From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001 From: Marius Cramer <m.cramer@pixcept.de> Date: Thu, 06 Aug 2015 03:18:44 -0400 Subject: [PATCH] - don't set password via remoting if field is empty --- interface/web/admin/server_config_edit.php | 10 +++++++--- 1 files changed, 7 insertions(+), 3 deletions(-) diff --git a/interface/web/admin/server_config_edit.php b/interface/web/admin/server_config_edit.php index e561b00..4c03e7e 100644 --- a/interface/web/admin/server_config_edit.php +++ b/interface/web/admin/server_config_edit.php @@ -93,10 +93,14 @@ } } - $server_config_array[$section] = $app->tform->encode($this->dataRecord, $section); - $server_config_str = $app->ini_parser->get_ini_string($server_config_array); + if($app->tform->errorMessage == '') { + $server_config_array[$section] = $app->tform->encode($this->dataRecord, $section); + $server_config_str = $app->ini_parser->get_ini_string($server_config_array); - $app->db->datalogUpdate('server', "config = '".$app->db->quote($server_config_str)."'", 'server_id', $server_id); + $app->db->datalogUpdate('server', array("config" => $server_config_str), 'server_id', $server_id); + } else { + $app->error('Security breach!'); + } } } -- Gitblit v1.9.1