From d83abe0860e13d599b34e7e150e4ba2fd571db93 Mon Sep 17 00:00:00 2001
From: Florian Schaal <florian@schaal-24.de>
Date: Thu, 25 Feb 2016 02:27:22 -0500
Subject: [PATCH] validate serverip depending on ipv4/ipv6

---
 interface/lib/classes/tools_sites.inc.php |   13 ++++++++-----
 1 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/interface/lib/classes/tools_sites.inc.php b/interface/lib/classes/tools_sites.inc.php
index 3400c5b..b2881f5 100644
--- a/interface/lib/classes/tools_sites.inc.php
+++ b/interface/lib/classes/tools_sites.inc.php
@@ -87,7 +87,7 @@
 			if(isset($dataRecord['client_group_id'])) {
 				$client_group_id = $dataRecord['client_group_id'];
 			} elseif (isset($dataRecord['parent_domain_id'])) {
-				$tmp = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = " . $dataRecord['parent_domain_id']);
+				$tmp = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ?", $dataRecord['parent_domain_id']);
 				$client_group_id = $tmp['sys_groupid'];
 			} elseif(isset($dataRecord['sys_groupid'])) {
 				$client_group_id = $dataRecord['sys_groupid'];
@@ -96,7 +96,7 @@
 			}
 		}
 
-		$tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $app->functions->intval($client_group_id));
+		$tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = ?", $client_group_id);
 		$clientName = $tmp['name'];
 		if ($clientName == "") $clientName = 'default';
 		$clientName = $this->convertClientName($clientName);
@@ -114,7 +114,7 @@
 			if(isset($dataRecord['client_group_id'])) {
 				$client_group_id = $dataRecord['client_group_id'];
 			} elseif (isset($dataRecord['parent_domain_id']) && $dataRecord['parent_domain_id'] != 0) {
-				$tmp = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = " . $dataRecord['parent_domain_id']);
+				$tmp = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ?", $dataRecord['parent_domain_id']);
 				$client_group_id = $tmp['sys_groupid'];
 			} elseif(isset($dataRecord['sys_groupid'])) {
 				$client_group_id = $dataRecord['sys_groupid'];
@@ -122,7 +122,7 @@
 				return '[CLIENTID]';
 			}
 		}
-		$tmp = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE groupid = " . $app->functions->intval($client_group_id));
+		$tmp = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE groupid = ?", $client_group_id);
 		$clientID = $tmp['client_id'];
 		if ($clientID == '') $clientID = '0';
 		return $clientID;
@@ -144,6 +144,7 @@
 		return $res;
 	}
 
+	/* TODO: rewrite SQL */
 	function getDomainModuleDomains($not_used_in_table = null, $selected_domain = null) {
 		global $app;
 
@@ -168,6 +169,7 @@
 		return $app->db->queryAllRecords($sql, $not_used_in_table, $selected_domain);
 	}
 
+	/* TODO: rewrite SQL */
 	function checkDomainModuleDomain($domain_id) {
 		global $app;
 
@@ -180,7 +182,8 @@
 		if(!$domain || !$domain['domain_id']) return false;
 		return $domain['domain'];
 	}
-
+	
+	/* TODO: rewrite SQL */
 	function getClientIdForDomain($domain_id) {
 		global $app;
 

--
Gitblit v1.9.1