diff -r a8228f676bf7 -r 3673b1c9246c inc/record.inc.php --- a/inc/record.inc.php Mon Apr 07 19:11:03 2008 +0000 +++ b/inc/record.inc.php Thu Apr 10 19:42:47 2008 +0000 @@ -112,8 +112,8 @@ global $db; // TODO: no need to check for numeric-ness of zone id if we check with validate_input as well? if (is_numeric($record['zid'])) { - validate_input($record['zid'], $record['type'], $record['content'], $record['name'], $record['prio'], $record['ttl']); - $query = "UPDATE records + if (validate_input($record['zid'], $record['type'], $record['content'], $record['name'], $record['prio'], $record['ttl'])) { + $query = "UPDATE records SET name=".$db->quote($record['name']).", type=".$db->quote($record['type']).", content=".$db->quote($record['content']).", @@ -121,14 +121,16 @@ prio=".$db->quote($record['prio']).", change_date=".$db->quote(time())." WHERE id=".$db->quote($record['rid']); - $result = $db->Query($query); - if (PEAR::isError($result)) { - error($result->getMessage()); - return false; - } elseif ($record['type'] != 'SOA') { - update_soa_serial($record['zid']); + $result = $db->Query($query); + if (PEAR::isError($result)) { + error($result->getMessage()); + return false; + } elseif ($record['type'] != 'SOA') { + update_soa_serial($record['zid']); + } + return true; } - return true; + return false; } else {