From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty

---
 server/lib/classes/cron.d/100-monitor_syslog.inc.php |   22 +++++-----------------
 1 files changed, 5 insertions(+), 17 deletions(-)

diff --git a/server/lib/classes/cron.d/100-monitor_syslog.inc.php b/server/lib/classes/cron.d/100-monitor_syslog.inc.php
index b621121..c101de0 100644
--- a/server/lib/classes/cron.d/100-monitor_syslog.inc.php
+++ b/server/lib/classes/cron.d/100-monitor_syslog.inc.php
@@ -70,7 +70,7 @@
 		 * is there any warning or error for this server?
 		 */
 		$state = 'ok';
-		$dbData = $app->dbmaster->queryAllRecords('SELECT loglevel FROM sys_log WHERE server_id = ' . $server_id . ' AND loglevel > 0');
+		$dbData = $app->dbmaster->queryAllRecords('SELECT loglevel FROM sys_log WHERE server_id = ? AND loglevel > 0', $server_id);
 		if (is_array($dbData)) {
 			foreach ($dbData as $item) {
 				if ($item['loglevel'] == 1)
@@ -93,14 +93,8 @@
 		 * Insert the data into the database
 		 */
 		$sql = 'REPLACE INTO monitor_data (server_id, type, created, data, state) ' .
-			'VALUES (' .
-			$res['server_id'] . ', ' .
-			"'" . $app->dbmaster->quote($res['type']) . "', " .
-			'UNIX_TIMESTAMP(), ' .
-			"'" . $app->dbmaster->quote(serialize($res['data'])) . "', " .
-			"'" . $res['state'] . "'" .
-			')';
-		$app->dbmaster->query($sql);
+			'VALUES (?, ?, UNIX_TIMESTAMP(), ?, ?)';
+		$app->dbmaster->query($sql, $res['server_id'], $res['type'], serialize($res['data']), $res['state']);
 
 		/* The new data is written, now we can delete the old one */
 		$this->_tools->delOldRecords($res['type'], $res['server_id']);
@@ -127,14 +121,8 @@
 		 * Insert the data into the database
 		 */
 		$sql = 'REPLACE INTO monitor_data (server_id, type, created, data, state) ' .
-			'VALUES (' .
-			$res['server_id'] . ', ' .
-			"'" . $app->dbmaster->quote($res['type']) . "', " .
-			'UNIX_TIMESTAMP(), ' .
-			"'" . $app->dbmaster->quote(serialize($res['data'])) . "', " .
-			"'" . $res['state'] . "'" .
-			')';
-		$app->dbmaster->query($sql);
+			'VALUES (?, ?, UNIX_TIMESTAMP(), ?, ?)';
+		$app->dbmaster->query($sql, $res['server_id'], $res['type'], serialize($res['data']), $res['state']);
 
 		/* The new data is written, now we can delete the old one */
 		$this->_tools->delOldRecords($res['type'], $res['server_id']);

--
Gitblit v1.9.1