From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001 From: Marius Cramer <m.cramer@pixcept.de> Date: Thu, 06 Aug 2015 03:18:44 -0400 Subject: [PATCH] - don't set password via remoting if field is empty --- server/plugins-available/maildeliver_plugin.inc.php | 8 ++++---- 1 files changed, 4 insertions(+), 4 deletions(-) diff --git a/server/plugins-available/maildeliver_plugin.inc.php b/server/plugins-available/maildeliver_plugin.inc.php index 85293ae..a6f9ae5 100644 --- a/server/plugins-available/maildeliver_plugin.inc.php +++ b/server/plugins-available/maildeliver_plugin.inc.php @@ -165,8 +165,8 @@ $tpl->setVar('autoresponder_text', $data["new"]["autoresponder_text"]); //* Set alias addresses for autoresponder - $sql = "SELECT * FROM mail_forwarding WHERE type = 'alias' AND destination = '".$app->db->quote($data["new"]["email"])."'"; - $records = $app->db->queryAllRecords($sql); + $sql = "SELECT * FROM mail_forwarding WHERE type = 'alias' AND destination = ?"; + $records = $app->db->queryAllRecords($sql, $data["new"]["email"]); $addresses = array(); $addresses[] = $data["new"]["email"]; @@ -181,8 +181,8 @@ $alias_addresses = array(); $email_parts = explode('@', $data["new"]["email"]); - $sql = "SELECT * FROM mail_forwarding WHERE type = 'aliasdomain' AND destination = '@".$app->db->quote($email_parts[1])."'"; - $records = $app->db->queryAllRecords($sql); + $sql = "SELECT * FROM mail_forwarding WHERE type = 'aliasdomain' AND destination = ?"; + $records = $app->db->queryAllRecords($sql, '@'.$email_parts[1]); if(is_array($records) && count($records) > 0) { $app->log("Found " . count($records) . " records (aliasdomains).", LOGLEVEL_DEBUG); foreach($records as $rec) { -- Gitblit v1.9.1