From e1ceb050e19c7574bca146a8da7047ee4ff456b5 Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Sun, 10 Jul 2016 05:02:35 -0400
Subject: [PATCH] Merge branch 'stable-3.1'

---
 interface/lib/app.inc.php |   19 +++++++++++++------
 1 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/interface/lib/app.inc.php b/interface/lib/app.inc.php
index 7506874..f9ef167 100755
--- a/interface/lib/app.inc.php
+++ b/interface/lib/app.inc.php
@@ -71,6 +71,13 @@
 			$this->uses('session');
 			$sess_timeout = $this->conf('interface', 'session_timeout');
 			$cookie_domain = (isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : $_SERVER['HTTP_HOST']);
+			
+			// Workaround for Nginx servers
+			if($cookie_domain == '_') {
+				$tmp = explode(':',$_SERVER["HTTP_HOST"]);
+				$cookie_domain = $tmp[0];
+				unset($tmp);
+			}
 			$cookie_secure = ($_SERVER["HTTPS"] == 'on')?true:false;
 			if($sess_timeout) {
 				/* check if user wants to stay logged in */
@@ -155,15 +162,15 @@
 	
 	public function conf($plugin, $key, $value = null) {
 		if(is_null($value)) {
-			$tmpconf = $this->db->queryOneRecord("SELECT `value` FROM `sys_config` WHERE `group` = '" . $this->db->quote($plugin) . "' AND `name` = '" . $this->db->quote($key) . "'");
+			$tmpconf = $this->db->queryOneRecord("SELECT `value` FROM `sys_config` WHERE `group` = ? AND `name` = ?", $plugin, $key);
 			if($tmpconf) return $tmpconf['value'];
 			else return null;
 		} else {
 			if($value === false) {
-				$this->db->query("DELETE FROM `sys_config` WHERE `group` = '" . $this->db->quote($plugin) . "' AND `name` = '" . $this->db->quote($key) . "'");
+				$this->db->query("DELETE FROM `sys_config` WHERE `group` = ? AND `name` = ?", $plugin, $key);
 				return null;
 			} else {
-				$this->db->query("REPLACE INTO `sys_config` (`group`, `name`, `value`) VALUES ('" . $this->db->quote($plugin) . "', '" . $this->db->quote($key) . "', '" . $this->db->quote($value) . "')");
+				$this->db->query("REPLACE INTO `sys_config` (`group`, `name`, `value`) VALUES (?, ?, ?)", $plugin, $key, $value);
 				return $value;
 			}
 		}
@@ -179,8 +186,8 @@
 			$server_id = 0;
 			$priority = $this->functions->intval($priority);
 			$tstamp = time();
-			$msg = $this->db->quote('[INTERFACE]: '.$msg);
-			$this->db->query("INSERT INTO sys_log (server_id,datalog_id,loglevel,tstamp,message) VALUES ($server_id,0,$priority,$tstamp,'$msg')");
+			$msg = '[INTERFACE]: '.$msg;
+			$this->db->query("INSERT INTO sys_log (server_id,datalog_id,loglevel,tstamp,message) VALUES (?, 0, ?, ?, ?)", $server_id, $priority,$tstamp,$msg);
 			/*
 			if (is_writable($this->_conf['log_file'])) {
 				if (!$fp = fopen ($this->_conf['log_file'], 'a')) {
@@ -240,7 +247,7 @@
 			}
 			$this->_language_inc = 1;
 		}
-		if(!empty($this->_wb[$text])) {
+		if(isset($this->_wb[$text]) && $this->wb[$text] !== '') {
 			$text = $this->_wb[$text];
 		} else {
 			if($this->_conf['debug_language']) {

--
Gitblit v1.9.1