From 1f82bbe8ae46852f3aa3c0935335508266f3939a Mon Sep 17 00:00:00 2001
From: Tomas Plesnik <plesnik@ics.muni.cz>
Date: Thu, 31 Jul 2014 22:00:52 +0200
Subject: [PATCH] oprava spatne chybne umisteneho dotazu na validitu v SQL
 dotazu

---
 src/warden-server/lib/Warden.pm | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/warden-server/lib/Warden.pm b/src/warden-server/lib/Warden.pm
index cc4e067..90d2d49 100755
--- a/src/warden-server/lib/Warden.pm
+++ b/src/warden-server/lib/Warden.pm
@@ -106,13 +106,13 @@ sub authorizeClient
 
   # check if client is valid and obtain client_id, ip_net_client and receive_own_events
   if($function_name eq 'saveNewEvent') {
-    $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND service = ? AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC AND valid = 't';");
+    $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND service = ? AND client_type = ? AND valid = 't' ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
   } elsif($function_name eq 'getNewEvents') {
-    $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND (type = ? OR type = '_any_') AND client_type = ? ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC AND valid = 't';");
+    $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND (type = ? OR type = '_any_') AND client_type = ? AND valid = 't' ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
   } elsif($function_name eq 'getClientInfo') {
-    $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC AND valid = 't';");
+    $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND valid = 't' ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
   } elsif($function_name eq 'getLastId') {
-    $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND client_type = 'r' ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC AND valid = 't';");
+    $sth = $DBH->prepare("SELECT client_id, ip_net_client, receive_own_events FROM clients WHERE hostname IN ($alt_names) AND client_type = 'r' AND valid = 't' ORDER BY SUBSTRING_INDEX(ip_net_client,'/', -1) DESC;");
  }
 
   # check if db handler is defined
-- 
GitLab