Fix 6 code review findings: auth, mysqldump stderr, dead code, audit logs

- backup.php: replace manual admin check with requireAdmin(); suppress
  mysqldump password warning (2>&1 → 2>/dev/null) to prevent corrupt dumps
- ttg-backup.sh: same mysqldump stderr fix
- admin.php toggle_user: fix undefined $adminId/$userId in logAdminAction
  call — use $_SESSION['user_id'] and $uid instead
- admin.php chat_clear_all: wrap in try/catch and add logAdminAction audit
- admin.php: delete unreachable broadcast query block after break statement
- admin/index.php: fix cashouts_total formatted as currency — use parseInt
  (tokens are whole numbers, not dollars)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-06-06 10:02:07 +00:00
parent 9470b021b6
commit 8d27290831
4 changed files with 12 additions and 21 deletions
+1 -1
View File
@@ -15,7 +15,7 @@ mkdir -p "$BACKUP_DIR"
echo "[$(date '+%Y-%m-%d %H:%M:%S')] Starting backup..."
# Export database
/usr/bin/mysqldump -u "$DB_USER" "-p${DB_PASS}" "$DB_NAME" > "$SQL_FILE" 2>&1
/usr/bin/mysqldump -u "$DB_USER" "-p${DB_PASS}" "$DB_NAME" > "$SQL_FILE" 2>/dev/null
if [ $? -ne 0 ] || [ ! -s "$SQL_FILE" ]; then
echo "[$(date '+%Y-%m-%d %H:%M:%S')] ERROR: Database export failed"
rm -f "$SQL_FILE"