From 67fbfc013d3a2a7757894d9fe0ef7b5311d25a40 Mon Sep 17 00:00:00 2001
From: vogelor <vogelor@ispconfig3>
Date: Fri, 12 Dec 2008 09:53:19 -0500
Subject: [PATCH] it is not possible to change the server after a record is insert
---
interface/web/mail/mail_content_filter_edit.php | 16 +++
interface/web/mail/spamfilter_users_edit.php | 18 ++++
interface/web/sites/web_domain_edit.php | 16 +++
interface/web/sites/database_edit.php | 18 ++++
interface/web/mail/mail_blacklist_edit.php | 19 ++++
interface/web/mail/mail_transport_edit.php | 18 ++++
interface/web/admin/server_ip_edit.php | 24 +++++
interface/web/mail/spamfilter_whitelist_edit.php | 18 ++++
interface/web/mail/lib/module.conf.php | 6
interface/web/mail/mail_whitelist_edit.php | 16 ++++
interface/web/mail/spamfilter_blacklist_edit.php | 18 ++++
interface/web/admin/server_ip_list.php | 3
interface/web/admin/firewall_edit.php | 16 +++
13 files changed, 190 insertions(+), 16 deletions(-)
diff --git a/interface/web/admin/firewall_edit.php b/interface/web/admin/firewall_edit.php
index 6f426ac..03e0def 100644
--- a/interface/web/admin/firewall_edit.php
+++ b/interface/web/admin/firewall_edit.php
@@ -49,7 +49,21 @@
$app->load('tform_actions');
class page_action extends tform_actions {
-
+ function onBeforeUpdate() {
+ global $app, $conf;
+
+ //* Check if the server has been changed
+ // We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
+ if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+ $rec = $app->db->queryOneRecord("SELECT server_id from firewall WHERE firewall_id = ".$this->id);
+ if($rec['server_id'] != $this->dataRecord["server_id"]) {
+ //* Add a error message and switch back to old server
+ $app->tform->errorMessage .= $app->lng('The Server can not be changed.');
+ $this->dataRecord["server_id"] = $rec['server_id'];
+ }
+ unset($rec);
+ }
+ }
}
$page = new page_action;
diff --git a/interface/web/admin/server_ip_edit.php b/interface/web/admin/server_ip_edit.php
index 8b6160b..baffa14 100644
--- a/interface/web/admin/server_ip_edit.php
+++ b/interface/web/admin/server_ip_edit.php
@@ -46,8 +46,28 @@
// Loading classes
$app->uses('tpl,tform,tform_actions');
+$app->load('tform_actions');
-// let tform_actions handle the page
-$app->tform_actions->onLoad();
+class page_action extends tform_actions {
+
+ function onBeforeUpdate() {
+ global $app, $conf;
+
+ //* Check if the server has been changed
+ // We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
+ if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+ $rec = $app->db->queryOneRecord("SELECT server_id from server_ip WHERE server_ip_id = ".$this->id);
+ if($rec['server_id'] != $this->dataRecord["server_id"]) {
+ //* Add a error message and switch back to old server
+ $app->tform->errorMessage .= $app->lng('The Server can not be changed.');
+ $this->dataRecord["server_id"] = $rec['server_id'];
+ }
+ unset($rec);
+ }
+ }
+}
+
+$page = new page_action;
+$page->onLoad();
?>
\ No newline at end of file
diff --git a/interface/web/admin/server_ip_list.php b/interface/web/admin/server_ip_list.php
index a6bd3b8..6c98269 100644
--- a/interface/web/admin/server_ip_list.php
+++ b/interface/web/admin/server_ip_list.php
@@ -45,6 +45,9 @@
$app->auth->check_module_permissions('admin');
$app->uses('listform_actions');
+
+$app->listform_actions->SQLOrderBy = "ORDER BY server_id, ip_address";
+
$app->listform_actions->onLoad();
diff --git a/interface/web/mail/lib/module.conf.php b/interface/web/mail/lib/module.conf.php
index 5a6fa82..54d0e05 100644
--- a/interface/web/mail/lib/module.conf.php
+++ b/interface/web/mail/lib/module.conf.php
@@ -59,9 +59,9 @@
'target' => 'content',
'link' => 'mail/spamfilter_policy_list.php');
- $items[] = array( 'title' => 'Server Settings',
- 'target' => 'content',
- 'link' => 'mail/spamfilter_config_list.php');
+// $items[] = array( 'title' => 'Server Settings',
+// 'target' => 'content',
+// 'link' => 'mail/spamfilter_config_list.php');
}
$module['nav'][] = array( 'title' => 'Spamfilter',
diff --git a/interface/web/mail/mail_blacklist_edit.php b/interface/web/mail/mail_blacklist_edit.php
index 1e8629b..558c29d 100644
--- a/interface/web/mail/mail_blacklist_edit.php
+++ b/interface/web/mail/mail_blacklist_edit.php
@@ -71,7 +71,24 @@
parent::onShowNew();
}
-
+
+
+ function onBeforeUpdate() {
+ global $app, $conf;
+
+ //* Check if the server has been changed
+ // We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
+ if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+ $rec = $app->db->queryOneRecord("SELECT server_id from mail_access WHERE access_id = ".$this->id);
+ if($rec['server_id'] != $this->dataRecord["server_id"]) {
+ //* Add a error message and switch back to old server
+ $app->tform->errorMessage .= $app->lng('The Server can not be changed.');
+ $this->dataRecord["server_id"] = $rec['server_id'];
+ }
+ unset($rec);
+ }
+ }
+
function onSubmit() {
global $app, $conf;
diff --git a/interface/web/mail/mail_content_filter_edit.php b/interface/web/mail/mail_content_filter_edit.php
index 2913e8d..7ec4322 100644
--- a/interface/web/mail/mail_content_filter_edit.php
+++ b/interface/web/mail/mail_content_filter_edit.php
@@ -52,7 +52,21 @@
$app->load('tform_actions');
class page_action extends tform_actions {
-
+ function onBeforeUpdate() {
+ global $app, $conf;
+
+ //* Check if the server has been changed
+ // We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
+ if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+ $rec = $app->db->queryOneRecord("SELECT server_id from mail_content_filter WHERE content_filter_id = ".$this->id);
+ if($rec['server_id'] != $this->dataRecord["server_id"]) {
+ //* Add a error message and switch back to old server
+ $app->tform->errorMessage .= $app->lng('The Server can not be changed.');
+ $this->dataRecord["server_id"] = $rec['server_id'];
+ }
+ unset($rec);
+ }
+ }
}
$page = new page_action;
diff --git a/interface/web/mail/mail_transport_edit.php b/interface/web/mail/mail_transport_edit.php
index 9b6c4e3..6ab58fb 100644
--- a/interface/web/mail/mail_transport_edit.php
+++ b/interface/web/mail/mail_transport_edit.php
@@ -110,7 +110,23 @@
parent::onShowEnd();
}
-
+
+ function onBeforeUpdate() {
+ global $app, $conf;
+
+ //* Check if the server has been changed
+ // We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
+ if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+ $rec = $app->db->queryOneRecord("SELECT server_id from mail_transport WHERE transport_id = ".$this->id);
+ if($rec['server_id'] != $this->dataRecord["server_id"]) {
+ //* Add a error message and switch back to old server
+ $app->tform->errorMessage .= $app->lng('The Server can not be changed.');
+ $this->dataRecord["server_id"] = $rec['server_id'];
+ }
+ unset($rec);
+ }
+ }
+
function onSubmit() {
global $app, $conf;
diff --git a/interface/web/mail/mail_whitelist_edit.php b/interface/web/mail/mail_whitelist_edit.php
index 2a6134e..c4fd8c2 100644
--- a/interface/web/mail/mail_whitelist_edit.php
+++ b/interface/web/mail/mail_whitelist_edit.php
@@ -72,6 +72,22 @@
parent::onShowNew();
}
+ function onBeforeUpdate() {
+ global $app, $conf;
+
+ //* Check if the server has been changed
+ // We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
+ if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+ $rec = $app->db->queryOneRecord("SELECT server_id from mail_access WHERE access_id = ".$this->id);
+ if($rec['server_id'] != $this->dataRecord["server_id"]) {
+ //* Add a error message and switch back to old server
+ $app->tform->errorMessage .= $app->lng('The Server can not be changed.');
+ $this->dataRecord["server_id"] = $rec['server_id'];
+ }
+ unset($rec);
+ }
+ }
+
function onSubmit() {
global $app, $conf;
diff --git a/interface/web/mail/spamfilter_blacklist_edit.php b/interface/web/mail/spamfilter_blacklist_edit.php
index f33f964..eda9584 100644
--- a/interface/web/mail/spamfilter_blacklist_edit.php
+++ b/interface/web/mail/spamfilter_blacklist_edit.php
@@ -71,7 +71,23 @@
parent::onShowNew();
}
- function onSubmit() {
+ function onBeforeUpdate() {
+ global $app, $conf;
+
+ //* Check if the server has been changed
+ // We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
+ if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+ $rec = $app->db->queryOneRecord("SELECT server_id from spamfilter_wblist WHERE id = ".$this->id);
+ if($rec['server_id'] != $this->dataRecord["server_id"]) {
+ //* Add a error message and switch back to old server
+ $app->tform->errorMessage .= $app->lng('The Server can not be changed.');
+ $this->dataRecord["server_id"] = $rec['server_id'];
+ }
+ unset($rec);
+ }
+ }
+
+function onSubmit() {
global $app, $conf;
// Check the client limits, if user is not the admin
diff --git a/interface/web/mail/spamfilter_users_edit.php b/interface/web/mail/spamfilter_users_edit.php
index 503ff44..f76f909 100644
--- a/interface/web/mail/spamfilter_users_edit.php
+++ b/interface/web/mail/spamfilter_users_edit.php
@@ -71,7 +71,23 @@
parent::onShowNew();
}
- function onSubmit() {
+ function onBeforeUpdate() {
+ global $app, $conf;
+
+ //* Check if the server has been changed
+ // We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
+ if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+ $rec = $app->db->queryOneRecord("SELECT server_id from spamfilter_users WHERE id = ".$this->id);
+ if($rec['server_id'] != $this->dataRecord["server_id"]) {
+ //* Add a error message and switch back to old server
+ $app->tform->errorMessage .= $app->lng('The Server can not be changed.');
+ $this->dataRecord["server_id"] = $rec['server_id'];
+ }
+ unset($rec);
+ }
+ }
+
+function onSubmit() {
global $app, $conf;
// Check the client limits, if user is not the admin
diff --git a/interface/web/mail/spamfilter_whitelist_edit.php b/interface/web/mail/spamfilter_whitelist_edit.php
index 44d10ed..31aff9f 100644
--- a/interface/web/mail/spamfilter_whitelist_edit.php
+++ b/interface/web/mail/spamfilter_whitelist_edit.php
@@ -70,7 +70,23 @@
parent::onShowNew();
}
-
+
+ function onBeforeUpdate() {
+ global $app, $conf;
+
+ //* Check if the server has been changed
+ // We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
+ if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+ $rec = $app->db->queryOneRecord("SELECT server_id from spamfilter_wblist WHERE id = ".$this->id);
+ if($rec['server_id'] != $this->dataRecord["server_id"]) {
+ //* Add a error message and switch back to old server
+ $app->tform->errorMessage .= $app->lng('The Server can not be changed.');
+ $this->dataRecord["server_id"] = $rec['server_id'];
+ }
+ unset($rec);
+ }
+ }
+
function onSubmit() {
global $app, $conf;
diff --git a/interface/web/sites/database_edit.php b/interface/web/sites/database_edit.php
index d9b0181..b537c68 100644
--- a/interface/web/sites/database_edit.php
+++ b/interface/web/sites/database_edit.php
@@ -188,7 +188,23 @@
parent::onSubmit();
}
-
+
+ function onBeforeUpdate() {
+ global $app, $conf;
+
+ //* Check if the server has been changed
+ // We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
+ if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+ $rec = $app->db->queryOneRecord("SELECT server_id from web_database WHERE database_id = ".$this->id);
+ if($rec['server_id'] != $this->dataRecord["server_id"]) {
+ //* Add a error message and switch back to old server
+ $app->tform->errorMessage .= $app->lng('The Server can not be changed.');
+ $this->dataRecord["server_id"] = $rec['server_id'];
+ }
+ unset($rec);
+ }
+ }
+
function onUpdate() {
global $app, $conf;
diff --git a/interface/web/sites/web_domain_edit.php b/interface/web/sites/web_domain_edit.php
index 0c9fec1..9262947 100644
--- a/interface/web/sites/web_domain_edit.php
+++ b/interface/web/sites/web_domain_edit.php
@@ -247,6 +247,18 @@
function onBeforeUpdate () {
global $app, $conf;
+
+ //* Check if the server has been changed
+ // We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
+ if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+ $rec = $app->db->queryOneRecord("SELECT server_id from web_domain WHERE domain_id = ".$this->id);
+ if($rec['server_id'] != $this->dataRecord["server_id"]) {
+ //* Add a error message and switch back to old server
+ $app->tform->errorMessage .= $app->lng('The Server can not be changed.');
+ $this->dataRecord["server_id"] = $rec['server_id'];
+ }
+ unset($rec);
+ }
//* Check that all fields for the SSL cert creation are filled
if(isset($this->dataRecord['ssl_action']) && $this->dataRecord['ssl_action'] == 'create') {
@@ -259,12 +271,10 @@
}
-
-
function onAfterUpdate() {
global $app, $conf;
- // make sure that the record belongs to the clinet group and not the admin group when a dmin inserts it
+ // make sure that the record belongs to the clinet group and not the admin group when a admin inserts it
// also make sure that the user can not delete domain created by a admin
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
$client_group_id = intval($this->dataRecord["client_group_id"]);
--
Gitblit v1.9.1