maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Migrated customer_extras to new PDO database class

Browse Source
This commit is contained in:
BNoiZe
2013-11-03 21:48:57 +01:00
parent e549ab2cbb
commit 36d65bf7ac
1 changed files with 212 additions and 201 deletions
Download Patch File Download Diff File Expand all files Collapse all files

413
customer_extras.php
View File

@@ -25,34 +25,36 @@ define('AREA', 'customer');
require ("./lib/init.php");
if(isset($_POST['id']))
{
if(isset($_POST['id'])) {
$id = intval($_POST['id']);
}
elseif(isset($_GET['id']))
{
} elseif(isset($_GET['id'])) {
$id = intval($_GET['id']);
}
if($page == 'overview')
{
if($page == 'overview') {
$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras");
eval("echo \"" . getTemplate("extras/extras") . "\";");
}
elseif($page == 'backup')
{
} elseif($page == 'backup') {
$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras_backup");
$result = $db->query("SELECT `backup_enabled` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
$row = $db->fetch_array($result);
$result_stmt = Database::prepare("SELECT `backup_enabled` FROM `" . TABLE_PANEL_CUSTOMERS . "`
WHERE `customerid`= :customerid"
);
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
$row = $result_stmt->fetch(PDO::FETCH_ASSOC);
$backup_enabled = makeyesno('backup_enabled', '1', '0', $row['backup_enabled']);
if(isset($_POST['send']) && $_POST['send'] == 'send'){
$backup_enabled = ($_POST['backup_enabled'] == '1' ? '1' : '0');
if(isset($_POST['send']) && $_POST['send'] == 'send') {
$backup_enabled = ($_POST['backup_enabled'] == '1' ? '1' : '0');
$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `backup_enabled`='" . $backup_enabled . "' WHERE `customerid`='" . (int)$userinfo['customerid'] . "'");
redirectTo($filename, Array('page' => $page, 's' => $s));
$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
SET `backup_enabled`= :backupenabled
WHERE `customerid`= :customerid"
);
Database::pexecute($stmt, array("backupenabled" => $backup_enabled, "customerid" => $userinfo['customerid']));
redirectTo($filename, Array('page' => $page, 's' => $s));
}
$backup_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.backup.php';
@@ -62,19 +64,19 @@ elseif($page == 'backup')
$image = $backup_data['backup']['image'];
eval("echo \"" . getTemplate("extras/backup") . "\";");
}
elseif($page == 'htpasswds')
{
if($action == '')
{
} elseif($page == 'htpasswds') {
if($action == '') {
$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras::htpasswds");
$fields = array(
'username' => $lng['login']['username'],
'path' => $lng['panel']['path']
);
$paging = new paging($userinfo, $db, TABLE_PANEL_HTPASSWDS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
$result = $db->query("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
$paging->setEntries($db->num_rows($result));
$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "`
WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
);
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
$paging->setEntries(Database::num_rows());
$sortcode = $paging->getHtmlSortCode($lng);
$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
$searchcode = $paging->getHtmlSearchCode($lng);
@@ -83,12 +85,9 @@ elseif($page == 'htpasswds')
$count = 0;
$htpasswds = '';
while($row = $db->fetch_array($result))
{
if($paging->checkDisplay($i))
{
if(strpos($row['path'], $userinfo['documentroot']) === 0)
{
while($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
if($paging->checkDisplay($i)) {
if(strpos($row['path'], $userinfo['documentroot']) === 0) {
$row['path'] = substr($row['path'], strlen($userinfo['documentroot']));
}
@@ -101,89 +100,92 @@ elseif($page == 'htpasswds')
}
eval("echo \"" . getTemplate("extras/htpasswds") . "\";");
}
elseif($action == 'delete'
&& $id != 0)
{
$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
} elseif($action == 'delete' && $id != 0) {
$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "`
WHERE `customerid`= :customerid
AND `id`= :id"
);
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
if(isset($result['username'])
&& $result['username'] != '')
{
if(isset($_POST['send'])
&& $_POST['send'] == 'send')
{
$db->query("DELETE FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='$id'");
if(isset($result['username']) && $result['username'] != '') {
if(isset($_POST['send']) && $_POST['send'] == 'send') {
$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_HTPASSWDS . "`
WHERE `customerid`= :customerid
AND `id`= :id"
);
Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
$log->logAction(USR_ACTION, LOG_INFO, "deleted htpasswd for '" . $result['username'] . " (" . $result['path'] . ")'");
inserttask('1');
redirectTo($filename, Array('page' => $page, 's' => $s));
}
else
{
if(strpos($result['path'], $userinfo['documentroot']) === 0)
{
} else {
if(strpos($result['path'], $userinfo['documentroot']) === 0) {
$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
}
ask_yesno('extras_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username'] . ' (' . $result['path'] . ')');
}
}
}
elseif($action == 'add')
{
if(isset($_POST['send'])
&& $_POST['send'] == 'send')
{
} elseif($action == 'add') {
if(isset($_POST['send']) && $_POST['send'] == 'send') {
$path = makeCorrectDir(validate($_POST['path'], 'path'));
$userpath = $path;
$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
$username = validate($_POST['username'], 'username', '/^[a-zA-Z0-9][a-zA-Z0-9\-_]+\$?$/');
$authname = validate($_POST['directory_authname'], 'directory_authname', '/^[a-zA-Z0-9][a-zA-Z0-9\-_ ]+\$?$/');
validate($_POST['directory_password'], 'password');
$username_path_check = $db->query_first("SELECT `id`, `username`, `path` FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `username`='" . $db->escape($username) . "' AND `path`='" . $db->escape($path) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");
$username_path_check_stmt = Database::prepare("SELECT `id`, `username`, `path` FROM `" . TABLE_PANEL_HTPASSWDS . "`
WHERE `username`= :username
AND `path`= :path
AND `customerid`= :customerid"
);
$params = array(
"username" => $username,
"path" => $path,
"customerid" => $userinfo['customerid']
);
Database::pexecute($username_path_check_stmt, $params);
$username_path_check = $username_path_check_stmt->fetch(PDO::FETCH_ASSOC);
if(CRYPT_STD_DES == 1)
{
if(CRYPT_STD_DES == 1) {
$saltfordescrypt = substr(md5(uniqid(microtime(), 1)), 4, 2);
$password = crypt($_POST['directory_password'], $saltfordescrypt);
}
else
{
} else {
$password = crypt($_POST['directory_password']);
}
if(!$_POST['path'])
{
if(!$_POST['path']) {
standard_error('invalidpath');
}
if($username == '')
{
if($username == '') {
standard_error(array('stringisempty', 'myloginname'));
}
elseif($username_path_check['username'] == $username
&& $username_path_check['path'] == $path)
{
} elseif($username_path_check['username'] == $username && $username_path_check['path'] == $path) {
standard_error('userpathcombinationdupe');
}
elseif($_POST['directory_password'] == '')
{
} elseif($_POST['directory_password'] == '') {
standard_error(array('stringisempty', 'mypassword'));
}
elseif($path == '')
{
} elseif($path == '') {
standard_error('patherror');
}
else
{
$db->query("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "` (`customerid`, `username`, `password`, `path`, `authname`) VALUES ('" . (int)$userinfo['customerid'] . "', '" . $db->escape($username) . "', '" . $db->escape($password) . "', '" . $db->escape($path) . "', '" . $db->escape($authname) . "')");
} else {
$stmt = Database::prepare("INSERT INTO `" . TABLE_PANEL_HTPASSWDS . "`
(`customerid`, `username`, `password`, `path`, `authname`)
VALUES (:customerid, :username, :password, :path, :authname)"
);
$params = array(
"customerid" => $userinfo['customerid'],
"username" => $username,
"password" => $password,
"path" => $path,
"autname" => $authname
);
Database::pexecute($stmt, $params);
$log->logAction(USR_ACTION, LOG_INFO, "added htpasswd for '" . $username . " (" . $path . ")'");
inserttask('1');
redirectTo($filename, Array('page' => $page, 's' => $s));
}
}
else
{
} else {
$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
$htpasswd_add_data = include_once dirname(__FILE__).'/lib/formfields/customer/extras/formfield.htpasswd_add.php';
@@ -194,59 +196,60 @@ elseif($page == 'htpasswds')
eval("echo \"" . getTemplate("extras/htpasswds_add") . "\";");
}
}
elseif($action == 'edit'
&& $id != 0)
{
$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
} elseif($action == 'edit' && $id != 0) {
$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTPASSWDS . "`
WHERE `customerid`= :customerid
AND `id`= :id"
);
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
if(isset($result['username'])
&& $result['username'] != '')
{
if(isset($_POST['send'])
&& $_POST['send'] == 'send')
{
if(isset($result['username']) && $result['username'] != '') {
if(isset($_POST['send']) && $_POST['send'] == 'send') {
validate($_POST['directory_password'], 'password');
$authname = validate($_POST['directory_authname'], 'directory_authname', '/^[a-zA-Z0-9][a-zA-Z0-9\-_ ]+\$?$/');
if(CRYPT_STD_DES == 1)
{
if(CRYPT_STD_DES == 1) {
$saltfordescrypt = substr(md5(uniqid(microtime(), 1)), 4, 2);
$password = crypt($_POST['directory_password'], $saltfordescrypt);
}
else
{
} else {
$password = crypt($_POST['directory_password']);
}
$params = array(
"customerid" => $userinfo['customerid'],
"id" => $id
);
$pwd_sql = '';
if($_POST['directory_password'] != '')
{
$pwd_sql = "`password`='" . $db->escape($password) . "' ";
if($_POST['directory_password'] != '') {
$pwd_sql = "`password`= :password ";
$params["password"] = $password;
}
$auth_sql = '';
if($authname != $result['authname'])
{
$auth_sql = "`authname`='" . $db->escape($authname) . "' ";
if($authname != $result['authname']) {
$auth_sql = "`authname`= :authname ";
$params["authname"] = $authname;
}
if($pwd_sql != '' || $auth_sql != '')
{
if($pwd_sql != '' || $auth_sql != '') {
if($pwd_sql !='' && $auth_sql != '') {
$pwd_sql.= ', ';
}
$db->query("UPDATE `" . TABLE_PANEL_HTPASSWDS . "` SET ".$pwd_sql.$auth_sql." WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_HTPASSWDS . "`
SET ".$pwd_sql.$auth_sql."
WHERE `customerid`= :customerid
AND `id`= :id"
);
Database::pexecute($stmt, $params);
$log->logAction(USR_ACTION, LOG_INFO, "edited htpasswd for '" . $result['username'] . " (" . $result['path'] . ")'");
inserttask('1');
redirectTo($filename, Array('page' => $page, 's' => $s));
}
}
else
{
if(strpos($result['path'], $userinfo['documentroot']) === 0)
{
} else {
if(strpos($result['path'], $userinfo['documentroot']) === 0) {
$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
}
@@ -262,11 +265,8 @@ elseif($page == 'htpasswds')
}
}
}
}
elseif($page == 'htaccess')
{
if($action == '')
{
} elseif($page == 'htaccess') {
if($action == '') {
$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_extras::htaccess");
$fields = array(
'path' => $lng['panel']['path'],
@@ -277,8 +277,11 @@ elseif($page == 'htaccess')
'options_cgi' => $lng['extras']['execute_perl']
);
$paging = new paging($userinfo, $db, TABLE_PANEL_HTACCESS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
$result = $db->query("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
$paging->setEntries($db->num_rows($result));
$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "`
WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
);
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
$paging->setEntries(Database::num_rows());
$sortcode = $paging->getHtmlSortCode($lng);
$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
$searchcode = $paging->getHtmlSearchCode($lng);
@@ -289,12 +292,9 @@ elseif($page == 'htaccess')
$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
while($row = $db->fetch_array($result))
{
if($paging->checkDisplay($i))
{
if(strpos($row['path'], $userinfo['documentroot']) === 0)
{
while($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
if($paging->checkDisplay($i)) {
if(strpos($row['path'], $userinfo['documentroot']) === 0) {
$row['path'] = substr($row['path'], strlen($userinfo['documentroot']));
// don't show nothing wehn it's the docroot, show slash
if ($row['path'] == '') { $row['path'] = '/'; }
@@ -313,52 +313,47 @@ elseif($page == 'htaccess')
}
eval("echo \"" . getTemplate("extras/htaccess") . "\";");
}
elseif($action == 'delete'
&& $id != 0)
{
$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
} elseif($action == 'delete' && $id != 0) {
$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "`
WHERE `customerid` = :customerid
AND `id` = :id"
);
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
if(isset($result['customerid'])
&& $result['customerid'] != ''
&& $result['customerid'] == $userinfo['customerid'])
{
if(isset($_POST['send'])
&& $_POST['send'] == 'send')
{
$db->query("DELETE FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' AND `id`='" . (int)$id . "'");
if(isset($result['customerid']) && $result['customerid'] != '' && $result['customerid'] == $userinfo['customerid']) {
if(isset($_POST['send']) && $_POST['send'] == 'send') {
$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_HTACCESS . "`
WHERE `customerid`= :customerid
AND `id`= :id"
);
Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
$log->logAction(USR_ACTION, LOG_INFO, "deleted htaccess for '" . str_replace($userinfo['documentroot'], '', $result['path']) . "'");
inserttask('1');
redirectTo($filename, Array('page' => $page, 's' => $s));
}
else
{
} else {
ask_yesno('extras_reallydelete_pathoptions', $filename, array('id' => $id, 'page' => $page, 'action' => $action), str_replace($userinfo['documentroot'], '', $result['path']));
}
}
}
elseif($action == 'add')
{
if(isset($_POST['send'])
&& $_POST['send'] == 'send')
{
} elseif($action == 'add') {
if(isset($_POST['send']) && $_POST['send'] == 'send') {
$path = makeCorrectDir(validate($_POST['path'], 'path'));
$userpath = $path;
$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
$path_dupe_check = $db->query_first("SELECT `id`, `path` FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `path`='" . $db->escape($path) . "' AND `customerid`='" . (int)$userinfo['customerid'] . "'");
if(!$_POST['path'])
{
$path_dupe_check_stmt = Database::prepare("SELECT `id`, `path` FROM `" . TABLE_PANEL_HTACCESS . "`
WHERE `path`= :path
AND `customerid`= :customerid"
);
Database::pexecute($path_dupe_check_stmt, array("path" => $path, "customerid" => $userinfo['customerid']));
$path_dupe_check = $path_dupe_check_stmt->fetch(PDO::FETCH_ASSOC);
if(!$_POST['path']) {
standard_error('invalidpath');
}
if(isset($_POST['options_cgi'])
&& (int)$_POST['options_cgi'] != 0
) {
if(isset($_POST['options_cgi']) && (int)$_POST['options_cgi'] != 0) {
$options_cgi = '1';
}
else
{
} else {
$options_cgi = '0';
}
@@ -366,41 +361,47 @@ elseif($page == 'htaccess')
if (isset($_POST['error404path'])) {
$error404path = correctErrorDocument($_POST['error404path']);
}
$error403path = '';
if (isset($_POST['error403path'])) {
$error403path = correctErrorDocument($_POST['error403path']);
}
$error500path = '';
if (isset($_POST['error500path'])) {
$error500path = correctErrorDocument($_POST['error500path']);
}
if($path_dupe_check['path'] == $path)
{
if($path_dupe_check['path'] == $path) {
standard_error('errordocpathdupe', $userpath);
}
elseif($path == '')
{
} elseif($path == '') {
standard_error('patherror');
}
else
{
$db->query('INSERT INTO `' . TABLE_PANEL_HTACCESS . '` SET
`customerid` = "'.(int)$userinfo['customerid'].'",
`path` = "'.$db->escape($path).'",
`options_indexes` = "'.$db->escape($_POST['options_indexes'] == '1' ? '1' : '0').'",
`error404path` = "'.$db->escape($error404path).'",
`error403path` = "'.$db->escape($error403path).'",
`error500path` = "'.$db->escape($error500path).'",
`options_cgi` = "'.$db->escape($options_cgi).'"');
} else {
$stmt = Database::prepare('INSERT INTO `' . TABLE_PANEL_HTACCESS . '` SET
`customerid` = :customerid,
`path` = :path,
`options_indexes` = :options_indexes,
`error404path` = :error404path,
`error403path` = :error403path,
`error500path` = :error500path,
`options_cgi` = :options_cgi'
);
$params = array(
"customerid" => $userinfo['customerid'],
"path" => $path,
"options_indexes" => $_POST['options_indexes'] == '1' ? '1' : '0',
"error403path" => $error403path,
"error404path" => $error404path,
"error500path" => $error500path,
"options_cgi" => $options_cgi
);
Database::pexecute($stmt, $params);
$log->logAction(USR_ACTION, LOG_INFO, "added htaccess for '" . $path . "'");
inserttask('1');
redirectTo($filename, Array('page' => $page, 's' => $s));
}
}
else
{
} else {
$pathSelect = makePathfield($userinfo['documentroot'], $userinfo['guid'], $userinfo['guid'], $settings['panel']['pathedit']);
$cperlenabled = customerHasPerlEnabled($userinfo['customerid']);
/*
@@ -416,29 +417,24 @@ elseif($page == 'htaccess')
eval("echo \"" . getTemplate("extras/htaccess_add") . "\";");
}
}
elseif(($action == 'edit')
&& ($id != 0))
{
$result = $db->query_first('SELECT * FROM `' . TABLE_PANEL_HTACCESS . '` WHERE `customerid` = "' . (int)$userinfo['customerid'] . '" AND `id` = "' . (int)$id . '"');
} elseif(($action == 'edit') && ($id != 0)) {
$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "`
WHERE `customerid` = :customerid
AND `id` = :id"
);
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
if((isset($result['customerid']))
&& ($result['customerid'] != '')
&& ($result['customerid'] == $userinfo['customerid']))
{
if(isset($_POST['send'])
&& $_POST['send'] == 'send')
{
if((isset($result['customerid'])) && ($result['customerid'] != '') && ($result['customerid'] == $userinfo['customerid'])) {
if(isset($_POST['send']) && $_POST['send'] == 'send') {
$option_indexes = intval($_POST['options_indexes']);
$options_cgi = isset($_POST['options_cgi']) ? intval($_POST['options_cgi']) : 0;
if($option_indexes != '1')
{
if($option_indexes != '1') {
$option_indexes = '0';
}
if($options_cgi != '1')
{
if($options_cgi != '1') {
$options_cgi = '0';
}
@@ -447,22 +443,37 @@ elseif($page == 'htaccess')
$error500path = correctErrorDocument($_POST['error500path']);
if(($option_indexes != $result['options_indexes'])
|| ($error404path != $result['error404path'])
|| ($error403path != $result['error403path'])
|| ($error500path != $result['error500path'])
|| ($options_cgi != $result['options_cgi']))
{
|| ($error404path != $result['error404path'])
|| ($error403path != $result['error403path'])
|| ($error500path != $result['error500path'])
|| ($options_cgi != $result['options_cgi'])) {
inserttask('1');
$db->query('UPDATE `' . TABLE_PANEL_HTACCESS . '` SET `options_indexes` = "' . $db->escape($option_indexes) . '", `error404path` = "' . $db->escape($error404path) . '", `error403path` = "' . $db->escape($error403path) . '", `error500path` = "' . $db->escape($error500path) . '", `options_cgi` = "' . $db->escape($options_cgi) . '" WHERE `customerid` = "' . (int)$userinfo['customerid'] . '" AND `id` = "' . (int)$id . '"');
$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_HTACCESS . "`
SET `options_indexes` = :options_indexes,
`error404path` = :error404path,
`error403path` = :error403path,
`error500path` = :error500path,
`options_cgi` = :options_cgi
WHERE `customerid` = :customerid
AND `id` = :id"
);
$params = array(
"customerid" => $userinfo['customerid'],
"options_indexes" => $_POST['options_indexes'] == '1' ? '1' : '0',
"error403path" => $error403path,
"error404path" => $error404path,
"error500path" => $error500path,
"options_cgi" => $options_cgi,
"id" => $id
);
Database::pexecute($stmt, $params);
$log->logAction(USR_ACTION, LOG_INFO, "edited htaccess for '" . str_replace($userinfo['documentroot'], '', $result['path']) . "'");
}
redirectTo($filename, Array('page' => $page, 's' => $s));
}
else
{
if(strpos($result['path'], $userinfo['documentroot']) === 0)
{
} else {
if(strpos($result['path'], $userinfo['documentroot']) === 0) {
$result['path'] = substr($result['path'], strlen($userinfo['documentroot']));
// don't show nothing wehn it's the docroot, show slash
if ($result['path'] == '') { $result['path'] = '/'; }