From 3f44bcc6a6181a794f1e6fa986cd633c08f6b7ac Mon Sep 17 00:00:00 2001
From: Humorhenker <36549980+Humorhenker@users.noreply.github.com>
Date: Tue, 7 Jan 2020 21:48:21 +0100
Subject: [PATCH] =?UTF-8?q?Fix:=20Maillisteditierung=20durch=20Nutzer=20l?=
 =?UTF-8?q?=C3=B6schte=20maillistsource.=20Einf=C3=BCgen=20eines=20'suppor?=
 =?UTF-8?q?tinfotext'=20auf=20der=20settingspage?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 public/bin/editlist.php    | 9 ++++++++-
 public/bin/editlistpre.php | 8 +++++---
 public/settings.php        | 5 +++--
 3 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/public/bin/editlist.php b/public/bin/editlist.php
index 6d3efc4..6d7d861 100644
--- a/public/bin/editlist.php
+++ b/public/bin/editlist.php
@@ -38,7 +38,6 @@ if ($_SESSION['log'] == 1) {
     $eintrag = "UPDATE `alias_details` SET `name` = :newlistname, `owners` = :owners, `destinations` = :destinations, `security` = :security, `islist` = :islist WHERE `id` LIKE :editlistid"; // Aliasdaten in MailServer DB eintragen
     $sth = $dbh->prepare($eintrag);
     $sth->execute(array(':newlistname' => $_POST['newlistname'], ':owners' => $_POST['newlistowners'], ':destinations' => $_POST['newlistdestinations'], ':security' => $_POST['newlistsecurity'], ':islist' => $islist, ':editlistid' => $_POST['editlistid']));
-    $newlistsource = explode('@', $_POST['newlistsource']);
     $eintrag = "DELETE FROM `alias_owner` WHERE `alias_id` LIKE :aliasid";
     $sth = $dbh->prepare($eintrag);
     $sth->execute(array(':aliasid' => $_POST['editlistid']));
@@ -48,6 +47,14 @@ if ($_SESSION['log'] == 1) {
         $sth = $dbh->prepare($eintrag);
         $sth->execute(array(':aliasid' => $_POST['editlistid'], ':owner_username' => $maillistownerex[0], ':owner_domain' => $maillistownerex[1]));
     }
+    if ($_SESSION['admin']) {
+        $newlistsource = explode('@', $_POST['newlistsource']);
+    } else {
+        $abfrage = "SELECT `source_username`, `source_domain` FROM `aliases` WHERE `alias_id` LIKE :alias_id";
+        $result = $dbh->prepare($abfrage);
+        $result->execute(array(':alias_id' => $_POST['editlistid']));
+        $newlistsource = $result->fetch(); //bei fetch() werden im Array ['spaltenname'] und [#Nummer der Spalte] angelegt also ['source_usernam'] und [0] praktische Sache
+    }
     $eintrag = "DELETE FROM `aliases` WHERE `alias_id` LIKE :aliasid";
     $sth = $dbh->prepare($eintrag);
     $sth->execute(array(':aliasid' => $_POST['editlistid']));
diff --git a/public/bin/editlistpre.php b/public/bin/editlistpre.php
index c938ecf..68828fb 100644
--- a/public/bin/editlistpre.php
+++ b/public/bin/editlistpre.php
@@ -48,9 +48,11 @@ if ($_SESSION['log']) {
         $listdetails = $result2->fetch();
         echo'
         <form name="editlist" method=POST action="editlist.php">
-        <label>Listenname:<input name="newlistname" type="text" placeholder="Listenname" value="' . $lists['name'] . '"/></label>
-        <label>Listenadresse:<input name="newlistsource" type="text" placeholder="Listenadresse" value="' . $listdetails['source_username'] . '@' . $listdetails['source_domain'] . '"/></label>
-        <label>Listenbesitzer:<textarea rows="1" cols="50" name="newlistowners">' . $lists['owners'] . '</textarea></label><br>
+        <label>Listenname: <input name="newlistname" type="text" placeholder="Listenname" value="' . $lists['name'] . '"/></label>
+        <label>Listenadresse: ';
+        if ($_SESSION['admin']) echo '<input name="newlistsource" type="text" placeholder="Listenadresse" value="' . $listdetails['source_username'] . '@' . $listdetails['source_domain'] . '"/></label>';
+        else echo $listdetails['source_username'] . '@' . $listdetails['source_domain'] . '</label> ';
+        echo '<label>Listenbesitzer: <textarea rows="1" cols="50" name="newlistowners">' . $lists['owners'] . '</textarea></label><br>
         <label>Listenempfänger (durch Leerzeichen getrennt):<br><textarea rows="4" cols="50" name="newlistdestinations">';
         $abfrage3 = "SELECT `destination_username`, `destination_domain` FROM `aliases` WHERE `alias_id` LIKE :aliasid";
         $result3 = $dbh->prepare($abfrage3);
diff --git a/public/settings.php b/public/settings.php
index cc68aca..38029de 100644
--- a/public/settings.php
+++ b/public/settings.php
@@ -65,8 +65,9 @@ if ($_SESSION['log'] == 1) {
     <form name="deletemail" method=POST action="bin/deletemail.php">
     <input type="submit" value="LÖSCHEN"/>
     </form><p>';
-    echo $config['connectionsettingsadvicetext'];
-    echo $config['supportinfotext'];
+    echo nl2br($config['connectionsettingsadvicetext']);
+    echo '<br><br>';
+    echo nl2br($config['supportinfotext']);
     echo '</p></body>
     </html>';
     exit;