From fe9a23f542bc56c1c0b6dc30257418e38ff7bd3a Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Sat, 08 Jun 2013 18:57:40 -0400
Subject: [PATCH] - Fixed FS#2936 - Please check and limit username input length.

---
 server/lib/classes/modules.inc.php |   10 ++++------
 1 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/server/lib/classes/modules.inc.php b/server/lib/classes/modules.inc.php
index 419bb91..57ab22c 100644
--- a/server/lib/classes/modules.inc.php
+++ b/server/lib/classes/modules.inc.php
@@ -85,9 +85,9 @@
 		//* If its a multiserver setup
 		if($app->db->dbHost != $app->dbmaster->dbHost || ($app->db->dbHost == $app->dbmaster->dbHost && $app->db->dbName != $app->dbmaster->dbName)) {
 			if($conf['mirror_server_id'] > 0) {
-				$sql = "SELECT * FROM sys_datalog WHERE datalog_id > ".$conf['last_datalog_id']." AND (server_id = ".$conf['server_id']." OR server_id = ".$conf['mirror_server_id']." OR server_id = 0) ORDER BY datalog_id";
+				$sql = "SELECT * FROM sys_datalog WHERE datalog_id > ".$conf['last_datalog_id']." AND (server_id = ".$conf['server_id']." OR server_id = ".$conf['mirror_server_id']." OR server_id = 0) ORDER BY datalog_id LIMIT 0,1000";
 			} else {
-				$sql = "SELECT * FROM sys_datalog WHERE datalog_id > ".$conf['last_datalog_id']." AND (server_id = ".$conf['server_id']." OR server_id = 0) ORDER BY datalog_id";
+				$sql = "SELECT * FROM sys_datalog WHERE datalog_id > ".$conf['last_datalog_id']." AND (server_id = ".$conf['server_id']." OR server_id = 0) ORDER BY datalog_id LIMIT 0,1000";
 			}
 			
 			$records = $app->dbmaster->queryAllRecords($sql);
@@ -183,13 +183,11 @@
 				
 					if($replication_error == false) {
 						if(is_array($data['old']) || is_array($data['new'])) {
+							$app->db->query("UPDATE server SET updated = ".$d["datalog_id"]." WHERE server_id = ".$conf['server_id']);
 							$this->raiseTableHook($d['dbtable'],$d['action'],$data);
 						} else {
 							$app->log('Data array was empty for datalog_id '.$d['datalog_id'],LOGLEVEL_WARN);
 						}
-						//$this->raiseTableHook($d["dbtable"],$d["action"],$data);
-						//$app->dbmaster->query("DELETE FROM sys_datalog WHERE datalog_id = ".$d["datalog_id"]);
-						//$app->log("Deleting sys_datalog ID ".$d["datalog_id"],LOGLEVEL_DEBUG);
 						$app->dbmaster->query("UPDATE server SET updated = ".$d["datalog_id"]." WHERE server_id = ".$conf['server_id']);
 						$app->log('Processed datalog_id '.$d['datalog_id'],LOGLEVEL_DEBUG);
 					} else {
@@ -207,7 +205,7 @@
 			
 		//* if we have a single server setup
 		} else {
-			$sql = "SELECT * FROM sys_datalog WHERE datalog_id > ".$conf['last_datalog_id']." AND (server_id = ".$conf['server_id']." OR server_id = 0) ORDER BY datalog_id";
+			$sql = "SELECT * FROM sys_datalog WHERE datalog_id > ".$conf['last_datalog_id']." AND (server_id = ".$conf['server_id']." OR server_id = 0) ORDER BY datalog_id LIMIT 0,1000";
 			$records = $app->db->queryAllRecords($sql);
 			foreach($records as $d) {
 				

--
Gitblit v1.9.1