From a2860e70a587fd583303a5b91556bf883ac24481 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Fri, 14 Apr 2023 08:22:31 +0200 Subject: [PATCH] strictly check whether field to select is the id or the email-address b/c is cases of email-addresses starting with a digit this is somehow used as value for the id field and return the wrong entity Signed-off-by: Michael Kaufmann --- lib/Froxlor/Api/Commands/Emails.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/Froxlor/Api/Commands/Emails.php b/lib/Froxlor/Api/Commands/Emails.php index f4b1a524..3ef990c6 100644 --- a/lib/Froxlor/Api/Commands/Emails.php +++ b/lib/Froxlor/Api/Commands/Emails.php @@ -195,8 +195,8 @@ class Emails extends ApiCommand implements ResourceEntity FROM `" . TABLE_MAIL_VIRTUAL . "` v LEFT JOIN `" . TABLE_MAIL_USERS . "` u ON v.`popaccountid` = u.`id` WHERE v.`customerid` IN (" . implode(", ", $customer_ids) . ") - AND (v.`id`= :idea OR (v.`email` = :idea OR v.`email_full` = :idea)) - "); + AND " . (is_numeric($params['idea']) ? "v.`id`= :idea" : "(v.`email` = :idea OR v.`email_full` = :idea)") + ); $result = Database::pexecute_first($result_stmt, $params, true, true); if ($result) { $this->logger()->logAction($this->isAdmin() ? FroxlorLogger::ADM_ACTION : FroxlorLogger::USR_ACTION, LOG_NOTICE, "[API] get email address '" . $result['email_full'] . "'");