From e1ceb050e19c7574bca146a8da7047ee4ff456b5 Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Sun, 10 Jul 2016 05:02:35 -0400
Subject: [PATCH] Merge branch 'stable-3.1'

---
 server/plugins-available/software_update_plugin.inc.php |   23 +++++++++++------------
 1 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/server/plugins-available/software_update_plugin.inc.php b/server/plugins-available/software_update_plugin.inc.php
index 6f12bf8..640d7a9 100644
--- a/server/plugins-available/software_update_plugin.inc.php
+++ b/server/plugins-available/software_update_plugin.inc.php
@@ -67,8 +67,8 @@
 	private function set_install_status($inst_id, $status) {
 		global $app;
 
-		$app->db->query("UPDATE software_update_inst SET status = '{$status}' WHERE software_update_inst_id = '{$inst_id}'");
-		$app->dbmaster->query("UPDATE software_update_inst SET status = '{$status}' WHERE software_update_inst_id = '{$inst_id}'");
+		$app->db->query("UPDATE software_update_inst SET status = ? WHERE software_update_inst_id = ?", $status, $inst_id);
+		$app->dbmaster->query("UPDATE software_update_inst SET status = ? WHERE software_update_inst_id = ?", $status, $inst_id);
 	}
 
 	public function process($event_name, $data) {
@@ -76,8 +76,8 @@
 
 		//* Get the info of the package:
 		$software_update_id = intval($data["new"]["software_update_id"]);
-		$software_update = $app->db->queryOneRecord("SELECT * FROM software_update WHERE software_update_id = '$software_update_id'");
-		$software_package = $app->db->queryOneRecord("SELECT * FROM software_package WHERE package_name = '".$app->db->quote($software_update['package_name'])."'");
+		$software_update = $app->db->queryOneRecord("SELECT * FROM software_update WHERE software_update_id = ?", $software_update_id);
+		$software_package = $app->db->queryOneRecord("SELECT * FROM software_package WHERE package_name = ?", $software_update['package_name']);
 
 		if($software_package['package_type'] == 'ispconfig' && !$conf['software_updates_enabled'] == true) {
 			$app->log('Software Updates not enabled on this server. To enable updates, set $conf["software_updates_enabled"] = true; in config.inc.php', LOGLEVEL_WARN);
@@ -246,29 +246,28 @@
 			}
 
 			//* Connect to the database
-			$link = mysql_connect($clientdb_host, $clientdb_user, $clientdb_password);
+			$link = mysqli_connect($clientdb_host, $clientdb_user, $clientdb_password);
 			if (!$link) {
-				$app->log('Unable to connect to the database'.mysql_error($link), LOGLEVEL_ERROR);
+				$app->log('Unable to connect to the database'.mysqli_connect_error(), LOGLEVEL_ERROR);
 				return;
 			}
 
 			$query_charset_table = '';
 
 			//* Create the new database
-			if (mysql_query('CREATE DATABASE '.mysql_real_escape_string($db_config['database_name']).$query_charset_table, $link)) {
+			if (mysqli_query($link,'CREATE DATABASE '.mysqli_real_escape_string($link, $db_config['database_name']).$query_charset_table, $link)) {
 				$app->log('Created MySQL database: '.$db_config['database_name'], LOGLEVEL_DEBUG);
 			} else {
-				$app->log('Unable to connect to the database'.mysql_error($link), LOGLEVEL_ERROR);
+				$app->log('Unable to connect to the database'.mysqli_error($link), LOGLEVEL_ERROR);
 			}
 
-			if(mysql_query("GRANT ALL ON ".mysql_real_escape_string($db_config['database_name'], $link).".* TO '".mysql_real_escape_string($db_config['database_user'], $link)."'@'".$db_config['database_host']."' IDENTIFIED BY '".mysql_real_escape_string($db_config['database_password'], $link)."';", $link)) {
+			if(mysqli_query("GRANT ALL ON ".mysqli_real_escape_string($link, $db_config['database_name']).".* TO '".mysqli_real_escape_string($link, $db_config['database_user'])."'@'".$db_config['database_host']."' IDENTIFIED BY '".mysqli_real_escape_string($link, $db_config['database_password'])."';", $link)) {
 				$app->log('Created MySQL user: '.$db_config['database_user'], LOGLEVEL_DEBUG);
 			} else {
-				$app->log('Unable to create database user'.$db_config['database_user'].' '.mysql_error($link), LOGLEVEL_ERROR);
+				$app->log('Unable to create database user'.$db_config['database_user'].' '.mysqli_error($link), LOGLEVEL_ERROR);
 			}
 
-			mysql_query("FLUSH PRIVILEGES;", $link);
-			mysql_close($link);
+			mysqli_close($link);
 
 		}
 

--
Gitblit v1.9.1