From cc7a82756b4f4d7ab18e928527c37489adbaf564 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Tue, 07 Apr 2015 14:10:50 -0400
Subject: [PATCH] - rewrite of sql queries to new form

---
 server/plugins-available/postfix_filter_plugin.inc.php |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/server/plugins-available/postfix_filter_plugin.inc.php b/server/plugins-available/postfix_filter_plugin.inc.php
index 867df25..9c97ff1 100644
--- a/server/plugins-available/postfix_filter_plugin.inc.php
+++ b/server/plugins-available/postfix_filter_plugin.inc.php
@@ -80,8 +80,8 @@
 
 		$type = $data["new"]["type"];
 		if($type != '') {
-			$sql = "SELECT * FROM mail_content_filter WHERE server_id = ".intval($conf["server_id"])." AND type = '".$app->db->quote($type)."' AND active = 'y'";
-			$rules = $app->db->queryAllRecords($sql);
+			$sql = "SELECT * FROM mail_content_filter WHERE server_id = ? AND type = ?' AND active = 'y'";
+			$rules = $app->db->queryAllRecords($sql, $conf["server_id"], $type);
 			$content = '';
 			foreach($rules as $rule) {
 				$content .= $rule["pattern"];
@@ -111,8 +111,8 @@
 
 		$type = $data["old"]["type"];
 		if($type != '') {
-			$sql = "SELECT * FROM mail_content_filter WHERE server_id = ".intval($conf["server_id"])." AND type = '".$app->db->quote($type)."' AND active = 'y'";
-			$rules = $app->db->queryAllRecords($sql);
+			$sql = "SELECT * FROM mail_content_filter WHERE server_id = ? AND type = ? AND active = 'y'";
+			$rules = $app->db->queryAllRecords($sql, $conf["server_id"], $type);
 			$content = '';
 			foreach($rules as $rule) {
 				$content .= $rule["pattern"];

--
Gitblit v1.9.1