diff -r 700a3674b72e -r cb06e3e29ed8 inc/record.inc.php --- a/inc/record.inc.php Thu Apr 03 18:57:11 2008 +0000 +++ b/inc/record.inc.php Thu Apr 03 21:48:36 2008 +0000 @@ -94,8 +94,8 @@ */ function edit_record($record) { - if (verify_permission(zone_content_edit_others)) { $perm_content_edit = "all" ; } - elseif (verify_permission(zone_content_edit_own)) { $perm_content_edit = "own" ; } + if (verify_permission('zone_content_edit_others')) { $perm_content_edit = "all" ; } + elseif (verify_permission('zone_content_edit_own')) { $perm_content_edit = "own" ; } else { $perm_content_edit = "none" ; } $user_is_zone_owner = verify_user_is_owner_zoneid($record['zid']); @@ -148,8 +148,8 @@ function add_record($zoneid, $name, $type, $content, $ttl, $prio) { global $db; - if (verify_permission(zone_content_edit_others)) { $perm_content_edit = "all" ; } - elseif (verify_permission(zone_content_edit_own)) { $perm_content_edit = "own" ; } + if (verify_permission('zone_content_edit_others')) { $perm_content_edit = "all" ; } + elseif (verify_permission('zone_content_edit_own')) { $perm_content_edit = "own" ; } else { $perm_content_edit = "none" ; } $user_is_zone_owner = verify_user_is_owner_zoneid($zoneid); @@ -264,8 +264,8 @@ { global $db; - if (verify_permission(zone_content_edit_others)) { $perm_content_edit = "all" ; } - elseif (verify_permission(zone_content_edit_own)) { $perm_content_edit = "own" ; } + if (verify_permission('zone_content_edit_others')) { $perm_content_edit = "all" ; } + elseif (verify_permission('zone_content_edit_own')) { $perm_content_edit = "own" ; } else { $perm_content_edit = "none" ; } // Determine ID of zone first. @@ -301,8 +301,8 @@ */ function add_domain($domain, $owner, $webip, $mailip, $empty, $type, $slave_master) { - if(verify_permission(zone_master_add)) { $zone_master_add = "1" ; } ; - if(verify_permission(zone_slave_add)) { $zone_slave_add = "1" ; } ; + if(verify_permission('zone_master_add')) { $zone_master_add = "1" ; } ; + if(verify_permission('zone_slave_add')) { $zone_slave_add = "1" ; } ; // TODO: make sure only one is possible if only one is enabled if($zone_master_add == "1" || $zone_slave_add == "1") { @@ -394,8 +394,8 @@ { global $db; - if (verify_permission(zone_content_edit_others)) { $perm_edit = "all" ; } - elseif (verify_permission(zone_content_edit_own)) { $perm_edit = "own" ; } + if (verify_permission('zone_content_edit_others')) { $perm_edit = "all" ; } + elseif (verify_permission('zone_content_edit_own')) { $perm_edit = "own" ; } else { $perm_edit = "none" ; } $user_is_zone_owner = verify_user_is_owner_zoneid($id); @@ -442,7 +442,7 @@ function add_owner_to_zone($zone_id, $user_id) { global $db; - if ( (verify_permission(zone_meta_edit_others)) || (verify_permission(zone_meta_edit_own)) && verify_user_is_owner_zoneid($_GET["id"])) { + if ( (verify_permission('zone_meta_edit_others')) || (verify_permission('zone_meta_edit_own')) && verify_user_is_owner_zoneid($_GET["id"])) { // User is allowed to make change to meta data of this zone. if (is_numeric($zone_id) && is_numeric($user_id) && is_valid_user($user_id)) { @@ -463,7 +463,7 @@ function delete_owner_from_zone($zone_id, $user_id) { global $db; - if ( (verify_permission(zone_meta_edit_others)) || (verify_permission(zone_meta_edit_own)) && verify_user_is_owner_zoneid($_GET["id"])) { + if ( (verify_permission('zone_meta_edit_others')) || (verify_permission('zone_meta_edit_own')) && verify_user_is_owner_zoneid($_GET["id"])) { // User is allowed to make change to meta data of this zone. if (is_numeric($zone_id) && is_numeric($user_id) && is_valid_user($user_id)) { @@ -586,8 +586,8 @@ function get_zone_info_from_id($zone_id) { - if (verify_permission(zone_content_view_others)) { $perm_view = "all" ; } - elseif (verify_permission(zone_content_view_own)) { $perm_view = "own" ; } + if (verify_permission('zone_content_view_others')) { $perm_view = "all" ; } + elseif (verify_permission('zone_content_view_own')) { $perm_view = "own" ; } else { $perm_view = "none" ;} if ($perm_view == "none") { @@ -688,10 +688,11 @@ } -function get_zones($perm,$userid=0,$letterstart=all,$rowstart=0,$rowamount=999999) +function get_zones($perm,$userid=0,$letterstart='all',$rowstart=0,$rowamount=999999) { global $db; global $sql_regexp; + $sql_add = ''; if ($perm != "own" && $perm != "all") { error(ERR_PERM_VIEW_ZONE); return false; @@ -702,7 +703,7 @@ $sql_add = " AND zones.domain_id = domains.id AND zones.owner = ".$db->quote($userid); } - if ($letterstart!=all && $letterstart!=1) { + if ($letterstart!='all' && $letterstart!=1) { $sql_add .=" AND domains.name LIKE ".$db->quote($letterstart."%")." "; } elseif ($letterstart==1) { $sql_add .=" AND substring(domains.name,1,1) ".$sql_regexp." '^[[:digit:]]'"; @@ -736,11 +737,12 @@ } // TODO: letterstart limitation and userid permission limitiation should be applied at the same time? -function zone_count_ng($perm, $letterstart=all) { +function zone_count_ng($perm, $letterstart='all') { global $db; global $sql_regexp; $fromTable = 'domains'; + $sql_add = ''; if ($perm != "own" && $perm != "all") { $zone_count = "0"; @@ -752,7 +754,7 @@ AND zones.owner = ".$db->quote($_SESSION['userid']); $fromTable .= ',zones'; } - if ($letterstart!=all && $letterstart!=1) { + if ($letterstart!='all' && $letterstart!=1) { $sql_add .=" AND domains.name LIKE ".$db->quote($letterstart."%")." "; } elseif ($letterstart==1) { $sql_add .=" AND substring(domains.name,1,1) ".$sql_regexp." '^[[:digit:]]'"; @@ -828,7 +830,7 @@ function get_records_from_domain_id($id,$rowstart=0,$rowamount=999999) { global $db; if (is_numeric($id)) { - if ($_SESSION[$id."_ispartial"] == 1) { + if ((isset($_SESSION[$id."_ispartial"])) && ($_SESSION[$id."_ispartial"] == 1)) { $db->setLimit($rowamount, $rowstart); $result = $db->query("SELECT record_owners.record_id as id FROM record_owners,domains,records @@ -907,16 +909,21 @@ $holy_grail = trim($holy_grail); - if (verify_permission(zone_content_view_others)) { $perm_view = "all" ; } - elseif (verify_permission(zone_content_view_own)) { $perm_view = "own" ; } + $sql_add_from = ''; + $sql_add_where = ''; + + $return_zones = array(); + $return_records = array(); + + if (verify_permission('zone_content_view_others')) { $perm_view = "all" ; } + elseif (verify_permission('zone_content_view_own')) { $perm_view = "own" ; } else { $perm_view = "none" ; } - if (verify_permission(zone_content_edit_others)) { $perm_content_edit = "all" ; } - elseif (verify_permission(zone_content_edit_own)) { $perm_content_edit = "own" ; } + if (verify_permission('zone_content_edit_others')) { $perm_content_edit = "all" ; } + elseif (verify_permission('zone_content_edit_own')) { $perm_content_edit = "own" ; } else { $perm_content_edit = "none" ; } // Search for matching domains - if ($perm == "own") { $sql_add_from = ", zones "; $sql_add_where = " AND zones.domain_id = domains.id AND zones.owner = " . $db->quote($userid);