From 6eee9b5359fc34c739b4e3ed8fb68b8bd31544e9 Mon Sep 17 00:00:00 2001
From: darode <drd.sqki@gmail.com>
Date: Mon, 19 Jul 2010 15:16:56 +0000
Subject: [PATCH] 2010-07-19  Dario Rodriguez  <dario.rodriguez@artica.es>

	* godmode/groups/group_list.php: fixed bug that allow create and update
	groups with name field empty.
	Fixes: #3031642



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3031 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog                     |  6 ++++
 pandora_console/godmode/groups/group_list.php | 32 +++++++++++++------
 2 files changed, 28 insertions(+), 10 deletions(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index ce4eaf30e8..02d93d9238 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,9 @@
+2010-07-19  Dario Rodriguez  <dario.rodriguez@artica.es>
+
+	* godmode/groups/group_list.php: fixed bug that allow create and update
+	groups with name field empty.
+	Fixes: #3031642
+
 2010-07-19  Miguel de Dios  <miguel.dedios@artica.es>
 
 	* include/functions_agents.php: in function "get_agents" added the parameter
diff --git a/pandora_console/godmode/groups/group_list.php b/pandora_console/godmode/groups/group_list.php
index 93ba52d990..a84b86d9c0 100644
--- a/pandora_console/godmode/groups/group_list.php
+++ b/pandora_console/godmode/groups/group_list.php
@@ -89,11 +89,17 @@ if ($create_group) {
 	$id_parent = (int) get_parameter ('id_parent');
 	$alerts_disabled = (bool) get_parameter ('alerts_disabled');
 	$custom_id = (string) get_parameter ('custom_id');
-
-	$sql = sprintf ('INSERT INTO tgrupo (nombre, icon, parent, disabled, custom_id) 
-			VALUES ("%s", "%s", %d, %d, "%s")',
-			$name, substr ($icon, 0, -4), $id_parent, $alerts_disabled, $custom_id);
-	$result = mysql_query ($sql);
+	
+	/*Check if name field is empty*/
+	if ($name != "") {
+		$sql = sprintf ('INSERT INTO tgrupo (nombre, icon, parent, disabled, custom_id) 
+				VALUES ("%s", "%s", %d, %d, "%s")',
+				$name, substr ($icon, 0, -4), $id_parent, $alerts_disabled, $custom_id);
+		$result = mysql_query ($sql);
+	} else {
+		$result = false;
+	}
+	
 	if ($result) {
 		echo "<h3 class='suc'>".__('Group successfully created')."</h3>"; 
 	} else {
@@ -110,11 +116,17 @@ if ($update_group) {
 	$custom_id = (string) get_parameter ('custom_id');
 	$propagate = (bool) get_parameter('propagate');
 
-	$sql = sprintf ('UPDATE tgrupo  SET nombre = "%s",
-			icon = "%s", disabled = %d, parent = %d, custom_id = "%s", propagate = %d
-			WHERE id_grupo = %d',
-			$name, substr ($icon, 0, -4), !$alerts_enabled, $id_parent, $custom_id, $propagate, $id_group);
-	$result = process_sql ($sql);
+	/*Check if name field is empty*/
+	if( $name != "") {	
+		$sql = sprintf ('UPDATE tgrupo  SET nombre = "%s",
+				icon = "%s", disabled = %d, parent = %d, custom_id = "%s", propagate = %d
+				WHERE id_grupo = %d',
+				$name, substr ($icon, 0, -4), !$alerts_enabled, $id_parent, $custom_id, $propagate, $id_group);
+		$result = process_sql ($sql);
+	} else {
+		$result = false;
+	}
+	
 	if ($result !== false) {
 		echo "<h3 class='suc'>".__('Group successfully updated')."</h3>";
 	} else {