X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=plugins%2Fchange_password%2Fbackend%2Fmysql.php;h=1df21030bea4cf66e1c0fa53a52abdf7d1bd826b;hp=d71b89cbbdb91b497d3c5dcbc9b363185af87575;hb=353d074afac6827c90f4bb03e846c5e453d3b5b1;hpb=760630169b355181586bd6e286c2cffe2d15a9c6

diff --git a/plugins/change_password/backend/mysql.php b/plugins/change_password/backend/mysql.php
index d71b89cb..1df21030 100644
--- a/plugins/change_password/backend/mysql.php
+++ b/plugins/change_password/backend/mysql.php
@@ -1,8 +1,11 @@
 <?php
+
 /**
  * MySQL change password backend
  *
- * @author Thijs Kinkhorst <kink@squirrelmail.org>
+ * @author Thijs Kinkhorst <kink at squirrelmail.org>
+ * @copyright 2003-2018 The SquirrelMail Project Team
+ * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  * @version $Id$
  * @package plugins
  * @subpackage change_password
@@ -87,16 +90,16 @@ function cpw_mysql_dochange($data)
 
     $query_string = 'SELECT ' . $mysql_userid_field . ',' . $mysql_password_field
                   . ' FROM '  . $mysql_table
-                  . ' WHERE ' . $mysql_userid_field . '="' . mysql_escape_string($username) .'"'
+                  . ' WHERE ' . $mysql_userid_field . '="' . mysql_real_escape_string($username, $ds) .'"'
                   . ' AND ' . $mysql_password_field;
 
     if ($mysql_saslcrypt) {
-        $query_string  .= '=password("'.mysql_escape_string($curpw).'")';
+        $query_string  .= '=password("'.mysql_real_escape_string($curpw, $ds).'")';
     } elseif ($mysql_unixcrypt) {
         // FIXME: why password field name is used for salting
-        $query_string  .= '=encrypt("'.mysql_escape_string($curpw).'", '.$mysql_password_field . ')';
+        $query_string  .= '=encrypt("'.mysql_real_escape_string($curpw, $ds).'", '.$mysql_password_field . ')';
     } else {
-        $query_string  .= '="' . mysql_escape_string($curpw) . '"';
+        $query_string  .= '="' . mysql_real_escape_string($curpw, $ds) . '"';
     }
 
     $select_result = mysql_query($query_string, $ds);
@@ -118,18 +121,18 @@ function cpw_mysql_dochange($data)
     $update_string = 'UPDATE '. $mysql_table . ' SET ' . $mysql_password_field;
 
     if ($mysql_saslcrypt) {
-        $update_string  .= '=password("'.mysql_escape_string($newpw).'")';
+        $update_string  .= '=password("'.mysql_real_escape_string($newpw, $ds).'")';
     } elseif ($mysql_unixcrypt) {
         // FIXME: use random salt when you create new password
-        $update_string  .= '=encrypt("'.mysql_escape_string($newpw).'", '.$mysql_password_field . ')';
+        $update_string  .= '=encrypt("'.mysql_real_escape_string($newpw, $ds).'", '.$mysql_password_field . ')';
     } else {
-        $update_string  .= '="' . mysql_escape_string($newpw) . '"';
+        $update_string  .= '="' . mysql_real_escape_string($newpw, $ds) . '"';
     }
-    $update_string .= ' WHERE ' . $mysql_userid_field . ' = "' . mysql_escape_string($username) . '"';
+    $update_string .= ' WHERE ' . $mysql_userid_field . ' = "' . mysql_real_escape_string($username, $ds) . '"';
 
     if (!mysql_query($update_string, $ds)) {
         array_push($msgs, _("Password change was not successful!"));
     }
 
     return $msgs;
-}
\ No newline at end of file
+}