--- a/includes/dbal.php Fri Dec 18 09:39:18 2009 -0500
+++ b/includes/dbal.php Fri Dec 18 19:06:49 2009 -0500
@@ -411,13 +411,19 @@
{
global $session;
if ( is_object($session) && defined('ENANO_MAINSTREAM') )
+ {
$username = $session->username;
+ $user_id = $session->user_id;
+ }
else
+ {
$username = 'Unavailable';
+ $user_id = 1;
+ }
$query = $this->escape($query);
- $q = $this->sql_query('INSERT INTO '.table_prefix.'logs(log_type, action, time_id, date_string, page_text, author, edit_summary)
- VALUES(\'security\', \'sql_inject\', '.time().', \'\', \''.$query.'\', \''.$username.'\', \''.$_SERVER['REMOTE_ADDR'].'\');');
+ $q = $this->sql_query('INSERT INTO '.table_prefix.'logs(log_type, action, time_id, date_string, page_text, author, author_uid, edit_summary)
+ VALUES(\'security\', \'sql_inject\', '.time().', \'\', \''.$query.'\', \''.$username.'\', ' . $user_id . ', \''.$_SERVER['REMOTE_ADDR'].'\');');
}
/**
@@ -951,13 +957,20 @@
function report_query($query)
{
global $session;
- if(is_object($session) && defined('ENANO_MAINSTREAM'))
+ if ( is_object($session) && defined('ENANO_MAINSTREAM') )
+ {
$username = $session->username;
+ $user_id = $session->user_id;
+ }
else
+ {
$username = 'Unavailable';
+ $user_id = 1;
+ }
+
$query = $this->escape($query);
- $q = $this->sql_query('INSERT INTO '.table_prefix.'logs(log_type, action, time_id, date_string, page_text, author, edit_summary)
- VALUES(\'security\', \'sql_inject\', '.time().', \'\', \''.$query.'\', \''.$username.'\', \''.$_SERVER['REMOTE_ADDR'].'\');');
+ $q = $this->sql_query('INSERT INTO '.table_prefix.'logs(log_type, action, time_id, date_string, page_text, author, author_uid, edit_summary)
+ VALUES(\'security\', \'sql_inject\', '.time().', \'\', \''.$query.'\', \''.$username.'\', ' . $user_id . ', \''.$_SERVER['REMOTE_ADDR'].'\');');
}
/**