From ebd0e986ed11f2a34fb58cdd33efbfab192083ad Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Fri, 22 Apr 2016 05:26:17 -0400
Subject: [PATCH] Added PHP 7 check in installer and updater.
---
interface/web/sites/web_domain_edit.php | 147 ++++++++++++++++++++++++++++++++++++------------
1 files changed, 110 insertions(+), 37 deletions(-)
diff --git a/interface/web/sites/web_domain_edit.php b/interface/web/sites/web_domain_edit.php
index ccb356c..f2fbf72 100644
--- a/interface/web/sites/web_domain_edit.php
+++ b/interface/web/sites/web_domain_edit.php
@@ -107,10 +107,11 @@
$app->tpl->setVar("server_id", "<option value='$client[default_webserver]'>$tmp[server_name]</option>");
unset($tmp);
- //* Fill the IPv4 select field with the IP addresses that are allowed for this client
- $sql = "SELECT ip_address FROM server_ip WHERE server_id = ".$app->functions->intval($client['default_webserver'])." AND ip_type = 'IPv4' AND (client_id = 0 OR client_id=".$app->functions->intval($_SESSION['s']['user']['client_id']).")";
+ //* Fill the IPv4 select field with the IP addresses that are allowed for this client; if website was created on a different server (e.g. by admin), display IP addresses from that server - otherwise IP will be changed to * if user changes the tab
+ $sql = "SELECT ip_address FROM server_ip WHERE server_id = ".($app->functions->intval($this->dataRecord["server_id"]) > 0 && $app->functions->intval($this->dataRecord["server_id"]) != $app->functions->intval($client['default_webserver'])? $app->functions->intval($this->dataRecord["server_id"]) : $app->functions->intval($client['default_webserver']))." AND ip_type = 'IPv4' AND (client_id = 0 OR client_id=".$app->functions->intval($_SESSION['s']['user']['client_id']).")";
$ips = $app->db->queryAllRecords($sql);
$ip_select = ($web_config['enable_ip_wildcard'] == 'y')?"<option value='*'>*</option>":"";
+ //if(!in_array($this->dataRecord["ip_address"], $ips)) $ip_select .= "<option value='".$this->dataRecord["ip_address"]."' SELECTED>".$this->dataRecord["ip_address"]."</option>\r\n";
//$ip_select = "";
if(is_array($ips)) {
foreach( $ips as $ip) {
@@ -122,8 +123,8 @@
unset($tmp);
unset($ips);
- //* Fill the IPv6 select field with the IP addresses that are allowed for this client
- $sql = "SELECT ip_address FROM server_ip WHERE server_id = ".$app->functions->intval($client['default_webserver'])." AND ip_type = 'IPv6' AND (client_id = 0 OR client_id=".$app->functions->intval($_SESSION['s']['user']['client_id']).")";
+ //* Fill the IPv6 select field with the IP addresses that are allowed for this client; if website was created on a different server (e.g. by admin), display IP addresses from that server
+ $sql = "SELECT ip_address FROM server_ip WHERE server_id = ".($app->functions->intval($this->dataRecord["server_id"]) > 0 && $app->functions->intval($this->dataRecord["server_id"]) != $app->functions->intval($client['default_webserver'])? $app->functions->intval($this->dataRecord["server_id"]) : $app->functions->intval($client['default_webserver']))." AND ip_type = 'IPv6' AND (client_id = 0 OR client_id=".$app->functions->intval($_SESSION['s']['user']['client_id']).")";
$ips = $app->db->queryAllRecords($sql);
$ip_select = "<option value=''></option>";
//$ip_select = "";
@@ -182,7 +183,7 @@
unset($tmp);
// Fill the client select field
- $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id']." ORDER BY sys_group.name";
+ $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id']." ORDER BY client.company_name, client.contact_name, sys_group.name";
$records = $app->db->queryAllRecords($sql);
$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$app->functions->intval($client['client_id']));
$client_select = '<option value="'.$tmp['groupid'].'">'.$client['contactname'].'</option>';
@@ -198,10 +199,11 @@
}
$app->tpl->setVar("client_group_id", $client_select);
- //* Fill the IPv4 select field with the IP addresses that are allowed for this client
- $sql = "SELECT ip_address FROM server_ip WHERE server_id = ".$app->functions->intval($client['default_webserver'])." AND ip_type = 'IPv4' AND (client_id = 0 OR client_id=".$app->functions->intval($_SESSION['s']['user']['client_id']).")";
+ //* Fill the IPv4 select field with the IP addresses that are allowed for this client; if website was created on a different server (e.g. by admin), display IP addresses from that server - otherwise IP will be changed to * if user changes the tab
+ $sql = "SELECT ip_address FROM server_ip WHERE server_id = ".($app->functions->intval($this->dataRecord["server_id"]) > 0 && $app->functions->intval($this->dataRecord["server_id"]) != $app->functions->intval($client['default_webserver'])? $app->functions->intval($this->dataRecord["server_id"]) : $app->functions->intval($client['default_webserver']))." AND ip_type = 'IPv4' AND (client_id = 0 OR client_id=".$app->functions->intval($_SESSION['s']['user']['client_id']).")";
$ips = $app->db->queryAllRecords($sql);
$ip_select = ($web_config['enable_ip_wildcard'] == 'y')?"<option value='*'>*</option>":"";
+ //if(!in_array($this->dataRecord["ip_address"], $ips)) $ip_select .= "<option value='".$this->dataRecord["ip_address"]."' SELECTED>".$this->dataRecord["ip_address"]."</option>\r\n";
//$ip_select = "";
if(is_array($ips)) {
foreach( $ips as $ip) {
@@ -213,8 +215,8 @@
unset($tmp);
unset($ips);
- //* Fill the IPv6 select field with the IP addresses that are allowed for this client
- $sql = "SELECT ip_address FROM server_ip WHERE server_id = ".$app->functions->intval($client['default_webserver'])." AND ip_type = 'IPv6' AND (client_id = 0 OR client_id=".$app->functions->intval($_SESSION['s']['user']['client_id']).")";
+ //* Fill the IPv6 select field with the IP addresses that are allowed for this client; if website was created on a different server (e.g. by admin), display IP addresses from that server
+ $sql = "SELECT ip_address FROM server_ip WHERE server_id = ".($app->functions->intval($this->dataRecord["server_id"]) > 0 && $app->functions->intval($this->dataRecord["server_id"]) != $app->functions->intval($client['default_webserver'])? $app->functions->intval($this->dataRecord["server_id"]) : $app->functions->intval($client['default_webserver']))." AND ip_type = 'IPv6' AND (client_id = 0 OR client_id=".$app->functions->intval($_SESSION['s']['user']['client_id']).")";
$ips = $app->db->queryAllRecords($sql);
$ip_select = "<option value=''></option>";
//$ip_select = "";
@@ -311,7 +313,7 @@
unset($ips);
// Fill the client select field
- $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 ORDER BY sys_group.name";
+ $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 ORDER BY client.company_name, client.contact_name, sys_group.name";
$clients = $app->db->queryAllRecords($sql);
$client_select = "<option value='0'></option>";
//$tmp_data_record = $app->tform->getDataRecord($this->id);
@@ -404,8 +406,15 @@
}
$ssl_domain_select = '';
- $tmp = $app->db->queryOneRecord("SELECT domain FROM web_domain WHERE domain_id = ".$this->id);
- $ssl_domains = array($tmp["domain"], 'www.'.$tmp["domain"], '*.'.$tmp["domain"]);
+ $ssl_domains = array();
+ $tmpd = $app->db->queryAllRecords("SELECT domain, type FROM web_domain WHERE domain_id = ".$this->id." OR parent_domain_id = ".$this->id);
+ foreach($tmpd as $tmp) {
+ if($tmp['type'] == 'subdomain' || $tmp['type'] == 'vhostsubdomain') {
+ $ssl_domains[] = $tmp["domain"];
+ } else {
+ $ssl_domains = array_merge($ssl_domains, array($tmp["domain"],'www.'.$tmp["domain"],'*.'.$tmp["domain"]));
+ }
+ }
if(is_array($ssl_domains)) {
foreach( $ssl_domains as $ssl_domain) {
$selected = ($ssl_domain == $this->dataRecord['ssl_domain'])?'SELECTED':'';
@@ -516,21 +525,21 @@
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT limit_traffic_quota, limit_web_domain, default_webserver, parent_client_id, limit_web_quota, client." . implode(", client.", $read_limits) . " FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
- if($client['limit_cgi'] != 'y') $this->dataRecord['cgi'] = '-';
- if($client['limit_ssi'] != 'y') $this->dataRecord['ssi'] = '-';
- if($client['limit_perl'] != 'y') $this->dataRecord['perl'] = '-';
- if($client['limit_ruby'] != 'y') $this->dataRecord['ruby'] = '-';
- if($client['limit_python'] != 'y') $this->dataRecord['python'] = '-';
+ if($client['limit_cgi'] != 'y') $this->dataRecord['cgi'] = 'n';
+ if($client['limit_ssi'] != 'y') $this->dataRecord['ssi'] = 'n';
+ if($client['limit_perl'] != 'y') $this->dataRecord['perl'] = 'n';
+ if($client['limit_ruby'] != 'y') $this->dataRecord['ruby'] = 'n';
+ if($client['limit_python'] != 'y') $this->dataRecord['python'] = 'n';
if($client['force_suexec'] == 'y') $this->dataRecord['suexec'] = 'y';
- if($client['limit_hterror'] != 'y') $this->dataRecord['errordocs'] = '-';
- if($client['limit_wildcard'] != 'y' && $this->dataRecord['subdomain'] == '*') $this->dataRecord['subdomain'] = '-';
- if($client['limit_ssl'] != 'y') $this->dataRecord['ssl'] = '-';
+ if($client['limit_hterror'] != 'y') $this->dataRecord['errordocs'] = 'n';
+ if($client['limit_wildcard'] != 'y' && $this->dataRecord['subdomain'] == '*') $this->dataRecord['subdomain'] = 'n';
+ if($client['limit_ssl'] != 'y') $this->dataRecord['ssl'] = 'n';
// only generate quota and traffic warnings if value has changed
if($this->id > 0) {
$old_web_values = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($this->id));
} else {
- $old_web_values = $_POST;
+ $old_web_values = array();
}
//* Check the website quota of the client
@@ -605,19 +614,21 @@
// When the record is updated
if($this->id > 0) {
// restore the server ID if the user is not admin and record is edited
- $tmp = $app->db->queryOneRecord("SELECT server_id, `cgi`, `ssi`, `perl`, `ruby`, `python`, `suexec`, `errordocs`, `subdomain`, `ssl` FROM web_domain WHERE domain_id = ".$app->functions->intval($this->id));
+ $tmp = $app->db->queryOneRecord("SELECT server_id, `system_user`, `system_group`, `cgi`, `ssi`, `perl`, `ruby`, `python`, `suexec`, `errordocs`, `subdomain`, `ssl` FROM web_domain WHERE domain_id = ".$app->functions->intval($this->id));
$this->dataRecord["server_id"] = $tmp["server_id"];
+ $this->dataRecord['system_user'] = $tmp['system_user'];
+ $this->dataRecord['system_group'] = $tmp['system_group'];
// set the settings to current if not provided (or cleared due to limits)
- if($this->dataRecord['cgi'] == '-') $this->dataRecord['cgi'] = $tmp['cgi'];
- if($this->dataRecord['ssi'] == '-') $this->dataRecord['ssi'] = $tmp['ssi'];
- if($this->dataRecord['perl'] == '-') $this->dataRecord['perl'] = $tmp['perl'];
- if($this->dataRecord['ruby'] == '-') $this->dataRecord['ruby'] = $tmp['ruby'];
- if($this->dataRecord['python'] == '-') $this->dataRecord['python'] = $tmp['python'];
- if($this->dataRecord['suexec'] == '-') $this->dataRecord['suexec'] = $tmp['suexec'];
- if($this->dataRecord['errordocs'] == '-') $this->dataRecord['errordocs'] = $tmp['errordocs'];
- if($this->dataRecord['subdomain'] == '-') $this->dataRecord['subdomain'] = $tmp['subdomain'];
- if($this->dataRecord['ssl'] == '-') $this->dataRecord['ssl'] = $tmp['ssl'];
+ if($this->dataRecord['cgi'] == 'n') $this->dataRecord['cgi'] = $tmp['cgi'];
+ if($this->dataRecord['ssi'] == 'n') $this->dataRecord['ssi'] = $tmp['ssi'];
+ if($this->dataRecord['perl'] == 'n') $this->dataRecord['perl'] = $tmp['perl'];
+ if($this->dataRecord['ruby'] == 'n') $this->dataRecord['ruby'] = $tmp['ruby'];
+ if($this->dataRecord['python'] == 'n') $this->dataRecord['python'] = $tmp['python'];
+ if($this->dataRecord['suexec'] == 'n') $this->dataRecord['suexec'] = $tmp['suexec'];
+ if($this->dataRecord['errordocs'] == 'n') $this->dataRecord['errordocs'] = $tmp['errordocs'];
+ if($this->dataRecord['subdomain'] == 'n') $this->dataRecord['subdomain'] = $tmp['subdomain'];
+ if($this->dataRecord['ssl'] == 'n') $this->dataRecord['ssl'] = $tmp['ssl'];
unset($tmp);
// When the record is inserted
@@ -689,6 +700,9 @@
if(trim($rewrite_rule_line) == '') continue;
// rewrite
if(preg_match('@^\s*rewrite\s+(^/)?\S+(\$)?\s+\S+(\s+(last|break|redirect|permanent|))?\s*;\s*$@', $rewrite_rule_line)) continue;
+ if(preg_match('@^\s*rewrite\s+(^/)?(\'[^\']+\'|"[^"]+")+(\$)?\s+(\'[^\']+\'|"[^"]+")+(\s+(last|break|redirect|permanent|))?\s*;\s*$@', $rewrite_rule_line)) continue;
+ if(preg_match('@^\s*rewrite\s+(^/)?(\'[^\']+\'|"[^"]+")+(\$)?\s+\S+(\s+(last|break|redirect|permanent|))?\s*;\s*$@', $rewrite_rule_line)) continue;
+ if(preg_match('@^\s*rewrite\s+(^/)?\S+(\$)?\s+(\'[^\']+\'|"[^"]+")+(\s+(last|break|redirect|permanent|))?\s*;\s*$@', $rewrite_rule_line)) continue;
// if
if(preg_match('@^\s*if\s+\(\s*\$\S+(\s+(\!?(=|~|~\*))\s+(\S+|\".+\"))?\s*\)\s*\{\s*$@', $rewrite_rule_line)){
$if_level += 1;
@@ -724,6 +738,62 @@
$app->tform->errorMessage .= $app->tform->lng("invalid_rewrite_rules_txt").'<br>';
}
}
+
+ // check custom php.ini settings
+ if(isset($this->dataRecord['custom_php_ini']) && trim($this->dataRecord['custom_php_ini']) != '') {
+ $custom_php_ini_settings = trim($this->dataRecord['custom_php_ini']);
+ $custom_php_ini_settings_are_valid = true;
+ // Make sure we only have Unix linebreaks
+ $custom_php_ini_settings = str_replace("\r\n", "\n", $custom_php_ini_settings);
+ $custom_php_ini_settings = str_replace("\r", "\n", $custom_php_ini_settings);
+ $custom_php_ini_settings_lines = explode("\n", $custom_php_ini_settings);
+ if(is_array($custom_php_ini_settings_lines) && !empty($custom_php_ini_settings_lines)){
+ foreach($custom_php_ini_settings_lines as $custom_php_ini_settings_line){
+ if(trim($custom_php_ini_settings_line) == '') continue;
+ if(substr(trim($custom_php_ini_settings_line),0,1) == ';') continue;
+ // empty value
+ if(preg_match('@^\s*;*\s*[a-zA-Z0-9._]*\s*=\s*;*\s*$@', $custom_php_ini_settings_line)) continue;
+ // value inside ""
+ if(preg_match('@^\s*;*\s*[a-zA-Z0-9._]*\s*=\s*".*"\s*;*\s*$@', $custom_php_ini_settings_line)) continue;
+ // value inside ''
+ if(preg_match('@^\s*;*\s*[a-zA-Z0-9._]*\s*=\s*\'.*\'\s*;*\s*$@', $custom_php_ini_settings_line)) continue;
+ // everything else
+ if(preg_match('@^\s*;*\s*[a-zA-Z0-9._]*\s*=\s*[-a-zA-Z0-9~&=_\@/,.#\s|()]*\s*;*\s*$@', $custom_php_ini_settings_line)) continue;
+ $custom_php_ini_settings_are_valid = false;
+ break;
+ }
+ }
+ if(!$custom_php_ini_settings_are_valid){
+ $app->tform->errorMessage .= $app->tform->lng("invalid_custom_php_ini_settings_txt").'<br>';
+ }
+ }
+
+ // Check custom PHP version
+ if(isset($this->dataRecord['fastcgi_php_version']) && $this->dataRecord['fastcgi_php_version'] != '') {
+ // Check php-fpm mode
+ if($this->dataRecord['php'] == 'php-fpm'){
+ $tmp = $app->db->queryOneRecord("SELECT * FROM server_php WHERE CONCAT(name,':',php_fpm_init_script,':',php_fpm_ini_dir,':',php_fpm_pool_dir) = '".$app->db->quote($this->dataRecord['fastcgi_php_version'])."'");
+ if(is_array($tmp)) {
+ $this->dataRecord['fastcgi_php_version'] = $tmp['name'].':'.$tmp['php_fpm_init_script'].':'.$tmp['php_fpm_ini_dir'].':'.$tmp['php_fpm_pool_dir'];
+ } else {
+ $this->dataRecord['fastcgi_php_version'] = '';
+ }
+ unset($tmp);
+ // Check fast-cgi mode
+ } elseif($this->dataRecord['php'] == 'fast-cgi') {
+ $tmp = $app->db->queryOneRecord("SELECT * FROM server_php WHERE CONCAT(name,':',php_fastcgi_binary,':',php_fastcgi_ini_dir) = '".$app->db->quote($this->dataRecord['fastcgi_php_version'])."'");
+ if(is_array($tmp)) {
+ $this->dataRecord['fastcgi_php_version'] = $tmp['name'].':'.$tmp['php_fastcgi_binary'].':'.$tmp['php_fastcgi_ini_dir'];
+ } else {
+ $this->dataRecord['fastcgi_php_version'] = '';
+ }
+ unset($tmp);
+ } else {
+ // Other PHP modes do not have custom versions, so we force the value to be empty
+ $this->dataRecord['fastcgi_php_version'] = '';
+ }
+ }
+
parent::onSubmit();
}
@@ -869,6 +939,9 @@
$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".$app->functions->intval($client_group_id));
$client_id = $app->functions->intval($client["client_id"]);
}
+
+ $tmp = $app->db->queryOneRecord("SELECT userid FROM sys_user WHERE default_group = $client_group_id");
+ $client_user_id = $app->functions->intval(($tmp['userid'] > 0)?$tmp['userid']:1);
if(($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) && isset($this->dataRecord["client_group_id"]) && $this->dataRecord["client_group_id"] != $this->oldDataRecord["sys_groupid"]) {
// Set the values for document_root, system_user and system_group
@@ -881,14 +954,14 @@
$document_root = str_replace("[client_idhash_4]", $this->id_hash($client_id, 4), $document_root);
$document_root = $app->db->quote($document_root);
- $sql = "UPDATE web_domain SET system_user = '$system_user', system_group = '$system_group', document_root = '$document_root' WHERE domain_id = ".$this->id;
+ $sql = "UPDATE web_domain SET sys_userid = '$client_user_id' ,system_user = '$system_user', system_group = '$system_group', document_root = '$document_root' WHERE domain_id = ".$this->id;
//$sql = "UPDATE web_domain SET system_user = '$system_user', system_group = '$system_group' WHERE domain_id = ".$this->id;
$app->db->query($sql);
// Update the FTP user(s) too
$records = $app->db->queryAllRecords("SELECT ftp_user_id FROM ftp_user WHERE parent_domain_id = ".$this->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('ftp_user', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."', uid = '$system_user', gid = '$system_group', dir = '$document_root'", 'ftp_user_id', $app->functions->intval($rec['ftp_user_id']));
+ $app->db->datalogUpdate('ftp_user', "sys_userid = '".$app->functions->intval($client_user_id)."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."', uid = '$system_user', gid = '$system_group', dir = '$document_root'", 'ftp_user_id', $app->functions->intval($rec['ftp_user_id']));
}
unset($records);
unset($rec);
@@ -896,7 +969,7 @@
// Update the Shell user(s) too
$records = $app->db->queryAllRecords("SELECT shell_user_id FROM shell_user WHERE parent_domain_id = ".$this->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('shell_user', "sys_userid = '".$web_rec['sys_userid']."', sys_groupid = '".$web_rec['sys_groupid']."', puser = '$system_user', pgroup = '$system_group', dir = '$document_root'", 'shell_user_id', $app->functions->intval($rec['shell_user_id']));
+ $app->db->datalogUpdate('shell_user', "sys_userid = '".$client_user_id."', sys_groupid = '".$web_rec['sys_groupid']."', puser = '$system_user', pgroup = '$system_group', dir = '$document_root'", 'shell_user_id', $app->functions->intval($rec['shell_user_id']));
}
unset($records);
unset($rec);
@@ -904,7 +977,7 @@
//* Update all subdomains and alias domains
$records = $app->db->queryAllRecords("SELECT domain_id, `domain`, `type`, `web_folder` FROM web_domain WHERE parent_domain_id = ".$this->id);
foreach($records as $rec) {
- $update_columns = "sys_userid = '".$web_rec['sys_userid']."', sys_groupid = '".$web_rec['sys_groupid']."'";
+ $update_columns = "sys_userid = '".$client_user_id."', sys_groupid = '".$web_rec['sys_groupid']."'";
if($rec['type'] == 'vhostsubdomain') {
$php_open_basedir = str_replace("[website_path]/web", $document_root.'/'.$rec['web_folder'], $web_config["php_open_basedir"]);
$php_open_basedir = str_replace("[website_domain]/web", $rec['domain'].'/'.$rec['web_folder'], $php_open_basedir);
@@ -921,7 +994,7 @@
//* Update all databases
$records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE parent_domain_id = ".$this->id);
foreach($records as $rec) {
- $app->db->datalogUpdate('web_database', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."'", 'database_id', $app->functions->intval($rec['database_id']));
+ $app->db->datalogUpdate('web_database', "sys_userid = '".$app->functions->intval($client_user_id)."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."'", 'database_id', $app->functions->intval($rec['database_id']));
}
unset($records);
unset($rec);
@@ -978,7 +1051,7 @@
//* Change database backup options when web backup options have been changed
if(isset($this->dataRecord['backup_interval']) && ($this->dataRecord['backup_interval'] != $this->oldDataRecord['backup_interval'] || $this->dataRecord['backup_copies'] != $this->oldDataRecord['backup_copies'])) {
//* Update all databases
- $backup_interval = $app->functions->intval($this->dataRecord['backup_interval']);
+ $backup_interval = $app->db->quote($this->dataRecord['backup_interval']);
$backup_copies = $app->functions->intval($this->dataRecord['backup_copies']);
$records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE parent_domain_id = ".$this->id);
foreach($records as $rec) {
--
Gitblit v1.9.1