From 1b80f888b3cf0819cd08a604a640f473f4d9d9f5 Mon Sep 17 00:00:00 2001 From: Alexey Melnichuk Date: Sun, 17 Jul 2016 21:14:12 +0300 Subject: [PATCH] Fix. Escape quotes and do not check domain_uuid in edit service form. (#1752) --- app/services/service_edit.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/app/services/service_edit.php b/app/services/service_edit.php index aaaf09c584..75209fdb5c 100644 --- a/app/services/service_edit.php +++ b/app/services/service_edit.php @@ -128,8 +128,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { $sql .= "service_cmd_start = '$service_cmd_start', "; $sql .= "service_cmd_stop = '$service_cmd_stop', "; $sql .= "service_description = '$service_description' "; - $sql .= "where domain_uuid = '$domain_uuid'"; - $sql .= "and service_uuid = '$service_uuid'"; + $sql .= "where service_uuid = '$service_uuid' "; + // $sql .= "and domain_uuid = '$domain_uuid'"; $db->exec(check_sql($sql)); unset($sql); @@ -238,7 +238,7 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { echo " ".$text['label-data']."\n"; echo "\n"; echo "\n"; - echo " \n"; + echo " \n"; //echo " \n"; echo "
\n"; echo $text['description-data']."\n"; @@ -250,7 +250,7 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { echo " ".$text['label-start_command']."\n"; echo "\n"; echo "\n"; - echo " \n"; + echo " \n"; echo "
\n"; echo $text['description-start_command']."\n"; echo "\n"; @@ -261,7 +261,7 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { echo " ".$text['label-stop_command']."\n"; echo "\n"; echo "\n"; - echo " \n"; + echo " \n"; echo "
\n"; echo $text['description-stop_command']."\n"; echo "\n";