Applied account-diff-20110926.php provided by Uli
authorBernhard Fröhlich <bernhard@cacert.org>
Mon, 26 Sep 2011 21:42:57 +0000 (23:42 +0200)
committerBernhard Fröhlich <bernhard@cacert.org>
Mon, 26 Sep 2011 21:42:57 +0000 (23:42 +0200)
includes/account.php

index 24c61d8..171c79e 100755 (executable)
 
        if($oldid == 29 && $process != "")
        {
-               $domain = mysql_real_escape_string(stripslashes(trim($domainname)));
+               // $domain = mysql_real_escape_string(stripslashes(trim($domainname)));
+               $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
 
                $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($_SESSION['_config']['domid'])."'");
                $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
                        $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
                        $id = $oldid;
                        $oldid=0;
+                       // reset domid into its original state
+                       $domid = $_SESSION['_config']['domid'];
+                       $_REQUEST['domid'] = $domid;
                }
        }
 
-       if(($oldid == 29 || $oldid == 30) && $process != _("Cancel"))
+       if(($oldid == 29 || $oldid == 30) && $process != "")      // _("Cancel") is handled in front of account.php
        {
                $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where 
                                `orgdomlink`.`orgdomid`=`orgdomains`.`id` and