From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty

---
 server/plugins-available/mailman_plugin.inc.php |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/server/plugins-available/mailman_plugin.inc.php b/server/plugins-available/mailman_plugin.inc.php
index acf4eb9..0d282f5 100644
--- a/server/plugins-available/mailman_plugin.inc.php
+++ b/server/plugins-available/mailman_plugin.inc.php
@@ -78,7 +78,7 @@
 		if(is_file('/var/lib/mailman/data/transport-mailman')) exec('postmap /var/lib/mailman/data/transport-mailman');
 		exec('nohup '.$conf['init_scripts'] . '/' . 'mailman reload >/dev/null 2>&1 &');
 
-		$app->db->query("UPDATE mail_mailinglist SET password = '' WHERE mailinglist_id = ".$app->db->quote($data["new"]['mailinglist_id']));
+		$app->db->query("UPDATE mail_mailinglist SET password = '' WHERE mailinglist_id = ?", $data["new"]['mailinglist_id']);
 
 	}
 
@@ -91,7 +91,7 @@
 		if($data["new"]["password"] != $data["old"]["password"] && $data["new"]["password"] != '') {
 			exec("nohup /usr/lib/mailman/bin/change_pw -l ".escapeshellcmd($data["new"]["listname"])." -p ".escapeshellcmd($data["new"]["password"])." >/dev/null 2>&1 &");
 			exec('nohup '.$conf['init_scripts'] . '/' . 'mailman reload >/dev/null 2>&1 &');
-			$app->db->query("UPDATE mail_mailinglist SET password = '' WHERE mailinglist_id = ".$app->db->quote($data["new"]['mailinglist_id']));
+			$app->db->query("UPDATE mail_mailinglist SET password = '' WHERE mailinglist_id = ?", $data["new"]['mailinglist_id']);
 		}
 		
 		if(is_file('/var/lib/mailman/data/virtual-mailman')) exec('postmap /var/lib/mailman/data/virtual-mailman');
@@ -115,7 +115,7 @@
 	function update_config() {
 		global $app, $conf;
 
-		copy($this->mailman_config_dir.'mm_cfg.py', $this->mailman_config_dir.'mm_cfg.py');
+		copy($this->mailman_config_dir.'mm_cfg.py', $this->mailman_config_dir.'mm_cfg.py~');
 
 		// load the server configuration options
 		$app->uses('getconf');
@@ -136,7 +136,7 @@
 			if (strlen($line) && substr($line, 0, 1) != '#')
 			{
 				list($key, $value) = explode("=", $line);
-				if (!empty($value))
+				if ($value && $value !== '')
 				{
 					$key = rtrim($key);
 					$old_options[$key] = trim($value);

--
Gitblit v1.9.1