Update of /cvsroot/helpmeict/Helpdesk/system
In directory sc8-pr-cvs17:/tmp/cvs-serv8517/system
Modified Files:
acl_issue.inc authentication.php remark.php
Log Message:
more fixes to magic_quotes, undefined contstants and variables.
more fixes to input validation.
Index: authentication.php
===================================================================
RCS file: /cvsroot/helpmeict/Helpdesk/system/authentication.php,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** authentication.php 7 Sep 2007 05:04:13 -0000 1.5
--- authentication.php 10 Sep 2007 00:32:33 -0000 1.6
***************
*** 62,71 ****
} else {
return array(
! $result[0][username],
! $result[0][name],
! $result[0][email],
! $result[0][id],
! $result[0][root],
! $result[0][restricted]
);
}
--- 62,71 ----
} else {
return array(
! $result[0]['username'],
! $result[0]['name'],
! $result[0]['email'],
! $result[0]['id'],
! $result[0]['root'],
! $result[0]['restricted']
);
}
Index: remark.php
===================================================================
RCS file: /cvsroot/helpmeict/Helpdesk/system/remark.php,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** remark.php 7 Feb 2007 01:20:17 -0000 1.6
--- remark.php 10 Sep 2007 00:32:33 -0000 1.7
***************
*** 72,76 ****
AND tbl_UserSites.site=tbl_Issues.site";
$usertypes = db_recordset($sql);
! $usertype = $usertypes[0][usertypename];
if ($confidential != 1 || ($usertype!='Client' && $usertype!='Site Contact')) {
// $recipients .= $user_details[email] . ",";
--- 72,76 ----
AND tbl_UserSites.site=tbl_Issues.site";
$usertypes = db_recordset($sql);
! $usertype = $usertypes[0]['usertypename'];
if ($confidential != 1 || ($usertype!='Client' && $usertype!='Site Contact')) {
// $recipients .= $user_details[email] . ",";
Index: acl_issue.inc
===================================================================
RCS file: /cvsroot/helpmeict/Helpdesk/system/acl_issue.inc,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** acl_issue.inc 7 Feb 2007 01:20:17 -0000 1.2
--- acl_issue.inc 10 Sep 2007 00:32:33 -0000 1.3
***************
*** 56,60 ****
if (get_closed_status($_SESSION['_domain']) == $issue['status'])
{
! if ($issue[published] == 0)
{
$acl['edit_publish'] = true;
--- 56,60 ----
if (get_closed_status($_SESSION['_domain']) == $issue['status'])
{
! if ($issue['published'] == 0)
{
$acl['edit_publish'] = true;
***************
*** 118,122 ****
else
{
! $sql = "SELECT tbl_UserTypes.type AS usertypename FROM tbl_UserTypes LEFT JOIN tbl_UserSites ON tbl_UserSites.usertype = tbl_UserTypes.id WHERE tbl_UserSites.userid=".$uid." AND tbl_UserSites.site=".$issue[site];
$usertypesRS = db_recordset($sql);
--- 118,122 ----
else
{
! $sql = "SELECT tbl_UserTypes.type AS usertypename FROM tbl_UserTypes LEFT JOIN tbl_UserSites ON tbl_UserSites.usertype = tbl_UserTypes.id WHERE tbl_UserSites.userid=".$uid." AND tbl_UserSites.site=".$issue['site'];
$usertypesRS = db_recordset($sql);
***************
*** 255,259 ****
}
}
! elseif ($issue[assignedto] == 0) // If issue is not assigned.
{
$acl['edit_style'] = true;
--- 255,259 ----
}
}
! elseif ($issue['assignedto'] == 0) // If issue is not assigned.
{
$acl['edit_style'] = true;
|
