Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Open sidebar
Dirk Dankhoff
ISPConfig 3
Commits
217b8d78
Commit
217b8d78
authored
Apr 04, 2012
by
tbrehm
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fixed: FS#2157 - Add new Webdav user" can chmod and chown entire server from client interface
parent
8c080c6d
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
5 additions
and
1 deletion
+5
-1
interface/web/sites/lib/lang/en_webdav_user.lng
interface/web/sites/lib/lang/en_webdav_user.lng
+2
-0
interface/web/sites/webdav_user_edit.php
interface/web/sites/webdav_user_edit.php
+3
-1
No files found.
interface/web/sites/lib/lang/en_webdav_user.lng
View file @
217b8d78
...
@@ -13,4 +13,6 @@ $wb["username_error_regex"] = 'The username contains charachters that are not al
...
@@ -13,4 +13,6 @@ $wb["username_error_regex"] = 'The username contains charachters that are not al
$wb
[
"directory_error_empty"
]
=
'Directory empty.'
;
$wb
[
"directory_error_empty"
]
=
'Directory empty.'
;
$wb
[
"parent_domain_id_error_empty"
]
=
'No website selected.'
;
$wb
[
"parent_domain_id_error_empty"
]
=
'No website selected.'
;
$wb
[
'password_strength_txt'
]
=
'Password strength'
;
$wb
[
'password_strength_txt'
]
=
'Password strength'
;
$wb
[
'dir_dot_error'
]
=
'No .. in path allowed.'
;
$wb
[
'dir_slashdot_error'
]
=
'No ./ in path allowed.'
;
?>
?>
interface/web/sites/webdav_user_edit.php
View file @
217b8d78
...
@@ -114,7 +114,9 @@ class page_action extends tform_actions {
...
@@ -114,7 +114,9 @@ class page_action extends tform_actions {
*/
*/
if
(
isset
(
$this
->
dataRecord
[
'username'
])
&&
trim
(
$this
->
dataRecord
[
'username'
])
==
''
)
$app
->
tform
->
errorMessage
.
=
$app
->
tform
->
lng
(
'username_error_empty'
)
.
'<br />'
;
if
(
isset
(
$this
->
dataRecord
[
'username'
])
&&
trim
(
$this
->
dataRecord
[
'username'
])
==
''
)
$app
->
tform
->
errorMessage
.
=
$app
->
tform
->
lng
(
'username_error_empty'
)
.
'<br />'
;
if
(
isset
(
$this
->
dataRecord
[
'username'
])
&&
empty
(
$this
->
dataRecord
[
'parent_domain_id'
]))
$app
->
tform
->
errorMessage
.
=
$app
->
tform
->
lng
(
'parent_domain_id_error_empty'
)
.
'<br />'
;
if
(
isset
(
$this
->
dataRecord
[
'username'
])
&&
empty
(
$this
->
dataRecord
[
'parent_domain_id'
]))
$app
->
tform
->
errorMessage
.
=
$app
->
tform
->
lng
(
'parent_domain_id_error_empty'
)
.
'<br />'
;
if
(
isset
(
$this
->
dataRecord
[
'dir'
])
&&
stristr
(
$this
->
dataRecord
[
'dir'
],
'..'
))
$app
->
tform
->
errorMessage
.
=
$app
->
tform
->
lng
(
'dir_dot_error'
)
.
'<br />'
;
if
(
isset
(
$this
->
dataRecord
[
'dir'
])
&&
stristr
(
$this
->
dataRecord
[
'dir'
],
'./'
))
$app
->
tform
->
errorMessage
.
=
$app
->
tform
->
lng
(
'dir_slashdot_error'
)
.
'<br />'
;
parent
::
onSubmit
();
parent
::
onSubmit
();
}
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment