Commit ecbdda9b authored by Till Brehm's avatar Till Brehm

Added new input filters.

parent c3ab7bc0
......@@ -71,6 +71,12 @@ $form["tabs"]['directive_snippets'] = array (
1 => array ( 'type' => 'UNIQUE',
'errmsg'=> 'directive_snippets_name_error_unique'),
),
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '30',
......
......@@ -81,6 +81,12 @@ $form["tabs"]['groups'] = array (
'name' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'regex' => '/^.{1,30}$/',
'errmsg' => 'name_err',
'default' => '',
......@@ -94,6 +100,10 @@ $form["tabs"]['groups'] = array (
'description' => array (
'datatype' => 'TEXT',
'formtype' => 'TEXTAREA',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS')
),
'regex' => '',
'errmsg' => '',
'default' => '',
......
......@@ -52,6 +52,12 @@ $form["tabs"]['iptables'] = array (
'source_ip' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '',
......@@ -60,6 +66,12 @@ $form["tabs"]['iptables'] = array (
'destination_ip' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '',
......@@ -68,6 +80,12 @@ $form["tabs"]['iptables'] = array (
'singleport' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '',
......@@ -76,6 +94,12 @@ $form["tabs"]['iptables'] = array (
'multiport' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '',
......@@ -84,6 +108,12 @@ $form["tabs"]['iptables'] = array (
'state' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '',
......
......@@ -61,6 +61,12 @@ $form["tabs"]['services'] = array (
'server_name' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '30',
......
......@@ -145,6 +145,12 @@ $form["tabs"]['server'] = array(
'validators' => array(0 => array('type' => 'NOTEMPTY',
'errmsg' => 'nameservers_error_empty'),
),
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'value' => '',
'width' => '40',
'maxlength' => '255'
......@@ -316,6 +322,12 @@ $form["tabs"]['server'] = array(
'monit_user' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '40',
......@@ -344,6 +356,12 @@ $form["tabs"]['server'] = array(
'munin_user' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '40',
......@@ -426,6 +444,12 @@ $form["tabs"]['mail'] = array(
'dkim_path' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '/var/lib/amavis/dkim',
'value' => '',
'width' => '40',
......@@ -527,6 +551,12 @@ $form["tabs"]['mail'] = array(
'relayhost' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '40',
......@@ -535,6 +565,12 @@ $form["tabs"]['mail'] = array(
'relayhost_user' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '40',
......@@ -719,6 +755,12 @@ $form["tabs"]['web'] = array(
'website_autoalias' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '40',
......@@ -1135,6 +1177,12 @@ $form["tabs"]['web'] = array(
'validators' => array( 0 => array('type' => 'NOTEMPTY',
'errmsg' => 'htaccess_allow_override_error_empty'),
),
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'value' => '',
'width' => '40',
'maxlength' => '255'
......@@ -1161,6 +1209,12 @@ $form["tabs"]['web'] = array(
'validators' => array(0 => array('type' => 'NOTEMPTY',
'errmsg' => 'apps_vhost_port_error_empty'),
),
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'value' => '',
'width' => '40',
'maxlength' => '255'
......@@ -1172,6 +1226,12 @@ $form["tabs"]['web'] = array(
'validators' => array(0 => array('type' => 'NOTEMPTY',
'errmsg' => 'apps_vhost_ip_error_empty'),
),
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'value' => '',
'width' => '40',
'maxlength' => '255'
......@@ -1179,6 +1239,12 @@ $form["tabs"]['web'] = array(
'apps_vhost_servername' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '40',
......@@ -1187,6 +1253,12 @@ $form["tabs"]['web'] = array(
'awstats_conf_dir' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '40',
......@@ -1486,6 +1558,12 @@ $form["tabs"]['xmpp'] = array(
'xmpp_server_admins' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => 'admin@service.com, superuser@service.com',
'value' => '',
'width' => '15'
......@@ -1494,6 +1572,12 @@ $form["tabs"]['xmpp'] = array(
'xmpp_modules_enabled' => array(
'datatype' => 'TEXT',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => "saslauth, tls, dialback, disco, discoitems, version, uptime, time, ping, admin_adhoc, admin_telnet, bosh, posix, announce, offline, webpresence, mam, stream_management, message_carbons",
'value' => '',
'separator' => ","
......
......@@ -112,6 +112,12 @@ $form["tabs"]['php_name'] = array (
'validators' => array(0 => array('type' => 'NOTEMPTY',
'errmsg' => 'server_php_name_error_empty'),
),
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'separator' => '',
......@@ -135,6 +141,12 @@ $form["tabs"]['php_fastcgi'] = array(
'php_fastcgi_binary' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '40',
......@@ -143,6 +155,12 @@ $form["tabs"]['php_fastcgi'] = array(
'php_fastcgi_ini_dir' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '40',
......@@ -165,6 +183,12 @@ $form["tabs"]['php_fpm'] = array(
'php_fpm_init_script' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '40',
......@@ -173,6 +197,12 @@ $form["tabs"]['php_fpm'] = array(
'php_fpm_ini_dir' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '40',
......@@ -181,6 +211,12 @@ $form["tabs"]['php_fpm'] = array(
'php_fpm_pool_dir' => array(
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '40',
......
......@@ -87,6 +87,12 @@ $form["tabs"]['software_package'] = array (
'package_title' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'validators' => '',
'default' => '',
'value' => '',
......@@ -99,6 +105,12 @@ $form["tabs"]['software_package'] = array (
'package_key' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'validators' => '',
'default' => '',
'value' => '',
......
......@@ -92,6 +92,12 @@ $form["tabs"]['software_repo'] = array (
1 => array ( 'type' => 'UNIQUE',
'errmsg'=> 'repo_name_unique'),
),
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'separator' => '',
......@@ -108,6 +114,12 @@ $form["tabs"]['software_repo'] = array (
1 => array ( 'type' => 'UNIQUE',
'errmsg'=> 'repo_name_unique'),
),
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'separator' => '',
......@@ -119,6 +131,12 @@ $form["tabs"]['software_repo'] = array (
'repo_username' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'separator' => '',
......
......@@ -282,7 +282,11 @@ $form["tabs"]['mail'] = array (
1 => array( 'event' => 'SHOW',
'type' => 'IDNTOUTF8'),
2 => array( 'event' => 'SAVE',
'type' => 'TOLOWER')
'type' => 'TOLOWER'),
3 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
4 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'formtype' => 'TEXT',
'default' => '',
......@@ -293,6 +297,12 @@ $form["tabs"]['mail'] = array (
'admin_name' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '30',
......@@ -311,7 +321,11 @@ $form["tabs"]['mail'] = array (
1 => array( 'event' => 'SHOW',
'type' => 'IDNTOUTF8'),
2 => array( 'event' => 'SAVE',
'type' => 'TOLOWER')
'type' => 'TOLOWER'),
3 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
4 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'formtype' => 'TEXT',
'default' => '',
......@@ -322,6 +336,12 @@ $form["tabs"]['mail'] = array (
'smtp_port' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '25',
'value' => '',
'width' => '30',
......@@ -330,6 +350,12 @@ $form["tabs"]['mail'] = array (
'smtp_user' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => '',
'width' => '30',
......@@ -419,6 +445,10 @@ $form["tabs"]['domains'] = array (
'new_domain_html' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS')
),
'default' => '',
'value' => ''
),
......@@ -463,12 +493,24 @@ $form["tabs"]['misc'] = array (
'company_name' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => ''
),
'custom_login_text' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => ''
),
......@@ -485,18 +527,36 @@ $form["tabs"]['misc'] = array (
'dashboard_atom_url_admin' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => 'http://www.ispconfig.org/atom',
'value' => ''
),
'dashboard_atom_url_reseller' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => 'http://www.ispconfig.org/atom',
'value' => ''
),
'dashboard_atom_url_client' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => 'http://www.ispconfig.org/atom',
'value' => ''
),
......@@ -539,36 +599,72 @@ $form["tabs"]['misc'] = array (
'admin_dashlets_left' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => ''
),
'admin_dashlets_right' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => ''
),
'reseller_dashlets_left' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => ''
),
'reseller_dashlets_right' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => ''
),
'client_dashlets_left' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => ''
),
'client_dashlets_right' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'default' => '',
'value' => ''
),
......
......@@ -87,6 +87,12 @@ $form["tabs"]['basic'] = array (
'username' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'validators' => '',
'default' => 'global',
'value' => 'global',
......@@ -97,6 +103,12 @@ $form["tabs"]['basic'] = array (
'logo_url' => array (
'datatype' => 'VARCHAR',
'formtype' => 'TEXT',
'filters' => array(
0 => array( 'event' => 'SAVE',
'type' => 'STRIPTAGS'),
1 => array( 'event' => 'SAVE',
'type' => 'STRIPNL')
),
'validators' => '',
'default' => '',
'value' => '',
......
......@@ -133,6 +133,7 @@ class page_action extends tform_actions {
$tpls = $app->db->queryAllRecords($sql);
$option = '';
$tpl = array();
$tpls = $app->functions->htmlentities($tpls);
foreach($tpls as $item){
$option .= '<option value="' . $item['template_id'] . '|' . $item['template_name'] . '">' . $item['template_name'] . '</option>';
$tpl[$item['template_id']] = $item['template_name'];
......@@ -154,7 +155,7 @@ class page_action extends tform_actions {
$tmp->id = $item['assigned_template_id'];
$tmp->data = '';
$app->plugin->raiseEvent('get_client_template_details', $tmp);
if($tmp->data != '') $text .= '<br /><em>' . $tmp->data . '</em>';
if($tmp->data != '') $text .= '<br /><em>' . $app->functions->htmlentities($tmp->data) . '</em>';
$text .= '</li>';
$items[] = $item['assigned_template_id'] . ':' . $item['client_template_id'];
......@@ -219,6 +220,7 @@ class page_action extends tform_actions {
// Fill the client select field
$sql = "SELECT client.client_id, sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 AND client.limit_client != 0 ORDER BY client.company_name, client.contact_name, sys_group.name";
$clients = $app->db->queryAllRecords($sql);
$clients = $app->functions->htmlentities($clients);
$client_select = "<option value='0'>- ".$app->tform->lng('none_txt')." -</option>";
//$tmp_data_record = $app->tform->getDataRecord($this->id);
if(is_array($clients)) {
......
......@@ -83,6 +83,7 @@ class page_action extends tform_actions {
//$sql = "SELECT groupid, name FROM sys_group WHERE client_id > 0 ORDER BY name";
$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 ORDER BY client.company_name, client.contact_name, sys_group.name";
$clients = $app->db->queryAllRecords($sql);
$clients = $app->functions->htmlentities($clients);
$client_select = '';