From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty

---
 interface/web/dashboard/ajax_get_json.php |   48 +++++++++++++++---------------------------------
 1 files changed, 15 insertions(+), 33 deletions(-)

diff --git a/interface/web/dashboard/ajax_get_json.php b/interface/web/dashboard/ajax_get_json.php
index c5384ca..30a668a 100644
--- a/interface/web/dashboard/ajax_get_json.php
+++ b/interface/web/dashboard/ajax_get_json.php
@@ -40,7 +40,7 @@
 
 //if($_SESSION["s"]["user"]["typ"] == 'admin') {
 
-
+/* TODO: change sql queries */
 if($type == 'globalsearch'){
 	$q = $app->db->quote(trim($_GET["q"]));
 	$authsql = " AND ".$app->tform->getAuthSQL('r');
@@ -55,19 +55,19 @@
 	$result[] = _search('client', 'reseller', "AND limit_client != 0");
 
 	// web sites
-	$result[] = _search('sites', 'web_domain', "AND type = 'vhost'");
+	$result[] = _search('sites', 'web_vhost_domain', "AND type = 'vhost'");
 
 	// subdomains
-	$result[] = _search('sites', 'web_subdomain', "AND type = 'subdomain'");
+	$result[] = _search('sites', 'web_childdomain', "AND type = 'subdomain'", 'type=subdomain');
 
 	// web site aliases
-	$result[] = _search('sites', 'web_aliasdomain', "AND type = 'alias'");
+	$result[] = _search('sites', 'web_childdomain', "AND type = 'alias'", 'type=aliasdomain');
 
 	// vhostsubdomains
-	$result[] = _search('sites', 'web_vhost_subdomain', "AND type = 'vhostsubdomain'");
+	$result[] = _search('sites', 'web_vhost_domain', "AND type = 'vhostsubdomain'", 'type=subdomain');
 
 	// vhostaliasdomains
-	$result[] = _search('sites', 'web_vhost_aliasdomain', "AND type = 'vhostalias'");
+	$result[] = _search('sites', 'web_vhost_domain', "AND type = 'vhostalias'", 'type=aliasdomain');
 
 	// FTP users
 	$result[] = _search('sites', 'ftp_user');
@@ -76,28 +76,6 @@
 	$result[] = _search('sites', 'shell_user');
 
 	// databases
-	/*
-		$result_databases = array('cheader' => array(), 'cdata' => array());
-		if(in_array('sites', $modules)){
-			$sql = "SELECT * FROM web_database WHERE database_name LIKE '%".$q."%' OR database_user LIKE '%".$q."%' OR remote_ips LIKE '%".$q."%'".$authsql." ORDER BY database_name";
-			$results = $app->db->queryAllRecords($sql);
-
-			if(is_array($results) && !empty($results)){
-				$result_databases['cheader'] = array('title' => 'Databases',
-														'total' => count($results),
-														'limit' => count($results)
-													);
-				foreach($results as $result){
-					$description = 'Database User: '.$result['database_user'].' - Remote IPs: '.$result['remote_ips'];
-					$result_databases['cdata'][] = array('title' => $result['database_name'],
-												'description' => $description,
-												'onclick' => 'ISPConfig.capp(\'sites\',\'sites/database_edit.php?id='.$result['database_id'].'\');',
-												'fill_text' => strtolower($result['database_name'])
-												);
-				}
-			}
-		}
-		*/
 	$result[] = _search('sites', 'database');
 
 	// database users
@@ -156,7 +134,7 @@
 
 //}
 
-function _search($module, $section, $additional_sql = ''){
+function _search($module, $section, $additional_sql = '', $params = ''){
 	global $app, $q, $authsql, $modules;
 
 	$result_array = array('cheader' => array(), 'cdata' => array());
@@ -164,9 +142,13 @@
 		$search_fields = array();
 		$desc_fields = array();
 		if(is_file('../'.$module.'/form/'.$section.'.tform.php')){
-			include_once '../'.$module.'/form/'.$section.'.tform.php';
+			include '../'.$module.'/form/'.$section.'.tform.php';
 
 			$category_title = $form["title"];
+			if($params == 'type=subdomain' && $section == 'web_childdomain') $category_title = 'Subdomain';
+			if($params == 'type=aliasdomain' && $section == 'web_childdomain') $category_title = 'Aliasdomain';
+			if($params == 'type=subdomain' && $section == 'web_vhost_domain') $category_title = 'Subdomain (Vhost)';
+			if($params == 'type=aliasdomain' && $section == 'web_vhost_domain') $category_title = 'Aliasdomain (Vhost)';
 			$form_file = $form["action"];
 			$db_table = $form["db_table"];
 			$db_table_idx = $form["db_table_idx"];
@@ -205,8 +187,8 @@
 		$order_clause = '';
 		if($order_by != '') $order_clause = ' ORDER BY '.$order_by;
 
-		$sql = "SELECT * FROM ".$db_table." WHERE ".$where_clause.$authsql.$order_clause." LIMIT 0,10";
-		$results = $app->db->queryAllRecords($sql);
+		$sql = "SELECT * FROM ?? WHERE ".$where_clause.$authsql.$order_clause." LIMIT 0,10";
+		$results = $app->db->queryAllRecords($sql, $db_table);
 
 		if(is_array($results) && !empty($results)){
 			$lng_file = '../'.$module.'/lib/lang/'.$_SESSION['s']['language'].'_'.$section.'.lng';
@@ -227,7 +209,7 @@
 
 				$result_array['cdata'][] = array('title' => $wb[$title_key.'_txt'].': '.$result[$title_key],
 					'description' => $description,
-					'onclick' => "ISPConfig.capp('".$module."','".$module."/".$form_file."?id=".$result[$db_table_idx]."');",
+					'onclick' => "ISPConfig.capp('".$module."','".$module."/".$form_file.urlencode("?id=".$result[$db_table_idx]).($params != ''? urlencode('&'.$params) : '')."');",
 					'fill_text' => strtolower($result[$title_key])
 				);
 			}

--
Gitblit v1.9.1