From 3783361d56e20ad3d4cf16c743b7228a97fc297a Mon Sep 17 00:00:00 2001
From: Dominik <info@profi-webdesign.com>
Date: Sun, 11 Jan 2015 10:20:48 -0500
Subject: [PATCH] fix sql-update

---
 interface/lib/classes/db_mysql.inc.php |    9 +++++++--
 1 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php
index 2f31c44..c076c35 100644
--- a/interface/lib/classes/db_mysql.inc.php
+++ b/interface/lib/classes/db_mysql.inc.php
@@ -86,7 +86,7 @@
 			$this->_sqlerror('Zugriff auf Datenbankserver fehlgeschlagen! / Database server not accessible!');
 			return false;
 		}
-		if(!((bool)mysqli_query( $this->_iConnId, "USE $this->dbName"))) {
+		if(!((bool)mysqli_query( $this->_iConnId, 'USE `' . $this->dbName . '`'))) {
 			$this->close();
 			$this->_sqlerror('Datenbank nicht gefunden / Database not found');
 			return false;
@@ -179,6 +179,11 @@
 			
 			if($ids_config['sql_scan_enabled'] == 'yes') {
 				
+				// Remove whitespace
+				$string = trim($string);
+				if(substr($string,-1) == ';') $string = substr($string,0,-1);
+				
+				// Save original string
 				$string_orig = $string;
 				
 				//echo $string;
@@ -247,7 +252,7 @@
 		$sQuery = call_user_func_array(array(&$this, '_build_query_string'), $aArgs);
 		$this->securityScan($sQuery);
 
-		$this->_iQueryId = mysqli_query($this->_iConnId, $sQuery);
+		$this->_iQueryId = @mysqli_query($this->_iConnId, $sQuery);
 		if (!$this->_iQueryId) {
 			$this->_sqlerror('Falsche Anfrage / Wrong Query', false, 'SQL-Query = ' . $sQuery);
 			return false;

--
Gitblit v1.9.1