bug 789: Remove non-relevant parts and fix some minor things.
authorMichael Tänzer <neo@nhng.de>
Tue, 15 Nov 2011 23:17:09 +0000 (00:17 +0100)
committerMichael Tänzer <neo@nhng.de>
Tue, 15 Nov 2011 23:17:09 +0000 (00:17 +0100)
- get rid of $_SESSION['_config']['domid'] (do it via REQUEST)
- use "cancel" instead of process

Signed-off-by: Michael Tänzer <neo@nhng.de>
includes/account.php
pages/account/29.php
pages/account/30.php

index 171c79e..e64f360 100755 (executable)
 
        if($oldid == 29 && $process != "")
        {
-               // $domain = mysql_real_escape_string(stripslashes(trim($domainname)));
-               $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
+               $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
 
-               $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($_SESSION['_config']['domid'])."'");
+               $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
                $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
                if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
                {
                        $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
                        $id = $oldid;
                        $oldid=0;
-                       // reset domid into its original state
-                       $domid = $_SESSION['_config']['domid'];
-                       $_REQUEST['domid'] = $domid;
                }
        }
 
                $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where 
                                `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
                                `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
-                               `orgdomains`.`id`='".intval($_SESSION['_config']['domid'])."'";
+                               `orgdomains`.`id`='".intval($domid)."'";
                $res = mysql_query($query);
                while($row = mysql_fetch_assoc($res))
                        mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
                $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where 
                                `orgemaillink`.`domid`=`orgdomains`.`id` and
                                `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
-                               `orgdomains`.`id`='".intval($_SESSION['_config']['domid'])."'";
+                               `orgdomains`.`id`='".intval($domid)."'";
                $res = mysql_query($query);
                while($row = mysql_fetch_assoc($res))
                        mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
 
        if($oldid == 29 && $process != "")
        {
-               $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'"));
-               mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($_SESSION['_config']['domid'])."'");
+               $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
+               mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
                showheader(_("My CAcert.org Account!"));
                printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
-               echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
+               echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
                showfooter();
                exit;
        }
 
        if($oldid == 30 && $process != "")
        {
-               $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'"));
+               $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
                $domain = $row['domain'];
-               mysql_query("delete from `orgdomains` where `id`='".intval($_SESSION['_config']['domid'])."'");
+               mysql_query("delete from `orgdomains` where `id`='".intval($domid)."'");
                showheader(_("My CAcert.org Account!"));
                printf(_("'%s' has just been successfully deleted from the database."), sanitizeHTML($domain));
-               echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
+               echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
                showfooter();
                exit;
        }
                $_SESSION['_config']['orgid'] = intval($orgid);
        if(intval($memid) > 0)
                $_SESSION['_config']['memid'] = intval($memid);
-       if(intval($domid) > 0)
-               $_SESSION['_config']['domid'] = intval($domid);
 ?>
index bc930f6..4229b3b 100755 (executable)
     <td class="DataTD"><input type="text" name="domainname" value="<?=sanitizeHTML($_SESSION['_config']['domain'])?>"></td>
   </tr>
   <tr>
-    <td class="DataTD"><input type="submit" name="process" value="<?=_("Cancel")?>"></td>
+    <td class="DataTD"><input type="submit" name="cancel" value="<?=_("Cancel")?>"></td>
     <td class="DataTD"><input type="submit" name="process" value="<?=_("Update")?>"></td>
   </tr>
 </table>
 <input type="hidden" name="oldid" value="<?=intval($id)?>">
 <input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
+<input type="hidden" name="domid" value="<?=intval($_REQUEST['domid'])?>">
 
 </form>
index 30c86f3..0c7d337 100644 (file)
@@ -41,5 +41,6 @@
 <input type="hidden" name="oldid" value="<?=intval($id)?>">
 <input type="hidden" name="orgid" value="<?=intval($_REQUEST['orgid'])?>">
 <input type="hidden" name="domain" value="<?=sanitizeHTML($row['domain'])?>">
+<input type="hidden" name="domid" value="<?=intval($_REQUEST['domid'])?>">
 
 </form>