diff --git a/interface/lib/classes/plugin_system_config_dns_ca.inc.php b/interface/lib/classes/plugin_system_config_dns_ca.inc.php index 6144a7349a174d11c0204dae0d3ecfbcd6227892..d9a99496550d82e92e1663c0c383401edf3d45e8 100644 --- a/interface/lib/classes/plugin_system_config_dns_ca.inc.php +++ b/interface/lib/classes/plugin_system_config_dns_ca.inc.php @@ -43,11 +43,11 @@ class plugin_system_config_dns_ca extends plugin_base { $pluginTpl = new tpl; $pluginTpl->newTemplate('templates/system_config_dns_ca_edit.htm'); - include 'lib/lang/'.$_SESSION['s']['language'].'_system_config.lng'; + include 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_system_config.lng'; $pluginTpl->setVar($wb); - if(isset($_GET['action']) && ($_GET['action'] == 'edit') && $_GET['id'] > 0) { + $ca_id = $app->functions->intval($_GET['id']); + if(isset($_GET['action']) && ($_GET['action'] == 'edit') && $ca_id > 0) { $pluginTpl->setVar('edit_record', 1); - $ca_id = intval($_GET['id']); $rec = $app->db->queryOneRecord("SELECT * FROM dns_ssl_ca WHERE id = ?", $ca_id); $pluginTpl->setVar('id', $rec['id']); $pluginTpl->setVar('ca_name', $rec['ca_name']); @@ -56,16 +56,15 @@ class plugin_system_config_dns_ca extends plugin_base { $pluginTpl->setVar('ca_critical', $rec['ca_critical']); $pluginTpl->setVar('ca_iodef', $rec['ca_iodef']); $pluginTpl->setVar('active', $rec['active']); - } elseif(isset($_GET['action']) && ($_GET['action'] == 'save') && $_GET['id'] > 0) { + } elseif(isset($_GET['action']) && ($_GET['action'] == 'save') && $ca_id > 0) { $pluginTpl->setVar('edit_record', 0); - $ca_id = intval($_GET['id']); $pluginTpl->setVar('id', $ca_id); - $pluginTpl->setVar('ca_name', $_POST['ca_name']); - $pluginTpl->setVar('ca_issue', $_POST['ca_issue']); - $pluginTpl->setVar('ca_wildcard', $_POST['ca_wildcard']); - $pluginTpl->setVar('ca_critical', $_POST['ca_critical']); - $pluginTpl->setVar('ca_iodef', $_POST['ca_iodef']); - $pluginTpl->setVar('active', $_POST['active']); + $pluginTpl->setVar('ca_name', $app->functions->htmlentities($_POST['ca_name'])); + $pluginTpl->setVar('ca_issue', $app->functions->htmlentities($_POST['ca_issue'])); + $pluginTpl->setVar('ca_wildcard', $app->functions->htmlentities($_POST['ca_wildcard'])); + $pluginTpl->setVar('ca_critical', $app->functions->htmlentities($_POST['ca_critical'])); + $pluginTpl->setVar('ca_iodef', $app->functions->htmlentities($_POST['ca_iodef'])); + $pluginTpl->setVar('active', $app->functions->htmlentities($_POST['active'])); } else { $pluginTpl->setVar('edit_record', 0); } @@ -77,10 +76,10 @@ class plugin_system_config_dns_ca extends plugin_base { function onUpdate() { global $app; - $id = intval($_GET['id']); + $ca_id = $app->functions->intval($_GET['id']); if(isset($_GET['action']) && $_GET['action'] == 'save') { - if($id > 0) { - $app->db->query("UPDATE dns_ssl_ca SET ca_name = ?, ca_issue = ?, ca_wildcard = ?, ca_iodef = ?, active = ? WHERE id = ?", $_POST['ca_name'], $_POST['ca_issue'], $_POST['ca_wildcard'], $_POST['ca_iodef'], $_POST['active'], $_GET['id']); + if($ca_id > 0) { + $app->db->query("UPDATE dns_ssl_ca SET ca_name = ?, ca_issue = ?, ca_wildcard = ?, ca_iodef = ?, active = ? WHERE id = ?", $_POST['ca_name'], $_POST['ca_issue'], $_POST['ca_wildcard'], $_POST['ca_iodef'], $_POST['active'], $ca_id); } else { $app->db->query("INSERT INTO (sys_userid, sys_groupid, sys_perm_user, sys_perm_group, sys_perm_other, ca_name, ca_issue, ca_wildcard, ca_iodef, active) VALUES(1, 1, 'riud', 'riud', '', ?, ?, ?, ?, ?", $_POST['ca_name'], $_POST['ca_issue'], $_POST['ca_wildcard'], $_POST['ca_iodef'], $_POST['active']); } diff --git a/interface/lib/classes/plugin_system_config_dns_ca_list.inc.php b/interface/lib/classes/plugin_system_config_dns_ca_list.inc.php index eb5882bd3b5bf68ed2b42dbc6577df79d927eaa6..6b82c06043bcb4942b9d03ad394675d9339690d1 100644 --- a/interface/lib/classes/plugin_system_config_dns_ca_list.inc.php +++ b/interface/lib/classes/plugin_system_config_dns_ca_list.inc.php @@ -44,7 +44,7 @@ class plugin_system_config_dns_ca_list extends plugin_base { $listTpl->newTemplate('templates/system_config_dns_ca_list.htm'); //* Loading language file - $lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_system_config.lng'; + $lng_file = 'lib/lang/'.$app->functions->check_language($_SESSION['s']['language']).'_system_config.lng'; include $lng_file; $listTpl->setVar($wb); if($_SESSION['s']['user']['typ'] == 'admin') { diff --git a/interface/lib/plugins/system_config_dns_ca_plugin.inc.php b/interface/lib/plugins/system_config_dns_ca_plugin.inc.php index 5ab338640c006065a653abbaa97f3ce507972459..c35934e5bfa542b9d5540802100eec148306f74c 100644 --- a/interface/lib/plugins/system_config_dns_ca_plugin.inc.php +++ b/interface/lib/plugins/system_config_dns_ca_plugin.inc.php @@ -62,7 +62,7 @@ class system_config_dns_ca_plugin { } } } - } //* End function + } function web_vhost_domain_edit($event_name, $page_form) { global $app; diff --git a/interface/web/dns/ajax_get_json.php b/interface/web/dns/ajax_get_json.php index b2c381f3e46820997cab0317adbeb7475e69b3c6..1dd9c518f9480b3d54359f6bc57bdc7b07d81586 100644 --- a/interface/web/dns/ajax_get_json.php +++ b/interface/web/dns/ajax_get_json.php @@ -35,7 +35,7 @@ require_once '../../lib/app.inc.php'; $app->auth->check_module_permissions('dns'); $type = $_GET["type"]; -$ca_id = $_GET['ca_id']; +$ca_id = $app->functions->intval($_GET['ca_id']); if($type == 'get_ipv4'){ $result = array(); diff --git a/server/conf/bind_pri.domain.master b/server/conf/bind_pri.domain.master index 897ece496ce2be29203845cc37607697ac04527e..fb867901dc2848506db0790c5ce076e92d2326ab 100644 --- a/server/conf/bind_pri.domain.master +++ b/server/conf/bind_pri.domain.master @@ -61,3 +61,4 @@ $TTL {tmpl_var name='ttl'} +