From d370bbc3d3550bb5c6015215c9af48a812e240e9 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Fri, 08 Jun 2012 05:43:10 -0400
Subject: [PATCH] Implemented: FS#2280 - Extend the tform library to apply filters on form values

---
 interface/web/sites/shell_user_edit.php |    8 ++++++--
 1 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/interface/web/sites/shell_user_edit.php b/interface/web/sites/shell_user_edit.php
index 422c8a1..e09d8dd 100644
--- a/interface/web/sites/shell_user_edit.php
+++ b/interface/web/sites/shell_user_edit.php
@@ -81,7 +81,7 @@
 		
 		if ($this->dataRecord['username'] != ""){
 			/* REMOVE the restriction */
-			$app->tpl->setVar("username", str_replace($shelluser_prefix , '', $this->dataRecord['username']));
+			$app->tpl->setVar("username", preg_replace('/'.$shelluser_prefix.'/', '', $this->dataRecord['username'], 1));
 		}
 		if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
 			$app->tpl->setVar("username_prefix", $global_config['shelluser_prefix']);
@@ -111,6 +111,10 @@
 		
 		if(isset($this->dataRecord['username']) && trim($this->dataRecord['username']) == '') $app->tform->errorMessage .= $app->tform->lng('username_error_empty').'<br />';
 		if(isset($this->dataRecord['username']) && empty($this->dataRecord['parent_domain_id'])) $app->tform->errorMessage .= $app->tform->lng('parent_domain_id_error_empty').'<br />';
+		if(isset($this->dataRecord['dir']) && stristr($this->dataRecord['dir'],'..')) $app->tform->errorMessage .= $app->tform->lng('dir_dot_error').'<br />';
+		if(isset($this->dataRecord['dir']) && stristr($this->dataRecord['dir'],'./')) $app->tform->errorMessage .= $app->tform->lng('dir_slashdot_error').'<br />';
+		
+		if(isset($this->dataRecord['ssh_rsa'])) $this->dataRecord['ssh_rsa'] = trim($this->dataRecord['ssh_rsa']);
 		
 		parent::onSubmit();
 	}
@@ -198,7 +202,7 @@
 	function getClientName() {
 		global $app, $conf;
 	
-		if($_SESSION["s"]["user"]["typ"] != 'admin') {
+		if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
 			// Get the group-id of the user
 			$client_group_id = $_SESSION["s"]["user"]["default_group"];
 		} else {

--
Gitblit v1.9.1