maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

fix an issue where the isemaildomain flag for a main-domain can be set to false when edited by customer

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2018-12-08 12:46:17 +01:00
parent ddddbdfb18
commit db36d57683
3 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
index.php
View File

@@ -23,7 +23,9 @@ if ($action == '') {
$action = 'login'; $action = 'login';
} }
session_start(); if (session_status() == PHP_SESSION_NONE) {
session_start();
}
if ($action == '2fa_entercode') { if ($action == '2fa_entercode') {
// page for entering the 2FA code after successful login // page for entering the 2FA code after successful login

8
lib/classes/api/commands/class.SubDomains.php
View File

@@ -357,7 +357,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
SELECT d.*, pd.`subcanemaildomain`, pd.`isbinddomain` as subisbinddomain SELECT d.*, pd.`subcanemaildomain`, pd.`isbinddomain` as subisbinddomain
FROM `" . TABLE_PANEL_DOMAINS . "` d, `" . TABLE_PANEL_DOMAINS . "` pd FROM `" . TABLE_PANEL_DOMAINS . "` d, `" . TABLE_PANEL_DOMAINS . "` pd
WHERE " . ($id > 0 ? "d.`id` = :iddn" : "d.`domain` = :iddn") . " AND d.`customerid` IN (" . implode(", ", $customer_ids) . ") WHERE " . ($id > 0 ? "d.`id` = :iddn" : "d.`domain` = :iddn") . " AND d.`customerid` IN (" . implode(", ", $customer_ids) . ")
AND ((d.`parentdomainid`!='0' AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`)) AND ((d.`parentdomainid`!='0' AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`))
"); ");
$params = array( $params = array(
'iddn' => ($id <= 0 ? $domainname : $id) 'iddn' => ($id <= 0 ? $domainname : $id)
@@ -370,7 +370,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
SELECT d.*, pd.`subcanemaildomain`, pd.`isbinddomain` as subisbinddomain SELECT d.*, pd.`subcanemaildomain`, pd.`isbinddomain` as subisbinddomain
FROM `" . TABLE_PANEL_DOMAINS . "` d, `" . TABLE_PANEL_DOMAINS . "` pd FROM `" . TABLE_PANEL_DOMAINS . "` d, `" . TABLE_PANEL_DOMAINS . "` pd
WHERE " . ($id > 0 ? "d.`id` = :iddn" : "d.`domain` = :iddn") . " WHERE " . ($id > 0 ? "d.`id` = :iddn" : "d.`domain` = :iddn") . "
AND ((d.`parentdomainid`!='0' AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`)) AND ((d.`parentdomainid`!='0' AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`))
"); ");
$params = array( $params = array(
'iddn' => ($id <= 0 ? $domainname : $id) 'iddn' => ($id <= 0 ? $domainname : $id)
@@ -384,7 +384,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
SELECT d.*, pd.`subcanemaildomain`, pd.`isbinddomain` as subisbinddomain SELECT d.*, pd.`subcanemaildomain`, pd.`isbinddomain` as subisbinddomain
FROM `" . TABLE_PANEL_DOMAINS . "` d, `" . TABLE_PANEL_DOMAINS . "` pd FROM `" . TABLE_PANEL_DOMAINS . "` d, `" . TABLE_PANEL_DOMAINS . "` pd
WHERE d.`customerid`= :customerid AND " . ($id > 0 ? "d.`id` = :iddn" : "d.`domain` = :iddn") . " WHERE d.`customerid`= :customerid AND " . ($id > 0 ? "d.`id` = :iddn" : "d.`domain` = :iddn") . "
AND ((d.`parentdomainid`!='0' AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`)) AND ((d.`parentdomainid`!='0' AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`))
"); ");
$params = array( $params = array(
'customerid' => $this->getUserDetail('customerid'), 'customerid' => $this->getUserDetail('customerid'),
@@ -521,7 +521,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
// if allowed, check for 'is email domain'-flag // if allowed, check for 'is email domain'-flag
if ($result['parentdomainid'] != '0' && ($result['subcanemaildomain'] == '1' || $result['subcanemaildomain'] == '2') && $isemaildomain != $result['isemaildomain']) { if ($result['parentdomainid'] != '0' && ($result['subcanemaildomain'] == '1' || $result['subcanemaildomain'] == '2') && $isemaildomain != $result['isemaildomain']) {
$isemaildomain = intval($isemaildomain); $isemaildomain = intval($isemaildomain);
} else { } elseif ($result['parentdomainid'] != '0') {
$isemaildomain = $result['subcanemaildomain'] == '3' ? 1 : 0; $isemaildomain = $result['subcanemaildomain'] == '3' ? 1 : 0;
} }

2
lib/init.php
View File

@@ -194,7 +194,7 @@ if (isset($s)
$adminsession = '0'; $adminsession = '0';
} }
$query.= "WHERE `s`.`hash` = :hash AND `s`.`ipaddress` = :ipaddr $query.= " WHERE `s`.`hash` = :hash AND `s`.`ipaddress` = :ipaddr
AND `s`.`useragent` = :ua AND `s`.`lastactivity` > :timediff AND `s`.`useragent` = :ua AND `s`.`lastactivity` > :timediff
AND `s`.`adminsession` = :adminsession AND `s`.`adminsession` = :adminsession
"; ";