From be667fd6af6aa38ca311110da7f33d102c937727 Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Tue, 11 Aug 2020 20:26:55 +0200
Subject: [PATCH] Fixed issues with userid setting for client protection
 feature.

---
 interface/web/admin/system_config_edit.php    | 4 +++-
 interface/web/sites/web_vhost_domain_edit.php | 3 ++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/interface/web/admin/system_config_edit.php b/interface/web/admin/system_config_edit.php
index 671b71032f..9b3102e60e 100644
--- a/interface/web/admin/system_config_edit.php
+++ b/interface/web/admin/system_config_edit.php
@@ -156,11 +156,13 @@ class page_action extends tform_actions {
 		*/
 
 		$new_config = $app->tform->encode($this->dataRecord, $section);
+		
 		if($section == 'sites' && $new_config['client_protection'] != 'y' && $server_config_array['sites']['client_protection'] == 'y') {
-		  $app->db->query("UPDATE `web_domain` SET `sys_userid` = (select `userid` FROM `sys_user` WHERE `default_group` = `web_domain`.`sys_groupid`), `sys_perm_group` = 'riud' WHERE `added_by` = 'admin'");
+		  $app->db->query("UPDATE `web_domain` SET `sys_userid` = (select `userid` FROM `sys_user` WHERE `default_group` = `web_domain`.`sys_groupid`), `sys_perm_group` = 'riud' WHERE `added_by` = 'admin' and sys_groupid > 0");
 		} elseif($section == 'sites' && $new_config['client_protection'] != 'n' && $server_config_array['sites']['client_protection'] == 'n') {
 			$app->db->query("UPDATE `web_domain` SET `sys_userid` = 1, `sys_perm_group` = 'ru' WHERE `added_by` = 'admin'");
 		}
+		
 		if($section == 'sites' && $new_config['vhost_subdomains'] != 'y' && $server_config_array['sites']['vhost_subdomains'] == 'y') {
 			// check for existing vhost subdomains, if found the mode cannot be disabled
 			$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_domain` WHERE `type` = 'vhostsubdomain'");
diff --git a/interface/web/sites/web_vhost_domain_edit.php b/interface/web/sites/web_vhost_domain_edit.php
index 4d1124d802..6121e413d5 100644
--- a/interface/web/sites/web_vhost_domain_edit.php
+++ b/interface/web/sites/web_vhost_domain_edit.php
@@ -1385,7 +1385,8 @@ class page_action extends tform_actions {
 	  	if($global_config['client_protection'] == 'y') {
 		    $app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'ru' WHERE domain_id = ?", $client_group_id, $this->id);
 			} else {
-				$app->db->query("UPDATE web_domain SET sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $client_group_id, $this->id);
+				$sysuser = $app->db->queryOneRecord('SELECT userid FROM sys_user WHERE default_group = ?',$client_group_id);
+				$app->db->query("UPDATE web_domain SET sys_userid = ?, sys_groupid = ?, sys_perm_group = 'riud' WHERE domain_id = ?", $sysuser['userid'],$client_group_id, $this->id);
 			}
 		}
 		if($app->auth->has_clients($_SESSION['s']['user']['userid']) && isset($this->dataRecord["client_group_id"])) {
-- 
GitLab