gitlabFork/ISPConfig3.git - Solinfo Gitblit

			@@ -54,14 +54,14 @@
			* SEPARATOR
			* - separator char used for fileds with multiple values
			*
			* Hint: The auto increment (ID) filed of the table has not be be definied eoarately.
			* Hint: The auto increment (ID) filed of the table has not be be definied separately.
			*
			*/

			class tform {

			/**
			* Table definition (array)
			* Definition of the database table (array)
			* @var tableDef
			*/
			var $tableDef;
			@@ -79,25 +79,25 @@
			var $table_name;

			/**
			* Enable debigging
			* Debug Variable
			* @var debug
			*/
			var $debug = 0;

			/**
			* name of the primary field of the datbase table (string)
			* name of the primary field of the database table (string)
			* @var table_index
			*/
			var $table_index;

			/**
			* contains the error message
			* contains the error messages
			* @var errorMessage
			*/
			var $errorMessage = '';

			var $dateformat = "d.m.Y";
			var $formDef;
			var $formDef = array();
			var $wordbook;
			var $module;
			var $primary_id;
			@@ -124,7 +124,7 @@
			function loadFormDef($file,$module = '') {
			global $app,$conf;

			include_once($file);
			include($file);
			$this->formDef = $form;

			$this->module = $module;
			@@ -143,13 +143,15 @@
			if(!file_exists($lng_file)) $lng_file = "../$module/lib/lang/en_".$this->formDef["name"].".lng";
			include($lng_file);
			}


			if(is_array($wb_global)) {
			$wb = array_merge($wb_global,$wb);
			$wb = $app->functions->array_merge($wb_global,$wb);
			}
			if(isset($wb_global)) unset($wb_global);

			$this->wordbook = $wb;

			$this->dateformat = $app->lng('conf_format_dateshort');

			return true;
			}
			@@ -163,11 +165,21 @@
			* @return record
			*/
			function decode($record,$tab) {
			if(!is_array($this->formDef['tabs'][$tab])) $app->error("Tab does not exist or the tab is empty (TAB: $tab).");
			global $conf, $app;
			if(!is_array($this->formDef['tabs'][$tab])) $app->error("Tab does not exist or the tab is empty (TAB: $tab).");
			$new_record = '';
			$table_idx = $this->formDef['db_table_idx'];
			if(isset($record[$table_idx])) $new_record[$table_idx] = $app->functions->intval($record[$table_idx ]);

			if(is_array($record)) {
			foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) {
			switch ($field['datatype']) {
			foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) {

			//* Apply filter to record value.
			if(isset($field['filters']) && is_array($field['filters'])) {
			$record[$key] = $this->filterField($key, (isset($record[$key]))?$record[$key]:'', $field['filters'], 'SHOW');
			}

			switch ($field['datatype']) {
			case 'VARCHAR':
			$new_record[$key] = $record[$key];
			break;
			@@ -190,7 +202,7 @@
			break;

			case 'INTEGER':
			$new_record[$key] = intval($record[$key]);
			$new_record[$key] = $app->functions->intval($record[$key]);
			break;

			case 'DOUBLE':
			@@ -198,7 +210,7 @@
			break;

			case 'CURRENCY':
			$new_record[$key] = number_format((double)$record[$key], 2, ',', '');
			$new_record[$key] = $app->functions->currency_format($record[$key]);
			break;

			default:
			@@ -212,7 +224,7 @@
			}

			/**
			* Get the key => value array of a form filed from a datasource definitiom
			* Get the key => value array of a form filled from a datasource definitiom
			*
			* @param field = array with field definition
			* @param record = Dataset as array
			@@ -239,7 +251,7 @@
			unset($tmp_recordid);

			$querystring = str_replace("{AUTHSQL}",$this->getAuthSQL('r'),$querystring);


			// Getting the records
			$tmp_records = $app->db->queryAllRecords($querystring);
			if($app->db->errorMessage != '') die($app->db->errorMessage);
			@@ -263,6 +275,17 @@
			} else {
			$this->errorMessage .= "Custom datasource class or function is empty<br />\r\n";
			}
			}

			if(isset($field['filters']) && is_array($field['filters'])) {
			$new_values = array();
			foreach($values as $index => $value) {
			$new_index = $this->filterField($index, $index, $field['filters'], 'SHOW');
			$new_values[$new_index] = $this->filterField($index, (isset($values[$index]))?$values[$index]:'', $field['filters'], 'SHOW');
			}
			$values = $new_values;
			unset($new_values);
			unset($new_index);
			}

			return $values;
			@@ -357,12 +380,18 @@
			$record = $this->decode($record,$tab);
			if(is_array($record)) {
			foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) {
			$val = $record[$key];

			if(isset($record[$key])) {
			$val = $record[$key];
			} else {
			$val = '';
			}

			// If Datasource is set, get the data from there
			if(isset($field['datasource']) && is_array($field['datasource'])) {
			if(is_array($field["value"])) {
			$field["value"] = array_merge($field["value"],$this->getDatasourceData($field, $record));
			//$field["value"] = array_merge($field["value"],$this->getDatasourceData($field, $record));
			$field["value"] = $app->functions->array_merge($field["value"],$this->getDatasourceData($field, $record));
			} else {
			$field["value"] = $this->getDatasourceData($field, $record);
			}
			@@ -379,7 +408,9 @@
			if(is_array($field['value'])) {
			foreach($field['value'] as $k => $v) {
			$selected = ($k == $val)?' SELECTED':'';
			$out .= "<option value='$k'$selected>$v</option>\r\n";
			if(!empty($this->wordbook[$v]))
			$v = $this->wordbook[$v];
			$out .= "<option value='$k'$selected>".$this->lng($v)."</option>\r\n";
			}
			}
			$new_record[$key] = $out;
			@@ -422,6 +453,7 @@

			// HTML schreiben
			$out = '';
			$elementNo = 0;
			foreach($field['value'] as $k => $v) {

			$checked = '';
			@@ -429,7 +461,8 @@
			if(trim($tvl) == trim($k)) $checked = ' CHECKED';
			}
			// $out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v</label>\r\n";
			$out .= "<input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v  \r\n";
			$out .= "<label for=\"".$key.$elementNo."\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key.$elementNo."\" value=\"$k\" type=\"checkbox\" $checked /> $v</label><br/>\r\n";
			$elementNo++;
			}
			}
			$new_record[$key] = $out;
			@@ -440,10 +473,12 @@

			// HTML schreiben
			$out = '';
			$elementNo = 0;
			foreach($field['value'] as $k => $v) {
			$checked = ($k == $val)?' CHECKED':'';
			//$out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v</label>\r\n";
			$out .= "<input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v\r\n";
			$out .= "<label for=\"".$key.$elementNo."\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key.$elementNo."\" value=\"$k\" type=\"radio\" $checked/> $v </label>\r\n";
			$elementNo++;
			}
			}
			$new_record[$key] = $out;
			@@ -464,7 +499,11 @@
			break;

			default:
			if(isset($record[$key])) {
			$new_record[$key] = htmlspecialchars($record[$key]);
			} else {
			$new_record[$key] = '';
			}
			}
			}
			}
			@@ -475,7 +514,7 @@
			// If Datasource is set, get the data from there
			if(@is_array($field['datasource'])) {
			if(is_array($field["value"])) {
			$field["value"] = array_merge($field["value"],$this->getDatasourceData($field, $record));
			$field["value"] = $app->functions->array_merge($field["value"],$this->getDatasourceData($field, $record));
			} else {
			$field["value"] = $this->getDatasourceData($field, $record);
			}
			@@ -492,7 +531,7 @@
			$out = '';
			foreach($field['value'] as $k => $v) {
			$selected = ($k == $field["default"])?' SELECTED':'';
			$out .= "<option value='$k'$selected>$v</option>\r\n";
			$out .= "<option value='$k'$selected>".$this->lng($v)."</option>\r\n";
			}
			}
			if(isset($out)) $new_record[$key] = $out;
			@@ -531,6 +570,7 @@

			// HTML schreiben
			$out = '';
			$elementNo = 0;
			foreach($field['value'] as $k => $v) {

			$checked = '';
			@@ -538,7 +578,8 @@
			if(trim($tvl) == trim($k)) $checked = ' CHECKED';
			}
			// $out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v</label>\r\n";
			$out .= "<input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"checkbox\" $checked /> $v  \r\n";
			$out .= "<label for=\"".$key.$elementNo."\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key.$elementNo."\" value=\"$k\" type=\"checkbox\" $checked /> $v</label>  \r\n";
			$elementNo++;
			}
			}
			$new_record[$key] = $out;
			@@ -549,10 +590,12 @@

			// HTML schreiben
			$out = '';
			$elementNo = 0;
			foreach($field['value'] as $k => $v) {
			$checked = ($k == $field["default"])?' CHECKED':'';
			//$out .= "<label for=\"".$key."[]\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v</label>\r\n";
			$out .= "<input name=\"".$key."[]\" id=\"".$key."[]\" value=\"$k\" type=\"radio\" $checked/> $v\r\n";
			$out .= "<label for=\"".$key.$elementNo."\" class=\"inlineLabel\"><input name=\"".$key."[]\" id=\"".$key.$elementNo."\" value=\"$k\" type=\"radio\" $checked/> $v</label>\r\n";
			$elementNo++;
			}
			}
			$new_record[$key] = $out;
			@@ -584,7 +627,7 @@
			* @param record = Datensatz als Array
			* @return record
			*/
			function encode($record,$tab) {
			function encode($record,$tab,$dbencode = true) {
			global $app;

			if(!is_array($this->formDef['tabs'][$tab])) $app->error("Tab is empty or does not exist (TAB: $tab).");
			@@ -592,20 +635,27 @@

			if(is_array($record)) {
			foreach($this->formDef['tabs'][$tab]['fields'] as $key => $field) {

			if(isset($field['validators']) && is_array($field['validators'])) $this->validateField($key, (isset($record[$key]))?$record[$key]:'', $field['validators']);

			//* Apply filter to record value
			if(isset($field['filters']) && is_array($field['filters'])) {
			$record[$key] = $this->filterField($key, (isset($record[$key]))?$record[$key]:'', $field['filters'], 'SAVE');
			}
			//* Validate record value
			if(isset($field['validators']) && is_array($field['validators'])) {
			$this->validateField($key, (isset($record[$key]))?$record[$key]:'', $field['validators']);
			}

			switch ($field['datatype']) {
			case 'VARCHAR':
			if(!@is_array($record[$key])) {
			$new_record[$key] = (isset($record[$key]))?$app->db->quote($record[$key]):'';
			$new_record[$key] = (isset($record[$key]))?$record[$key]:'';
			} else {
			$new_record[$key] = implode($field['separator'],$record[$key]);
			}
			break;
			case 'TEXT':
			if(!is_array($record[$key])) {
			$new_record[$key] = $app->db->quote($record[$key]);
			$new_record[$key] = $record[$key];
			} else {
			$new_record[$key] = implode($field['separator'],$record[$key]);
			}
			@@ -620,21 +670,29 @@
			break;
			case 'DATE':
			if($record[$key] != '' && $record[$key] != '0000-00-00') {
			list($tag,$monat,$jahr) = explode('.',$record[$key]);
			$new_record[$key] = $jahr.'-'.$monat.'-'.$tag;
			//$tmp = strptime($record[$key],$this->dateformat);
			//$new_record[$key] = ($tmp['tm_year']+1900).'-'.($tmp['tm_mon']+1).'-'.$tmp['tm_mday'];
			if(function_exists('date_parse_from_format')) {
			$date_parts = date_parse_from_format($this->dateformat,$record[$key]);
			//list($tag,$monat,$jahr) = explode('.',$record[$key]);
			$new_record[$key] = $date_parts['year'].'-'.$date_parts['month'].'-'.$date_parts['day'];
			//$tmp = strptime($record[$key],$this->dateformat);
			//$new_record[$key] = ($tmp['tm_year']+1900).'-'.($tmp['tm_mon']+1).'-'.$tmp['tm_mday'];
			} else {
			//$tmp = strptime($record[$key],$this->dateformat);
			//$new_record[$key] = ($tmp['tm_year']+1900).'-'.($tmp['tm_mon']+1).'-'.$tmp['tm_mday'];
			$tmp = strtotime($record[$key]);
			$new_record[$key] = date('Y-m-d',$tmp);
			}
			} else {
			$new_record[$key] = '0000-00-00';
			}
			break;
			case 'INTEGER':
			$new_record[$key] = (isset($record[$key]))?$record[$key]:0;
			$new_record[$key] = (isset($record[$key]))?$app->functions->intval($record[$key]):0;
			//if($new_record[$key] != $record[$key]) $new_record[$key] = $field['default'];
			//if($key == 'refresh') die($record[$key]);
			break;
			case 'DOUBLE':
			$new_record[$key] = $app->db->quote($record[$key]);
			$new_record[$key] = $record[$key];
			break;
			case 'CURRENCY':
			$new_record[$key] = str_replace(",",".",$record[$key]);
			@@ -662,11 +720,52 @@
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			}
			}



			//* Add slashes to all records, when we encode data which shall be inserted into mysql.
			if($dbencode == true) $new_record[$key] = $app->db->quote($new_record[$key]);
			}
			}
			return $new_record;
			}

			/**
			* process the filters for a given field.
			*
			* @param field_name = Name of the field
			* @param field_value = value of the field
			* @param filters = Array of filters
			* @param filter_event = 'SAVE'or 'SHOW'
			* @return record
			*/

			function filterField($field_name, $field_value, $filters, $filter_event) {

			global $app;
			$returnval = $field_value;

			//* Loop trough all filters
			foreach($filters as $filter) {
			if($filter['event'] == $filter_event) {
			switch ($filter['type']) {
			case 'TOLOWER':
			$returnval = strtolower($returnval);
			break;
			case 'TOUPPER':
			$returnval = strtoupper($returnval);
			break;
			case 'IDNTOASCII':
			$returnval = $app->functions->idn_encode($returnval);
			break;
			case 'IDNTOUTF8':
			$returnval = $app->functions->idn_decode($returnval);
			break;
			default:
			$this->errorMessage .= "Unknown Filter: ".$filter['type'];
			break;
			}
			}
			}
			return $returnval;
			}

			/**
			@@ -700,7 +799,9 @@
			}
			break;
			case 'UNIQUE':
			if($this->action == 'NEW') {
			if($validator['allowempty'] != 'y') $validator['allowempty'] = 'n';
			if($validator['allowempty'] == 'n' \|\| ($validator['allowempty'] == 'y' && $field_value != '')){
			if($this->action == 'NEW') {
			$num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."'");
			if($num_rec["number"] > 0) {
			$errmsg = $validator['errmsg'];
			@@ -710,7 +811,7 @@
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			} else {
			} else {
			$num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."' AND ".$this->formDef['db_table_idx']." != ".$this->primary_id);
			if($num_rec["number"] > 0) {
			$errmsg = $validator['errmsg'];
			@@ -720,7 +821,8 @@
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			}
			}
			}
			break;
			case 'NOTEMPTY':
			if(empty($field_value)) {
			@@ -733,7 +835,17 @@
			}
			break;
			case 'ISEMAIL':
			if(!preg_match("/^\w+[\w\.\-\+]\w{0,}@\w+[\w.-]\w+\.[a-z]{2,10}$/i", $field_value)) {
			if(function_exists('filter_var')) {
			if(filter_var($field_value, FILTER_VALIDATE_EMAIL) === false) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			} else {
			if(!preg_match("/^\w+[\w\.\-\+]\w{0,}@\w+[\w.-]\w+\.[a-zA-Z0-9\-]{2,30}$/i", $field_value)) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			@@ -741,9 +853,20 @@
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			}
			break;
			case 'ISINT':
			$tmpval = intval($field_value);
			if(function_exists('filter_var') && $field_value < 2147483647) {
			if($field_value != '' && filter_var($field_value, FILTER_VALIDATE_INT) === false) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			} else {
			$tmpval = $app->functions->intval($field_value);
			if($tmpval === 0 and !empty($field_value)) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			@@ -752,6 +875,7 @@
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			}
			break;
			case 'ISPOSITIVE':
			if(!is_numeric($field_value) \|\| $field_value <= 0){
			@@ -763,6 +887,37 @@
			}
			}
			break;
			case 'ISV6PREFIX':
			$v6_prefix_ok = 0;
			$explode_field_value = explode(':',$field_value);
			if ($explode_field_value[count($explode_field_value)-1]=='' && $explode_field_value[count($explode_field_value)-2]=='' ){
			if ( count($explode_field_value) <= 9 ) {
			if(filter_var(substr($field_value,0,strlen($field_value)-2),FILTER_VALIDATE_IP,FILTER_FLAG_IPV6) or filter_var(substr($field_value,0,strlen($field_value)-2).'::0',FILTER_VALIDATE_IP,FILTER_FLAG_IPV6) or filter_var(substr($field_value,0,strlen($field_value)-2).':0',FILTER_VALIDATE_IP,FILTER_FLAG_IPV6) ) {
			$v6_prefix_ok = 1;
			}
			}
			} else {
			$v6_prefix_ok = 2;
			}
			// check subnet against defined server-ipv6
			$sql_v6 = $app->db->queryOneRecord("SELECT ip_address FROM server_ip WHERE ip_type = 'IPv6' AND virtualhost = 'y' LIMIT 0,1");
			$sql_v6_explode=explode(':',$sql_v6['ip_address']);
			if ( count($sql_v6_explode) < count($explode_field_value) && isset($sql_v6['ip_address']) ) {
			$v6_prefix_ok = 3;
			}
			if($v6_prefix_ok == 0) {
			$errmsg = $validator['errmsg'];
			}
			if($v6_prefix_ok == 2) {
			$errmsg = 'IPv6 Prefix must end with ::';
			}
			if($v6_prefix_ok == 3) {
			$errmsg = 'IPv6 Prefix too long (according to Server IP Addresses)';
			}
			if($v6_prefix_ok <> 1){
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			break;
			case 'ISIPV4':
			$vip=1;
			if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
			@@ -780,6 +935,70 @@
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			break;
			case 'ISIP':
			if($validator['allowempty'] != 'y') $validator['allowempty'] = 'n';
			if($validator['allowempty'] == 'y' && $field_value == '') {
			//* Do nothing
			} else {
			//* Check if its a IPv4 or IPv6 address
			if(isset($validator['separator']) && $validator['separator'] != '') {
			//* When the field may contain several IP addresses, split them by the char defined as separator
			$field_value_array = explode($validator['separator'],$field_value);
			} else {
			$field_value_array[] = $field_value;
			}
			foreach($field_value_array as $field_value) {
			if(function_exists('filter_var')) {
			if(!filter_var($field_value,FILTER_VALIDATE_IP)) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			} else {
			//* Check content with regex, if we use php < 5.2
			$ip_ok = 0;
			if(preg_match("/^(\:\:([a-f0-9]{1,4}\:){0,6}?[a-f0-9]{0,4}\|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){0,6}?\:\:\|[a-f0-9]{1,4}(\:[a-f0-9]{1,4}){1,6}?\:\:([a-f0-9]{1,4}\:){1,6}?[a-f0-9]{1,4})(\/\d{1,3})?$/i", $field_value)){
			$ip_ok = 1;
			}
			if(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $field_value)){
			$ip_ok = 1;
			}
			if($ip_ok == 0) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			}
			}
			}
			break;
			case 'RANGE':
			//* Checks if the value is within the given range or above / below a value
			//* Range examples: < 10 = ":10", between 2 and 10 = "2:10", above 5 = "5:".
			$range_parts = explode(':',trim($validator['range']));
			$ok = true;
			if($range_parts[0] != '' && $field_value < $range_parts[0]) {
			$ok = false;
			}
			if($range_parts[1] != '' && $field_value > $range_parts[1]) {
			$ok = false;
			}
			if($ok != true) {
			$errmsg = $validator['errmsg'];
			if(isset($this->wordbook[$errmsg])) {
			$this->errorMessage .= $this->wordbook[$errmsg]."<br />\r\n";
			} else {
			$this->errorMessage .= $errmsg."<br />\r\n";
			}
			}
			unset($range_parts);
			break;
			case 'CUSTOM':
			// Calls a custom class to validate this record
			@@ -804,7 +1023,7 @@
			}

			/**
			* Create the SQL staement.
			* Create SQL statement
			*
			* @param record = Datensatz als Array
			* @param action = INSERT oder UPDATE
			@@ -830,7 +1049,7 @@
			$this->action = $action;
			$this->primary_id = $primary_id;

			$record = $this->encode($record,$tab);
			$record = $this->encode($record,$tab,true);
			$sql_insert_key = '';
			$sql_insert_val = '';
			$sql_update = '';
			@@ -848,22 +1067,16 @@
			if($field['formtype'] == 'PASSWORD') {
			$sql_insert_key .= "`$key`, ";
			if($field['encryption'] == 'CRYPT') {
			$salt="$1$";
			$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
			for ($n=0;$n<8;$n++) {
			//$salt.=chr(mt_rand(64,126));
			$salt.=$base64_alphabet[mt_rand(0,63)];
			}
			$salt.="$";
			// $salt = substr(md5(time()),0,2);
			$record[$key] = crypt($record[$key],$salt);
			$record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
			$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
			} elseif ($field['encryption'] == 'MYSQL') {
			$sql_insert_val .= "PASSWORD('".$app->db->quote($record[$key])."'), ";
			$tmp = $app->db->queryOneRecord("SELECT PASSWORD('".$app->db->quote(stripslashes($record[$key]))."') as `crypted`");
			$record[$key] = $tmp['crypted'];
			$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
			} elseif ($field['encryption'] == 'CLEARTEXT') {
			$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
			} else {
			$record[$key] = md5($record[$key]);
			$record[$key] = md5(stripslashes($record[$key]));
			$sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
			}

			@@ -883,22 +1096,16 @@
			} else {
			if($field['formtype'] == 'PASSWORD') {
			if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') {
			$salt="$1$";
			$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
			for ($n=0;$n<8;$n++) {
			//$salt.=chr(mt_rand(64,126));
			$salt.=$base64_alphabet[mt_rand(0,63)];
			}
			$salt.="$";
			// $salt = substr(md5(time()),0,2);
			$record[$key] = crypt($record[$key],$salt);
			$record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
			$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
			} elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') {
			$sql_update .= "`$key` = PASSWORD('".$app->db->quote($record[$key])."'), ";
			$tmp = $app->db->queryOneRecord("SELECT PASSWORD('".$app->db->quote(stripslashes($record[$key]))."') as `crypted`");
			$record[$key] = $tmp['crypted'];
			$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
			} elseif (isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') {
			$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
			} else {
			$record[$key] = md5($record[$key]);
			$record[$key] = md5(stripslashes($record[$key]));
			$sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
			}

			@@ -969,7 +1176,7 @@
			//* return a empty string if there is nothing to update
			if(trim($sql_update) == '') $sql = '';
			}


			return $sql;
			}

			@@ -1014,7 +1221,7 @@
			$app->uses('tform_tpl_generator');
			$app->tform_tpl_generator->buildHTML($this->formDef,$tab['name']);
			}

			$app->tpl->setVar('readonly_tab', (isset($tab['readonly']) && $tab['readonly'] == true));
			$app->tpl->setInclude('content_tpl',$tab["template"]);
			$tab["active"] = 1;
			$_SESSION["s"]["form"]["tab"] = $tab['name'];