From daff5cb75bce6d6b0cbed092c3b807bb04fade9b Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Thu, 31 May 2007 11:15:12 -0400
Subject: [PATCH] diverse updates.
---
interface/lib/classes/tform.inc.php | 105 +++++++++++++++++++++++++++++++++++++++-------------
1 files changed, 78 insertions(+), 27 deletions(-)
diff --git a/interface/lib/classes/tform.inc.php b/interface/lib/classes/tform.inc.php
index 0336e11..bdcbaed 100644
--- a/interface/lib/classes/tform.inc.php
+++ b/interface/lib/classes/tform.inc.php
@@ -104,10 +104,11 @@
var $errorMessage = '';
var $dateformat = "d.m.Y";
- var $formDef;
+ var $formDef;
var $wordbook;
var $module;
var $primary_id;
+ var $diffrec = array();
/**
* Laden der Tabellendefinition
@@ -313,8 +314,8 @@
break;
case 'CHECKBOX':
- $checked = (empty($val))?'':' CHECKED';
- $new_record[$key] = "<input name=\"".$key."\" type=\"checkbox\" value=\"".$field['value']."\" $checked>\r\n";
+ $checked = ($val == $field['value'][1])?' CHECKED':'';
+ $new_record[$key] = "<input name=\"".$key."\" type=\"checkbox\" value=\"".$field['value'][1]."\" $checked>\r\n";
break;
case 'CHECKBOXARRAY':
@@ -397,8 +398,9 @@
break;
case 'CHECKBOX':
- $checked = (empty($field["default"]))?'':' CHECKED';
- $new_record[$key] = "<input name=\"".$key."\" type=\"checkbox\" value=\"".$field['value']."\" $checked>\r\n";
+ // $checked = (empty($field["default"]))?'':' CHECKED';
+ $checked = ($field["default"] == $field['value'][1])?' CHECKED':'';
+ $new_record[$key] = "<input name=\"".$key."\" type=\"checkbox\" value=\"".$field['value'][1]."\" $checked>\r\n";
break;
case 'CHECKBOXARRAY':
@@ -483,7 +485,9 @@
if($record[$key] > 0) {
list($tag,$monat,$jahr) = explode('.',$record[$key]);
$new_record[$key] = mktime(0,0,0,$monat,$tag,$jahr);
- }
+ } else {
+ $new_record[$key] = 0;
+ }
break;
case 'INTEGER':
$new_record[$key] = intval($record[$key]);
@@ -526,7 +530,7 @@
function validateField($field_name, $field_value, $validators) {
global $app;
-
+
// loop trough the validators
foreach($validators as $validator) {
@@ -543,39 +547,63 @@
$num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."'");
if($num_rec["number"] > 0) {
$errmsg = $validator['errmsg'];
- $this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br>\r\n";
+ }
}
} else {
$num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."' AND ".$this->formDef['db_table_idx']." != ".$this->primary_id);
if($num_rec["number"] > 0) {
$errmsg = $validator['errmsg'];
- $this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br>\r\n";
+ }
}
}
break;
case 'NOTEMPTY':
if(empty($field_value)) {
$errmsg = $validator['errmsg'];
- $this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br>\r\n";
+ }
}
break;
case 'ISEMAIL':
if(!preg_match("/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i", $field_value)) {
$errmsg = $validator['errmsg'];
- $this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br>\r\n";
+ }
}
break;
case 'ISINT':
$tmpval = intval($field_value);
if($tmpval === 0 and !empty($field_value)) {
$errmsg = $validator['errmsg'];
- $this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br>\r\n";
+ }
}
break;
case 'ISPOSITIVE':
if(!is_numeric($field_value) || $field_value <= 0){
$errmsg = $validator['errmsg'];
- $this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
+ if(isset($this->wordbook[$errmsg])) {
+ $this->errorMessage .= $this->wordbook[$errmsg]."<br>\r\n";
+ } else {
+ $this->errorMessage .= $errmsg."<br>\r\n";
+ }
}
break;
case 'CUSTOM':
@@ -584,11 +612,14 @@
$validator_class = $validator['class'];
$validator_function = $validator['function'];
$app->uses($validator_class);
- $this->errorMessage .= $app->$validator_class->$validator_function($validator);
+ $this->errorMessage .= $app->$validator_class->$validator_function($field_name, $field_value, $validator);
} else {
$this->errorMessage .= "Custom validator class or function is empty<br>\r\n";
}
break;
+ default:
+ $this->errorMessage .= "Unknown Validator: ".$validator['type'];
+ break;
}
@@ -613,11 +644,11 @@
if(count($this->formDef['tabs'][$tab]['fields']) == 0) return '';
// checking permissions
- if($this->formDef['auth'] == 'yes') {
+ if($this->formDef['auth'] == 'yes' && $_SESSION["s"]["user"]["typ"] != 'admin') {
if($action == "INSERT") {
if(!$this->checkPerm($primary_id,'i')) $this->errorMessage .= "Insert denied.<br>\r\n";
} else {
- if(!$this->checkPerm($primary_id,'u')) $this->errorMessage .= "Insert denied.<br>\r\n";
+ if(!$this->checkPerm($primary_id,'u')) $this->errorMessage .= "Update denied.<br>\r\n";
}
}
@@ -642,10 +673,18 @@
if($field['formtype'] == 'PASSWORD') {
$sql_insert_key .= "`$key`, ";
if($field['encryption'] == 'CRYPT') {
- $sql_insert_val .= "'".crypt($record[$key])."', ";
+ // $sql_insert_val .= "encrypt('".$record[$key]."'), ";
+ $sql_insert_val .= "'".crypt($record[$key],substr(md5(time()),0,2))."', ";
} else {
$sql_insert_val .= "md5('".$record[$key]."'), ";
}
+ } elseif ($field['formtype'] == 'CHECKBOX') {
+ $sql_insert_key .= "`$key`, ";
+ if($record[$key] == '') {
+ $sql_insert_val .= "'".$field['value'][0]."', ";
+ } else {
+ $sql_insert_val .= "'".$record[$key]."', ";
+ }
} else {
$sql_insert_key .= "`$key`, ";
$sql_insert_val .= "'".$record[$key]."', ";
@@ -653,10 +692,17 @@
} else {
if($field['formtype'] == 'PASSWORD') {
if($field['encryption'] == 'CRYPT') {
- $sql_update .= "`$key` = '".crypt($record[$key])."', ";
+ // $sql_update .= "`$key` = encrypt('".$record[$key]."'), ";
+ $sql_update .= "`$key` = '".crypt($record[$key],substr(md5(time()),0,2))."', ";
} else {
$sql_update .= "`$key` = md5('".$record[$key]."'), ";
}
+ } elseif ($field['formtype'] == 'CHECKBOX') {
+ if($record[$key] == '') {
+ $sql_update .= "`$key` = '".$field['value'][0]."', ";
+ } else {
+ $sql_update .= "`$key` = '".$record[$key]."', ";
+ }
} else {
$sql_update .= "`$key` = '".$record[$key]."', ";
}
@@ -703,7 +749,6 @@
// Daten in History tabelle speichern
if($this->errorMessage == '' and $this->formDef['db_history'] == 'yes') $this->datalogSave($action,$primary_id,$record);
-
return $sql;
}
@@ -808,6 +853,9 @@
// Insert the server_id, if the record has a server_id
$server_id = ($record_old["server_id"] > 0)?$record_old["server_id"]:0;
+ if(isset($record_new["server_id"])) $server_id = $record_new["server_id"];
+
+ $this->diffrec = $diffrec;
if(count($diffrec) > 0) {
@@ -820,7 +868,7 @@
$dbidx = $this->formDef['db_table_idx'].":".$primary_id;
$action = ($action == 'INSERT')?'i':'u';
$sql = "INSERT INTO sys_datalog (dbtable,dbidx,server_id,action,tstamp,user,data) VALUES ('".$this->formDef['db_table']."','$dbidx','$server_id','$action','".time()."','$username','$diffstr')";
- $app->db->query($sql);
+ $app->db->query($sql);
}
return true;
@@ -828,14 +876,17 @@
}
function getAuthSQL($perm) {
+ if($_SESSION["s"]["user"]["typ"] == 'admin') {
+ return '1';
+ } else {
+ $sql = '(';
+ $sql .= "(sys_userid = ".$_SESSION["s"]["user"]["userid"]." AND sys_perm_user like '%$perm%') OR ";
+ $sql .= "(sys_groupid IN (".$_SESSION["s"]["user"]["groups"].") AND sys_perm_group like '%$perm%') OR ";
+ $sql .= "sys_perm_other like '%$perm%'";
+ $sql .= ')';
- $sql = '(';
- $sql .= "(sys_userid = ".$_SESSION["s"]["user"]["userid"]." AND sys_perm_user like '%$perm%') OR ";
- $sql .= "(sys_groupid IN (".$_SESSION["s"]["user"]["groups"].") AND sys_perm_group like '%$perm%') OR ";
- $sql .= "sys_perm_other like '%$perm%'";
- $sql .= ')';
-
- return $sql;
+ return $sql;
+ }
}
/*
--
Gitblit v1.9.1