From db36d5768310073eb54a2d50d84a09f99808a938 Mon Sep 17 00:00:00 2001
From: Michael Kaufmann <d00p@froxlor.org>
Date: Sat, 8 Dec 2018 12:46:17 +0100
Subject: [PATCH] fix an issue where the isemaildomain flag for a main-domain
 can be set to false when edited by customer

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
---
 index.php                                     | 4 +++-
 lib/classes/api/commands/class.SubDomains.php | 8 ++++----
 lib/init.php                                  | 2 +-
 3 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/index.php b/index.php
index 8d896d34..45ef4333 100644
--- a/index.php
+++ b/index.php
@@ -23,7 +23,9 @@ if ($action == '') {
 	$action = 'login';
 }
 
-session_start();
+if (session_status() == PHP_SESSION_NONE) {
+	session_start();
+}
 
 if ($action == '2fa_entercode') {
 	// page for entering the 2FA code after successful login
diff --git a/lib/classes/api/commands/class.SubDomains.php b/lib/classes/api/commands/class.SubDomains.php
index 33d529d0..21110564 100644
--- a/lib/classes/api/commands/class.SubDomains.php
+++ b/lib/classes/api/commands/class.SubDomains.php
@@ -357,7 +357,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
 						SELECT d.*, pd.`subcanemaildomain`, pd.`isbinddomain` as subisbinddomain
 						FROM `" . TABLE_PANEL_DOMAINS . "` d, `" . TABLE_PANEL_DOMAINS . "` pd
 						WHERE " . ($id > 0 ? "d.`id` = :iddn" : "d.`domain` = :iddn") . " AND d.`customerid` IN (" . implode(", ", $customer_ids) . ")
-						AND ((d.`parentdomainid`!='0'	AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`))
+						AND ((d.`parentdomainid`!='0' AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`))
 					");
 					$params = array(
 						'iddn' => ($id <= 0 ? $domainname : $id)
@@ -370,7 +370,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
 					SELECT d.*, pd.`subcanemaildomain`, pd.`isbinddomain` as subisbinddomain
 					FROM `" . TABLE_PANEL_DOMAINS . "` d, `" . TABLE_PANEL_DOMAINS . "` pd
 					WHERE " . ($id > 0 ? "d.`id` = :iddn" : "d.`domain` = :iddn") . "
-					AND ((d.`parentdomainid`!='0'	AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`))
+					AND ((d.`parentdomainid`!='0' AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`))
 				");
 				$params = array(
 					'iddn' => ($id <= 0 ? $domainname : $id)
@@ -384,7 +384,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
 				SELECT d.*, pd.`subcanemaildomain`, pd.`isbinddomain` as subisbinddomain
 				FROM `" . TABLE_PANEL_DOMAINS . "` d, `" . TABLE_PANEL_DOMAINS . "` pd
 				WHERE d.`customerid`= :customerid AND " . ($id > 0 ? "d.`id` = :iddn" : "d.`domain` = :iddn") . "
-				AND ((d.`parentdomainid`!='0'	AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`))
+				AND ((d.`parentdomainid`!='0' AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`))
 			");
 			$params = array(
 				'customerid' => $this->getUserDetail('customerid'),
@@ -521,7 +521,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
 		// if allowed, check for 'is email domain'-flag
 		if ($result['parentdomainid'] != '0' && ($result['subcanemaildomain'] == '1' || $result['subcanemaildomain'] == '2') && $isemaildomain != $result['isemaildomain']) {
 			$isemaildomain = intval($isemaildomain);
-		} else {
+		} elseif ($result['parentdomainid'] != '0') {
 			$isemaildomain = $result['subcanemaildomain'] == '3' ? 1 : 0;
 		}
 
diff --git a/lib/init.php b/lib/init.php
index 960d9e49..fe46d0fa 100644
--- a/lib/init.php
+++ b/lib/init.php
@@ -194,7 +194,7 @@ if (isset($s)
 		$adminsession = '0';
 	}
 
-	$query.= "WHERE `s`.`hash` = :hash AND `s`.`ipaddress` = :ipaddr
+	$query.= " WHERE `s`.`hash` = :hash AND `s`.`ipaddress` = :ipaddr
 		AND `s`.`useragent` = :ua AND `s`.`lastactivity` > :timediff
 		AND `s`.`adminsession` = :adminsession
 	";