From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001 From: Marius Cramer <m.cramer@pixcept.de> Date: Thu, 06 Aug 2015 03:18:44 -0400 Subject: [PATCH] - don't set password via remoting if field is empty --- server/lib/app.inc.php | 15 +++++++-------- 1 files changed, 7 insertions(+), 8 deletions(-) diff --git a/server/lib/app.inc.php b/server/lib/app.inc.php index a9d47a5..dd8be5a 100755 --- a/server/lib/app.inc.php +++ b/server/lib/app.inc.php @@ -51,7 +51,7 @@ */ if($conf['dbmaster_host'] != '' && ($conf['dbmaster_host'] != $conf['db_host'] || ($conf['dbmaster_host'] == $conf['db_host'] && $conf['dbmaster_database'] != $conf['db_database']))) { - $this->dbmaster = new db($conf['dbmaster_host'], $conf['dbmaster_user'], $conf['dbmaster_password'], $conf['dbmaster_database']); + $this->dbmaster = new db($conf['dbmaster_host'], $conf['dbmaster_user'], $conf['dbmaster_password'], $conf['dbmaster_database'], $conf['dbmaster_port']); } else { $this->dbmaster = $this->db; } @@ -151,19 +151,18 @@ if(isset($this->dbmaster)) { $server_id = $conf['server_id']; $loglevel = $priority; - $tstamp = time(); - $message = $this->dbmaster->quote($msg); + $message = $msg; $datalog_id = (isset($this->modules->current_datalog_id) && $this->modules->current_datalog_id > 0)?$this->modules->current_datalog_id:0; if($datalog_id > 0) { - $tmp_rec = $this->dbmaster->queryOneRecord("SELECT count(syslog_id) as number FROM sys_log WHERE datalog_id = $datalog_id AND loglevel = ".LOGLEVEL_ERROR); + $tmp_rec = $this->dbmaster->queryOneRecord("SELECT count(syslog_id) as number FROM sys_log WHERE datalog_id = ? AND loglevel = ?", $datalog_id, LOGLEVEL_ERROR); //* Do not insert duplicate errors into the web log. if($tmp_rec['number'] == 0) { - $sql = "INSERT INTO sys_log (server_id,datalog_id,loglevel,tstamp,message) VALUES ('$server_id',$datalog_id,'$loglevel','$tstamp','$message')"; - $this->dbmaster->query($sql); + $sql = "INSERT INTO sys_log (server_id,datalog_id,loglevel,tstamp,message) VALUES (?, ?, ?, UNIX_TIMESTAMP(), ?)"; + $this->dbmaster->query($sql, $server_id, $datalog_id, $loglevel, $message); } } else { - $sql = "INSERT INTO sys_log (server_id,datalog_id,loglevel,tstamp,message) VALUES ('$server_id',0,'$loglevel','$tstamp','$message')"; - $this->dbmaster->query($sql); + $sql = "INSERT INTO sys_log (server_id,datalog_id,loglevel,tstamp,message) VALUES (?, 0, ?, UNIX_TIMESTAMP(), ?)"; + $this->dbmaster->query($sql, $server_id, $loglevel, $message); } } -- Gitblit v1.9.1