From 1bcc716dfaf8dcea2b036b0e96302fef4fcc98ad Mon Sep 17 00:00:00 2001 From: Till Brehm <tbrehm@ispconfig.org> Date: Thu, 14 Aug 2014 03:58:36 -0400 Subject: [PATCH] Merge branch 'work-3.0.5.4p3' of git.ispconfig.org:pixcept/ispconfig3-mods into work-3.0.5.4p3 --- interface/web/themes/default/templates/main.tpl.htm | 4 ++-- interface/lib/classes/remoting.inc.php | 42 +++++++++++++++++++++++++++++++++++++----- interface/web/js/scrigo.js.php | 2 ++ 3 files changed, 41 insertions(+), 7 deletions(-) diff --git a/interface/lib/classes/remoting.inc.php b/interface/lib/classes/remoting.inc.php index 3fe307d..0ccfd65 100644 --- a/interface/lib/classes/remoting.inc.php +++ b/interface/lib/classes/remoting.inc.php @@ -1415,13 +1415,30 @@ public function client_add($session_id, $reseller_id, $params) { + global $app; + if (!$this->checkPerm($session_id, 'client_add')) { $this->server->fault('permission_denied', 'You do not have the permissions to access this function.'); return false; } if(!isset($params['parent_client_id']) || $params['parent_client_id'] == 0) $params['parent_client_id'] = $reseller_id; - $affected_rows = $this->klientadd('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . '.tform.php', $reseller_id, $params); + + if($params['parent_client_id']) { + // check if this one is reseller + $check = $app->db->queryOneRecord('SELECT `limit_client` FROM `client` WHERE `client_id` = ' . intval($client_id)); + if($check['limit_client'] == 0) { + $this->server->fault('Invalid reseller', 'Selected client is not a reseller.'); + return false; + } + + if(isset($params['limit_client']) && $params['limit_client'] != 0) { + $this->server->fault('Invalid reseller', 'Reseller cannot be client of another reseller.'); + return false; + } + } + + $affected_rows = $this->klientadd('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] != 0 ? 'reseller' : 'client') . '.tform.php', $reseller_id, $params); return $affected_rows; } @@ -1437,8 +1454,24 @@ } $app->uses('remoting_lib'); - $app->remoting_lib->loadFormDef('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . '.tform.php'); + $app->remoting_lib->loadFormDef('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] != 0 ? 'reseller' : 'client') . '.tform.php'); $old_rec = $app->remoting_lib->getDataRecord($client_id); + + if(!isset($params['parent_client_id']) || $params['parent_client_id'] == 0) $params['parent_client_id'] = $reseller_id; + + if($params['parent_client_id']) { + // check if this one is reseller + $check = $app->db->queryOneRecord('SELECT `limit_client` FROM `client` WHERE `client_id` = ' . intval($client_id)); + if($check['limit_client'] == 0) { + $this->server->fault('Invalid reseller', 'Selected client is not a reseller.'); + return false; + } + + if(isset($params['limit_client']) && $params['limit_client'] != 0) { + $this->server->fault('Invalid reseller', 'Reseller cannot be client of another reseller.'); + return false; + } + } // we need the previuos templates assigned here $this->oldTemplatesAssigned = $app->db->queryAllRecords('SELECT * FROM `client_template_assigned` WHERE `client_id` = ' . $client_id); @@ -1462,8 +1495,7 @@ } - if(!isset($params['parent_client_id']) || $params['parent_client_id'] == 0) $params['parent_client_id'] = $reseller_id; - $affected_rows = $this->updateQuery('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . '.tform.php', $reseller_id, $client_id, $params, 'client:' . ($reseller_id ? 'reseller' : 'client') . ':on_after_update'); + $affected_rows = $this->updateQuery('../client/form/' . (isset($params['limit_client']) && $params['limit_client'] != 0 ? 'reseller' : 'client') . '.tform.php', $reseller_id, $client_id, $params, 'client:' . ($params['parent_client_id'] ? 'reseller' : 'client') . ':on_after_update'); $app->remoting_lib->ispconfig_sysuser_update($params, $client_id); @@ -3195,7 +3227,7 @@ $this->id = $insert_id; $this->dataRecord = $params; - $app->plugin->raiseEvent('client:' . (isset($params['limit_client']) && $params['limit_client'] > 0 ? 'reseller' : 'client') . ':on_after_insert', $this); + $app->plugin->raiseEvent('client:' . (isset($params['limit_client']) && $params['limit_client'] != 0 ? 'reseller' : 'client') . ':on_after_insert', $this); /* if($app->db->errorMessage != '') { diff --git a/interface/web/js/scrigo.js.php b/interface/web/js/scrigo.js.php index 85a321c..229c721 100644 --- a/interface/web/js/scrigo.js.php +++ b/interface/web/js/scrigo.js.php @@ -438,6 +438,8 @@ } function changeTab(tab,target,force) { + if(requestsRunning > 0) return false; + //document.forms[0].next_tab.value = tab; document.pageForm.next_tab.value = tab; diff --git a/interface/web/themes/default/templates/main.tpl.htm b/interface/web/themes/default/templates/main.tpl.htm index 3339d9f..e331e44 100644 --- a/interface/web/themes/default/templates/main.tpl.htm +++ b/interface/web/themes/default/templates/main.tpl.htm @@ -48,8 +48,8 @@ jQuery('.ttip').tipsy({live: true, gravity: 'ne', html: true}); - tabChangeDiscard = '<tmpl_var name="tabchange_discard_enabled>'; - tabChangeWarning = '<tmpl_var name="tabchange_warning_enabled>'; + tabChangeDiscard = '<tmpl_var name="tabchange_discard_enabled">'; + tabChangeWarning = '<tmpl_var name="tabchange_warning_enabled">'; tabChangeWarningTxt = '<tmpl_var name="global_tabchange_warning_txt">'; tabChangeDiscardTxt = '<tmpl_var name="global_tabchange_discard_txt">'; -- Gitblit v1.9.1