From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty

---
 interface/lib/classes/sites_database_plugin.inc.php |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/interface/lib/classes/sites_database_plugin.inc.php b/interface/lib/classes/sites_database_plugin.inc.php
index bf53c61..89cb7ce 100644
--- a/interface/lib/classes/sites_database_plugin.inc.php
+++ b/interface/lib/classes/sites_database_plugin.inc.php
@@ -40,15 +40,15 @@
 		global $app;
 
 		if($form_page->dataRecord["parent_domain_id"] > 0) {
-			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($form_page->dataRecord["parent_domain_id"]));
+			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ?", $form_page->dataRecord["parent_domain_id"]);
 
 			//* The Database user shall be owned by the same group then the website
 			$sys_groupid = $app->functions->intval($web['sys_groupid']);
-			$backup_interval = $app->db->quote($web['backup_interval']);
+			$backup_interval = $web['backup_interval'];
 			$backup_copies = $app->functions->intval($web['backup_copies']);
 
-			$sql = "UPDATE web_database SET sys_groupid = '$sys_groupid', backup_interval = '$backup_interval', backup_copies = '$backup_copies' WHERE database_id = ".$form_page->id;
-			$app->db->query($sql);
+			$sql = "UPDATE web_database SET sys_groupid = ?, backup_interval = ?, backup_copies = ? WHERE database_id = ?";
+			$app->db->query($sql, $sys_groupid, $backup_interval, $backup_copies, $form_page->id);
 		}
 	}
 

--
Gitblit v1.9.1