includes/dbal.php
changeset 1175 1e2c9819ede3
parent 1165 ce8aaa2956d1
child 1184 2cb6d7086776
--- a/includes/dbal.php	Fri Dec 18 09:39:18 2009 -0500
+++ b/includes/dbal.php	Fri Dec 18 19:06:49 2009 -0500
@@ -411,13 +411,19 @@
   {
     global $session;
     if ( is_object($session) && defined('ENANO_MAINSTREAM') )
+    {
       $username = $session->username;
+      $user_id = $session->user_id;
+    }
     else
+    {
       $username = 'Unavailable';
+      $user_id = 1;
+    } 
     
     $query = $this->escape($query);
-    $q = $this->sql_query('INSERT INTO '.table_prefix.'logs(log_type,     action,         time_id,    date_string, page_text,      author,            edit_summary)
-                                                     VALUES(\'security\', \'sql_inject\', '.time().', \'\',        \''.$query.'\', \''.$username.'\', \''.$_SERVER['REMOTE_ADDR'].'\');');
+    $q = $this->sql_query('INSERT INTO '.table_prefix.'logs(log_type,     action,         time_id,    date_string, page_text,      author,            author_uid,       edit_summary)
+                                                     VALUES(\'security\', \'sql_inject\', '.time().', \'\',        \''.$query.'\', \''.$username.'\', ' . $user_id . ', \''.$_SERVER['REMOTE_ADDR'].'\');');
   }
   
   /**
@@ -951,13 +957,20 @@
   function report_query($query)
   {
     global $session;
-    if(is_object($session) && defined('ENANO_MAINSTREAM'))
+    if ( is_object($session) && defined('ENANO_MAINSTREAM') )
+    {
       $username = $session->username;
+      $user_id = $session->user_id;
+    }
     else
+    {
       $username = 'Unavailable';
+      $user_id = 1;
+    } 
+    
     $query = $this->escape($query);
-    $q = $this->sql_query('INSERT INTO '.table_prefix.'logs(log_type,     action,         time_id,    date_string, page_text,      author,            edit_summary)
-                                                     VALUES(\'security\', \'sql_inject\', '.time().', \'\',        \''.$query.'\', \''.$username.'\', \''.$_SERVER['REMOTE_ADDR'].'\');');
+    $q = $this->sql_query('INSERT INTO '.table_prefix.'logs(log_type,     action,         time_id,    date_string, page_text,      author,            author_uid,       edit_summary)
+                                                     VALUES(\'security\', \'sql_inject\', '.time().', \'\',        \''.$query.'\', \''.$username.'\', ' . $user_id . ', \''.$_SERVER['REMOTE_ADDR'].'\');');
   }
   
   /**