From b5f6a1a03de9343ffc718ce253f7730e4d8d6c19 Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Tue, 29 Mar 2016 13:36:35 -0400
Subject: [PATCH] Fix for #3812 Insufficient validation of PHP version selector for ISPConfig 3.1 branch.

---
 interface/web/sites/database_phpmyadmin.php |    6 ++----
 1 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/interface/web/sites/database_phpmyadmin.php b/interface/web/sites/database_phpmyadmin.php
index 5e640df..481b4ea 100644
--- a/interface/web/sites/database_phpmyadmin.php
+++ b/interface/web/sites/database_phpmyadmin.php
@@ -45,14 +45,12 @@
 /*
  * Get the data to connect to the database
  */
-$dbData = $app->db->queryOneRecord("SELECT server_id, database_name FROM web_database WHERE database_id = " . $databaseId);
+$dbData = $app->db->queryOneRecord("SELECT server_id, database_name FROM web_database WHERE database_id = ?", $databaseId);
 $serverId = $app->functions->intval($dbData['server_id']);
 if ($serverId == 0){
 	die ("No DB-Server found!");
 }
-$serverData = $app->db->queryOneRecord(
-	"SELECT server_name FROM server WHERE server_id = " .
-	$serverId);
+$serverData = $app->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ?", $serverId);
 
 $app->uses('getconf');
 $global_config = $app->getconf->get_global_config('sites');

--
Gitblit v1.9.1