From cdda6b98d785f103d9be6643a99a882c0d65b64c Mon Sep 17 00:00:00 2001
From: fantu <fantu@ispconfig3>
Date: Sun, 21 Dec 2008 04:51:07 -0500
Subject: [PATCH] fix parse error

---
 interface/web/client/client_edit.php |   67 ++++++++++++++++++++++++++-------
 1 files changed, 53 insertions(+), 14 deletions(-)

diff --git a/interface/web/client/client_edit.php b/interface/web/client/client_edit.php
index 11b20a7..b8f111b 100644
--- a/interface/web/client/client_edit.php
+++ b/interface/web/client/client_edit.php
@@ -40,6 +40,7 @@
 
 require_once('../../lib/config.inc.php');
 require_once('../../lib/app.inc.php');
+require_once('tools.inc.php');
 
 //* Check permissions for module
 $app->auth->check_module_permissions('client');
@@ -49,7 +50,39 @@
 $app->load('tform_actions');
 
 class page_action extends tform_actions {
-	
+
+
+	function onShowEnd() {
+
+		global $app;
+
+		$sql = "SELECT template_id,template_name FROM client_template WHERE template_type = 'a'";
+		$tpls = $app->db->queryAllRecords($sql);
+		$option = '';
+		$tpl = array();
+		foreach($tpls as $item){
+			$option .= '<option value="' . $item['template_id'] . '|' .  $item['template_name'] . '">' . $item['template_name'] . '</option>';
+			$tpl[$item['template_id']] = $item['template_name'];
+		}
+		$app->tpl->setVar('tpl_add_select',$option);
+
+		$sql = "SELECT template_additional FROM client WHERE client_id = " . $this->id;
+		$result = $app->db->queryOneRecord($sql);
+		$tplAdd = explode("/", $result['template_additional']);
+		$text = '';
+		foreach($tplAdd as $item){
+			if (trim($item) != ''){
+				if ($text != '') $text .= '<br>';
+				$text .= $tpl[$item];
+			}
+		}
+
+		$app->tpl->setVar('template_additional_list', $text);
+
+		parent::onShowEnd();
+
+	}
+
 	/*
 	 This function is called automatically right after
 	 the data was successful inserted in the database.
@@ -57,20 +90,20 @@
 	function onAfterInsert() {
 		global $app;
 		// Create the group for the client
-		$sql = "INSERT INTO sys_group (name,description,client_id) VALUES ('".addslashes($this->dataRecord["username"])."','',".$this->id.")";
+		$sql = "INSERT INTO sys_group (name,description,client_id) VALUES ('".mysql_real_escape_string($this->dataRecord["username"])."','',".$this->id.")";
 		$app->db->query($sql);
 		$groupid = $app->db->insertID();
 		$groups = $groupid;
 		
-		$username = addslashes($this->dataRecord["username"]);
-		$password = addslashes($this->dataRecord["password"]);
+		$username = mysql_real_escape_string($this->dataRecord["username"]);
+		$password = mysql_real_escape_string($this->dataRecord["password"]);
 		$modules = ISPC_INTERFACE_MODULES_ENABLED;
 		if($this->dataRecord["limit_client"] > 0) $modules .= ',client';
 		$startmodule = 'mail';
-		$usertheme = addslashes($this->dataRecord["usertheme"]);
+		$usertheme = mysql_real_escape_string($this->dataRecord["usertheme"]);
 		$type = 'user';
 		$active = 1;
-		$language = addslashes($this->dataRecord["language"]);
+		$language = mysql_real_escape_string($this->dataRecord["language"]);
 		
 		// Create the controlpaneluser for the client
 		$sql = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
@@ -83,8 +116,11 @@
 			$app->auth->add_group_to_user($_SESSION['s']['user']['userid'],$groupid);
 			$app->db->query("UPDATE client SET parent_client_id = ".intval($_SESSION['s']['user']['client_id'])." WHERE client_id = ".$this->id);
 		}
-		
-		
+
+		/* If there is a client-template, process it */
+		applyClientTemplates($this->id);
+
+		parent::onAfterInsert();
 	}
 	
 	
@@ -96,8 +132,8 @@
 		global $app;
 		
 		// username changed
-		if(isset($app->tform->diffrec['username'])) {
-			$username = addslashes($this->dataRecord["username"]);
+		if($this->oldDataRecord['username'] != $this->dataRecord['username']) {
+			$username = mysql_real_escape_string($this->dataRecord["username"]);
 			$client_id = $this->id;
 			$sql = "UPDATE sys_user SET username = '$username' WHERE client_id = $client_id";
 			$app->db->query($sql);
@@ -107,7 +143,7 @@
 		
 		// password changed
 		if(isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
-			$password = addslashes($this->dataRecord["password"]);
+			$password = mysql_real_escape_string($this->dataRecord["password"]);
 			$client_id = $this->id;
 			$sql = "UPDATE sys_user SET passwort = md5('$password') WHERE client_id = $client_id";
 			$app->db->query($sql);
@@ -117,14 +153,17 @@
 		if(isset($this->dataRecord["limit_client"])) {
 			$modules = ISPC_INTERFACE_MODULES_ENABLED;
 			if($this->dataRecord["limit_client"] > 0) $modules .= ',client';
-			$modules = addslashes($modules);
+			$modules = mysql_real_escape_string($modules);
 			$client_id = $this->id;
 			$sql = "UPDATE sys_user SET modules = '$modules' WHERE client_id = $client_id";
 			$app->db->query($sql);
 		}
+		/*
+		 *  If there is a client-template, process it */
+		applyClientTemplates($this->id);
+
+		parent::onAfterUpdate();
 	}
-	
-	
 }
 
 $page = new page_action;

--
Gitblit v1.9.1