SF.net SVN: postfixadmin:[874] trunk/list-virtual.php

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 874
          http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=874&view=rev
Author:   christian_boltz
Date:     2010-10-12 20:45:24 +0000 (Tue, 12 Oct 2010)

Log Message:
-----------
list-virtual.php:
- fix displaying of 'modified' column for aliases when using postgres
  (bugreport mailed by Dominic, neocoretech @SF)
- drop MySQL variant of the alias query, the fixed postgres variant works for
  both
- fixed wrong position of $sql_where (search string) - must be outside 
  the sub-query
- escape search string in page browser - even if it is unlikely that enough
  mail adresses contain funny chars to let the pagebrowser appear ;-)

Modified Paths:
--------------
    trunk/list-virtual.php

Modified: trunk/list-virtual.php
===================================================================

--- trunk/list-virtual.php	2010-09-30 22:11:18 UTC (rev 873)
+++ trunk/list-virtual.php	2010-10-12 20:45:24 UTC (rev 874)
@@ -155,24 +155,13 @@
    $sql_where  = " AND ( address LIKE '%$search%' OR goto LIKE '%$search%' ) ";
 }
 
-$query = "SELECT $table_alias.address,
-                 $table_alias.goto,
-                 $table_alias.modified,
-                 $table_alias.active
-          FROM $table_alias LEFT JOIN $table_mailbox ON $table_alias.address=$table_mailbox.username
-          WHERE ($sql_domain AND $table_mailbox.maildir IS NULL $sql_where)
-          ORDER BY $table_alias.address LIMIT $fDisplay, $page_size";
-if ('pgsql'==$CONF['database_type'])
-{
-   # TODO: is the different query for pgsql really needed? The mailbox query below also works with both...
    $query = "SELECT address,
                     goto,
-                    extract(epoch from modified) as modified,
+                    modified,
                     active
                     FROM $table_alias
-					WHERE $sql_domain AND NOT EXISTS(SELECT 1 FROM $table_mailbox WHERE username=$table_alias.address $sql_where)
+					WHERE $sql_domain AND NOT EXISTS(SELECT 1 FROM $table_mailbox WHERE username=$table_alias.address)   $sql_where
                     ORDER BY address LIMIT $page_size OFFSET $fDisplay";
-}
 
 $result = db_query ($query);
 if ($result['rows'] > 0)
@@ -359,7 +348,7 @@
         if ($aSearch == "") {
             $this->search = "";
         } else {
-            $this->search = "&search=$aSearch";
+            $this->search = "&search=" . htmlentities($aSearch);
         }
 		$this->url = '';
 		$this->fInit = false;


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


