diff --git a/admin/admin_settings.php b/admin/admin_settings.php index 8f3a2642..293f6b36 100644 --- a/admin/admin_settings.php +++ b/admin/admin_settings.php @@ -2175,8 +2175,8 @@ if ( defined('HESK_DEMO') ) while ($row = $ipRs->fetch_assoc()) { echo ''; echo ''; - echo ''; - echo ''; + echo ''; + echo ''; echo ''; } diff --git a/admin/admin_settings_save.php b/admin/admin_settings_save.php index faa6d158..50cb4680 100644 --- a/admin/admin_settings_save.php +++ b/admin/admin_settings_save.php @@ -503,15 +503,19 @@ while ($row = $ipBanSql->fetch_assoc()) { if (isset($_POST['ipDelete'][$row['ID']])) { hesk_dbQuery('DELETE FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'denied_ips` WHERE ID = '.hesk_dbEscape($row['ID'])); } else { + $ipAddressFrom = ip2long($_POST['ipFrom'][$row['ID']]); + $ipAddressTo = ip2long($_POST['ipTo'][$row['ID']]); hesk_dbQuery('UPDATE `'.hesk_dbEscape($hesk_settings['db_pfix']).'denied_ips` - SET `RangeStart` = \''.hesk_dbEscape($_POST['ipFrom'][$row['ID']]).'\', - `RangeEnd` = \''.hesk_dbEscape($_POST['ipTo'][$row['ID']]).'\' + SET `RangeStart` = \''.hesk_dbEscape($ipAddressFrom).'\', + `RangeEnd` = \''.hesk_dbEscape($ipAddressTo).'\' WHERE ID = '.hesk_dbEscape($row['ID'])); } } if (!empty($_POST['addIpFrom']) && !empty($_POST['addIpTo'])) { + $ipAddressFrom = ip2long($_POST['addIpFrom']); + $ipAddressTo = ip2long($_POST['addIpTo']); hesk_dbQuery('INSERT INTO `'.hesk_dbEscape($hesk_settings['db_pfix']).'denied_ips` (`RangeStart`, `RangeEnd`) - VALUES (\''.hesk_dbEscape($_POST['addIpFrom']).'\', \''.hesk_dbEscape($_POST['addIpTo']).'\')'); + VALUES (\''.hesk_dbEscape($ipAddressFrom).'\', \''.hesk_dbEscape($ipAddressTo).'\')'); } //-- Email Bans