tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-29 16:55:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

2010-07-19 Dario Rodriguez <dario.rodriguez@artica.es>

Browse Source 
* godmode/groups/group_list.php: fixed bug that allow create and update
	groups with name field empty.
	Fixes: #3031642



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3031 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
darode 2010-07-19 15:16:56 +00:00
parent 1a8cb34173
commit af1aa88949
2 changed files with 28 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pandora_console/ChangeLog
View File

@ -1,3 +1,9 @@
2010-07-19 Dario Rodriguez <dario.rodriguez@artica.es>
* godmode/groups/group_list.php: fixed bug that allow create and update
groups with name field empty.
Fixes: #3031642
2010-07-19 Miguel de Dios <miguel.dedios@artica.es> 2010-07-19 Miguel de Dios <miguel.dedios@artica.es>
* include/functions_agents.php: in function "get_agents" added the parameter * include/functions_agents.php: in function "get_agents" added the parameter

32
pandora_console/godmode/groups/group_list.php
View File

@ -89,11 +89,17 @@ if ($create_group) {
$id_parent = (int) get_parameter ('id_parent'); $id_parent = (int) get_parameter ('id_parent');
$alerts_disabled = (bool) get_parameter ('alerts_disabled'); $alerts_disabled = (bool) get_parameter ('alerts_disabled');
$custom_id = (string) get_parameter ('custom_id'); $custom_id = (string) get_parameter ('custom_id');
$sql = sprintf ('INSERT INTO tgrupo (nombre, icon, parent, disabled, custom_id) /*Check if name field is empty*/
VALUES ("%s", "%s", %d, %d, "%s")', if ($name != "") {
$name, substr ($icon, 0, -4), $id_parent, $alerts_disabled, $custom_id); $sql = sprintf ('INSERT INTO tgrupo (nombre, icon, parent, disabled, custom_id)
$result = mysql_query ($sql); VALUES ("%s", "%s", %d, %d, "%s")',
$name, substr ($icon, 0, -4), $id_parent, $alerts_disabled, $custom_id);
$result = mysql_query ($sql);
} else {
$result = false;
}
if ($result) { if ($result) {
echo "<h3 class='suc'>".__('Group successfully created')."</h3>"; echo "<h3 class='suc'>".__('Group successfully created')."</h3>";
} else { } else {
@ -110,11 +116,17 @@ if ($update_group) {
$custom_id = (string) get_parameter ('custom_id'); $custom_id = (string) get_parameter ('custom_id');
$propagate = (bool) get_parameter('propagate'); $propagate = (bool) get_parameter('propagate');
$sql = sprintf ('UPDATE tgrupo SET nombre = "%s", /*Check if name field is empty*/
icon = "%s", disabled = %d, parent = %d, custom_id = "%s", propagate = %d if( $name != "") {
WHERE id_grupo = %d', $sql = sprintf ('UPDATE tgrupo SET nombre = "%s",
$name, substr ($icon, 0, -4), !$alerts_enabled, $id_parent, $custom_id, $propagate, $id_group); icon = "%s", disabled = %d, parent = %d, custom_id = "%s", propagate = %d
$result = process_sql ($sql); WHERE id_grupo = %d',
$name, substr ($icon, 0, -4), !$alerts_enabled, $id_parent, $custom_id, $propagate, $id_group);
$result = process_sql ($sql);
} else {
$result = false;
}
if ($result !== false) { if ($result !== false) {
echo "<h3 class='suc'>".__('Group successfully updated')."</h3>"; echo "<h3 class='suc'>".__('Group successfully updated')."</h3>";
} else { } else {