From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty

---
 server/server.php |    9 ++++-----
 1 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/server/server.php b/server/server.php
index 4cf1d35..4479b14 100644
--- a/server/server.php
+++ b/server/server.php
@@ -43,14 +43,14 @@
  * Try to Load the server configuration from the master-db
  */
 if ($app->dbmaster->connect_error == NULL) {
-	$server_db_record = $app->dbmaster->queryOneRecord("SELECT * FROM server WHERE server_id = " . $conf['server_id']);
+	$server_db_record = $app->dbmaster->queryOneRecord("SELECT * FROM server WHERE server_id = ?", $conf['server_id']);
 
 	if(!is_array($server_db_record)) die('Unable to load the server configuration from database.');
 
 	//* Get the number of the last processed datalog_id, if the id of the local server
 	//* is > then the one of the remote system, then use the local ID as we might not have
 	//* reached the remote server during the last run then.
-	$local_server_db_record = $app->db->queryOneRecord("SELECT * FROM server WHERE server_id = " . $conf['server_id']);
+	$local_server_db_record = $app->db->queryOneRecord("SELECT * FROM server WHERE server_id = ?", $conf['server_id']);
 	$conf['last_datalog_id'] = (int) max($server_db_record['updated'], $local_server_db_record['updated']);
 	unset($local_server_db_record);
 
@@ -73,7 +73,6 @@
 	unset($server_db_record);
 
 	// retrieve admin email address for notifications
-	//$sys_ini = $app->dbmaster->queryOneRecord("SELECT * FROM sys_ini WHERE sysini_id = 1");
 	$sys_ini = $app->db->queryOneRecord("SELECT * FROM sys_ini WHERE sysini_id = 1");
 	$conf['sys_ini'] = $app->ini_parser->parse_ini_string(stripslashes($sys_ini['config']));
 	$conf['admin_mail'] = $conf['sys_ini']['mail']['admin_mail'];
@@ -156,9 +155,9 @@
 
 	// Check if there is anything to update
 	if ($conf['mirror_server_id'] > 0) {
-		$tmp_rec = $app->dbmaster->queryOneRecord("SELECT count(server_id) as number from sys_datalog WHERE datalog_id > " . $conf['last_datalog_id'] . " AND (server_id = " . $conf['server_id'] . " OR server_id = " . $conf['mirror_server_id'] . " OR server_id = 0)");
+		$tmp_rec = $app->dbmaster->queryOneRecord("SELECT count(server_id) as number from sys_datalog WHERE datalog_id > ? AND (server_id = ? OR server_id = ? OR server_id = 0)", $conf['last_datalog_id'], $conf['server_id'], $conf['mirror_server_id']);
 	} else {
-		$tmp_rec = $app->dbmaster->queryOneRecord("SELECT count(server_id) as number from sys_datalog WHERE datalog_id > " . $conf['last_datalog_id'] . " AND (server_id = " . $conf['server_id'] . " OR server_id = 0)");
+		$tmp_rec = $app->dbmaster->queryOneRecord("SELECT count(server_id) as number from sys_datalog WHERE datalog_id > ? AND (server_id = ? OR server_id = 0)", $conf['last_datalog_id'], $conf['server_id']);
 	}
 
 	$tmp_num_records = $tmp_rec['number'];

--
Gitblit v1.9.1