From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty

---
 interface/web/mailuser/index.php |   28 ++++++++++++++--------------
 1 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/interface/web/mailuser/index.php b/interface/web/mailuser/index.php
index a67fb74..b7748ac 100644
--- a/interface/web/mailuser/index.php
+++ b/interface/web/mailuser/index.php
@@ -1,6 +1,6 @@
 <?php
-require_once('../../lib/config.inc.php');
-require_once('../../lib/app.inc.php');
+require_once '../../lib/config.inc.php';
+require_once '../../lib/app.inc.php';
 
 //* Check permissions for module
 $app->auth->check_module_permissions('mailuser');
@@ -14,11 +14,11 @@
 
 //* load language file
 $lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_index.lng';
-include($lng_file);
+include $lng_file;
 $app->tpl->setVar($wb);
 
-$sql = "SELECT * FROM mail_user WHERE mailuser_id = ".$_SESSION['s']['user']['mailuser_id'];
-$rec = $app->db->queryOneRecord($sql);
+$sql = "SELECT * FROM mail_user WHERE mailuser_id = ?";
+$rec = $app->db->queryOneRecord($sql, $_SESSION['s']['user']['mailuser_id']);
 
 if($rec['quota'] == 0) {
 	$rec['quota'] = $wb['unlimited_txt'];
@@ -30,25 +30,25 @@
 
 $app->tpl->setVar($rec);
 
-$sql2 = "SELECT * FROM server WHERE server_id = ".$rec['server_id'];
-$rec2 = $app->db->queryOneRecord($sql2);
+$sql2 = "SELECT * FROM server WHERE server_id = ?";
+$rec2 = $app->db->queryOneRecord($sql2, $rec['server_id']);
 
 $app->tpl->setVar($rec2);
 
-$app->tpl->setVar('msg',$msg);
-$app->tpl->setVar('error',$error);
+$app->tpl->setVar('msg', $msg);
+$app->tpl->setVar('error', $error);
 
 if(isset($_SESSION['show_info_msg'])) {
-    $app->tpl->setVar('show_info_msg', $_SESSION['show_info_msg']);
-    unset($_SESSION['show_info_msg']);
+	$app->tpl->setVar('show_info_msg', $_SESSION['show_info_msg']);
+	unset($_SESSION['show_info_msg']);
 }
 if(isset($_SESSION['show_error_msg'])) {
-    $app->tpl->setVar('show_error_msg', $_SESSION['show_error_msg']);
-    unset($_SESSION['show_error_msg']);
+	$app->tpl->setVar('show_error_msg', $_SESSION['show_error_msg']);
+	unset($_SESSION['show_error_msg']);
 }
 
 
 
 $app->tpl_defaults();
 $app->tpl->pparse();
-?>
\ No newline at end of file
+?>

--
Gitblit v1.9.1