fix some problems with getuseracl

git-svn-id: https://silmor.de/svn/softmagic/smoke/trunk@94 6e3c4bff-ac9f-4ac1-96c5-d2ea494d3e33

diff --git a/www/inc/machine/session.php b/www/inc/machine/session.php
index 2f3a2d4..1deec2d 100644 (file)
--- a/www/inc/machine/session.php
+++ b/www/inc/machine/session.php
@@ -250,7 +250,7 @@ function getUserAclXml($user)
        $roles=$ALLOWEDREQUESTS;
        $roles[]="_admin";
        //get roles from DB
-       $res=$db->select("userrole","role","uname=".$user);
+       $res=$db->select("userrole","role","uname=".$db->escapeString($user));
        $acl=array();
        foreach($res as $rl)$acl[]=$rl["role"];
        $dom=new DOMDocument;
@@ -260,7 +260,7 @@ function getUserAclXml($user)
                $re=$dom->createElement("Role");
                $re->setAttributeNode(new DOMAttr("name",$rl));
                if(array_search($rl,$acl)===false)$re->setAttributeNode(new DOMAttr("set","0"));
-               else $re->setAttributeNode(new DOMAttr("set","0"));
+               else $re->setAttributeNode(new DOMAttr("set","1"));
                $root->appendChild($re);
        }
        $dom->appendChild($root);
@@ -315,9 +315,9 @@ function addUserXml($txt)
                        //create new
                        $db->insert("users",array("uname"=>$usr[$i]["name"],"description"=>$usr[$i]["descr"]));
                        //print data
-                       $usr=$dom->createElement("User",$usr[$i]["descr"]);
-                       $usr->setAttributeNode(new DOMAttr("name",$usr[$i]["name"]));
-                       $root->appendChild($usr);
+                       $udm=$dom->createElement("User",$usr[$i]["descr"]);
+                       $udm->setAttributeNode(new DOMAttr("name",$usr[$i]["name"]));
+                       $root->appendChild($udm);
                }
                $db->commitTransaction();
        }