409 |
409 |
410 function report_query($query) |
410 function report_query($query) |
411 { |
411 { |
412 global $session; |
412 global $session; |
413 if ( is_object($session) && defined('ENANO_MAINSTREAM') ) |
413 if ( is_object($session) && defined('ENANO_MAINSTREAM') ) |
|
414 { |
414 $username = $session->username; |
415 $username = $session->username; |
|
416 $user_id = $session->user_id; |
|
417 } |
415 else |
418 else |
|
419 { |
416 $username = 'Unavailable'; |
420 $username = 'Unavailable'; |
|
421 $user_id = 1; |
|
422 } |
417 |
423 |
418 $query = $this->escape($query); |
424 $query = $this->escape($query); |
419 $q = $this->sql_query('INSERT INTO '.table_prefix.'logs(log_type, action, time_id, date_string, page_text, author, edit_summary) |
425 $q = $this->sql_query('INSERT INTO '.table_prefix.'logs(log_type, action, time_id, date_string, page_text, author, author_uid, edit_summary) |
420 VALUES(\'security\', \'sql_inject\', '.time().', \'\', \''.$query.'\', \''.$username.'\', \''.$_SERVER['REMOTE_ADDR'].'\');'); |
426 VALUES(\'security\', \'sql_inject\', '.time().', \'\', \''.$query.'\', \''.$username.'\', ' . $user_id . ', \''.$_SERVER['REMOTE_ADDR'].'\');'); |
421 } |
427 } |
422 |
428 |
423 /** |
429 /** |
424 * Returns the ID of the row last inserted. |
430 * Returns the ID of the row last inserted. |
425 * @return int |
431 * @return int |
949 */ |
955 */ |
950 |
956 |
951 function report_query($query) |
957 function report_query($query) |
952 { |
958 { |
953 global $session; |
959 global $session; |
954 if(is_object($session) && defined('ENANO_MAINSTREAM')) |
960 if ( is_object($session) && defined('ENANO_MAINSTREAM') ) |
|
961 { |
955 $username = $session->username; |
962 $username = $session->username; |
|
963 $user_id = $session->user_id; |
|
964 } |
956 else |
965 else |
|
966 { |
957 $username = 'Unavailable'; |
967 $username = 'Unavailable'; |
|
968 $user_id = 1; |
|
969 } |
|
970 |
958 $query = $this->escape($query); |
971 $query = $this->escape($query); |
959 $q = $this->sql_query('INSERT INTO '.table_prefix.'logs(log_type, action, time_id, date_string, page_text, author, edit_summary) |
972 $q = $this->sql_query('INSERT INTO '.table_prefix.'logs(log_type, action, time_id, date_string, page_text, author, author_uid, edit_summary) |
960 VALUES(\'security\', \'sql_inject\', '.time().', \'\', \''.$query.'\', \''.$username.'\', \''.$_SERVER['REMOTE_ADDR'].'\');'); |
973 VALUES(\'security\', \'sql_inject\', '.time().', \'\', \''.$query.'\', \''.$username.'\', ' . $user_id . ', \''.$_SERVER['REMOTE_ADDR'].'\');'); |
961 } |
974 } |
962 |
975 |
963 /** |
976 /** |
964 * Returns the ID of the row last inserted. |
977 * Returns the ID of the row last inserted. |
965 * @return int |
978 * @return int |