Commit 67fbfc01 authored by vogelor's avatar vogelor
Browse files

it is not possible to change the server after a record is insert

parent c95f8cd5
...@@ -49,7 +49,21 @@ $app->uses('tpl,tform,tform_actions'); ...@@ -49,7 +49,21 @@ $app->uses('tpl,tform,tform_actions');
$app->load('tform_actions'); $app->load('tform_actions');
class page_action extends tform_actions { class page_action extends tform_actions {
function onBeforeUpdate() {
global $app, $conf;
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$rec = $app->db->queryOneRecord("SELECT server_id from firewall WHERE firewall_id = ".$this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
$this->dataRecord["server_id"] = $rec['server_id'];
}
unset($rec);
}
}
} }
$page = new page_action; $page = new page_action;
......
...@@ -46,8 +46,28 @@ $app->auth->check_module_permissions('admin'); ...@@ -46,8 +46,28 @@ $app->auth->check_module_permissions('admin');
// Loading classes // Loading classes
$app->uses('tpl,tform,tform_actions'); $app->uses('tpl,tform,tform_actions');
$app->load('tform_actions');
// let tform_actions handle the page class page_action extends tform_actions {
$app->tform_actions->onLoad();
function onBeforeUpdate() {
global $app, $conf;
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$rec = $app->db->queryOneRecord("SELECT server_id from server_ip WHERE server_ip_id = ".$this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
$this->dataRecord["server_id"] = $rec['server_id'];
}
unset($rec);
}
}
}
$page = new page_action;
$page->onLoad();
?> ?>
\ No newline at end of file
...@@ -45,6 +45,9 @@ $list_def_file = "list/server_ip.list.php"; ...@@ -45,6 +45,9 @@ $list_def_file = "list/server_ip.list.php";
$app->auth->check_module_permissions('admin'); $app->auth->check_module_permissions('admin');
$app->uses('listform_actions'); $app->uses('listform_actions');
$app->listform_actions->SQLOrderBy = "ORDER BY server_id, ip_address";
$app->listform_actions->onLoad(); $app->listform_actions->onLoad();
......
...@@ -59,9 +59,9 @@ if($_SESSION['s']['user']['typ'] == 'admin') { ...@@ -59,9 +59,9 @@ if($_SESSION['s']['user']['typ'] == 'admin') {
'target' => 'content', 'target' => 'content',
'link' => 'mail/spamfilter_policy_list.php'); 'link' => 'mail/spamfilter_policy_list.php');
$items[] = array( 'title' => 'Server Settings', // $items[] = array( 'title' => 'Server Settings',
'target' => 'content', // 'target' => 'content',
'link' => 'mail/spamfilter_config_list.php'); // 'link' => 'mail/spamfilter_config_list.php');
} }
$module['nav'][] = array( 'title' => 'Spamfilter', $module['nav'][] = array( 'title' => 'Spamfilter',
......
...@@ -71,7 +71,24 @@ class page_action extends tform_actions { ...@@ -71,7 +71,24 @@ class page_action extends tform_actions {
parent::onShowNew(); parent::onShowNew();
} }
function onBeforeUpdate() {
global $app, $conf;
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$rec = $app->db->queryOneRecord("SELECT server_id from mail_access WHERE access_id = ".$this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
$this->dataRecord["server_id"] = $rec['server_id'];
}
unset($rec);
}
}
function onSubmit() { function onSubmit() {
global $app, $conf; global $app, $conf;
......
...@@ -52,7 +52,21 @@ $app->uses('tpl,tform,tform_actions'); ...@@ -52,7 +52,21 @@ $app->uses('tpl,tform,tform_actions');
$app->load('tform_actions'); $app->load('tform_actions');
class page_action extends tform_actions { class page_action extends tform_actions {
function onBeforeUpdate() {
global $app, $conf;
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$rec = $app->db->queryOneRecord("SELECT server_id from mail_content_filter WHERE content_filter_id = ".$this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
$this->dataRecord["server_id"] = $rec['server_id'];
}
unset($rec);
}
}
} }
$page = new page_action; $page = new page_action;
......
...@@ -110,7 +110,23 @@ class page_action extends tform_actions { ...@@ -110,7 +110,23 @@ class page_action extends tform_actions {
parent::onShowEnd(); parent::onShowEnd();
} }
function onBeforeUpdate() {
global $app, $conf;
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$rec = $app->db->queryOneRecord("SELECT server_id from mail_transport WHERE transport_id = ".$this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
$this->dataRecord["server_id"] = $rec['server_id'];
}
unset($rec);
}
}
function onSubmit() { function onSubmit() {
global $app, $conf; global $app, $conf;
......
...@@ -72,6 +72,22 @@ class page_action extends tform_actions { ...@@ -72,6 +72,22 @@ class page_action extends tform_actions {
parent::onShowNew(); parent::onShowNew();
} }
function onBeforeUpdate() {
global $app, $conf;
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$rec = $app->db->queryOneRecord("SELECT server_id from mail_access WHERE access_id = ".$this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
$this->dataRecord["server_id"] = $rec['server_id'];
}
unset($rec);
}
}
function onSubmit() { function onSubmit() {
global $app, $conf; global $app, $conf;
......
...@@ -71,7 +71,23 @@ class page_action extends tform_actions { ...@@ -71,7 +71,23 @@ class page_action extends tform_actions {
parent::onShowNew(); parent::onShowNew();
} }
function onSubmit() { function onBeforeUpdate() {
global $app, $conf;
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$rec = $app->db->queryOneRecord("SELECT server_id from spamfilter_wblist WHERE id = ".$this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
$this->dataRecord["server_id"] = $rec['server_id'];
}
unset($rec);
}
}
function onSubmit() {
global $app, $conf; global $app, $conf;
// Check the client limits, if user is not the admin // Check the client limits, if user is not the admin
......
...@@ -71,7 +71,23 @@ class page_action extends tform_actions { ...@@ -71,7 +71,23 @@ class page_action extends tform_actions {
parent::onShowNew(); parent::onShowNew();
} }
function onSubmit() { function onBeforeUpdate() {
global $app, $conf;
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$rec = $app->db->queryOneRecord("SELECT server_id from spamfilter_users WHERE id = ".$this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
$this->dataRecord["server_id"] = $rec['server_id'];
}
unset($rec);
}
}
function onSubmit() {
global $app, $conf; global $app, $conf;
// Check the client limits, if user is not the admin // Check the client limits, if user is not the admin
......
...@@ -70,7 +70,23 @@ class page_action extends tform_actions { ...@@ -70,7 +70,23 @@ class page_action extends tform_actions {
parent::onShowNew(); parent::onShowNew();
} }
function onBeforeUpdate() {
global $app, $conf;
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$rec = $app->db->queryOneRecord("SELECT server_id from spamfilter_wblist WHERE id = ".$this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
$this->dataRecord["server_id"] = $rec['server_id'];
}
unset($rec);
}
}
function onSubmit() { function onSubmit() {
global $app, $conf; global $app, $conf;
......
...@@ -188,7 +188,23 @@ class page_action extends tform_actions { ...@@ -188,7 +188,23 @@ class page_action extends tform_actions {
parent::onSubmit(); parent::onSubmit();
} }
function onBeforeUpdate() {
global $app, $conf;
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$rec = $app->db->queryOneRecord("SELECT server_id from web_database WHERE database_id = ".$this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
$this->dataRecord["server_id"] = $rec['server_id'];
}
unset($rec);
}
}
function onUpdate() { function onUpdate() {
global $app, $conf; global $app, $conf;
......
...@@ -247,6 +247,18 @@ class page_action extends tform_actions { ...@@ -247,6 +247,18 @@ class page_action extends tform_actions {
function onBeforeUpdate () { function onBeforeUpdate () {
global $app, $conf; global $app, $conf;
//* Check if the server has been changed
// We do this only for the admin or reseller users, as normal clients can not change the server ID anyway
if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
$rec = $app->db->queryOneRecord("SELECT server_id from web_domain WHERE domain_id = ".$this->id);
if($rec['server_id'] != $this->dataRecord["server_id"]) {
//* Add a error message and switch back to old server
$app->tform->errorMessage .= $app->lng('The Server can not be changed.');
$this->dataRecord["server_id"] = $rec['server_id'];
}
unset($rec);
}
//* Check that all fields for the SSL cert creation are filled //* Check that all fields for the SSL cert creation are filled
if(isset($this->dataRecord['ssl_action']) && $this->dataRecord['ssl_action'] == 'create') { if(isset($this->dataRecord['ssl_action']) && $this->dataRecord['ssl_action'] == 'create') {
...@@ -259,12 +271,10 @@ class page_action extends tform_actions { ...@@ -259,12 +271,10 @@ class page_action extends tform_actions {
} }
function onAfterUpdate() { function onAfterUpdate() {
global $app, $conf; global $app, $conf;
// make sure that the record belongs to the clinet group and not the admin group when a dmin inserts it // make sure that the record belongs to the clinet group and not the admin group when a admin inserts it
// also make sure that the user can not delete domain created by a admin // also make sure that the user can not delete domain created by a admin
if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
$client_group_id = intval($this->dataRecord["client_group_id"]); $client_group_id = intval($this->dataRecord["client_group_id"]);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment