Send API messages using the logmaster instead of the C engine if possible.

2 files changed, 7 insertions, 4 deletions

diff --git a/logmaster.py b/logmaster.py
index 97941a8a4..cdd59df16 100755
--- a/logmaster.py
+++ b/logmaster.py
@@ -24,7 +24,7 @@ import mysql.connector, signal, sys, threading, time, traceback
 ## Default values
 HOST="127.0.0.1"; PORT=0; USER=""; PASS=""; DBXT=""; db=None;
 sqli = []; running=True
-SQL_PINGTIME=300.0; SQL_FLUSH=3.0
+SQL_PINGTIME=300.0; SQL_FLUSH=1.0
 
 ## Warnings
 ERR=0
@@ -177,7 +177,7 @@ while running:
                     ## Command: SAD
                     ## Description: Replaces "?" with escaped data.
                     elif cmd.startswith("SAD"):
-                        bf=bf.replace("?%s" % cmd.replace("SAD", ""), args.replace("\\", "\\\\").replace('"','\\"').replace("'", "\\'"))
+                        bf=bf.replace("?%s" % cmd.replace("SAD", ""), args.replace("\\", "\\\\").replace('"','\\"').replace("'", "\\'").replace('\n','').replace('\r','').replace('\0',''))
                     ## Command: SQLRUN
                     ## Description: Executes the prepared SQL statement.
                     ## Sanitization must be done using SAD commands.
diff --git a/npc/functions/util.txt b/npc/functions/util.txt
index 05699b68a..d3aebb7d1 100644
--- a/npc/functions/util.txt
+++ b/npc/functions/util.txt
@@ -1307,8 +1307,11 @@ function	script	json_encode	{
 // sends to API
 function	script	api_send	{
     .@cde=getarg(0);
-    .@fm$=escape_sql(getarg(1));
-    query_sql("INSERT INTO `api_export` (`type`, `data`) VALUES ('"+.@cde+"', \""+.@fm$+"\")");
+    if (!apicall(.@cde, getarg(1))) {
+        debugmes "[API] Fallback in use.";
+        .@fm$=escape_sql(getarg(1));
+        query_sql("INSERT INTO `api_export` (`type`, `data`) VALUES ('"+.@cde+"', \""+.@fm$+"\")");
+    }
     return;
 }