From f4de70ad5ce89191f23704c0f8c031cd733cc406 Mon Sep 17 00:00:00 2001
From: Falko Timme <ft@falkotimme.com>
Date: Mon, 24 Feb 2014 19:48:23 +0100
Subject: [PATCH] - Fixed FS#3354 - Protected folders must not be created
 twice. - Make sure the correct sys_groupid is saved for web folders and web
 folder users.

---
 .../web/sites/lib/lang/de_web_folder.lng      |  1 +
 .../web/sites/lib/lang/de_web_folder_user.lng |  1 +
 .../web/sites/lib/lang/en_web_folder.lng      |  1 +
 .../web/sites/lib/lang/en_web_folder_user.lng |  1 +
 interface/web/sites/web_folder_edit.php       | 36 +++++++++++++++++++
 interface/web/sites/web_folder_user_edit.php  | 36 +++++++++++++++++++
 6 files changed, 76 insertions(+)

diff --git a/interface/web/sites/lib/lang/de_web_folder.lng b/interface/web/sites/lib/lang/de_web_folder.lng
index 9b784a64a3..8cd1b314c7 100644
--- a/interface/web/sites/lib/lang/de_web_folder.lng
+++ b/interface/web/sites/lib/lang/de_web_folder.lng
@@ -4,4 +4,5 @@ $wb['parent_domain_id_txt'] = 'Webseite';
 $wb['path_txt'] = 'Pfad';
 $wb['active_txt'] = 'Aktiv';
 $wb['path_error_regex'] = 'UngÃ¼ltiger Pfad.';
+$wb['error_folder_already_protected_txt'] = 'FÃ¼r diesen Ordner existiert schon ein Eintrag.';
 ?>
\ No newline at end of file
diff --git a/interface/web/sites/lib/lang/de_web_folder_user.lng b/interface/web/sites/lib/lang/de_web_folder_user.lng
index df9a4e2160..7542720a2c 100644
--- a/interface/web/sites/lib/lang/de_web_folder_user.lng
+++ b/interface/web/sites/lib/lang/de_web_folder_user.lng
@@ -10,4 +10,5 @@ $wb['repeat_password_txt'] = 'Passwort wiederholen';
 $wb['password_mismatch_txt'] = 'Die PasswÃ¶rter stimmen nicht Ã¼berein.';
 $wb['password_match_txt'] = 'Die PasswÃ¶rter stimmen Ã¼berein.';
 $wb['no_folder_perm'] = 'Sie haben keine Berechtigung fÃ¼r diesen Ordner.';
+$wb['error_user_exists_already_txt'] = 'FÃ¼r diesen Benutzer existiert schon ein Eintrag.';
 ?>
\ No newline at end of file
diff --git a/interface/web/sites/lib/lang/en_web_folder.lng b/interface/web/sites/lib/lang/en_web_folder.lng
index 5e8ede00cf..f205daef0e 100644
--- a/interface/web/sites/lib/lang/en_web_folder.lng
+++ b/interface/web/sites/lib/lang/en_web_folder.lng
@@ -4,4 +4,5 @@ $wb["parent_domain_id_txt"] = 'Website';
 $wb["path_txt"] = 'Path';
 $wb["active_txt"] = 'Active';
 $wb["path_error_regex"] = 'Invalid folder path.';
+$wb['error_folder_already_protected_txt'] = 'There is already a record for this folder.';
 ?>
\ No newline at end of file
diff --git a/interface/web/sites/lib/lang/en_web_folder_user.lng b/interface/web/sites/lib/lang/en_web_folder_user.lng
index 63c18567f8..207f5367eb 100644
--- a/interface/web/sites/lib/lang/en_web_folder_user.lng
+++ b/interface/web/sites/lib/lang/en_web_folder_user.lng
@@ -10,4 +10,5 @@ $wb['repeat_password_txt'] = 'Repeat Password';
 $wb['password_mismatch_txt'] = 'The passwords do not match.';
 $wb['password_match_txt'] = 'The passwords do match.';
 $wb["no_folder_perm"] = 'You have no permission for this folder.';
+$wb['error_user_exists_already_txt'] = 'There is already a record for this user.';
 ?>
\ No newline at end of file
diff --git a/interface/web/sites/web_folder_edit.php b/interface/web/sites/web_folder_edit.php
index d3235df7f1..009b039c1d 100644
--- a/interface/web/sites/web_folder_edit.php
+++ b/interface/web/sites/web_folder_edit.php
@@ -60,9 +60,45 @@ class page_action extends tform_actions {
 
 		// Set a few fixed values
 		$this->dataRecord["server_id"] = $parent_domain["server_id"];
+		
+		// make sure this folder isn't protected already
+		if($this->id > 0){
+			$folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE parent_domain_id = ".$this->dataRecord['parent_domain_id']." AND path = '".$this->dataRecord['path']."' AND web_folder_id != ".$this->id);
+		} else {
+			$folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE parent_domain_id = ".$this->dataRecord['parent_domain_id']." AND path = '".$this->dataRecord['path']."'");
+		}
+		if(is_array($folder) && !empty($folder)) $app->tform->errorMessage .= $app->tform->lng('error_folder_already_protected_txt');
 
 		parent::onSubmit();
 	}
+	
+	function onAfterInsert() {
+		global $app, $conf;
+
+		$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($this->dataRecord["parent_domain_id"]));
+
+		// The web folder entry shall be owned by the same group as the website
+		$sys_groupid = $app->functions->intval($web['sys_groupid']);
+
+		$sql = "UPDATE web_folder SET sys_groupid = '$sys_groupid' WHERE web_folder_id = ".$this->id;
+		$app->db->query($sql);
+	}
+	
+	function onAfterUpdate() {
+		global $app, $conf;
+
+		//* When the site of the web folder has been changed
+		if(isset($this->dataRecord['parent_domain_id']) && $this->oldDataRecord['parent_domain_id'] != $this->dataRecord['parent_domain_id']) {
+			$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($this->dataRecord["parent_domain_id"]));
+
+			// The web folder entry shall be owned by the same group as the website
+			$sys_groupid = $app->functions->intval($web['sys_groupid']);
+
+			$sql = "UPDATE web_folder SET sys_groupid = '$sys_groupid' WHERE web_folder_id = ".$this->id;
+			$app->db->query($sql);
+		}
+
+	}
 
 }
 
diff --git a/interface/web/sites/web_folder_user_edit.php b/interface/web/sites/web_folder_user_edit.php
index ce4663e716..ec3bdd1edb 100644
--- a/interface/web/sites/web_folder_user_edit.php
+++ b/interface/web/sites/web_folder_user_edit.php
@@ -60,9 +60,45 @@ class page_action extends tform_actions {
 
 		// Set a few fixed values
 		$this->dataRecord["server_id"] = $folder["server_id"];
+		
+		// make sure this folder/user combination does not exist already
+		if($this->id > 0){
+			$user = $app->db->queryOneRecord("SELECT * FROM web_folder_user WHERE web_folder_id = ".$this->dataRecord['web_folder_id']." AND username = '".$this->dataRecord['username']."' AND web_folder_user_id != ".$this->id);
+		} else {
+			$user = $app->db->queryOneRecord("SELECT * FROM web_folder_user WHERE web_folder_id = ".$this->dataRecord['web_folder_id']." AND username = '".$this->dataRecord['username']."'");
+		}
+		if(is_array($user) && !empty($user)) $app->tform->errorMessage .= $app->tform->lng('error_user_exists_already_txt');
 
 		parent::onSubmit();
 	}
+	
+	function onAfterInsert() {
+		global $app, $conf;
+
+		$folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE web_folder_id = ".$app->functions->intval($this->dataRecord["web_folder_id"]));
+
+		// The web folder user entry shall be owned by the same group as the web folder
+		$sys_groupid = $app->functions->intval($folder['sys_groupid']);
+
+		$sql = "UPDATE web_folder_user SET sys_groupid = '$sys_groupid' WHERE web_folder_user_id = ".$this->id;
+		$app->db->query($sql);
+	}
+	
+	function onAfterUpdate() {
+		global $app, $conf;
+
+		//* When the web folder has been changed
+		if(isset($this->dataRecord['web_folder_id']) && $this->oldDataRecord['web_folder_id'] != $this->dataRecord['web_folder_id']) {
+			$folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE web_folder_id = ".$app->functions->intval($this->dataRecord["web_folder_id"]));
+
+			// The web folder user entry shall be owned by the same group as the web folder
+			$sys_groupid = $app->functions->intval($folder['sys_groupid']);
+
+			$sql = "UPDATE web_folder_user SET sys_groupid = '$sys_groupid' WHERE web_folder_user_id = ".$this->id;
+			$app->db->query($sql);
+		}
+
+	}
 
 }
 
-- 
GitLab