X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=plugins%2Fchange_password%2Fbackend%2Fmysql.php;h=59da4a736f4952f566367e962aece1752403e871;hp=15edaab309537d5b8a6917e0e4c3f997da32aed4;hb=c4faef335b2362c81b8ebf026d4066c12d70536c;hpb=4b5049de2fa934c45599d6e4c74bf2bbee10d34d

diff --git a/plugins/change_password/backend/mysql.php b/plugins/change_password/backend/mysql.php
index 15edaab3..59da4a73 100644
--- a/plugins/change_password/backend/mysql.php
+++ b/plugins/change_password/backend/mysql.php
@@ -4,7 +4,7 @@
  * MySQL change password backend
  *
  * @author Thijs Kinkhorst <kink at squirrelmail.org>
- * @copyright &copy; 2003-2007 The SquirrelMail Project Team
+ * @copyright 2003-2020 The SquirrelMail Project Team
  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  * @version $Id$
  * @package plugins
@@ -90,16 +90,16 @@ function cpw_mysql_dochange($data)
 
     $query_string = 'SELECT ' . $mysql_userid_field . ',' . $mysql_password_field
                   . ' FROM '  . $mysql_table
-                  . ' WHERE ' . $mysql_userid_field . '="' . mysql_escape_string($username) .'"'
+                  . ' WHERE ' . $mysql_userid_field . '="' . mysql_real_escape_string($username, $ds) .'"'
                   . ' AND ' . $mysql_password_field;
 
     if ($mysql_saslcrypt) {
-        $query_string  .= '=password("'.mysql_escape_string($curpw).'")';
+        $query_string  .= '=password("'.mysql_real_escape_string($curpw, $ds).'")';
     } elseif ($mysql_unixcrypt) {
         // FIXME: why password field name is used for salting
-        $query_string  .= '=encrypt("'.mysql_escape_string($curpw).'", '.$mysql_password_field . ')';
+        $query_string  .= '=encrypt("'.mysql_real_escape_string($curpw, $ds).'", '.$mysql_password_field . ')';
     } else {
-        $query_string  .= '="' . mysql_escape_string($curpw) . '"';
+        $query_string  .= '="' . mysql_real_escape_string($curpw, $ds) . '"';
     }
 
     $select_result = mysql_query($query_string, $ds);
@@ -121,18 +121,18 @@ function cpw_mysql_dochange($data)
     $update_string = 'UPDATE '. $mysql_table . ' SET ' . $mysql_password_field;
 
     if ($mysql_saslcrypt) {
-        $update_string  .= '=password("'.mysql_escape_string($newpw).'")';
+        $update_string  .= '=password("'.mysql_real_escape_string($newpw, $ds).'")';
     } elseif ($mysql_unixcrypt) {
         // FIXME: use random salt when you create new password
-        $update_string  .= '=encrypt("'.mysql_escape_string($newpw).'", '.$mysql_password_field . ')';
+        $update_string  .= '=encrypt("'.mysql_real_escape_string($newpw, $ds).'", '.$mysql_password_field . ')';
     } else {
-        $update_string  .= '="' . mysql_escape_string($newpw) . '"';
+        $update_string  .= '="' . mysql_real_escape_string($newpw, $ds) . '"';
     }
-    $update_string .= ' WHERE ' . $mysql_userid_field . ' = "' . mysql_escape_string($username) . '"';
+    $update_string .= ' WHERE ' . $mysql_userid_field . ' = "' . mysql_real_escape_string($username, $ds) . '"';
 
     if (!mysql_query($update_string, $ds)) {
         array_push($msgs, _("Password change was not successful!"));
     }
 
     return $msgs;
-}
\ No newline at end of file
+}