Fixed: FS#3649 - Resellers can not add domains for their clients in client module

Till Brehm · Till Brehm · commit 6227d73ec10d · 2014-08-29T12:16:49.000+02:00
diff --git a/interface/web/client/domain_edit.php b/interface/web/client/domain_edit.php
@@ -193,7 +193,7 @@ function onAfterInsert() {
 
 		// make sure that the record belongs to the client group and not the admin group when admin inserts it
 		// also make sure that the user can not delete domain created by a admin
-		if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
+		if(($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) || ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid']))) {
 			$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
 			$app->db->query("UPDATE domain SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE domain_id = ".$this->id);
 		}

Original file line number	Diff line number	Diff line change
`@@ -193,7 +193,7 @@ function onAfterInsert() {`
`193`	`193`
`194`	`194`	`// make sure that the record belongs to the client group and not the admin group when admin inserts it`
`195`	`195`	`// also make sure that the user can not delete domain created by a admin`
`196`		`- if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {`
	`196`	`+ if(($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) \|\| ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid']))) {`
`197`	`197`	`$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);`
`198`	`198`	`$app->db->query("UPDATE domain SET sys_groupid = $client_group_id, sys_perm_group = 'ru' WHERE domain_id = ".$this->id);`
`199`	`199`	`}`