fix an issue where the isemaildomain flag for a main-domain can be set to false when edited by customer

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
2018-12-08 12:46:17 +01:00
parent ddddbdfb18
commit db36d57683
3 changed files with 8 additions and 6 deletions
--- a/index.php
+++ b/index.php
@@ -23,7 +23,9 @@ if ($action == '') {
 	$action = 'login';
 }

-session_start();
+if (session_status() == PHP_SESSION_NONE) {
+	session_start();
+}

 if ($action == '2fa_entercode') {
 	// page for entering the 2FA code after successful login
--- a/lib/classes/api/commands/class.SubDomains.php
+++ b/lib/classes/api/commands/class.SubDomains.php
@@ -357,7 +357,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
 						SELECT d.*, pd.`subcanemaildomain`, pd.`isbinddomain` as subisbinddomain
 						FROM `" . TABLE_PANEL_DOMAINS . "` d, `" . TABLE_PANEL_DOMAINS . "` pd
 						WHERE " . ($id > 0 ? "d.`id` = :iddn" : "d.`domain` = :iddn") . " AND d.`customerid` IN (" . implode(", ", $customer_ids) . ")
-						AND ((d.`parentdomainid`!='0'	AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`))
+						AND ((d.`parentdomainid`!='0' AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`))
 					");
 					$params = array(
 						'iddn' => ($id <= 0 ? $domainname : $id)
@@ -370,7 +370,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
 					SELECT d.*, pd.`subcanemaildomain`, pd.`isbinddomain` as subisbinddomain
 					FROM `" . TABLE_PANEL_DOMAINS . "` d, `" . TABLE_PANEL_DOMAINS . "` pd
 					WHERE " . ($id > 0 ? "d.`id` = :iddn" : "d.`domain` = :iddn") . "
-					AND ((d.`parentdomainid`!='0'	AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`))
+					AND ((d.`parentdomainid`!='0' AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`))
 				");
 				$params = array(
 					'iddn' => ($id <= 0 ? $domainname : $id)
@@ -384,7 +384,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
 				SELECT d.*, pd.`subcanemaildomain`, pd.`isbinddomain` as subisbinddomain
 				FROM `" . TABLE_PANEL_DOMAINS . "` d, `" . TABLE_PANEL_DOMAINS . "` pd
 				WHERE d.`customerid`= :customerid AND " . ($id > 0 ? "d.`id` = :iddn" : "d.`domain` = :iddn") . "
-				AND ((d.`parentdomainid`!='0'	AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`))
+				AND ((d.`parentdomainid`!='0' AND pd.`id` = d.`parentdomainid`) OR (d.`parentdomainid`='0' AND pd.`id` = d.`id`))
 			");
 			$params = array(
 				'customerid' => $this->getUserDetail('customerid'),
@@ -521,7 +521,7 @@ class SubDomains extends ApiCommand implements ResourceEntity
 		// if allowed, check for 'is email domain'-flag
 		if ($result['parentdomainid'] != '0' && ($result['subcanemaildomain'] == '1' || $result['subcanemaildomain'] == '2') && $isemaildomain != $result['isemaildomain']) {
 			$isemaildomain = intval($isemaildomain);
-		} else {
+		} elseif ($result['parentdomainid'] != '0') {
 			$isemaildomain = $result['subcanemaildomain'] == '3' ? 1 : 0;
 		}

--- a/lib/init.php
+++ b/lib/init.php
@@ -194,7 +194,7 @@ if (isset($s)
 		$adminsession = '0';
 	}

-	$query.= "WHERE `s`.`hash` = :hash AND `s`.`ipaddress` = :ipaddr
+	$query.= " WHERE `s`.`hash` = :hash AND `s`.`ipaddress` = :ipaddr
 		AND `s`.`useragent` = :ua AND `s`.`lastactivity` > :timediff
 		AND `s`.`adminsession` = :adminsession
 	";