don't save password in clear text in log

html/admin/devices/editdevice.php

@@ -77,7 +77,7 @@ if (isset($_POST["editdevice"]) and isset($id)) {
     //access
     if (isset($_POST["f_login"])) { $new['login'] = $_POST["f_login"]; }
     if (!empty($_POST["f_password"])) {
-        if (!preg_match('/**/', $_POST["f_password"])) { 
+        if (!preg_match('/^\*+$/', $_POST["f_password"])) { 
             $new['password'] = crypt_string($_POST["f_password"]);  
             }
         }

html/inc/common.php

@@ -3321,7 +3321,9 @@ function update_record($db, $table, $filter, $newvalue)
                 $network_changed = 1;
             }
         }
-        $changed_log = $changed_log . " $key => $value (old: $old[$key]),";
+        if (!preg_match('/password/i',$key)) {
+            $changed_log = $changed_log . " $key => $value (old: $old[$key]),";
+            }
         $run_sql = $run_sql . " `" . $key . "`='" . mysqli_real_escape_string($db, $value) . "',";
     }
     if (empty($run_sql)) {
@@ -3429,7 +3431,9 @@ function insert_record($db, $table, $newvalue)
         if (empty($value) and $value !== 0) {
             $value = '';
         }
-        $changed_log = $changed_log . " $key => $value,";
+        if (!preg_match('/password/i',$key)) {
+            $changed_log = $changed_log . " $key => $value,";
+            }
         $field_list = $field_list . "`" . $key . "`,";
         $value = trim($value);
         $value_list = $value_list . "'" . mysqli_real_escape_string($db, $value) . "',";