fixed acls and improved the classic theme a little more

1 files changed, 8 insertions, 5 deletions

diff --git a/lib/class/access.class.php b/lib/class/access.class.php
index 45074a4c..58ce1081 100644
--- a/lib/class/access.class.php
+++ b/lib/class/access.class.php
@@ -91,7 +91,9 @@ class Access {
 		$level	= sql_escape($data['level']);
 		$user	= sql_escape($data['user']);
 		$key	= sql_escape($data['key']);
-			
+		
+		if (!$user) { $user = '-1'; } 
+		
 		$sql = "UPDATE access_list " . 
 			"SET start='$start', end='$end', level='$level', user='$user' " . 
 			"WHERE id='" . sql_escape($this->id) . "'";
@@ -109,8 +111,6 @@ class Access {
 	function create($name,$start,$end,$level,$user,$key,$type) { 
 
 		/* We need to verify the incomming data a littlebit */
-		$start = intval($start);
-		$end   = intval($end);
 
 		$start 	= ip2int($start);
 		$end 	= ip2int($end);
@@ -120,6 +120,8 @@ class Access {
 		$level	= intval($level);
 		$type	= $this->validate_type($type);
 
+		if (!$user) { $user = '-1'; } 
+
 		$sql = "INSERT INTO access_list (`name`,`level`,`start`,`end`,`key`,`user`,`type`) " . 
 			"VALUES ('$name','$level','$start','$end','$key','$user','$type')";
 		$db_results = mysql_query($sql, dbh());
@@ -174,10 +176,11 @@ class Access {
 				$sql = "SELECT id FROM access_list" . 
 					" WHERE `start` <= '$ip' AND `end` >= '$ip'" .
 					" AND `level` >= '$level' AND `type` = '$type'";
-				if (strlen($user)) { $sql .= " AND (`user` = '$user' OR `user` < '1')"; }
-				else { $sql .= " AND `user` < '1'"; }
+				if (strlen($user)) { $sql .= " AND (`user` = '$user' OR `user` = '-1')"; }
+				else { $sql .= " AND `user` = '0'"; }
 			break;
 		} // end switch on type
+
 		$db_results = mysql_query($sql, dbh());
 
 		// Yah they have access they can use the mojo