diff -r def792dd9b1b -r 1e2c9819ede3 plugins/admin/SecurityLog.php --- a/plugins/admin/SecurityLog.php Fri Dec 18 09:39:18 2009 -0500 +++ b/plugins/admin/SecurityLog.php Fri Dec 18 19:06:49 2009 -0500 @@ -38,7 +38,14 @@ $row = $db->fetchrow(); $db->free_result(); $count = intval($row['num']); - $q = $db->sql_query('SELECT action,date_string,author,edit_summary,time_id,page_text FROM '.table_prefix.'logs WHERE log_type=\'security\' ORDER BY time_id DESC, action ASC;'); + + $l = 'SELECT action,date_string,author,author_uid,u.username,edit_summary,time_id,page_text FROM '.table_prefix."logs AS l\n" + . " LEFT JOIN " . table_prefix . "users AS u\n" + . " ON ( u.user_id = l.author_uid OR u.user_id IS NULL )\n" + . " WHERE log_type='security'\n" + . " ORDER BY time_id DESC, action ASC;"; + + $q = $db->sql_query($l); if ( !$q ) $db->_die(); @@ -71,7 +78,7 @@ if ( $session->auth_level < USER_LEVEL_ADMIN ) { - $q = $db->sql_query('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,edit_summary,author) VALUES(\'security\',\'seclog_unauth\',' . time() . ',"' . $db->escape($_SERVER['REMOTE_ADDR']) . '","' . $db->escape($session->username) . '");'); + $q = $db->sql_query('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,edit_summary,author,author_uid) VALUES(\'security\',\'seclog_unauth\',' . time() . ', \'' . $db->escape($_SERVER['REMOTE_ADDR']) . '\', \'' . $db->escape($session->username) . '\', ' . $session->user_id . ');'); if ( !$q ) $db->_die(); die('Security log: unauthorized attempt to fetch. Call has been logged and reported to the administrators.'); @@ -94,14 +101,13 @@ // } // else // { - if(is_int($num)) - { - $l = 'SELECT action,date_string,author,edit_summary,time_id,page_text FROM '.table_prefix.'logs WHERE log_type=\'security\' ORDER BY time_id DESC, action ASC LIMIT '.$num.';'; - } - else - { - $l = 'SELECT action,date_string,author,edit_summary,time_id,page_text FROM '.table_prefix.'logs WHERE log_type=\'security\' ORDER BY time_id DESC, action ASC;'; - } + $limit_clause = is_int($num) ? " LIMIT $num" : ''; + $l = 'SELECT action,date_string,author,author_uid,u.username,edit_summary,time_id,page_text FROM '.table_prefix."logs AS l\n" + . " LEFT JOIN " . table_prefix . "users AS u\n" + . " ON ( u.user_id = l.author_uid OR u.user_id IS NULL )\n" + . " WHERE log_type='security'\n" + . " ORDER BY time_id DESC, action ASC{$limit_clause};"; + $q = $db->sql_query($l); while($r = $db->fetchrow($q)) { @@ -175,7 +181,13 @@ case "u_to_mod" : $return .= $lang->get('acpsl_entry_u_to_mod' , array('username' => $r['page_text'])); break; case "view_comment_ip" : $return .= $lang->get('acpsl_entry_view_comment_ip' , array('username' => htmlspecialchars($r['page_text']))); break; } - $return .= '