From 7536c8e4a052bc889e434da3f6df8ae47faedd3d Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Mon, 25 Aug 2014 11:10:10 -0400
Subject: [PATCH] Updated security README.txt

---
 interface/lib/classes/listform.inc.php |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/interface/lib/classes/listform.inc.php b/interface/lib/classes/listform.inc.php
index 04f4b37..1b613a9 100644
--- a/interface/lib/classes/listform.inc.php
+++ b/interface/lib/classes/listform.inc.php
@@ -97,6 +97,7 @@
 			$querystring = str_replace("{AUTHSQL}", $app->tform->getAuthSQL('r'), $querystring);
 			$querystring = str_replace("{AUTHSQL-A}", $app->tform->getAuthSQL('r', 'a'), $querystring);
 			$querystring = str_replace("{AUTHSQL-B}", $app->tform->getAuthSQL('r', 'b'), $querystring);
+			$querystring = preg_replace_callback('@{AUTHSQL::(.+?)}@', create_function('$matches','global $app; $tmp = $app->tform->getAuthSQL("r", $matches[1]); return $tmp;'), $querystring);
 
 			//* Getting the records
 			$tmp_records = $app->db->queryAllRecords($querystring);

--
Gitblit v1.9.1