From d94b1e279416bcbd1a517851e7e3d606d6289fc8 Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Thu, 07 May 2015 11:03:16 -0400
Subject: [PATCH] Merge branch 'stable-3.0.5' of git.ispconfig.org:ispconfig/ispconfig3 into stable-3.0.5

---
 interface/lib/classes/db_mysql.inc.php |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php
index b96b8d0..7331463 100644
--- a/interface/lib/classes/db_mysql.inc.php
+++ b/interface/lib/classes/db_mysql.inc.php
@@ -132,12 +132,18 @@
 			
 			if($ids_config['sql_scan_enabled'] == 'yes') {
 				
+				// Remove whitespace
+				$string = trim($string);
+				if(substr($string,-1) == ';') $string = substr($string,0,-1);
+				
+				// Save original string
 				$string_orig = $string;
 				
 				//echo $string;
-				$chars = array(';', '#', '/*', '*/', '--', ' UNION ', '\\\'', '\\"');
+				$chars = array(';', '#', '/*', '*/', '--', '\\\'', '\\"');
 		
 				$string = str_replace('\\\\', '', $string);
+				$string = preg_replace('/(^|[^\\\])([\'"])\\2/is', '$1', $string);
 				$string = preg_replace('/(^|[^\\\])([\'"])(.*?[^\\\])\\2/is', '$1', $string);
 				$ok = true;
 

--
Gitblit v1.9.1