"]["user"]["typ"] != 'admin')
+{
+	$client_group_id = $_SESSION["s"]["user"]["default_group"];
+	$client_dns = $app->db->queryOneRecord("SELECT dns_servers FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+
+	$client_dns['dns_servers_ids'] = explode(',', $client_dns['dns_servers']);
+
+	$only_one_server = count($client_dns['dns_servers_ids']) === 1;
+	$app->tpl->setVar('only_one_server', $only_one_server);
+
+	if ($only_one_server) {
+		$app->tpl->setVar('server_id_value', $client_dns['dns_servers_ids'][0]);
+	}
+
+	$sql = "SELECT server_id, server_name FROM server WHERE server_id IN (" . $client_dns['dns_servers'] . ");";
+	$dns_servers = $app->db->queryAllRecords($sql);
+
+	$options_dns_servers = "";
+
+	foreach ($dns_servers as $dns_server) {
+		$options_dns_servers .= "<option value='$dns_server[server_id]'>$dns_server[server_name]</option>";
+	}
+
+	$app->tpl->setVar("server_id", $options_dns_servers);
+	unset($options_dns_servers);
+
 }
 
 $lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_dns_import.lng';
@@ -648,7 +679,7 @@
 			foreach($dns_rr as $rr)
 			{
 				$insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `zone`, `name`, `type`, `data`, `aux`, `ttl`, `active`) VALUES
-				('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$dns_soa_id', '$rr[name]', '$rr[type]', '$rr[data]', '$rr[aux]', '$rr[ttl]', 'Y')";
+				('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$dns_soa_id', '".$app->db->quote($rr['name'])."', '".$app->db->quote($rr['type'])."', '".$app->db->quote($rr['data'])."', '".$app->db->quote($rr['aux'])."', '".$app->db->quote($rr['ttl'])."', 'Y')";
 				$dns_rr_id = $app->db->datalogInsert('dns_rr', $insert_data, 'id');
 			}
 		}

--
Gitblit v1.9.1