From cc7a82756b4f4d7ab18e928527c37489adbaf564 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Tue, 07 Apr 2015 14:10:50 -0400
Subject: [PATCH] - rewrite of sql queries to new form

---
 interface/web/remote/monitor.php |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/interface/web/remote/monitor.php b/interface/web/remote/monitor.php
index 9cc0084..132bcf2 100644
--- a/interface/web/remote/monitor.php
+++ b/interface/web/remote/monitor.php
@@ -30,7 +30,7 @@
 		$sql = 'SELECT server_id, server_name FROM server WHERE 1 ORDER BY server_id';
 		$records = $app->db->queryAllRecords($sql);
 		foreach($records as $index => $rec) {
-			$rec = $app->db->queryOneRecord("SELECT * FROM monitor_data WHERE server_id = " . $rec['server_id'] . " AND state NOT IN ('ok', 'no_state', 'info')");
+			$rec = $app->db->queryOneRecord("SELECT * FROM monitor_data WHERE server_id = ? AND state NOT IN ('ok', 'no_state', 'info')", $rec['server_id']);
 			if($rec) $records[$index]['state'] = 'warn';
 			else $records[$index]['state'] = 'ok';
 		}
@@ -38,7 +38,7 @@
 		$out['data'] = $records;
 		$out['time'] = date('Y-m-d H:i', $rec['created']);
 	} else {
-		$rec = $app->db->queryOneRecord("SELECT * FROM monitor_data WHERE type = '$type' AND server_id = $server_id");
+		$rec = $app->db->queryOneRecord("SELECT * FROM monitor_data WHERE type = ? AND server_id = ?", $type, $server_id);
 		if(is_array($rec)) {
 			$out['state'] = $rec['state'];
 			$out['data'] = unserialize(stripslashes($rec['data']));

--
Gitblit v1.9.1