- Changed addslashes to mysql_real_escape_string in several files.

- Updated Debian installation instructions.

Author: tbrehm

INSTALL_DEBIAN.txt

@@ -5,7 +5,7 @@ It is recommended to use a clean (fresh) Debian etch install where you just sele
 
 1) Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin with the following command line (on one line!):
 
-apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl postfix-tls libsasl2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl courier-maildrop getmail4
+apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl courier-maildrop getmail4
 
 Answer the questions from the package manager as follows.
 

install/lib/installer_base.lib.php

@@ -177,7 +177,7 @@ public function add_database_server_record() {
 		$this->db->dbName = $cf['database'];
 
 		$server_ini_content = rf("tpl/server.ini.master");
-		$server_ini_content = addslashes($server_ini_content);
+		$server_ini_content = mysql_real_escape_string($server_ini_content);
 
 		$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', 1, 1, 1, 1, 1, 1, '$server_ini_content', 0, 1);";
 		$this->db->query($sql);

install/lib/mysql.lib.php

@@ -171,7 +171,7 @@ function check($formfield)
 		// Check der variablen
         function quote($formfield)
         {
-            return addslashes($formfield);
+            return mysql_real_escape_string($formfield);
         }
 
 		// Check der variablen

install/sql/ispconfig3.sql

@@ -608,6 +608,50 @@ CREATE TABLE `shell_user` (
 
 -- --------------------------------------------------------
 
+-- 
+-- Tabellenstruktur für Tabelle `software_repo`
+-- 
+
+CREATE TABLE `software_repo` (
+  `software_repo_id` bigint(20) NOT NULL auto_increment,
+  `sys_userid` int(11) NOT NULL default '0',
+  `sys_groupid` int(11) NOT NULL default '0',
+  `sys_perm_user` varchar(5) default NULL,
+  `sys_perm_group` varchar(5) default NULL,
+  `sys_perm_other` varchar(5) default NULL,
+  `repo_name` varchar(40) default NULL,
+  `repo_url` varchar(40) default NULL,
+  `repo_username` varchar(30) default NULL,
+  `repo_password` varchar(30) default NULL,
+  `active` varchar(255) NOT NULL default 'y',
+  PRIMARY KEY  (`software_repo_id`)
+) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
+
+-- --------------------------------------------------------
+
+-- 
+-- Tabellenstruktur für Tabelle `software_update`
+-- 
+
+CREATE TABLE `software_update` (
+  `software_update_id` int(11) NOT NULL auto_increment,
+  `software_repo_id` int(11) NOT NULL,
+  `update_url` varchar(255) NOT NULL,
+  `update_md5` varchar(255) NOT NULL,
+  `install` char(1) NOT NULL,
+  `depenencies` varchar(255) NOT NULL,
+  `update_title` varchar(255) NOT NULL,
+  PRIMARY KEY  (`software_update_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
+
+-- 
+-- Daten für Tabelle `software_update`
+-- 
+
+
+-- --------------------------------------------------------
+
+
 -- 
 -- Tabellenstruktur für Tabelle `spamfilter_policy`
 -- 

install/update.php

@@ -157,7 +157,7 @@
 }
 
 $new_ini = array_to_ini($tpl_ini_array);
-$inst->db->query("UPDATE server SET config = '".addslashes($new_ini)."' WHERE server_id = ".$conf['server_id']);
+$inst->db->query("UPDATE server SET config = '".mysql_real_escape_string($new_ini)."' WHERE server_id = ".$conf['server_id']);
 unset($old_ini_array);
 unset($tpl_ini_array);
 unset($new_ini);

interface/lib/classes/db_mysql.inc.php

@@ -160,10 +160,14 @@ public function check($formfield)
         return $this->quote($formfield);
     }
 
-	/** Escapes quotes in variable. addslashes() */
+	/** Escapes quotes in variable. mysql_real_escape_string() */
     public function quote($formfield)
-    {
-        return addslashes($formfield);
+    {	
+		if(!$this->connect()){
+			$this->updateError('WARNING: mysql_connect: Used addslashes instead of mysql_real_escape_string');
+			return addslashes($formfield);
+		}
+        return mysql_real_escape_string($formfield, $this->linkId);
     }
 
 	/** Unquotes a variable, strip_slashes() */

interface/lib/classes/form.inc.php

@@ -293,7 +293,7 @@ function encode($record) {
 				switch ($this->tableDef[$key]['datatype']) {
 				case 'VARCHAR':
 					if(!is_array($val)) {
-						$new_record[$key] = addslashes($val);
+						$new_record[$key] = mysql_real_escape_string($val);
 					} else {
 						$new_record[$key] = implode($this->tableDef[$key]['separator'],$val);
 					}
@@ -308,7 +308,7 @@ function encode($record) {
 					$new_record[$key] = intval($val);
 				break;
 				case 'DOUBLE':
-					$new_record[$key] = addslashes($val);
+					$new_record[$key] = mysql_real_escape_string($val);
 				break;
 				case 'CURRENCY':
 					$new_record[$key] = str_replace(",",".",$val);

interface/lib/classes/listform.inc.php

@@ -312,7 +312,7 @@ public function encode($record)
                     case 'VARCHAR':
                     case 'TEXT':
                         if(!is_array($record[$key])) {
-                            $record[$key] = addslashes($record[$key]);
+                            $record[$key] = mysql_real_escape_string($record[$key]);
                         } else {
                             $record[$key] = implode($this->tableDef[$key]['separator'],$record[$key]);
                         }
@@ -330,7 +330,7 @@ public function encode($record)
                         break;
 
                     case 'DOUBLE':
-                        $record[$key] = addslashes($record[$key]);
+                        $record[$key] = mysql_real_escape_string($record[$key]);
                         break;
 
                     case 'CURRENCY':

interface/lib/classes/remoting_lib.inc.php

@@ -291,14 +291,14 @@ function encode($record) {
                                 switch ($field['datatype']) {
                                 case 'VARCHAR':
                                         if(!@is_array($record[$key])) {
-                                                $new_record[$key] = (isset($record[$key]))?addslashes($record[$key]):'';
+                                                $new_record[$key] = (isset($record[$key]))?mysql_real_escape_string($record[$key]):'';
                                         } else {
                                                 $new_record[$key] = implode($field['separator'],$record[$key]);
                                         }
                                 break;
                                 case 'TEXT':
                                         if(!is_array($record[$key])) {
-                                                $new_record[$key] = addslashes($record[$key]);
+                                                $new_record[$key] = mysql_real_escape_string($record[$key]);
                                         } else {
                                                 $new_record[$key] = implode($field['separator'],$record[$key]);
                                         }
@@ -317,7 +317,7 @@ function encode($record) {
                                         //if($key == 'refresh') die($record[$key]);
                                 break;
                                 case 'DOUBLE':
-                                        $new_record[$key] = addslashes($record[$key]);
+                                        $new_record[$key] = mysql_real_escape_string($record[$key]);
                                 break;
                                 case 'CURRENCY':
                                         $new_record[$key] = str_replace(",",".",$record[$key]);