From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001 From: Marius Cramer <m.cramer@pixcept.de> Date: Thu, 06 Aug 2015 03:18:44 -0400 Subject: [PATCH] - don't set password via remoting if field is empty --- interface/web/client/message_template_edit.php | 7 +++---- 1 files changed, 3 insertions(+), 4 deletions(-) diff --git a/interface/web/client/message_template_edit.php b/interface/web/client/message_template_edit.php index 819e267..7d285ac 100644 --- a/interface/web/client/message_template_edit.php +++ b/interface/web/client/message_template_edit.php @@ -56,12 +56,11 @@ // Check for duplicates if($this->dataRecord['template_type'] == 'welcome') { $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]); - $sql = "SELECT count(client_message_template_id) as number FROM client_message_template WHERE template_type = 'welcome' AND sys_groupid = ".$client_group_id; + $sql = "SELECT count(client_message_template_id) as number FROM client_message_template WHERE template_type = 'welcome' AND sys_groupid = ?"; if($this->id > 0) { - $sql .= " AND client_message_template_id != ".$this->id; + $sql .= " AND client_message_template_id != ?"; } - - $tmp = $app->db->queryOneRecord($sql); + $tmp = $app->db->queryOneRecord($sql, $client_group_id, $this->id); if($tmp['number'] > 0) $app->tform->errorMessage .= $app->tform->lng('duplicate_welcome_error'); } -- Gitblit v1.9.1