From f7ec00b2f8ba3efc5bdeacef9c813f8a826ae3be Mon Sep 17 00:00:00 2001
From: Patrick Anders <p.anders@timmehosting.de>
Date: Wed, 10 Dec 2014 08:44:26 -0500
Subject: [PATCH] add Spdy option - http://en.wikipedia.org/wiki/SPDY
---
interface/web/sites/ftp_user_edit.php | 35 ++++++++++++++++++++++-------------
1 files changed, 22 insertions(+), 13 deletions(-)
diff --git a/interface/web/sites/ftp_user_edit.php b/interface/web/sites/ftp_user_edit.php
index 4f71118..bdbf3c2 100644
--- a/interface/web/sites/ftp_user_edit.php
+++ b/interface/web/sites/ftp_user_edit.php
@@ -82,7 +82,11 @@
$app->tpl->setVar("username", $app->tools_sites->removePrefix($this->dataRecord['username'], $this->dataRecord['username_prefix'], $ftpuser_prefix));
}
- $app->tpl->setVar("username_prefix", $app->tools_sites->getPrefix($this->dataRecord['username_prefix'], $ftpuser_prefix, $global_config['ftpuser_prefix']));
+ if($this->dataRecord['username'] == "") {
+ $app->tpl->setVar("username_prefix", $ftpuser_prefix);
+ } else {
+ $app->tpl->setVar("username_prefix", $app->tools_sites->getPrefix($this->dataRecord['username_prefix'], $ftpuser_prefix, $global_config['ftpuser_prefix']));
+ }
parent::onShowEnd();
}
@@ -134,13 +138,18 @@
global $app, $conf;
$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($this->dataRecord["parent_domain_id"]));
- $server_id = $web["server_id"];
- $dir = $web["document_root"];
- $uid = $web["system_user"];
- $gid = $web["system_group"];
+ $server_id = $app->functions->intval($web["server_id"]);
+ $dir = $app->db->quote($web["document_root"]);
+ $uid = $app->db->quote($web["system_user"]);
+ $gid = $app->db->quote($web["system_group"]);
+
+ // Check system user and group
+ if($app->functions->is_allowed_user($uid) == false || $app->functions->is_allowed_group($gid) == false) {
+ $app->error('Invalid system user or group');
+ }
// The FTP user shall be owned by the same group then the website
- $sys_groupid = $web['sys_groupid'];
+ $sys_groupid = $app->functions->intval($web['sys_groupid']);
$sql = "UPDATE ftp_user SET server_id = $server_id, dir = '$dir', uid = '$uid', gid = '$gid', sys_groupid = '$sys_groupid' WHERE ftp_user_id = ".$this->id;
$app->db->query($sql);
@@ -148,7 +157,7 @@
function onBeforeUpdate() {
global $app, $conf, $interfaceConf;
-
+
/*
* If the names should be restricted -> do it!
*/
@@ -173,13 +182,13 @@
//* When the site of the FTP user has been changed
if(isset($this->dataRecord['parent_domain_id']) && $this->oldDataRecord['parent_domain_id'] != $this->dataRecord['parent_domain_id']) {
$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($this->dataRecord["parent_domain_id"]));
- $server_id = $web["server_id"];
- $dir = $web["document_root"];
- $uid = $web["system_user"];
- $gid = $web["system_group"];
+ $server_id = $app->functions->intval($web["server_id"]);
+ $dir = $app->db->quote($web["document_root"]);
+ $uid = $app->db->quote($web["system_user"]);
+ $gid = $app->db->quote($web["system_group"]);
// The FTP user shall be owned by the same group then the website
- $sys_groupid = $web['sys_groupid'];
+ $sys_groupid = $app->functions->intval($web['sys_groupid']);
$sql = "UPDATE ftp_user SET server_id = $server_id, dir = '$dir', uid = '$uid', gid = '$gid', sys_groupid = '$sys_groupid' WHERE ftp_user_id = ".$this->id;
$app->db->query($sql);
@@ -194,7 +203,7 @@
if($error_message != '') {
$ftp_data = $app->db->queryOneRecord("SELECT parent_domain_id FROM ftp_user WHERE ftp_user_id = '".$app->db->quote($app->tform->primary_id)."'");
$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($ftp_data["parent_domain_id"]));
- $dir = $web["document_root"];
+ $dir = $app->db->quote($web["document_root"]);
$sql = "UPDATE ftp_user SET dir = '$dir' WHERE ftp_user_id = ".$this->id;
$app->db->query($sql);
$app->log("Error in FTP path settings of FTP user ".$this->dataRecord['username'], 1);
--
Gitblit v1.9.1