diff --git a/auth.go b/auth.go index 2c3c03b..57bbe68 100644 --- a/auth.go +++ b/auth.go @@ -136,7 +136,6 @@ func logsHandler(cfg Config, db *sql.DB) http.HandlerFunc { query := `SELECT timestamp, action, ip, cidr, ttl_seconds, reason, api_client_ip FROM audit_log` var args []any - argIndex := 1 filterAction := r.URL.Query().Get("action") filterIP := r.URL.Query().Get("ip") @@ -145,14 +144,12 @@ func logsHandler(cfg Config, db *sql.DB) http.HandlerFunc { var conditions []string if filterAction != "" { - conditions = append(conditions, fmt.Sprintf(`action = $%d`, argIndex)) + conditions = append(conditions, `action = ?`) args = append(args, filterAction) - argIndex++ } if filterIP != "" { - conditions = append(conditions, fmt.Sprintf(`ip = $%d`, argIndex)) + conditions = append(conditions, `ip = ?`) args = append(args, filterIP) - argIndex++ } if len(conditions) > 0 { diff --git a/db.go b/db.go index 8c8699b..cf9486b 100644 --- a/db.go +++ b/db.go @@ -60,6 +60,10 @@ func AddPermanentEntry(db *sql.DB, entry, apiClientIP string) (bool, error) { _, err := db.Exec(`INSERT INTO perm_whitelist(entry) VALUES(?)`, entry) if err != nil { if isUniqueConstraintError(err) { + _, err = db.Exec(`INSERT INTO audit_log(action, cidr, api_client_ip) VALUES('add_perm_duplicate', ?, ?)`, entry, apiClientIP) + if err != nil { + return false, err + } return false, nil } return false, err