From b9a3ef486ebcde18a5ade37865ff8f397185d24f Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Sun, 24 Jul 2016 05:30:59 -0400
Subject: [PATCH] Fixed #3979 Mailbox users unable to save autoresponders
---
interface/web/admin/users_edit.php | 182 +++++++++++++++++++++++----------------------
1 files changed, 94 insertions(+), 88 deletions(-)
diff --git a/interface/web/admin/users_edit.php b/interface/web/admin/users_edit.php
index 31e07a9..e391964 100644
--- a/interface/web/admin/users_edit.php
+++ b/interface/web/admin/users_edit.php
@@ -1,6 +1,6 @@
<?php
/*
-Copyright (c) 2005, Till Brehm, projektfarm Gmbh
+Copyright (c) 2008, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
@@ -26,8 +26,7 @@
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-require_once('../../lib/config.inc.php');
-require_once('../../lib/app.inc.php');
+
/******************************************
* Begin Form configuration
@@ -39,98 +38,105 @@
* End Form configuration
******************************************/
-// Checke Berechtigungen f�r Modul
-if(!stristr($_SESSION["s"]["user"]["modules"],$_SESSION["s"]["module"]["name"])) {
- header("Location: ../index.php");
- exit;
-}
+require_once '../../lib/config.inc.php';
+require_once '../../lib/app.inc.php';
-// Lade Template
-$app->uses('tpl,tform');
-$app->tpl->newTemplate("tabbed_form.tpl.htm");
+//* Check permissions for module
+$app->auth->check_module_permissions('admin');
-// Tabellendefinition und Formdefinition laden
-$app->tform->loadFormDef($tform_def_file);
+// Loading classes
+$app->uses('tpl,tform,tform_actions');
+$app->load('tform_actions');
-// ID importieren
-$id = intval($_REQUEST["id"]);
+class page_action extends tform_actions {
-if(count($_POST) > 1) {
-
- // Bestimme aktion
- if($id > 0) {
- $action = 'UPDATE';
- } else {
- $action = 'INSERT';
- }
-
- $sql = $app->tform->getSQL($_POST,$_SESSION["s"]["form"]["tab"],$action,$id,$ext_where);
- if($app->tform->errorMessage == '') {
- $app->db->query($sql);
- if($action == "INSERT") $id = $app->db->insertID();
-
- // Liste anzeigen, wenn speichern geklickt wurde
- if($_REQUEST["next_tab"] == '') {
- header("Location: ".$app->tform->formDef['list_default']);
- exit;
- }
-
- } else {
- $app->tpl->setVar("error","<b>Fehler:</b><br>".$app->tform->errorMessage);
- $app->tpl->setVar($_POST);
- }
-}
-
-// Welcher Tab wird angezeigt
-if($app->tform->errorMessage == '') {
- // wenn kein Fehler vorliegt
- if($_REQUEST["next_tab"] != '') {
- // wenn n�chster Tab bekannt
- $active_tab = $_REQUEST["next_tab"];
- } else {
- // ansonsten ersten tab nehmen
- $active_tab = $app->tform->formDef['tab_default'];
- }
-} else {
- // bei Fehlern den gleichen Tab nochmal anzeigen
- $active_tab = $_SESSION["s"]["form"]["tab"];
-}
-
-
-if($id > 0) {
- // bestehenden Datensatz anzeigen
- if($app->tform->errorMessage == '') {
- if($app->tform->formDef['auth'] == 'no') {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = $id";
- } else {
- $sql = "SELECT * FROM ".$app->tform->formDef['db_table']." WHERE ".$app->tform->formDef['db_table_idx']." = $id AND ".$app->tform->getAuthSQL('u');
+ function onBeforeInsert() {
+ global $app, $conf;
+
+ //* Security settings check
+ if(isset($this->dataRecord['typ']) && $this->dataRecord['typ'][0] == 'admin') {
+ $app->auth->check_security_permissions('admin_allow_new_admin');
}
- if(!$record = $app->db->queryOneRecord($sql)) die("You dont have the permission to view this record or this record does not exist.");
- } else {
- $record = $app->tform->encode($_POST,$active_tab);
+
+ if(!in_array($this->dataRecord['startmodule'], $this->dataRecord['modules'])) {
+ $app->tform->errorMessage .= $app->tform->wordbook['startmodule_err'];
+ }
+
+
+
}
-
- // Userdaten umwandeln
- $record = $app->tform->getHTML($record, $active_tab,'EDIT');
- $record['id'] = $id;
-} else {
- if($app->tform->errorMessage == '') {
- $record = array();
- $record = $app->tform->getHTML($record, $app->tform->formDef['tab_default'],'NEW');
- } else {
- $record = $app->tform->getHTML($app->tform->encode($_POST,$active_tab),$active_tab,'EDIT');
+
+ function onBeforeUpdate() {
+ global $app, $conf;
+
+ if($conf['demo_mode'] == true && $_REQUEST['id'] <= 3) $app->error('This function is disabled in demo mode.');
+
+ //* Security settings check
+ if(isset($this->dataRecord['typ']) && $this->dataRecord['typ'][0] == 'admin') {
+ $app->auth->check_security_permissions('admin_allow_new_admin');
+ }
+
+ if(@is_array($this->dataRecord['modules']) && !in_array($this->dataRecord['startmodule'], $this->dataRecord['modules'])) {
+ $app->tform->errorMessage .= $app->tform->wordbook['startmodule_err'];
+ }
+
+ $this->oldDataRecord = $app->tform->getDataRecord($this->id);
+
+ //* A user that belongs to a client record (client or reseller) may not have typ admin
+ if(isset($this->dataRecord['typ']) && $this->dataRecord['typ'][0] == 'admin' && $this->oldDataRecord['client_id'] > 0) {
+ $app->tform->errorMessage .= $app->tform->wordbook['client_not_admin_err'];
+ }
+
}
+
+ /*
+ This function is called automatically right after
+ the data was successful updated in the database.
+ */
+ function onAfterUpdate() {
+ global $app, $conf;
+
+ $client = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = ?", $this->id);
+ $client_id = $app->functions->intval($client['client_id']);
+ $username = $this->dataRecord["username"];
+ $old_username = $this->oldDataRecord['username'];
+
+ // username changed
+ if(isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {
+ $sql = "UPDATE client SET username = ? WHERE client_id = ? AND username = ?";
+ $app->db->query($sql, $username, $client_id, $old_username);
+ $tmp = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = ?", $client_id);
+ $app->db->datalogUpdate("sys_group", array("name" => $username), 'groupid', $tmp['groupid']);
+ unset($tmp);
+ }
+
+ // password changed
+ if(isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord["passwort"]) && $this->dataRecord["passwort"] != '') {
+ $password = $this->dataRecord["passwort"];
+ $salt="$1$";
+ $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+ for ($n=0;$n<8;$n++) {
+ $salt.=$base64_alphabet[mt_rand(0, 63)];
+ }
+ $salt.="$";
+ $password = crypt(stripslashes($password), $salt);
+ $sql = "UPDATE client SET password = ? WHERE client_id = ? AND username = ?";
+ $app->db->query($sql, $password, $client_id, $username);
+ }
+
+ // language changed
+ if(isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) {
+ $language = $this->dataRecord["language"];
+ $sql = "UPDATE client SET language = ? WHERE client_id = ? AND username = ?";
+ $app->db->query($sql, $language, $client_id, $username);
+ }
+
+ parent::onAfterUpdate();
+ }
+
}
-$app->tpl->setVar($record);
+$page = new page_action;
+$page->onLoad();
-// Formular und Tabs erzeugen
-$app->tform->showForm();
-
-// Defaultwerte setzen
-$app->tpl_defaults();
-
-// Template parsen
-$app->tpl->pparse();
-
-?>
\ No newline at end of file
+?>
--
Gitblit v1.9.1