From daff5cb75bce6d6b0cbed092c3b807bb04fade9b Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Thu, 31 May 2007 11:15:12 -0400
Subject: [PATCH] diverse updates.
---
interface/lib/classes/tform.inc.php | 35 ++++++++++++++++++++++-------------
1 files changed, 22 insertions(+), 13 deletions(-)
diff --git a/interface/lib/classes/tform.inc.php b/interface/lib/classes/tform.inc.php
index fc48d62..bdcbaed 100644
--- a/interface/lib/classes/tform.inc.php
+++ b/interface/lib/classes/tform.inc.php
@@ -104,10 +104,11 @@
var $errorMessage = '';
var $dateformat = "d.m.Y";
- var $formDef;
+ var $formDef;
var $wordbook;
var $module;
var $primary_id;
+ var $diffrec = array();
/**
* Laden der Tabellendefinition
@@ -611,7 +612,7 @@
$validator_class = $validator['class'];
$validator_function = $validator['function'];
$app->uses($validator_class);
- $this->errorMessage .= $app->$validator_class->$validator_function($validator);
+ $this->errorMessage .= $app->$validator_class->$validator_function($field_name, $field_value, $validator);
} else {
$this->errorMessage .= "Custom validator class or function is empty<br>\r\n";
}
@@ -643,11 +644,11 @@
if(count($this->formDef['tabs'][$tab]['fields']) == 0) return '';
// checking permissions
- if($this->formDef['auth'] == 'yes') {
+ if($this->formDef['auth'] == 'yes' && $_SESSION["s"]["user"]["typ"] != 'admin') {
if($action == "INSERT") {
if(!$this->checkPerm($primary_id,'i')) $this->errorMessage .= "Insert denied.<br>\r\n";
} else {
- if(!$this->checkPerm($primary_id,'u')) $this->errorMessage .= "Insert denied.<br>\r\n";
+ if(!$this->checkPerm($primary_id,'u')) $this->errorMessage .= "Update denied.<br>\r\n";
}
}
@@ -672,7 +673,8 @@
if($field['formtype'] == 'PASSWORD') {
$sql_insert_key .= "`$key`, ";
if($field['encryption'] == 'CRYPT') {
- $sql_insert_val .= "encrypt('".$record[$key]."'), ";
+ // $sql_insert_val .= "encrypt('".$record[$key]."'), ";
+ $sql_insert_val .= "'".crypt($record[$key],substr(md5(time()),0,2))."', ";
} else {
$sql_insert_val .= "md5('".$record[$key]."'), ";
}
@@ -690,7 +692,8 @@
} else {
if($field['formtype'] == 'PASSWORD') {
if($field['encryption'] == 'CRYPT') {
- $sql_update .= "`$key` = encrypt('".$record[$key]."'), ";
+ // $sql_update .= "`$key` = encrypt('".$record[$key]."'), ";
+ $sql_update .= "`$key` = '".crypt($record[$key],substr(md5(time()),0,2))."', ";
} else {
$sql_update .= "`$key` = md5('".$record[$key]."'), ";
}
@@ -850,6 +853,9 @@
// Insert the server_id, if the record has a server_id
$server_id = ($record_old["server_id"] > 0)?$record_old["server_id"]:0;
+ if(isset($record_new["server_id"])) $server_id = $record_new["server_id"];
+
+ $this->diffrec = $diffrec;
if(count($diffrec) > 0) {
@@ -870,14 +876,17 @@
}
function getAuthSQL($perm) {
+ if($_SESSION["s"]["user"]["typ"] == 'admin') {
+ return '1';
+ } else {
+ $sql = '(';
+ $sql .= "(sys_userid = ".$_SESSION["s"]["user"]["userid"]." AND sys_perm_user like '%$perm%') OR ";
+ $sql .= "(sys_groupid IN (".$_SESSION["s"]["user"]["groups"].") AND sys_perm_group like '%$perm%') OR ";
+ $sql .= "sys_perm_other like '%$perm%'";
+ $sql .= ')';
- $sql = '(';
- $sql .= "(sys_userid = ".$_SESSION["s"]["user"]["userid"]." AND sys_perm_user like '%$perm%') OR ";
- $sql .= "(sys_groupid IN (".$_SESSION["s"]["user"]["groups"].") AND sys_perm_group like '%$perm%') OR ";
- $sql .= "sys_perm_other like '%$perm%'";
- $sql .= ')';
-
- return $sql;
+ return $sql;
+ }
}
/*
--
Gitblit v1.9.1