From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty

---
 interface/web/client/domain_del.php |   16 ++++++++--------
 1 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/interface/web/client/domain_del.php b/interface/web/client/domain_del.php
index 6bc07e6..701b449 100644
--- a/interface/web/client/domain_del.php
+++ b/interface/web/client/domain_del.php
@@ -62,26 +62,26 @@
 		 */
 		$domain = $this->dataRecord['domain'];
 
-		$sql = "SELECT id FROM dns_soa WHERE origin = '" . $app->db->quote($domain.".") . "'";
-		$res = $app->db->queryOneRecord($sql);
+		$sql = "SELECT id FROM dns_soa WHERE origin = ?";
+		$res = $app->db->queryOneRecord($sql, $domain.".");
 		if (is_array($res)){
 			$app->error($wb['error_domain_in dnsuse']);
 		}
 
-		$sql = "SELECT id FROM dns_slave WHERE origin = '" . $app->db->quote($domain.".") . "'";
-		$res = $app->db->queryOneRecord($sql);
+		$sql = "SELECT id FROM dns_slave WHERE origin = ?";
+		$res = $app->db->queryOneRecord($sql, $domain.".");
 		if (is_array($res)){
 			$app->error($wb['error_domain_in dnsslaveuse']);
 		}
 
-		$sql = "SELECT domain_id FROM mail_domain WHERE domain = '" . $app->db->quote($domain) . "'";
-		$res = $app->db->queryOneRecord($sql);
+		$sql = "SELECT domain_id FROM mail_domain WHERE domain = ?";
+		$res = $app->db->queryOneRecord($sql, $domain);
 		if (is_array($res)){
 			$app->error($wb['error_domain_in mailuse']);
 		}
 
-		$sql = "SELECT domain_id FROM web_domain WHERE (domain = '" . $app->db->quote($domain) . "' AND type IN ('alias', 'vhost', 'vhostalias')) OR (domain LIKE '%." . $app->db->quote($domain) . "' AND type IN ('subdomain', 'vhostsubdomain'))";
-		$res = $app->db->queryOneRecord($sql);
+		$sql = "SELECT domain_id FROM web_domain WHERE (domain = ? AND type IN ('alias', 'vhost', 'vhostalias')) OR (domain LIKE ? AND type IN ('subdomain', 'vhostsubdomain'))";
+		$res = $app->db->queryOneRecord($sql, $domain, '%.' . $domain);
 		if (is_array($res)){
 			$app->error($wb['error_domain_in webuse']);
 		}

--
Gitblit v1.9.1