- Changed addslashes to mysql_real_escape_string in several files. - Update...

tbrehm

2008-09-18 8500be3f1ba7bcab6b8523507e74a132df58d925

- Changed addslashes to mysql_real_escape_string in several files.
- Updated Debian installation instructions.

 INSTALL_DEBIAN.txt

@@ -5,7 +5,7 @@

1) Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin with the following command line (on one line!):

apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl postfix-tls libsasl2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl courier-maildrop getmail4
apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl courier-maildrop getmail4

Answer the questions from the package manager as follows.


 install/lib/installer_base.lib.php

@@ -177,7 +177,7 @@
        $this->db->dbName = $cf['database'];
        
        $server_ini_content = rf("tpl/server.ini.master");
        $server_ini_content = addslashes($server_ini_content);
        $server_ini_content = mysql_real_escape_string($server_ini_content);
        
        $sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', 1, 1, 1, 1, 1, 1, '$server_ini_content', 0, 1);";
        $this->db->query($sql);

 install/lib/mysql.lib.php

@@ -171,7 +171,7 @@
        // Check der variablen
        function quote($formfield)
        {
            return addslashes($formfield);
            return mysql_real_escape_string($formfield);
        }
        
        // Check der variablen

 install/sql/ispconfig3.sql

@@ -609,6 +609,50 @@
-- --------------------------------------------------------

-- 
-- Tabellenstruktur für Tabelle `software_repo`
-- 

CREATE TABLE `software_repo` (
  `software_repo_id` bigint(20) NOT NULL auto_increment,
  `sys_userid` int(11) NOT NULL default '0',
  `sys_groupid` int(11) NOT NULL default '0',
  `sys_perm_user` varchar(5) default NULL,
  `sys_perm_group` varchar(5) default NULL,
  `sys_perm_other` varchar(5) default NULL,
  `repo_name` varchar(40) default NULL,
  `repo_url` varchar(40) default NULL,
  `repo_username` varchar(30) default NULL,
  `repo_password` varchar(30) default NULL,
  `active` varchar(255) NOT NULL default 'y',
  PRIMARY KEY  (`software_repo_id`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

-- --------------------------------------------------------

-- 
-- Tabellenstruktur für Tabelle `software_update`
-- 

CREATE TABLE `software_update` (
  `software_update_id` int(11) NOT NULL auto_increment,
  `software_repo_id` int(11) NOT NULL,
  `update_url` varchar(255) NOT NULL,
  `update_md5` varchar(255) NOT NULL,
  `install` char(1) NOT NULL,
  `depenencies` varchar(255) NOT NULL,
  `update_title` varchar(255) NOT NULL,
  PRIMARY KEY  (`software_update_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;

-- 
-- Daten für Tabelle `software_update`
-- 


-- --------------------------------------------------------


-- 
-- Tabellenstruktur für Tabelle `spamfilter_policy`
-- 


 install/update.php

@@ -157,7 +157,7 @@
}

$new_ini = array_to_ini($tpl_ini_array);
$inst->db->query("UPDATE server SET config = '".addslashes($new_ini)."' WHERE server_id = ".$conf['server_id']);
$inst->db->query("UPDATE server SET config = '".mysql_real_escape_string($new_ini)."' WHERE server_id = ".$conf['server_id']);
unset($old_ini_array);
unset($tpl_ini_array);
unset($new_ini);

 interface/lib/classes/db_mysql.inc.php

@@ -160,11 +160,15 @@
        return $this->quote($formfield);
    }
        
    /** Escapes quotes in variable. addslashes() */
    /** Escapes quotes in variable. mysql_real_escape_string() */
    public function quote($formfield)
    {
        if(!$this->connect()){
            $this->updateError('WARNING: mysql_connect: Used addslashes instead of mysql_real_escape_string');
        return addslashes($formfield);
    }
        return mysql_real_escape_string($formfield, $this->linkId);
    }
        
    /** Unquotes a variable, strip_slashes() */
    public function unquote($formfield)

 interface/lib/classes/form.inc.php

@@ -293,7 +293,7 @@
                switch ($this->tableDef[$key]['datatype']) {
                case 'VARCHAR':
                    if(!is_array($val)) {
                        $new_record[$key] = addslashes($val);
                        $new_record[$key] = mysql_real_escape_string($val);
                    } else {
                        $new_record[$key] = implode($this->tableDef[$key]['separator'],$val);
                    }
@@ -308,7 +308,7 @@
                    $new_record[$key] = intval($val);
                break;
                case 'DOUBLE':
                    $new_record[$key] = addslashes($val);
                    $new_record[$key] = mysql_real_escape_string($val);
                break;
                case 'CURRENCY':
                    $new_record[$key] = str_replace(",",".",$val);

 interface/lib/classes/listform.inc.php

@@ -312,7 +312,7 @@
                    case 'VARCHAR':
                    case 'TEXT':
                        if(!is_array($record[$key])) {
                            $record[$key] = addslashes($record[$key]);
                            $record[$key] = mysql_real_escape_string($record[$key]);
                        } else {
                            $record[$key] = implode($this->tableDef[$key]['separator'],$record[$key]);
                        }
@@ -330,7 +330,7 @@
                        break;

                    case 'DOUBLE':
                        $record[$key] = addslashes($record[$key]);
                        $record[$key] = mysql_real_escape_string($record[$key]);
                        break;

                    case 'CURRENCY':

 interface/lib/classes/remoting_lib.inc.php

@@ -291,14 +291,14 @@
                                switch ($field['datatype']) {
                                case 'VARCHAR':
                                        if(!@is_array($record[$key])) {
                                                $new_record[$key] = (isset($record[$key]))?addslashes($record[$key]):'';
                                                $new_record[$key] = (isset($record[$key]))?mysql_real_escape_string($record[$key]):'';
                                        } else {
                                                $new_record[$key] = implode($field['separator'],$record[$key]);
                                        }
                                break;
                                case 'TEXT':
                                        if(!is_array($record[$key])) {
                                                $new_record[$key] = addslashes($record[$key]);
                                                $new_record[$key] = mysql_real_escape_string($record[$key]);
                                        } else {
                                                $new_record[$key] = implode($field['separator'],$record[$key]);
                                        }
@@ -317,7 +317,7 @@
                                        //if($key == 'refresh') die($record[$key]);
                                break;
                                case 'DOUBLE':
                                        $new_record[$key] = addslashes($record[$key]);
                                        $new_record[$key] = mysql_real_escape_string($record[$key]);
                                break;
                                case 'CURRENCY':
                                        $new_record[$key] = str_replace(",",".",$record[$key]);

 interface/lib/classes/searchform.inc.php

@@ -252,7 +252,7 @@
        $list_name = $this->listDef['name'];

        $settings = $_SESSION['search'][$list_name];

        unset($settings['page']);

        $data = addslashes(serialize($settings));

        $data = mysql_real_escape_string(serialize($settings));
        

        $userid = $_SESSION['s']['user']['userid'];

        $groupid = $_SESSION['s']['user']['default_group'];

@@ -317,7 +317,7 @@
                    case 'VARCHAR':

                    case 'TEXT':

                        if(!is_array($record[$key])) {

                            $record[$key] = addslashes($record[$key]);

                            $record[$key] = mysql_real_escape_string($record[$key]);
                        } else {

                            $record[$key] = implode($this->tableDef[$key]['separator'],$record[$key]);

                        }

@@ -335,7 +335,7 @@
                        break;



                    case 'DOUBLE':

                        $record[$key] = addslashes($record[$key]);

                        $record[$key] = mysql_real_escape_string($record[$key]);
                        break;



                    case 'CURRENCY':


 interface/lib/classes/tform.inc.php

@@ -482,14 +482,14 @@
                                switch ($field['datatype']) {
                                case 'VARCHAR':
                                        if(!@is_array($record[$key])) {
                                                $new_record[$key] = (isset($record[$key]))?addslashes($record[$key]):'';
                                                $new_record[$key] = (isset($record[$key]))?mysql_real_escape_string($record[$key]):'';
                                        } else {
                                                $new_record[$key] = implode($field['separator'],$record[$key]);
                                        }
                                break;
                                case 'TEXT':
                                        if(!is_array($record[$key])) {
                                                $new_record[$key] = addslashes($record[$key]);
                                                $new_record[$key] = mysql_real_escape_string($record[$key]);
                                        } else {
                                                $new_record[$key] = implode($field['separator'],$record[$key]);
                                        }
@@ -508,7 +508,7 @@
                                        //if($key == 'refresh') die($record[$key]);
                                break;
                                case 'DOUBLE':
                                        $new_record[$key] = addslashes($record[$key]);
                                        $new_record[$key] = mysql_real_escape_string($record[$key]);
                                break;
                                case 'CURRENCY':
                                        $new_record[$key] = str_replace(",",".",$record[$key]);
@@ -699,10 +699,16 @@
                                                                $salt.="$";
                                                                // $salt = substr(md5(time()),0,2);
                                                                $record[$key] = crypt($record[$key],$salt);
                                                                $sql_insert_val .= "'".mysql_real_escape_string($record[$key])."', ";
                                                        } elseif ($field['encryption'] == 'MYSQL') {
                                                                $sql_insert_val .= "PASSWORD('".mysql_real_escape_string($record[$key])."'), ";
                                                        } elseif ($field['encryption'] == 'CLEARTEXT') {
                                                                $sql_insert_val .= "'".mysql_real_escape_string($record[$key])."', ";
                                                        } else {
                                                                $record[$key] = md5($record[$key]);
                                                                $sql_insert_val .= "'".mysql_real_escape_string($record[$key])."', ";
                                                        }
                                                        $sql_insert_val .= "'".addslashes($record[$key])."', ";
														
                                                } elseif ($field['formtype'] == 'CHECKBOX') {
                                                        $sql_insert_key .= "`$key`, ";
                                                        if($record[$key] == '') {
@@ -726,10 +732,16 @@
                                                                $salt.="$";
                                                                // $salt = substr(md5(time()),0,2);
                                                                $record[$key] = crypt($record[$key],$salt);
                                                                $sql_update .= "`$key` = '".mysql_real_escape_string($record[$key])."', ";
                                                        } elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') {
                                                                $sql_update .= "`$key` = PASSWORD('".mysql_real_escape_string($record[$key])."'), ";
                                                        } elseif (isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') {
                                                                $sql_update .= "`$key` = '".mysql_real_escape_string($record[$key])."', ";
                                                        } else {
                                                                $record[$key] = md5($record[$key]);
                                                                $sql_update .= "`$key` = '".mysql_real_escape_string($record[$key])."', ";
                                                        }
                                                        $sql_update .= "`$key` = '".addslashes($record[$key])."', ";
                                                        
                                                } elseif ($field['formtype'] == 'CHECKBOX') {
                                                        if($record[$key] == '') {
                                                            // if a checkbox is not set, we set it to the unchecked value

 interface/web/client/client_edit.php

@@ -57,20 +57,20 @@
    function onAfterInsert() {
        global $app;
        // Create the group for the client
        $sql = "INSERT INTO sys_group (name,description,client_id) VALUES ('".addslashes($this->dataRecord["username"])."','',".$this->id.")";
        $sql = "INSERT INTO sys_group (name,description,client_id) VALUES ('".mysql_real_escape_string($this->dataRecord["username"])."','',".$this->id.")";
        $app->db->query($sql);
        $groupid = $app->db->insertID();
        $groups = $groupid;
        
        $username = addslashes($this->dataRecord["username"]);
        $password = addslashes($this->dataRecord["password"]);
        $username = mysql_real_escape_string($this->dataRecord["username"]);
        $password = mysql_real_escape_string($this->dataRecord["password"]);
        $modules = ISPC_INTERFACE_MODULES_ENABLED;
        if($this->dataRecord["limit_client"] > 0) $modules .= ',client';
        $startmodule = 'mail';
        $usertheme = addslashes($this->dataRecord["usertheme"]);
        $usertheme = mysql_real_escape_string($this->dataRecord["usertheme"]);
        $type = 'user';
        $active = 1;
        $language = addslashes($this->dataRecord["language"]);
        $language = mysql_real_escape_string($this->dataRecord["language"]);
        
        // Create the controlpaneluser for the client
        $sql = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
@@ -97,7 +97,7 @@
        
        // username changed
        if(isset($app->tform->diffrec['username'])) {
            $username = addslashes($this->dataRecord["username"]);
            $username = mysql_real_escape_string($this->dataRecord["username"]);
            $client_id = $this->id;
            $sql = "UPDATE sys_user SET username = '$username' WHERE client_id = $client_id";
            $app->db->query($sql);
@@ -107,7 +107,7 @@
        
        // password changed
        if(isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
            $password = addslashes($this->dataRecord["password"]);
            $password = mysql_real_escape_string($this->dataRecord["password"]);
            $client_id = $this->id;
            $sql = "UPDATE sys_user SET passwort = md5('$password') WHERE client_id = $client_id";
            $app->db->query($sql);
@@ -117,7 +117,7 @@
        if(isset($this->dataRecord["limit_client"])) {
            $modules = ISPC_INTERFACE_MODULES_ENABLED;
            if($this->dataRecord["limit_client"] > 0) $modules .= ',client';
            $modules = addslashes($modules);
            $modules = mysql_real_escape_string($modules);
            $client_id = $this->id;
            $sql = "UPDATE sys_user SET modules = '$modules' WHERE client_id = $client_id";
            $app->db->query($sql);

 interface/web/mail/mail_domain_edit.php

@@ -160,7 +160,7 @@
        // Spamfilter policy
        $policy_id = intval($this->dataRecord["policy"]);
        if($policy_id > 0) {
            $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '@".addslashes($this->dataRecord["domain"])."'");
            $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '@".mysql_real_escape_string($this->dataRecord["domain"])."'");
            if($tmp_user["id"] > 0) {
                // There is already a record that we will update
                $sql = "UPDATE spamfilter_users SET policy_id = $ploicy_id WHERE id = ".$tmp_user["id"];
@@ -169,7 +169,7 @@
                $tmp_domain = $app->db->queryOneRecord("SELECT sys_groupid FROM mail_domain WHERE domain_id = ".$this->id);
                // We create a new record
                $sql = "INSERT INTO `spamfilter_users` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `priority`, `policy_id`, `email`, `fullname`, `local`) 
                        VALUES (".$_SESSION["s"]["user"]["userid"].", ".$tmp_domain["sys_groupid"].", 'riud', 'riud', '', ".$this->dataRecord["server_id"].", 5, ".$policy_id.", '@".addslashes($this->dataRecord["domain"])."', '@".addslashes($this->dataRecord["domain"])."', 'Y')";
                        VALUES (".$_SESSION["s"]["user"]["userid"].", ".$tmp_domain["sys_groupid"].", 'riud', 'riud', '', ".$this->dataRecord["server_id"].", 5, ".$policy_id.", '@".mysql_real_escape_string($this->dataRecord["domain"])."', '@".mysql_real_escape_string($this->dataRecord["domain"])."', 'Y')";
                $app->db->query($sql);
                unset($tmp_domain);
            }
@@ -192,7 +192,7 @@
        
        // Spamfilter policy
        $policy_id = intval($this->dataRecord["policy"]);
        $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '@".addslashes($this->dataRecord["domain"])."'");
        $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '@".mysql_real_escape_string($this->dataRecord["domain"])."'");
        if($policy_id > 0) {
            if($tmp_user["id"] > 0) {
                // There is already a record that we will update
@@ -202,7 +202,7 @@
                $tmp_domain = $app->db->queryOneRecord("SELECT sys_groupid FROM mail_domain WHERE domain_id = ".$this->id);
                // We create a new record
                $sql = "INSERT INTO `spamfilter_users` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `priority`, `policy_id`, `email`, `fullname`, `local`) 
                        VALUES (".$_SESSION["s"]["user"]["userid"].", ".$tmp_domain["sys_groupid"].", 'riud', 'riud', '', ".$this->dataRecord["server_id"].", 5, ".$policy_id.", '@".addslashes($this->dataRecord["domain"])."', '@".addslashes($this->dataRecord["domain"])."', 'Y')";
                        VALUES (".$_SESSION["s"]["user"]["userid"].", ".$tmp_domain["sys_groupid"].", 'riud', 'riud', '', ".$this->dataRecord["server_id"].", 5, ".$policy_id.", '@".mysql_real_escape_string($this->dataRecord["domain"])."', '@".mysql_real_escape_string($this->dataRecord["domain"])."', 'Y')";
                $app->db->query($sql);
                unset($tmp_domain);
            }
@@ -220,25 +220,25 @@
            $mail_config = $app->getconf->get_server_config($this->dataRecord["server_id"],'mail');
            
            //* Update the mailboxes
            $mailusers = $app->db->queryAllRecords("SELECT * FROM mail_user WHERE email like '%@".addslashes($this->oldDataRecord['domain'])."'");
            $mailusers = $app->db->queryAllRecords("SELECT * FROM mail_user WHERE email like '%@".mysql_real_escape_string($this->oldDataRecord['domain'])."'");
            if(is_array($mailusers)) {
                foreach($mailusers as $rec) {
                    // setting Maildir, Homedir, UID and GID
                    $mail_parts = explode("@",$rec['email']);
                    $maildir = str_replace("[domain]",$this->dataRecord['domain'],$mail_config["maildir_path"]);
                    $maildir = str_replace("[localpart]",$mail_parts[0],$maildir);
                    $maildir = addslashes($maildir);
                    $email = addslashes($mail_parts[0].'@'.$this->dataRecord['domain']);
                    $maildir = mysql_real_escape_string($maildir);
                    $email = mysql_real_escape_string($mail_parts[0].'@'.$this->dataRecord['domain']);
                    $app->db->datalogUpdate('mail_user', "maildir = '$maildir', email = '$email'", 'mailuser_id', $rec['mailuser_id']);
                }
            }
            
            //* Update the aliases
            $forwardings = $app->db->queryAllRecords("SELECT * FROM mail_forwarding WHERE source like '%@".addslashes($this->oldDataRecord['domain'])."' OR destination like '%@".addslashes($this->oldDataRecord['domain'])."'");
            $forwardings = $app->db->queryAllRecords("SELECT * FROM mail_forwarding WHERE source like '%@".mysql_real_escape_string($this->oldDataRecord['domain'])."' OR destination like '%@".mysql_real_escape_string($this->oldDataRecord['domain'])."'");
            if(is_array($forwardings)) {
                foreach($forwardings as $rec) {
                    $destination = addslashes(str_replace($this->oldDataRecord['domain'],$this->dataRecord['domain'],$rec['destination']));
                    $source = addslashes(str_replace($this->oldDataRecord['domain'],$this->dataRecord['domain'],$rec['source']));
                    $destination = mysql_real_escape_string(str_replace($this->oldDataRecord['domain'],$this->dataRecord['domain'],$rec['destination']));
                    $source = mysql_real_escape_string(str_replace($this->oldDataRecord['domain'],$this->dataRecord['domain'],$rec['source']));
                    $app->db->datalogUpdate('mail_forwarding', "source = '$source', destination = '$destination'", 'forwarding_id', $rec['forwarding_id']);
                }
            }

 interface/web/mail/mail_get_edit.php

@@ -92,7 +92,7 @@
        } // end if user is not admin
        
        // Set the server ID according to the selected destination
        $tmp = $app->db->queryOneRecord("SELECT server_id FROM mail_user WHERE email = '".addslashes($this->dataRecord["destination"])."'");
        $tmp = $app->db->queryOneRecord("SELECT server_id FROM mail_user WHERE email = '".mysql_real_escape_string($this->dataRecord["destination"])."'");
        $this->dataRecord["server_id"] = $tmp["server_id"];
        unset($tmp);
        

 interface/web/mail/mail_user_edit.php

@@ -205,7 +205,7 @@
        // Spamfilter policy
        $policy_id = intval($this->dataRecord["policy"]);
        if($policy_id > 0) {
            $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '".addslashes($this->dataRecord["email"])."'");
            $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '".mysql_real_escape_string($this->dataRecord["email"])."'");
            if($tmp_user["id"] > 0) {
                // There is already a record that we will update
                $sql = "UPDATE spamfilter_users SET policy_id = $ploicy_id WHERE id = ".$tmp_user["id"];
@@ -213,7 +213,7 @@
            } else {
                // We create a new record
                $sql = "INSERT INTO `spamfilter_users` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `priority`, `policy_id`, `email`, `fullname`, `local`) 
                        VALUES (".$_SESSION["s"]["user"]["userid"].", ".$domain["sys_groupid"].", 'riud', 'riud', '', ".$domain["server_id"].", 1, ".$policy_id.", '".addslashes($this->dataRecord["email"])."', '".addslashes($this->dataRecord["email"])."', 'Y')";
                        VALUES (".$_SESSION["s"]["user"]["userid"].", ".$domain["sys_groupid"].", 'riud', 'riud', '', ".$domain["server_id"].", 1, ".$policy_id.", '".mysql_real_escape_string($this->dataRecord["email"])."', '".mysql_real_escape_string($this->dataRecord["email"])."', 'Y')";
                $app->db->query($sql);
            }
        }  // endif spamfilter policy
@@ -230,7 +230,7 @@
        
            // Spamfilter policy
            $policy_id = intval($this->dataRecord["policy"]);
            $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '".addslashes($this->dataRecord["email"])."'");
            $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '".mysql_real_escape_string($this->dataRecord["email"])."'");
            if($policy_id > 0) {
                if($tmp_user["id"] > 0) {
                    // There is already a record that we will update
@@ -239,7 +239,7 @@
                } else {
                    // We create a new record
                    $sql = "INSERT INTO `spamfilter_users` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `priority`, `policy_id`, `email`, `fullname`, `local`) 
                            VALUES (".$_SESSION["s"]["user"]["userid"].", ".$domain["sys_groupid"].", 'riud', 'riud', '', ".$domain["server_id"].", 1, ".$policy_id.", '".addslashes($this->dataRecord["email"])."', '".addslashes($this->dataRecord["email"])."', 'Y')";
                            VALUES (".$_SESSION["s"]["user"]["userid"].", ".$domain["sys_groupid"].", 'riud', 'riud', '', ".$domain["server_id"].", 1, ".$policy_id.", '".mysql_real_escape_string($this->dataRecord["email"])."', '".mysql_real_escape_string($this->dataRecord["email"])."', 'Y')";
                    $app->db->query($sql);
                }
            }else {

 interface/web/mail/mail_user_filter_del.php

@@ -70,7 +70,7 @@
            }
        }
        
        $out = addslashes($out);
        $out = mysql_real_escape_string($out);
        $app->db->datalogUpdate('mail_user', "custom_mailfilter = '$out'", 'mailuser_id', $this->dataRecord["mailuser_id"]);
    
    }

 interface/web/mail/mail_user_filter_edit.php

@@ -101,7 +101,7 @@
            $out .= $this->getRule();
        }
        
        $out = addslashes($out);
        $out = mysql_real_escape_string($out);
        $app->db->datalogUpdate('mail_user', "custom_mailfilter = '$out'", 'mailuser_id', $this->dataRecord["mailuser_id"]);
    
    }

 server/lib/classes/db_mysql.inc.php

@@ -163,9 +163,14 @@
        // Check der variablen
        function quote($formfield)
        {
            if(!$this->connect()){
                $this->updateError('WARNING: mysql_connect: Used addslashes instead of mysql_real_escape_string');
            return addslashes($formfield);
        }
        
            return mysql_real_escape_string($formfield);
        }
		
        // Check der variablen
        function unquote($formfield)
        {

 server/plugins-available/mysql_clientdb_plugin.inc.php

@@ -71,7 +71,7 @@
            }
        
            //* Create the new database
            if (mysql_query('CREATE DATABASE '.addslashes($data["new"]["database_name"]),$link)) {
            if (mysql_query('CREATE DATABASE '.mysql_real_escape_string($data["new"]["database_name"]),$link)) {
                $app->log('Created MySQL database: '.$data["new"]["database_name"],LOGLEVEL_DEBUG);
            } else {
                $app->log('Unable to connect to the database'.mysql_error($link),LOGLEVEL_ERROR);
@@ -84,8 +84,8 @@
                $db_host = 'localhost';
            }
            
            mysql_query("GRANT ALL ON ".addslashes($data["new"]["database_name"]).".* TO '".addslashes($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".addslashes($data["new"]["database_password"])."';",$link);
            //echo "GRANT ALL ON ".addslashes($data["new"]["database_name"]).".* TO '".addslashes($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".addslashes($data["new"]["database_password"])."';";
            mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"]).".* TO '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"])."';",$link);
            //echo "GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"]).".* TO '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"])."';";
            
            mysql_query("FLUSH PRIVILEGES;",$link);
            mysql_close($link);
@@ -110,18 +110,18 @@
            
            //* Rename User
            if($data["new"]["database_user"] != $data["old"]["database_user"]) {
                mysql_query("RENAME USER '".addslashes($data["old"]["database_user"])."' TO '".addslashes($data["new"]["database_user"])."'",$link);
                mysql_query("RENAME USER '".mysql_real_escape_string($data["old"]["database_user"])."' TO '".mysql_real_escape_string($data["new"]["database_user"])."'",$link);
                $app->log('Renaming mysql user: '.$data["old"]["database_user"].' to '.$data["new"]["database_user"],LOGLEVEL_DEBUG);
            }
            
            //* Remote access option has changed.
            if($data["new"]["remote_access"] != $data["old"]["remote_access"]) {
                if($data["new"]["remote_access"] == 'y') {
                    mysql_query("UPDATE mysql.user SET Host = '%' WHERE User = '".addslashes($data["new"]["database_user"])."' and Host = 'localhost';",$link);
                    mysql_query("UPDATE mysql.db SET Host = '%' WHERE User = '".addslashes($data["new"]["database_user"])."' and Host = 'localhost';",$link);
                    mysql_query("UPDATE mysql.user SET Host = '%' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = 'localhost';",$link);
                    mysql_query("UPDATE mysql.db SET Host = '%' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = 'localhost';",$link);
                } else {
                    mysql_query("UPDATE mysql.user SET Host = 'localhost' WHERE User = '".addslashes($data["new"]["database_user"])."' and Host = '%';",$link);
                    mysql_query("UPDATE mysql.db SET Host = 'localhost' WHERE User = '".addslashes($data["new"]["database_user"])."' and Host = '%';",$link);
                    mysql_query("UPDATE mysql.user SET Host = 'localhost' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = '%';",$link);
                    mysql_query("UPDATE mysql.db SET Host = 'localhost' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = '%';",$link);
                }
                $app->log('Changing mysql remote access priveliges for database: '.$data["new"]["database_name"],LOGLEVEL_DEBUG);
            }
@@ -142,7 +142,7 @@
            
            //* Change password
            if($data["new"]["database_password"] != $data["old"]["database_password"]) {
                mysql_query("SET PASSWORD FOR '".addslashes($data["new"]["database_user"])."'@'$db_host' = PASSWORD('".addslashes($data["new"]["database_password"])."');",$link);
                mysql_query("SET PASSWORD FOR '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' = PASSWORD('".mysql_real_escape_string($data["new"]["database_password"])."');",$link);
                $app->log('Changing mysql user password for: '.$data["new"]["database_user"],LOGLEVEL_DEBUG);
            }
            
@@ -175,13 +175,13 @@
                $db_host = 'localhost';
            }
            
            if(mysql_query("DROP USER '".addslashes($data["old"]["database_user"])."'@'$db_host';",$link)) {
            if(mysql_query("DROP USER '".mysql_real_escape_string($data["old"]["database_user"])."'@'$db_host';",$link)) {
                $app->log('Dropping mysql user: '.$data["old"]["database_user"],LOGLEVEL_DEBUG);
            } else {
                $app->log('Error while dropping mysql user: '.$data["old"]["database_user"].' '.mysql_error($link),LOGLEVEL_ERROR);
            }
            
            if(mysql_query('DROP DATABASE '.addslashes($data["old"]["database_name"]),$link)) {
            if(mysql_query('DROP DATABASE '.mysql_real_escape_string($data["old"]["database_name"]),$link)) {
                $app->log('Dropping mysql database: '.$data["old"]["database_name"],LOGLEVEL_DEBUG);
            } else {
                $app->log('Error while dropping mysql database: '.$data["old"]["database_name"].' '.mysql_error($link),LOGLEVEL_ERROR);