From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty
---
interface/lib/plugins/dns_dns_soa_plugin.inc.php | 18 +++++++++---------
1 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/interface/lib/plugins/dns_dns_soa_plugin.inc.php b/interface/lib/plugins/dns_dns_soa_plugin.inc.php
index 1cada0e..8f047be 100644
--- a/interface/lib/plugins/dns_dns_soa_plugin.inc.php
+++ b/interface/lib/plugins/dns_dns_soa_plugin.inc.php
@@ -31,17 +31,17 @@
$tmp = $app->db->diffrec($page_form->oldDataRecord, $app->tform->getDataRecord($page_form->id));
if($tmp['diff_num'] > 0) {
// Update the serial number of the SOA record
- $soa = $app->db->queryOneRecord("SELECT serial FROM dns_soa WHERE id = ".$page_form->id);
- $app->db->query("UPDATE dns_soa SET serial = '".$app->validate_dns->increase_serial($soa["serial"])."' WHERE id = ".$page_form->id);
+ $soa = $app->db->queryOneRecord("SELECT serial FROM dns_soa WHERE id = ?", $page_form->id);
+ $app->db->query("UPDATE dns_soa SET serial = ? WHERE id = ?", $app->validate_dns->increase_serial($soa["serial"]), $page_form->id);
}
//** When the client group has changed, change also the owner of the record if the owner is not the admin user
if($page_form->oldDataRecord["client_group_id"] != $page_form->dataRecord["client_group_id"] && $page_form->dataRecord["sys_userid"] != 1) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
- $tmp = $app->db->queryOneREcord("SELECT userid FROM sys_user WHERE default_group = ".$client_group_id);
+ $tmp = $app->db->queryOneREcord("SELECT userid FROM sys_user WHERE default_group = ?", $client_group_id);
if($tmp["userid"] > 0) {
- $app->db->query("UPDATE dns_soa SET sys_userid = ".$tmp["userid"]." WHERE id = ".$page_form->id);
- $app->db->query("UPDATE dns_rr SET sys_userid = ".$tmp["userid"]." WHERE zone = ".$page_form->id);
+ $app->db->query("UPDATE dns_soa SET sys_userid = ? WHERE id = ?", $tmp["userid"], $page_form->id);
+ $app->db->query("UPDATE dns_rr SET sys_userid = ? WHERE zone = ?", $tmp["userid"], $page_form->id);
}
}
}
@@ -49,15 +49,15 @@
// make sure that the record belongs to the client group and not the admin group when a dmin inserts it
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
- $app->db->query("UPDATE dns_soa SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE id = ".$page_form->id);
+ $app->db->query("UPDATE dns_soa SET sys_groupid = ?, sys_perm_group = 'ru' WHERE id = ?", $client_group_id, $page_form->id);
// And we want to update all rr records too, that belong to this record
- $app->db->query("UPDATE dns_rr SET sys_groupid = $client_group_id WHERE zone = ".$page_form->id);
+ $app->db->query("UPDATE dns_rr SET sys_groupid = ? WHERE zone = ?", $client_group_id, $page_form->id);
}
if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($page_form->dataRecord["client_group_id"])) {
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
- $app->db->query("UPDATE dns_soa SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE id = ".$page_form->id);
+ $app->db->query("UPDATE dns_soa SET sys_groupid = ?, sys_perm_group = 'riud' WHERE id = ?", $client_group_id, $page_form->id);
// And we want to update all rr records too, that belong to this record
- $app->db->query("UPDATE dns_rr SET sys_groupid = $client_group_id WHERE zone = ".$page_form->id);
+ $app->db->query("UPDATE dns_rr SET sys_groupid = ? WHERE zone = ?", $client_group_id, $page_form->id);
}
}
--
Gitblit v1.9.1