From 67fbfc013d3a2a7757894d9fe0ef7b5311d25a40 Mon Sep 17 00:00:00 2001
From: vogelor <vogelor@ispconfig3>
Date: Fri, 12 Dec 2008 09:53:19 -0500
Subject: [PATCH] it is not possible to change the server after a record is insert

---
 interface/web/sites/web_domain_edit.php |   16 +++++++++++++---
 1 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/interface/web/sites/web_domain_edit.php b/interface/web/sites/web_domain_edit.php
index 0c9fec1..9262947 100644
--- a/interface/web/sites/web_domain_edit.php
+++ b/interface/web/sites/web_domain_edit.php
@@ -247,6 +247,18 @@
 	
 	function onBeforeUpdate () {
 		global $app, $conf;
+
+		//* Check if the server has been changed
+		// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
+		if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+			$rec = $app->db->queryOneRecord("SELECT server_id from web_domain WHERE domain_id = ".$this->id);
+			if($rec['server_id'] != $this->dataRecord["server_id"]) {
+				//* Add a error message and switch back to old server
+				$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
+				$this->dataRecord["server_id"] = $rec['server_id'];
+			}
+			unset($rec);
+		}
 		
 		//* Check that all fields for the SSL cert creation are filled
 		if(isset($this->dataRecord['ssl_action']) && $this->dataRecord['ssl_action'] == 'create') {
@@ -259,12 +271,10 @@
 		
 	}
 	
-	
-	
 	function onAfterUpdate() {
 		global $app, $conf;
 		
-		// make sure that the record belongs to the clinet group and not the admin group when a dmin inserts it
+		// make sure that the record belongs to the clinet group and not the admin group when a admin inserts it
 		// also make sure that the user can not delete domain created by a admin
 		if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
 			$client_group_id = intval($this->dataRecord["client_group_id"]);

--
Gitblit v1.9.1