From cc7a82756b4f4d7ab18e928527c37489adbaf564 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Tue, 07 Apr 2015 14:10:50 -0400
Subject: [PATCH] - rewrite of sql queries to new form

---
 interface/lib/classes/tools_monitor.inc.php |   36 +++++++++++++++++++-----------------
 1 files changed, 19 insertions(+), 17 deletions(-)

diff --git a/interface/lib/classes/tools_monitor.inc.php b/interface/lib/classes/tools_monitor.inc.php
index d8a09f4..ad76e4e 100644
--- a/interface/lib/classes/tools_monitor.inc.php
+++ b/interface/lib/classes/tools_monitor.inc.php
@@ -33,7 +33,7 @@
 		global $app;
 
 		/* fetch the Data from the DB */
-		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'server_load' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'server_load' AND server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
 
 		if(isset($record['data'])) {
 			$data = unserialize($record['data']);
@@ -80,7 +80,7 @@
 		global $app;
 
 		/* fetch the Data from the DB */
-		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'disk_usage' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'disk_usage' AND server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
 
 		if(isset($record['data'])) {
 			$data = unserialize($record['data']);
@@ -123,7 +123,7 @@
 	function showDatabaseSize () {
 		global $app;
 		/* fetch the Data from the DB */
-		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'database_size' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'database_size' AND server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
 		if(isset($record['data'])) {
 			$data = unserialize($record['data']);
 			//* format the data
@@ -142,10 +142,12 @@
 				if ($line['size'] > 0) $line['size'] = $app->functions->formatBytes($line['size']);
 
 				//* get the client
-				$line['client']=$app->db->queryOneRecord("SELECT client.username FROM web_database, sys_group, client WHERE web_database.sys_groupid = sys_group.groupid AND sys_group.client_id = client.client_id AND web_database.database_name='".$line['database_name']."'")['username'];
+				$tmp = $app->db->queryOneRecord("SELECT client.username FROM web_database, sys_group, client WHERE web_database.sys_groupid = sys_group.groupid AND sys_group.client_id = client.client_id AND web_database.database_name=?", $line['database_name']);
+				$line['client'] = $tmp['username'];
 
 				//* get the domain
-				$line['domain']=$app->db->queryOneRecord("SELECT domain FROM web_domain WHERE domain_id=(SELECT parent_domain_id FROM web_database WHERE database_name='".$line['database_name']."')")['domain'];
+				$tmp = $app->db->queryOneRecord("SELECT domain FROM web_domain WHERE domain_id=(SELECT parent_domain_id FROM web_database WHERE database_name=?", $line['database_name']);
+				$line['domain'] = $tmp['domain'];
 
 				//* remove the sys_groupid from output
 				unset($line['sys_groupid']);
@@ -166,7 +168,7 @@
 		global $app;
 
 		/* fetch the Data from the DB */
-		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'mem_usage' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'mem_usage' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
 
 		if(isset($record['data'])) {
 			$data = unserialize($record['data']);
@@ -202,7 +204,7 @@
 		global $app;
 
 		/* fetch the Data from the DB */
-		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'cpu_info' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'cpu_info' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
 
 		if(isset($record['data'])) {
 			$data = unserialize($record['data']);
@@ -236,7 +238,7 @@
 		global $app;
 
 		/* fetch the Data from the DB */
-		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'services' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'services' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
 
 		if(isset($record['data'])) {
 			$data = unserialize($record['data']);
@@ -349,7 +351,7 @@
 		global $app;
 
 		/* fetch the Data from the DB */
-		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'system_update' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'system_update' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
 
 		if(isset($record['data'])) {
 			$html =
@@ -379,7 +381,7 @@
 		global $app;
 
 		/* fetch the Data from the DB */
-		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'openvz_beancounter' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'openvz_beancounter' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
 
 		if(isset($record['data'])) {
 			$html =
@@ -408,7 +410,7 @@
 		global $app;
 
 		/* fetch the Data from the DB */
-		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'raid_state' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'raid_state' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
 
 		if(isset($record['data'])) {
 			$html =
@@ -441,7 +443,7 @@
 		global $app;
 
 		/* fetch the Data from the DB */
-		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'rkhunter' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'rkhunter' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
 
 		if(isset($record['data'])) {
 			$html =
@@ -472,7 +474,7 @@
 		global $app;
 
 		/* fetch the Data from the DB */
-		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'log_fail2ban' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'log_fail2ban' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
 
 		if(isset($record['data'])) {
 			$html =
@@ -506,7 +508,7 @@
 		global $app;
 
 		/* fetch the Data from the DB */
-		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'log_mongodb' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'log_mongodb' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
 
 		if(isset($record['data'])) {
 			$html =
@@ -538,7 +540,7 @@
 
 	function showIPTables() {
 		global $app;
-		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'iptables_rules' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'iptables_rules' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
 		if(isset($record['data'])) {
 			$html =
 				'<div class="systemmonitor-state state-'.$record['state'].'">
@@ -562,7 +564,7 @@
 		global $app;
 
 		/* fetch the Data from the DB */
-		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'mailq' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+		$record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'mailq' and server_id = ? ORDER BY created DESC", $_SESSION['monitor']['server_id']);
 
 		if(isset($record['data'])) {
 			$data = unserialize($record['data']);
@@ -578,7 +580,7 @@
 		global $app;
 
 		/* fetch the Data from the DB */
-		$record = $app->db->queryOneRecord("SELECT created FROM monitor_data WHERE type = '" . $type . "' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+		$record = $app->db->queryOneRecord("SELECT created FROM monitor_data WHERE type = ? and server_id = ? ORDER BY created DESC", $type, $_SESSION['monitor']['server_id']);
 
 		/* TODO: datetimeformat should be set somewhat other way */
 		$dateTimeFormat = $app->lng("monitor_settings_datetimeformat_txt");

--
Gitblit v1.9.1