Commit 03bca949 authored by tbrehm's avatar tbrehm

Merged revisions 2173-2174 from stable branch.

parent 04620b7f
......@@ -661,11 +661,11 @@ class remoting_lib {
}
function ispconfig_sysuser_add($params,$insert_id){
global $app,$sql1;
global $conf,$app,$sql1;
$username = $app->db->quote($params["username"]);
$password = $app->db->quote($params["password"]);
if(!isset($params['modules'])) {
$modules = 'dashboard,mail,sites,dns,tools';
$modules = $conf['interface_modules_enabled'];
} else {
$modules = $app->db->quote($params['modules']);
}
......
......@@ -72,6 +72,8 @@ class validate_ftpuser {
$doc_root .= "/";
if(substr($field_value, 0, strlen($doc_root)) == $doc_root) $is_ok = true;
if(stristr($field_value,'..') or stristr($field_value,'./') or stristr($field_value,'/.')) $is_ok = false;
if($is_ok == false) {
$errmsg = $validator['errmsg'];
......
......@@ -126,7 +126,7 @@ $form["tabs"]['ftp'] = array (
)
);
if($_SESSION["s"]["user"]["typ"] == 'admin') {
if($app->auth->is_admin()) {
$form["tabs"]['advanced'] = array (
'title' => "Options",
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment