From 0a8f0e4ece06642808c1b52d7ea9c4af3ea356a1 Mon Sep 17 00:00:00 2001 From: tbrehm Date: Mon, 22 Oct 2012 11:18:05 +0000 Subject: [PATCH] Fixed: FS#2362 - client_id from remoting.inc.php functions is ignored --- interface/lib/classes/remoting_lib.inc.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php index 40db6e072e..47660f71cc 100644 --- a/interface/lib/classes/remoting_lib.inc.php +++ b/interface/lib/classes/remoting_lib.inc.php @@ -113,6 +113,7 @@ class remoting_lib { var $sys_userid; var $sys_default_group; var $sys_groups; + var $client_id; //* Load the form definition from file. @@ -136,12 +137,12 @@ class remoting_lib { } //* Load the user profile - function loadUserProfile($client_id = 0) { + function loadUserProfile($client_id_param = 0) { global $app,$conf; - $client_id = $app->functions->intval($client_id); + $this->client_id = $app->functions->intval($client_id_param); - if($client_id == 0) { + if($this->client_id == 0) { $this->sys_username = 'admin'; $this->sys_userid = 1; $this->sys_default_group = 1; @@ -758,7 +759,12 @@ class remoting_lib { $sql = "INSERT INTO ".$escape.$this->formDef['db_table'].$escape." ($sql_insert_key) VALUES ($sql_insert_val)"; } else { if($primary_id != 0) { - $sql_update = substr($sql_update,0,-2); + // update client permissions only if client_id > 0 + if($this->formDef['auth'] == 'yes' && $this->client_id > 0) { + $sql_update .= '`sys_userid` = '.$this->sys_userid.', '; + $sql_update .= '`sys_groupid` = '.$this->sys_default_group.', '; + } + $sql_update = substr($sql_update,0,-2); $sql = "UPDATE ".$escape.$this->formDef['db_table'].$escape." SET ".$sql_update." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id; if($sql_ext_where != '') $sql .= " and ".$sql_ext_where; } else { -- GitLab