From 27fa436c3f3c4fea76cdb8adcde182c43bd782ed Mon Sep 17 00:00:00 2001
From: Thomas Vincent <thomasvincent@gmail.com>
Date: Fri, 6 Mar 2026 14:12:16 -0800
Subject: [PATCH 1/3] fix: correct host/program alert status placeholders

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Signed-off-by: Thomas Vincent <thomasvincent@gmail.com>
---
 functions.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/functions.php b/functions.php
index 9bd3223..16e3464 100644
--- a/functions.php
+++ b/functions.php
@@ -1667,7 +1667,7 @@ function syslog_get_alert_sql(&$alert, $uniqueID) {
 		$sql = 'SELECT *
 			FROM `' . $syslogdb_default . '`.`syslog_incoming`
 			WHERE `' . $syslog_incoming_config['hostField'] . '` = ?
-			AND `status` = ?' . $uniqueID;
+			AND `status` = ?';
 
 		$params[] = $alert['message'];
 		$params[] = $uniqueID;
@@ -1675,7 +1675,7 @@ function syslog_get_alert_sql(&$alert, $uniqueID) {
 		$sql = 'SELECT *
 			FROM `' . $syslogdb_default . '`.`syslog_incoming`
 			WHERE `' . $syslog_incoming_config['programField'] . '` = ?
-			AND `status` = ?' . $uniqueID;
+			AND `status` = ?';
 
 		$params[] = $alert['message'];
 		$params[] = $uniqueID;

From 11379264ab622ae3930c1b7379e09d2c1fc71b30 Mon Sep 17 00:00:00 2001
From: Thomas Vincent <thomasvincent@gmail.com>
Date: Fri, 6 Mar 2026 14:45:38 -0800
Subject: [PATCH 2/3] test: add regression coverage for alert SQL placeholders

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Signed-off-by: Thomas Vincent <thomasvincent@gmail.com>
---
 .github/workflows/plugin-ci-workflow.yml      | 10 +++++
 CHANGELOG.md                                  |  1 +
 .../issue253_alert_sql_placeholder_test.php   | 43 +++++++++++++++++++
 3 files changed, 54 insertions(+)
 create mode 100644 tests/regression/issue253_alert_sql_placeholder_test.php

diff --git a/.github/workflows/plugin-ci-workflow.yml b/.github/workflows/plugin-ci-workflow.yml
index 7580ee1..76612ac 100644
--- a/.github/workflows/plugin-ci-workflow.yml
+++ b/.github/workflows/plugin-ci-workflow.yml
@@ -187,6 +187,16 @@ jobs:
           echo "Syntax errors found!"
           exit 1
         fi
+
+    - name: Run Plugin Regression Tests
+      run: |
+        cd ${{ github.workspace }}/cacti/plugins/syslog
+        if [ -d tests/regression ]; then
+          for test in tests/regression/*.php; do
+            [ -f "$test" ] || continue
+            php "$test"
+          done
+        fi
     
     
     - name: Run Cacti Poller
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0f1e7f2..6abe6f2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,7 @@
 
 --- develop ---
 
+* issue#253: Correct host/program alert SQL placeholder handling
 * issue: Making changes to support Cacti 1.3
 * issue: Don't use MyISAM for non-analytical tables
 * issue: The install advisor for Syslog was broken in current Cacti releases
diff --git a/tests/regression/issue253_alert_sql_placeholder_test.php b/tests/regression/issue253_alert_sql_placeholder_test.php
new file mode 100644
index 0000000..1f4f181
--- /dev/null
+++ b/tests/regression/issue253_alert_sql_placeholder_test.php
@@ -0,0 +1,43 @@
+<?php
+
+$GLOBALS['syslogdb_default'] = 'syslogdb';
+$GLOBALS['syslog_incoming_config'] = array(
+	'hostField'    => 'host',
+	'programField' => 'program',
+	'facilityField'=> 'facility',
+	'textField'    => 'message'
+);
+
+require_once dirname(__DIR__, 2) . '/functions.php';
+
+function issue253_assert($condition, $message) {
+	if (!$condition) {
+		fwrite(STDERR, $message . "\n");
+		exit(1);
+	}
+}
+
+$hostAlert = array(
+	'type'    => 'host',
+	'message' => 'router1'
+);
+
+$programAlert = array(
+	'type'    => 'program',
+	'message' => 'sshd'
+);
+
+$hostSql = syslog_get_alert_sql($hostAlert, 55);
+$progSql = syslog_get_alert_sql($programAlert, 66);
+
+issue253_assert(strpos($hostSql['sql'], "AND `status` = ?") !== false, 'Host alert SQL must keep status as a placeholder.');
+issue253_assert(strpos($hostSql['sql'], '?55') === false, 'Host alert SQL must not concatenate uniqueID into SQL text.');
+issue253_assert(count($hostSql['params']) === 2, 'Host alert SQL must pass two prepared parameters.');
+issue253_assert($hostSql['params'][1] === 55, 'Host alert status param should be the uniqueID.');
+
+issue253_assert(strpos($progSql['sql'], "AND `status` = ?") !== false, 'Program alert SQL must keep status as a placeholder.');
+issue253_assert(strpos($progSql['sql'], '?66') === false, 'Program alert SQL must not concatenate uniqueID into SQL text.');
+issue253_assert(count($progSql['params']) === 2, 'Program alert SQL must pass two prepared parameters.');
+issue253_assert($progSql['params'][1] === 66, 'Program alert status param should be the uniqueID.');
+
+echo "issue253_alert_sql_placeholder_test passed\n";

From 074fa46b7bdd8e06bacc2b0f058e66bc8f2e0be8 Mon Sep 17 00:00:00 2001
From: Thomas Vincent <thomasvincent@gmail.com>
Date: Sun, 8 Mar 2026 03:55:27 -0700
Subject: [PATCH 3/3] chore: add CHANGELOG entry for develop

Signed-off-by: Thomas Vincent <thomasvincent@gmail.com>
---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6abe6f2..ddd5f42 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,7 +2,7 @@
 
 --- develop ---
 
-* issue#253: Correct host/program alert SQL placeholder handling
+* issue#253: Remove accidental uniqueID concatenation from host/program alert SQL templates
 * issue: Making changes to support Cacti 1.3
 * issue: Don't use MyISAM for non-analytical tables
 * issue: The install advisor for Syslog was broken in current Cacti releases