diff -r effde559e0e9 -r 0c0aa144356a edit_record.php
--- a/edit_record.php Mon Mar 03 20:32:33 2008 +0000
+++ b/edit_record.php Mon Mar 10 19:15:59 2008 +0000
@@ -21,7 +21,7 @@
require_once("inc/toolkit.inc.php");
-if (isset($_GET["delid"])) {
+if (isset($_GET["delid"]) && isset($_GET['delid']) && isset($_GET['id'])) {
delete_record_owner($_GET["domain"],$_GET["delid"],$_GET["id"]);
}
@@ -32,11 +32,14 @@
error(ERR_RECORD_ACCESS_DENIED);
}
-if ($_POST["commit"])
+if (isset($_GET['domain'])) {
+ $domain_name = get_domain_name_from_id($_GET['domain']);
+}
+if (isset($_POST["commit"]) && isset($_POST['recordid']) && isset($_POST['domainid']) && isset($_POST['name']) && isset($_POST['type']) && isset($_POST['content']) && isset($_POST['ttl']) && isset($_POST['prio']))
{
edit_record($_POST["recordid"], $_POST["domainid"], $_POST["name"], $_POST["type"], $_POST["content"], $_POST["ttl"], $_POST["prio"]);
clean_page("edit.php?id=".$_POST["domainid"]);
-} elseif($_SESSION["partial_".get_domain_name_from_id($_GET["domain"])] == 1)
+} elseif(isset($_SESSION['partial_'.$domain_name]) && ($_SESSION["partial_".$domain_name] == 1))
{
$db->setLimit(1);
$checkPartial = $db->queryOne("SELECT id FROM record_owners WHERE record_id=".$db->quote($_GET["id"])." AND user_id=".$db->quote($_SESSION["userid"]));
@@ -46,7 +49,7 @@
}
include_once("inc/header.inc.php");
?>
- ""
+ ""
query("SELECT r.id,u.fullname FROM record_owners as r, users as u WHERE r.record_id=".$db->quote($_GET['id'])." AND u.id=r.user_id");
@@ -98,19 +101,19 @@
if ($_SESSION[$_GET["domain"]."_ispartial"] == 1)
{
?>
- " class="input">
+ " class="input">
-
+
- " class="input">
+ " class="input">
-.
+.
IN |
|