From 604c0c24ba44720e052b536abb1ae992eb0ee292 Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Tue, 19 Nov 2013 08:50:24 -0500
Subject: [PATCH] Code review.

---
 interface/web/sites/web_sites_stats.php |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/interface/web/sites/web_sites_stats.php b/interface/web/sites/web_sites_stats.php
index cc7d4e6..f5eb927 100644
--- a/interface/web/sites/web_sites_stats.php
+++ b/interface/web/sites/web_sites_stats.php
@@ -38,25 +38,25 @@
 		//** Traffic of the current month
 		$tmp_year = date('Y');
 		$tmp_month = date('m');
-		$tmp_rec = $app->db->queryOneRecord("SELECT SUM(traffic_bytes) as t FROM web_traffic WHERE hostname = '".$rec['domain']."' AND YEAR(traffic_date) = '$tmp_year' AND MONTH(traffic_date) = '$tmp_month'");
+		$tmp_rec = $app->db->queryOneRecord("SELECT SUM(traffic_bytes) as t FROM web_traffic WHERE hostname = '".$app->db->quote($rec['domain'])."' AND YEAR(traffic_date) = '$tmp_year' AND MONTH(traffic_date) = '$tmp_month'");
 		$rec['this_month'] = number_format($tmp_rec['t']/1024/1024, 0, '.', ' ');
 		$this->sum_this_month += ($tmp_rec['t']/1024/1024);
 
 		//** Traffic of the current year
-		$tmp_rec = $app->db->queryOneRecord("SELECT sum(traffic_bytes) as t FROM web_traffic WHERE hostname = '".$rec['domain']."' AND YEAR(traffic_date) = '$tmp_year'");
+		$tmp_rec = $app->db->queryOneRecord("SELECT sum(traffic_bytes) as t FROM web_traffic WHERE hostname = '".$app->db->quote($rec['domain'])."' AND YEAR(traffic_date) = '$tmp_year'");
 		$rec['this_year'] = number_format($tmp_rec['t']/1024/1024, 0, '.', ' ');
 		$this->sum_this_year += ($tmp_rec['t']/1024/1024);
 
 		//** Traffic of the last month
 		$tmp_year = date('Y', mktime(0, 0, 0, date("m")-1, date("d"), date("Y")));
 		$tmp_month = date('m', mktime(0, 0, 0, date("m")-1, date("d"), date("Y")));
-		$tmp_rec = $app->db->queryOneRecord("SELECT sum(traffic_bytes) as t FROM web_traffic WHERE hostname = '".$rec['domain']."' AND YEAR(traffic_date) = '$tmp_year' AND MONTH(traffic_date) = '$tmp_month'");
+		$tmp_rec = $app->db->queryOneRecord("SELECT sum(traffic_bytes) as t FROM web_traffic WHERE hostname = '".$app->db->quote($rec['domain'])."' AND YEAR(traffic_date) = '$tmp_year' AND MONTH(traffic_date) = '$tmp_month'");
 		$rec['last_month'] = number_format($tmp_rec['t']/1024/1024, 0, '.', ' ');
 		$this->sum_last_month += ($tmp_rec['t']/1024/1024);
 
 		//** Traffic of the last year
 		$tmp_year = date('Y', mktime(0, 0, 0, date("m"), date("d"), date("Y")-1));
-		$tmp_rec = $app->db->queryOneRecord("SELECT sum(traffic_bytes) as t FROM web_traffic WHERE hostname = '".$rec['domain']."' AND YEAR(traffic_date) = '$tmp_year'");
+		$tmp_rec = $app->db->queryOneRecord("SELECT sum(traffic_bytes) as t FROM web_traffic WHERE hostname = '".$app->db->quote($rec['domain'])."' AND YEAR(traffic_date) = '$tmp_year'");
 		$rec['last_year'] = number_format($tmp_rec['t']/1024/1024, 0, '.', ' ');
 		$this->sum_last_year += ($tmp_rec['t']/1024/1024);
 

--
Gitblit v1.9.1