diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2013-10-08 13:30:35 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-10-08 13:52:31 +0000 |
| commit | fabb8ff676a0d9dda8c25c7e26c60ca37e811bbd (patch) | |
| tree | b1b42cd2319472489a13883a7ea054eb9074dfb0 /main/zabbix | |
| parent | e7849caa0ff6bd77ef87e8a121c1a73579f5705b (diff) | |
| download | aports-fabb8ff676a0d9dda8c25c7e26c60ca37e811bbd.tar.bz2 aports-fabb8ff676a0d9dda8c25c7e26c60ca37e811bbd.tar.xz | |
main/zabbix: security fix (CVE-2013-5743)
https://support.zabbix.com/browse/ZBX-7091
ref #2271
Diffstat (limited to 'main/zabbix')
| -rw-r--r-- | main/zabbix/APKBUILD | 14 | ||||
| -rw-r--r-- | main/zabbix/ZBX-7091-2.0.8.patch | 2021 |
2 files changed, 2030 insertions, 5 deletions
diff --git a/main/zabbix/APKBUILD b/main/zabbix/APKBUILD index 0cfa65428..e2ca46e7a 100644 --- a/main/zabbix/APKBUILD +++ b/main/zabbix/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=zabbix pkgver=2.0.8 -pkgrel=2 +pkgrel=3 pkgdesc="Enterprise-class open source distributed monitoring" url="http://www.zabbix.com" arch="all" @@ -27,6 +27,7 @@ source="http://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz zabbix-server.initd zabbix-agentd.initd zabbix-proxy.initd + ZBX-7091-2.0.8.patch " _builddir="$srcdir"/$pkgname-$pkgver @@ -50,7 +51,7 @@ build() { # set default configure flags _configure="--prefix=/usr \ --sysconfdir=/etc/zabbix \ - --mandir=/usr/share/man \ + --mandir=/usr/share/man \ --infodir=/usr/share/info \ --enable-server \ --enable-agent \ @@ -175,7 +176,8 @@ b80eca2e260cc9e563f4b7a1b30bb158 res_send.patch 5f7b1815a309d8dade4a1d15d5048742 automake.patch d823c2ab6c2bbdd0ebd3511fac4a83b4 zabbix-server.initd 1a5c718bcf815fcf659e14fb0b576a1a zabbix-agentd.initd -a99978139481e69434f78fc3e8c53441 zabbix-proxy.initd" +a99978139481e69434f78fc3e8c53441 zabbix-proxy.initd +69f7a0d3b7747bcad5f4928a0e9c4786 ZBX-7091-2.0.8.patch" sha256sums="c4b94960de0a1d0b20604a08503e9715c15845409368162c1e321040b8e4519a zabbix-2.0.8.tar.gz 3b09a8fdc38216d859022c5966c36f0bcb6984974208cf4c69c17129649efdf5 zabbix_server.conf 3ae307895c9a7189e29c4ebf7479ce08d4c3bbe1a7f0a3554828170dac417bab zabbix_trapper.conf @@ -186,7 +188,8 @@ sha256sums="c4b94960de0a1d0b20604a08503e9715c15845409368162c1e321040b8e4519a za 4cd7ab9c6fa95aacab0c1f7b77bad18e9b500feca70b16c866a581775b4ad611 automake.patch f4e18cca40cd7299140aec3077cf39429487860094d7f5d88d76d8e040dca9b8 zabbix-server.initd 4f93c4868726a3e8fed12a030cfce8911f105217a59187d6b3e1565d8d3e76b5 zabbix-agentd.initd -60a01c08df054a0c1bcfb71e378544b4c4e489e6a6779d96383387ed34ddc0b0 zabbix-proxy.initd" +60a01c08df054a0c1bcfb71e378544b4c4e489e6a6779d96383387ed34ddc0b0 zabbix-proxy.initd +ae8f91f846f8a84d926c0bfe81ad6c4f8203a28efeb0b040b6fef32cfc0022fa ZBX-7091-2.0.8.patch" sha512sums="5a65c7fcce33d98a0f441798ca83f16bb6ed31b8a1b025f39c4003a0906c148ed5ff9db41aec591f053083b6bacd3ea1a1c8b96c007c44da092bfa179693e403 zabbix-2.0.8.tar.gz 3170d56a61871e6efadf705c19f864fdecf9420c4263f2a1129245b3b55bd730d1ba5a6a26ea866fc7842c86f7745e51ea28878bb9e9267ed9176499cb75e8bb zabbix_server.conf cd08d907838de646f65316950e8c71deae25be1701e0cc22e5fd2f636c21ef2365a537d247277bafb694cae8c5dbd22eb725c1647797ad3e4ac4b3df2084ef07 zabbix_trapper.conf @@ -197,4 +200,5 @@ a2d8d52bacd353363c22f89ca26deffdec722144dab4899987ef4b8479d0b0722007bf3e97f75403 7aa59336e92d83eddff4bc18038820cfc25dc50f45327a2c0a6aa0e360fa742c9724d25e84152e3a14193c88ea5d6e66fdb99f2900c0bf8199cb2adf9e143415 automake.patch af0853d8c5a8b33399b87e7958a7ffd692fe18005dcc43af5f58e0fdf6bbee3dd66ec77a3840ae5e526a4c445b04425071f6796d726ff923aba9d3a78ca3c022 zabbix-server.initd 3ef0fe0c1c94f2f01a0c335a45ee0f3c0cd4b125d96b5eefa869a17efb352087a5dd18ef8e87c35e6816b6fb705b829f0a25452e7285637d3595ff4c103b7c21 zabbix-agentd.initd -b305ea06641c6a331273f065a4a85fac92c45e107a30e85cb41be4ea36e2efbf5442c69cc6605ea3734a851808f7abba20042058d4b07832d858cdb63e98d405 zabbix-proxy.initd" +b305ea06641c6a331273f065a4a85fac92c45e107a30e85cb41be4ea36e2efbf5442c69cc6605ea3734a851808f7abba20042058d4b07832d858cdb63e98d405 zabbix-proxy.initd +cd960187bf234b14fd612ff3b4357ce5b1b094a9498e58a735309136b04a7f5076a8ff251edf47ede7d663d3d0fbd1e36c9c99e647dab598f4bedc634e17e24a ZBX-7091-2.0.8.patch" diff --git a/main/zabbix/ZBX-7091-2.0.8.patch b/main/zabbix/ZBX-7091-2.0.8.patch new file mode 100644 index 000000000..b4a2c63cd --- /dev/null +++ b/main/zabbix/ZBX-7091-2.0.8.patch @@ -0,0 +1,2021 @@ +Index: frontends/php/api/classes/CGraphItem.php +=================================================================== +--- ./frontends/php/api/classes/CGraphItem.php (revision 38884) ++++ ./frontends/php/api/classes/CGraphItem.php (working copy) +@@ -119,7 +119,7 @@ + + // type + if (!is_null($options['type'] )) { +- $sqlParts['where'][] = 'gi.type='.$options['type']; ++ $sqlParts['where'][] = 'gi.type='.zbx_dbstr($options['type']); + } + + // output +@@ -254,8 +254,8 @@ + $dbRes = DBselect( + 'SELECT gi.gitemid'. + ' FROM graphs_items gi'. +- ' WHERE gi.itemid='.$gitemData['itemid']. +- ' AND gi.graphid='.$gitemData['graphid'] ++ ' WHERE gi.itemid='.zbx_dbstr($gitemData['itemid']). ++ ' AND gi.graphid='.zbx_dbstr($gitemData['graphid']) + ); + while ($gitem = DBfetch($dbRes)) { + $gitemids[$gitem['gitemid']] = $gitem['gitemid']; +Index: frontends/php/api/classes/CEvent.php +=================================================================== +--- ./frontends/php/api/classes/CEvent.php (revision 38884) ++++ ./frontends/php/api/classes/CEvent.php (working copy) +@@ -232,12 +232,12 @@ + + // object + if (!is_null($options['object'])) { +- $sqlParts['where']['o'] = 'e.object='.$options['object']; ++ $sqlParts['where']['o'] = 'e.object='.zbx_dbstr($options['object']); + } + + // source + if (!is_null($options['source'])) { +- $sqlParts['where'][] = 'e.source='.$options['source']; ++ $sqlParts['where'][] = 'e.source='.zbx_dbstr($options['source']); + } + + // acknowledged +@@ -255,22 +255,22 @@ + + // time_from + if (!is_null($options['time_from'])) { +- $sqlParts['where'][] = 'e.clock>='.$options['time_from']; ++ $sqlParts['where'][] = 'e.clock>='.zbx_dbstr($options['time_from']); + } + + // time_till + if (!is_null($options['time_till'])) { +- $sqlParts['where'][] = 'e.clock<='.$options['time_till']; ++ $sqlParts['where'][] = 'e.clock<='.zbx_dbstr($options['time_till']); + } + + // eventid_from + if (!is_null($options['eventid_from'])) { +- $sqlParts['where'][] = 'e.eventid>='.$options['eventid_from']; ++ $sqlParts['where'][] = 'e.eventid>='.zbx_dbstr($options['eventid_from']); + } + + // eventid_till + if (!is_null($options['eventid_till'])) { +- $sqlParts['where'][] = 'e.eventid<='.$options['eventid_till']; ++ $sqlParts['where'][] = 'e.eventid<='.zbx_dbstr($options['eventid_till']); + } + + // value +Index: frontends/php/api/classes/CGraphPrototype.php +=================================================================== +--- ./frontends/php/api/classes/CGraphPrototype.php (revision 38884) ++++ ./frontends/php/api/classes/CGraphPrototype.php (working copy) +@@ -227,7 +227,7 @@ + + // type + if (!is_null($options['type'] )) { +- $sqlParts['where'][] = 'g.type='.$options['type']; ++ $sqlParts['where'][] = 'g.type='.zbx_dbstr($options['type']); + } + + // templated +Index: frontends/php/api/classes/CItemGeneral.php +=================================================================== +--- ./frontends/php/api/classes/CItemGeneral.php (revision 38884) ++++ ./frontends/php/api/classes/CItemGeneral.php (working copy) +@@ -707,7 +707,7 @@ + + $sqlWhere = array(); + foreach ($itemKeysByHostId as $hostId => $keys) { +- $sqlWhere[] = '(i.hostid='.$hostId.' AND '.dbConditionString('i.key_', $keys).')'; ++ $sqlWhere[] = '(i.hostid='.zbx_dbstr($hostId).' AND '.dbConditionString('i.key_', $keys).')'; + } + + if ($sqlWhere) { +Index: frontends/php/api/classes/CHistory.php +=================================================================== +--- ./frontends/php/api/classes/CHistory.php (revision 38884) ++++ ./frontends/php/api/classes/CHistory.php (working copy) +@@ -169,13 +169,13 @@ + // time_from + if (!is_null($options['time_from'])) { + $sqlParts['select']['clock'] = 'h.clock'; +- $sqlParts['where']['clock_from'] = 'h.clock>='.$options['time_from']; ++ $sqlParts['where']['clock_from'] = 'h.clock>='.zbx_dbstr($options['time_from']); + } + + // time_till + if (!is_null($options['time_till'])) { + $sqlParts['select']['clock'] = 'h.clock'; +- $sqlParts['where']['clock_till'] = 'h.clock<='.$options['time_till']; ++ $sqlParts['where']['clock_till'] = 'h.clock<='.zbx_dbstr($options['time_till']); + } + + // filter +Index: frontends/php/api/classes/CTrigger.php +=================================================================== +--- ./frontends/php/api/classes/CTrigger.php (revision 38884) ++++ ./frontends/php/api/classes/CTrigger.php (working copy) +@@ -321,12 +321,12 @@ + + // lastChangeSince + if (!is_null($options['lastChangeSince'])) { +- $sqlParts['where']['lastchangesince'] = 't.lastchange>'.$options['lastChangeSince']; ++ $sqlParts['where']['lastchangesince'] = 't.lastchange>'.zbx_dbstr($options['lastChangeSince']); + } + + // lastChangeTill + if (!is_null($options['lastChangeTill'])) { +- $sqlParts['where']['lastchangetill'] = 't.lastchange<'.$options['lastChangeTill']; ++ $sqlParts['where']['lastchangetill'] = 't.lastchange<'.zbx_dbstr($options['lastChangeTill']); + } + + // withUnacknowledgedEvents +@@ -466,7 +466,7 @@ + + // min_severity + if (!is_null($options['min_severity'])) { +- $sqlParts['where'][] = 't.priority>='.$options['min_severity']; ++ $sqlParts['where'][] = 't.priority>='.zbx_dbstr($options['min_severity']); + } + + // output +Index: frontends/php/api/classes/CScript.php +=================================================================== +--- ./frontends/php/api/classes/CScript.php (revision 38884) ++++ ./frontends/php/api/classes/CScript.php (working copy) +@@ -114,7 +114,7 @@ + $sqlParts['from']['hosts_groups'] = 'hosts_groups hg'; + $sqlParts['where'][] = 'hg.groupid=r.id'; + $sqlParts['where'][] = 'r.groupid=ug.usrgrpid'; +- $sqlParts['where'][] = 'ug.userid='.$userid; ++ $sqlParts['where'][] = 'ug.userid='.zbx_dbstr($userid); + $sqlParts['where'][] = '(hg.groupid=s.groupid OR s.groupid IS NULL)'; + $sqlParts['where'][] = '(ug.usrgrpid=s.usrgrpid OR s.usrgrpid IS NULL)'; + } +@@ -265,7 +265,7 @@ + 'SELECT s.scriptid'. + ' FROM scripts s'. + ' WHERE '.DBin_node('s.scriptid'). +- ' AND s.name='.$script['name'] ++ ' AND s.name='.zbx_dbstr($script['name']) + ); + while ($script = DBfetch($dbScripts)) { + $scriptids[$script['scriptid']] = $script['scriptid']; +Index: frontends/php/api/classes/CTemplate.php +=================================================================== +--- ./frontends/php/api/classes/CTemplate.php (revision 38884) ++++ ./frontends/php/api/classes/CTemplate.php (working copy) +@@ -1021,7 +1021,7 @@ + + foreach ($template['groups'] as $group) { + $hostgroupid = get_dbid('hosts_groups', 'hostgroupid'); +- $result = DBexecute("INSERT INTO hosts_groups (hostgroupid, hostid, groupid) VALUES ($hostgroupid, $templateid, {$group['groupid']})"); ++ $result = DBexecute('INSERT INTO hosts_groups (hostgroupid,hostid,groupid) VALUES ('.zbx_dbstr($hostgroupid).','.zbx_dbstr($templateid).','.zbx_dbstr($group['groupid']).')'); + if (!$result) { + self::exception(ZBX_API_ERROR_PARAMETERS, 'DBerror'); + } +Index: frontends/php/api/classes/CHostGeneral.php +=================================================================== +--- ./frontends/php/api/classes/CHostGeneral.php (revision 38884) ++++ ./frontends/php/api/classes/CHostGeneral.php (working copy) +@@ -261,7 +261,7 @@ + continue; + } + +- $values = array(get_dbid('hosts_templates', 'hosttemplateid'), $targetid, $templateid); ++ $values = array(get_dbid('hosts_templates', 'hosttemplateid'), zbx_dbstr($targetid), zbx_dbstr($templateid)); + $sql = 'INSERT INTO hosts_templates VALUES ('.implode(', ', $values).')'; + $result = DBexecute($sql); + +Index: frontends/php/api/classes/CUser.php +=================================================================== +--- ./frontends/php/api/classes/CUser.php (revision 38884) ++++ ./frontends/php/api/classes/CUser.php (working copy) +@@ -507,7 +507,8 @@ + $usrgrps = zbx_objectValues($user['usrgrps'], 'usrgrpid'); + foreach ($usrgrps as $groupid) { + $usersGroupdId = get_dbid('users_groups', 'id'); +- $sql = 'INSERT INTO users_groups (id,usrgrpid,userid) VALUES ('.$usersGroupdId.','.$groupid.','.$userid.')'; ++ $sql = 'INSERT INTO users_groups (id,usrgrpid,userid) VALUES ('.zbx_dbstr($usersGroupdId).','.zbx_dbstr($groupid).','.zbx_dbstr($userid).')'; ++ + if (!DBexecute($sql)) { + self::exception(ZBX_API_ERROR_PARAMETERS, 'DBerror'); + } +@@ -516,8 +517,8 @@ + foreach ($user['user_medias'] as $mediaData) { + $mediaid = get_dbid('media', 'mediaid'); + $sql = 'INSERT INTO media (mediaid,userid,mediatypeid,sendto,active,severity,period)'. +- ' VALUES ('.$mediaid.','.$userid.','.$mediaData['mediatypeid'].','. +- zbx_dbstr($mediaData['sendto']).','.$mediaData['active'].','.$mediaData['severity'].','. ++ ' VALUES ('.zbx_dbstr($mediaid).','.zbx_dbstr($userid).','.zbx_dbstr($mediaData['mediatypeid']).','. ++ zbx_dbstr($mediaData['sendto']).','.zbx_dbstr($mediaData['active']).','.zbx_dbstr($mediaData['severity']).','. + zbx_dbstr($mediaData['period']).')'; + if (!DBexecute($sql)) { + self::exception(ZBX_API_ERROR_PARAMETERS, 'DBerror'); +@@ -577,10 +578,10 @@ + $newUsrgrpids = zbx_objectValues($user['usrgrps'], 'usrgrpid'); + + // deleting all relations with groups, but not touching those, where user still must be after update +- DBexecute('DELETE FROM users_groups WHERE userid='.$user['userid'].' AND '.dbConditionInt('usrgrpid', $newUsrgrpids, true)); ++ DBexecute('DELETE FROM users_groups WHERE userid='.zbx_dbstr($user['userid']).' AND '.dbConditionInt('usrgrpid', $newUsrgrpids, true)); + + // getting the list of groups user is currently in +- $dbGroupsUserIn = DBSelect('SELECT usrgrpid FROM users_groups WHERE userid='.$user['userid']); ++ $dbGroupsUserIn = DBSelect('SELECT usrgrpid FROM users_groups WHERE userid='.zbx_dbstr($user['userid'])); + $groupsUserIn = array(); + while ($grp = DBfetch($dbGroupsUserIn)) { + $groupsUserIn[$grp['usrgrpid']] = $grp['usrgrpid']; +@@ -598,7 +599,7 @@ + } + + $usersGroupdId = get_dbid('users_groups', 'id'); +- $sql = 'INSERT INTO users_groups (id,usrgrpid,userid) VALUES ('.$usersGroupdId.','.$groupid.','.$user['userid'].')'; ++ $sql = 'INSERT INTO users_groups (id,usrgrpid,userid) VALUES ('.zbx_dbstr($usersGroupdId).','.zbx_dbstr($groupid).','.zbx_dbstr($user['userid']).')'; + + if (!DBexecute($sql)) { + self::exception(ZBX_API_ERROR_PARAMETERS, 'DBerror'); +@@ -696,8 +697,8 @@ + $mediaid = get_dbid('media', 'mediaid'); + + $sql = 'INSERT INTO media (mediaid,userid,mediatypeid,sendto,active,severity,period)'. +- ' VALUES ('.$mediaid.','.$user['userid'].','.$media['mediatypeid'].','. +- zbx_dbstr($media['sendto']).','.$media['active'].','.$media['severity'].','. ++ ' VALUES ('.zbx_dbstr($mediaid).','.zbx_dbstr($user['userid']).','.zbx_dbstr($media['mediatypeid']).','. ++ zbx_dbstr($media['sendto']).','.zbx_dbstr($media['active']).','.zbx_dbstr($media['severity']).','. + zbx_dbstr($media['period']).')'; + if (!DBexecute($sql)) { + self::exception(ZBX_API_ERROR_PARAMETERS, 'DBerror'); +@@ -796,12 +797,12 @@ + + $result = DBexecute( + 'UPDATE media'. +- ' SET mediatypeid='.$media['mediatypeid'].','. ++ ' SET mediatypeid='.zbx_dbstr($media['mediatypeid']).','. + ' sendto='.zbx_dbstr($media['sendto']).','. +- ' active='.$media['active'].','. +- ' severity='.$media['severity'].','. ++ ' active='.zbx_dbstr($media['active']).','. ++ ' severity='.zbx_dbstr($media['severity']).','. + ' period='.zbx_dbstr($media['period']). +- ' WHERE mediaid='.$media['mediaid'] ++ ' WHERE mediaid='.zbx_dbstr($media['mediaid']) + ); + if (!$result) { + self::exception(ZBX_API_ERROR_PARAMETERS, _('Cannot update user media.')); +@@ -927,7 +928,7 @@ + $dbAccess = DBfetch(DBselect( + 'SELECT MAX(g.gui_access) AS gui_access'. + ' FROM usrgrp g,users_groups ug'. +- ' WHERE ug.userid='.$userInfo['userid']. ++ ' WHERE ug.userid='.zbx_dbstr($userInfo['userid']). + ' AND g.usrgrpid=ug.usrgrpid' + )); + if (!zbx_empty($dbAccess['gui_access'])) { +@@ -968,7 +969,7 @@ + + DBexecute( + 'UPDATE users'. +- ' SET attempt_failed='.$userInfo['attempt_failed'].','. ++ ' SET attempt_failed='.zbx_dbstr($userInfo['attempt_failed']).','. + ' attempt_clock='.time().','. + ' attempt_ip='.zbx_dbstr($ip). + ' WHERE userid='.$userInfo['userid'] +@@ -980,7 +981,7 @@ + + // start session + $sessionid = md5(time().$password.$name.rand(0, 10000000)); +- DBexecute('INSERT INTO sessions (sessionid,userid,lastaccess,status) VALUES ('.zbx_dbstr($sessionid).','.$userInfo['userid'].','.time().','.ZBX_SESSION_ACTIVE.')'); ++ DBexecute('INSERT INTO sessions (sessionid,userid,lastaccess,status) VALUES ('.zbx_dbstr($sessionid).','.zbx_dbstr($userInfo['userid']).','.time().','.ZBX_SESSION_ACTIVE.')'); + + add_audit(AUDIT_ACTION_LOGIN, AUDIT_RESOURCE_USER, _s('Correct login "%s".', $name)); + +@@ -990,7 +991,7 @@ + $userData['userid'] = $userInfo['userid']; + + if ($userInfo['attempt_failed']) { +- DBexecute('UPDATE users SET attempt_failed=0 WHERE userid='.$userInfo['userid']); ++ DBexecute('UPDATE users SET attempt_failed=0 WHERE userid='.zbx_dbstr($userInfo['userid'])); + } + + CWebUser::$data = self::$userData = $userData; +@@ -1035,16 +1036,16 @@ + } + + if ($userInfo['autologout'] > 0) { +- DBexecute('DELETE FROM sessions WHERE userid='.$userInfo['userid'].' AND lastaccess<'.(time() - $userInfo['autologout'])); ++ DBexecute('DELETE FROM sessions WHERE userid='.zbx_dbstr($userInfo['userid']).' AND lastaccess<'.(time() - $userInfo['autologout'])); + } + +- DBexecute('UPDATE sessions SET lastaccess='.time().' WHERE userid='.$userInfo['userid'].' AND sessionid='.zbx_dbstr($sessionid)); ++ DBexecute('UPDATE sessions SET lastaccess='.time().' WHERE userid='.zbx_dbstr($userInfo['userid']).' AND sessionid='.zbx_dbstr($sessionid)); + } + + $dbAccess = DBfetch(DBselect( + 'SELECT MAX(g.gui_access) AS gui_access'. + ' FROM usrgrp g,users_groups ug'. +- ' WHERE ug.userid='.$userInfo['userid']. ++ ' WHERE ug.userid='.zbx_dbstr($userInfo['userid']). + ' AND g.usrgrpid=ug.usrgrpid' + )); + if (!zbx_empty($dbAccess['gui_access'])) { +@@ -1070,13 +1071,13 @@ + 'SELECT u.userid,u.alias,u.name,u.surname,u.url,u.autologin,u.autologout,u.lang,u.refresh,u.type,'. + ' u.theme,u.attempt_failed,u.attempt_ip,u.attempt_clock,u.rows_per_page'. + ' FROM users u'. +- ' WHERE u.userid='.$userid ++ ' WHERE u.userid='.zbx_dbstr($userid) + )); + + $userData['debug_mode'] = (bool) DBfetch(DBselect( + 'SELECT ug.userid'. + ' FROM usrgrp g,users_groups ug'. +- ' WHERE ug.userid='.$userid. ++ ' WHERE ug.userid='.zbx_dbstr($userid). + ' AND g.usrgrpid=ug.usrgrpid'. + ' AND g.debug_mode='.GROUP_DEBUG_MODE_ENABLED + )); +Index: frontends/php/api/classes/CImage.php +=================================================================== +--- ./frontends/php/api/classes/CImage.php (revision 38884) ++++ ./frontends/php/api/classes/CImage.php (working copy) +@@ -314,9 +314,9 @@ + + $imageid = get_dbid('images', 'imageid'); + $values = array( +- 'imageid' => $imageid, ++ 'imageid' => zbx_dbstr($imageid), + 'name' => zbx_dbstr($image['name']), +- 'imagetype' => $image['imagetype'], ++ 'imagetype' => zbx_dbstr($image['imagetype']) + ); + + switch ($DB['TYPE']) { +@@ -423,7 +423,7 @@ + + $values = array(); + if (isset($image['name'])) $values['name'] = zbx_dbstr($image['name']); +- if (isset($image['imagetype'])) $values['imagetype'] = $image['imagetype']; ++ if (isset($image['imagetype'])) $values['imagetype'] = zbx_dbstr($image['imagetype']); + + if (isset($image['image'])) { + // decode BASE64 +@@ -443,7 +443,7 @@ + $values['image'] = zbx_dbstr($image['image']); + break; + case ZBX_DB_ORACLE: +- $sql = 'SELECT image FROM images WHERE imageid = '.$image['imageid'].' FOR UPDATE'; ++ $sql = 'SELECT image FROM images WHERE imageid = '.zbx_dbstr($image['imageid']).' FOR UPDATE'; + + if (!$stmt = oci_parse($DB['DB'], $sql)) { + $e = oci_error($DB['DB']); +@@ -464,7 +464,7 @@ + $row['IMAGE']->free(); + break; + case ZBX_DB_DB2: +- $stmt = db2_prepare($DB['DB'], 'UPDATE images SET image=? WHERE imageid='.$image['imageid']); ++ $stmt = db2_prepare($DB['DB'], 'UPDATE images SET image=? WHERE imageid='.zbx_dbstr($image['imageid'])); + + if (!$stmt) { + self::exception(ZBX_API_ERROR_PARAMETERS, db2_conn_errormsg($DB['DB'])); +@@ -486,7 +486,7 @@ + foreach ($values as $field => $value) { + $sqlUpd[] = $field.'='.$value; + } +- $sql = 'UPDATE images SET '.implode(', ', $sqlUpd).' WHERE imageid='.$image['imageid']; ++ $sql = 'UPDATE images SET '.implode(', ', $sqlUpd).' WHERE imageid='.zbx_dbstr($image['imageid']); + $result = DBexecute($sql); + + if (!$result) { +Index: frontends/php/api/classes/CMapElement.php +=================================================================== +--- ./frontends/php/api/classes/CMapElement.php (revision 38884) ++++ ./frontends/php/api/classes/CMapElement.php (working copy) +@@ -586,7 +586,7 @@ + + $sql = 'SELECT elementid, elementtype '. + ' FROM sysmaps_elements '. +- ' WHERE sysmapid='.$elementid . ++ ' WHERE sysmapid='.zbx_dbstr($elementid) . + ' AND elementtype='.SYSMAP_ELEMENT_TYPE_MAP; + $dbElements = DBselect($sql); + +Index: frontends/php/api/classes/CTriggerPrototype.php +=================================================================== +--- ./frontends/php/api/classes/CTriggerPrototype.php (revision 38884) ++++ ./frontends/php/api/classes/CTriggerPrototype.php (working copy) +@@ -423,7 +423,7 @@ + + // min_severity + if (!is_null($options['min_severity'])) { +- $sqlParts['where'][] = 't.priority>='.$options['min_severity']; ++ $sqlParts['where'][] = 't.priority>='.zbx_dbstr($options['min_severity']); + } + + // output +Index: frontends/php/api/classes/CUserGroup.php +=================================================================== +--- ./frontends/php/api/classes/CUserGroup.php (revision 38884) ++++ ./frontends/php/api/classes/CUserGroup.php (working copy) +@@ -144,7 +144,7 @@ + + // status + if (!is_null($options['status'])) { +- $sqlParts['where'][] = 'g.users_status='.$options['status']; ++ $sqlParts['where'][] = 'g.users_status='.zbx_dbstr($options['status']); + } + + // with_gui_access +Index: frontends/php/api/classes/CGraph.php +=================================================================== +--- ./frontends/php/api/classes/CGraph.php (revision 38884) ++++ ./frontends/php/api/classes/CGraph.php (working copy) +@@ -209,7 +209,7 @@ + + // type + if (!is_null($options['type'])) { +- $sqlParts['where'][] = 'g.type='.$options['type']; ++ $sqlParts['where'][] = 'g.type='.zbx_dbstr($options['type']); + } + + // templated +Index: frontends/php/api/classes/CApplication.php +=================================================================== +--- ./frontends/php/api/classes/CApplication.php (revision 38884) ++++ ./frontends/php/api/classes/CApplication.php (working copy) +@@ -719,7 +719,7 @@ + DB::insert('items_applications', $appsInsert); + + foreach ($itemids as $inum => $itemid) { +- $dbChilds = DBselect('SELECT i.itemid,i.hostid FROM items i WHERE i.templateid='.$itemid); ++ $dbChilds = DBselect('SELECT i.itemid,i.hostid FROM items i WHERE i.templateid='.zbx_dbstr($itemid)); + while ($child = DBfetch($dbChilds)) { + $dbApps = DBselect( + 'SELECT a1.applicationid'. +Index: frontends/php/api/classes/CAlert.php +=================================================================== +--- ./frontends/php/api/classes/CAlert.php (revision 38884) ++++ ./frontends/php/api/classes/CAlert.php (working copy) +@@ -237,12 +237,12 @@ + + // time_from + if (!is_null($options['time_from'])) { +- $sqlParts['where'][] = 'a.clock>'.$options['time_from']; ++ $sqlParts['where'][] = 'a.clock>'.zbx_dbstr($options['time_from']); + } + + // time_till + if (!is_null($options['time_till'])) { +- $sqlParts['where'][] = 'a.clock<'.$options['time_till']; ++ $sqlParts['where'][] = 'a.clock<'.zbx_dbstr($options['time_till']); + } + + // output +Index: frontends/php/api/classes/CWebCheck.php +=================================================================== +--- ./frontends/php/api/classes/CWebCheck.php (revision 38884) ++++ ./frontends/php/api/classes/CWebCheck.php (working copy) +@@ -347,7 +347,7 @@ + $dbCheckItems = DBselect( + 'SELECT i.itemid,hi.type'. + ' FROM items i,httptestitem hi'. +- ' WHERE hi.httptestid='.$httpTest['httptestid']. ++ ' WHERE hi.httptestid='.zbx_dbstr($httpTest['httptestid']). + ' AND hi.itemid=i.itemid' + ); + while ($checkitem = DBfetch($dbCheckItems)) { +@@ -696,7 +696,7 @@ + + $sql = 'SELECT h.httpstepid,h.name'. + ' FROM httpstep h'. +- ' WHERE h.httptestid='.$httpTest['httptestid']. ++ ' WHERE h.httptestid='.zbx_dbstr($httpTest['httptestid']). + ' AND '.dbConditionString('h.name', $webstepsNames); + if ($httpstepData = DBfetch(DBselect($sql))) { + self::exception(ZBX_API_ERROR_PARAMETERS, _s('Step "%s" already exists.', $httpstepData['name'])); +@@ -820,7 +820,7 @@ + $dbStepItems = DBselect( + 'SELECT i.itemid,hi.type'. + ' FROM items i,httpstepitem hi'. +- ' WHERE hi.httpstepid='.$webstep['webstepid']. ++ ' WHERE hi.httpstepid='.zbx_dbstr($webstep['webstepid']). + ' AND hi.itemid=i.itemid' + ); + while ($stepitem = DBfetch($dbStepItems)) { +Index: frontends/php/api/classes/CTemplateScreen.php +=================================================================== +--- ./frontends/php/api/classes/CTemplateScreen.php (revision 38884) ++++ ./frontends/php/api/classes/CTemplateScreen.php (working copy) +@@ -618,7 +618,7 @@ + 'SELECT src.itemid as srcid,dest.itemid as destid'. + ' FROM items dest,items src'. + ' WHERE dest.key_=src.key_'. +- ' AND dest.hostid='.$templateId. ++ ' AND dest.hostid='.zbx_dbstr($templateId). + ' AND '.dbConditionInt('src.itemid', $resourceItemIds) + ); + while ($dbItem = DBfetch($dbItems)) { +@@ -633,7 +633,7 @@ + ' WHERE dest.name=src.name'. + ' AND destgi.graphid=dest.graphid'. + ' AND destgi.itemid=desti.itemid'. +- ' AND desti.hostid='.$templateId. ++ ' AND desti.hostid='.zbx_dbstr($templateId). + ' AND '.dbConditionInt('src.graphid', $resourceGraphIds) + ); + while ($dbItem = DBfetch($dbItems)) { +Index: frontends/php/include/items.inc.php +=================================================================== +--- ./frontends/php/include/items.inc.php (revision 38884) ++++ ./frontends/php/include/items.inc.php (working copy) +@@ -224,7 +224,7 @@ + while ($item = DBfetch($db_items)) { + $old_status = $item['status']; + if ($status != $old_status) { +- $result &= DBexecute('UPDATE items SET status='.$status. ++ $result &= DBexecute('UPDATE items SET status='.zbx_dbstr($status). + ($status != ITEM_STATUS_NOTSUPPORTED ? ",error=''" : ''). + ' WHERE itemid='.$item['itemid']); + if ($result) { +@@ -420,7 +420,7 @@ + } + + function get_item_by_itemid($itemid) { +- $db_items = DBfetch(DBselect('SELECT i.* FROM items i WHERE i.itemid='.$itemid)); ++ $db_items = DBfetch(DBselect('SELECT i.* FROM items i WHERE i.itemid='.zbx_dbstr($itemid))); + if ($db_items) { + return $db_items; + } +@@ -436,7 +436,7 @@ + 'i.formula,i.trends,i.logtimefmt,i.valuemapid,i.delay_flex,i.params,i.ipmi_sensor,i.templateid,'. + 'i.authtype,i.username,i.password,i.publickey,i.privatekey,i.flags,i.filter,i.description,i.inventory_link'. + ' FROM items i'. +- ' WHERE i.itemid='.$itemid)); ++ ' WHERE i.itemid='.zbx_dbstr($itemid))); + if ($row) { + return $row; + } +@@ -469,7 +469,7 @@ + $db_items = DBselect( + 'SELECT src.*'. + ' FROM items src,items dest'. +- ' WHERE dest.itemid='.$itemid. ++ ' WHERE dest.itemid='.zbx_dbstr($itemid). + ' AND src.key_=dest.key_'. + ' AND '.dbConditionInt('src.hostid', $dest_hostids) + ); +@@ -838,7 +838,7 @@ + 'SELECT a1.applicationid'. + ' FROM applications a1,applications a2'. + ' WHERE a1.name=a2.name'. +- ' AND a1.hostid='.$hostid. ++ ' AND a1.hostid='.zbx_dbstr($hostid). + ' AND '.dbConditionInt('a2.applicationid', $applications) + ); + while ($app = DBfetch($db_apps)) { +@@ -986,9 +986,9 @@ + if ($last == 0) { + $sql = 'SELECT value'. + ' FROM '.$table. +- ' WHERE itemid='.$db_item['itemid']. +- ' AND clock='.$clock. +- ' AND ns='.$ns; ++ ' WHERE itemid='.zbx_dbstr($db_item['itemid']). ++ ' AND clock='.zbx_dbstr($clock). ++ ' AND ns='.zbx_dbstr($ns); + if (null != ($row = DBfetch(DBselect($sql, 1)))) { + $value = $row['value']; + } +@@ -1000,17 +1000,17 @@ + + $sql = 'SELECT DISTINCT clock'. + ' FROM '.$table. +- ' WHERE itemid='.$db_item['itemid']. +- ' AND clock='.$clock. +- ' AND ns<'.$ns; ++ ' WHERE itemid='.zbx_dbstr($db_item['itemid']). ++ ' AND clock='.zbx_dbstr($clock). ++ ' AND ns<'.zbx_dbstr($ns); + if (null != ($row = DBfetch(DBselect($sql)))) { + $max_clock = $row['clock']; + } + if ($max_clock == 0) { + $sql = 'SELECT MAX(clock) AS clock'. + ' FROM '.$table. +- ' WHERE itemid='.$db_item['itemid']. +- ' AND clock<'.$clock; ++ ' WHERE itemid='.zbx_dbstr($db_item['itemid']). ++ ' AND clock<'.zbx_dbstr($clock); + if (null != ($row = DBfetch(DBselect($sql)))) { + $max_clock = $row['clock']; + } +@@ -1022,15 +1022,15 @@ + if ($clock == $max_clock) { + $sql = 'SELECT value'. + ' FROM '.$table. +- ' WHERE itemid='.$db_item['itemid']. +- ' AND clock='.$clock. +- ' AND ns<'.$ns; ++ ' WHERE itemid='.zbx_dbstr($db_item['itemid']). ++ ' AND clock='.zbx_dbstr($clock). ++ ' AND ns<'.zbx_dbstr($ns); + } + else { + $sql = 'SELECT value'. + ' FROM '.$table. +- ' WHERE itemid='.$db_item['itemid']. +- ' AND clock='.$max_clock. ++ ' WHERE itemid='.zbx_dbstr($db_item['itemid']). ++ ' AND clock='.zbx_dbstr($max_clock). + ' ORDER BY itemid,clock desc,ns desc'; + } + +@@ -1039,9 +1039,9 @@ + } + } + else { +- $row = DBfetch(DBselect('SELECT MAX(clock) AS clock FROM '.$table.' WHERE itemid='.$db_item['itemid'])); ++ $row = DBfetch(DBselect('SELECT MAX(clock) AS clock FROM '.$table.' WHERE itemid='.zbx_dbstr($db_item['itemid']))); + if (!empty($row['clock'])) { +- $row = DBfetch(DBselect('SELECT value FROM '.$table.' WHERE itemid='.$db_item['itemid'].' AND clock='.$row['clock'].' ORDER BY ns DESC', 1)); ++ $row = DBfetch(DBselect('SELECT value FROM '.$table.' WHERE itemid='.zbx_dbstr($db_item['itemid']).' AND clock='.zbx_dbstr($row['clock']).' ORDER BY ns DESC', 1)); + if (!empty($row['value'])) { + $value = $row['value']; + } +Index: frontends/php/include/services.inc.php +=================================================================== +--- ./frontends/php/include/services.inc.php (revision 38884) ++++ ./frontends/php/include/services.inc.php (working copy) +@@ -42,7 +42,7 @@ + $result = DBselect( + 'SELECT s.status'. + ' FROM services s,services_links l'. +- ' WHERE l.serviceupid='.$serviceid. ++ ' WHERE l.serviceupid='.zbx_dbstr($serviceid). + ' AND s.serviceid=l.servicedownid'. + ' ORDER BY s.status'.$sort_order + ); +@@ -77,7 +77,7 @@ + $result = DBselect( + 'SELECT sl.servicedownid'. + ' FROM services_links sl'. +- ' WHERE sl.serviceupid='.$serviceid. ++ ' WHERE sl.serviceupid='.zbx_dbstr($serviceid). + ($soft ? '' : ' AND sl.soft=0') + ); + while ($row = DBfetch($result)) { +@@ -354,7 +354,7 @@ + 'SELECT l.serviceupid,s.algorithm'. + ' FROM services_links l,services s'. + ' WHERE s.serviceid=l.serviceupid'. +- ' AND l.servicedownid='.$serviceid ++ ' AND l.servicedownid='.zbx_dbstr($serviceid) + ); + while ($row = DBfetch($result)) { + $serviceupid = $row['serviceupid']; +@@ -363,7 +363,7 @@ + if ($algorithm == SERVICE_ALGORITHM_MAX || $algorithm == SERVICE_ALGORITHM_MIN) { + $status = get_service_status($serviceupid, $algorithm); + add_service_alarm($serviceupid, $status, time()); +- DBexecute('UPDATE services SET status='.$status.' WHERE serviceid='.$serviceupid); ++ DBexecute('UPDATE services SET status='.zbx_dbstr($status).' WHERE serviceid='.zbx_dbstr($serviceupid)); + } + elseif ($algorithm != SERVICE_ALGORITHM_NONE) { + error(_('Unknown calculation algorithm of service status').SPACE.'['.$algorithm.']'); +@@ -371,7 +371,7 @@ + } + } + +- $result = DBselect('SELECT sl.serviceupid FROM services_links sl WHERE sl.servicedownid='.$serviceid); ++ $result = DBselect('SELECT sl.serviceupid FROM services_links sl WHERE sl.servicedownid='.zbx_dbstr($serviceid)); + while ($row = DBfetch($result)) { + $serviceupid = $row['serviceupid']; + update_services_rec($serviceupid); // ATTENTION: recursion!!! +@@ -386,9 +386,9 @@ + * @param $status + */ + function update_services($triggerid, $status) { +- DBexecute('UPDATE services SET status='.$status.' WHERE triggerid='.$triggerid); ++ DBexecute('UPDATE services SET status='.zbx_dbstr($status).' WHERE triggerid='.zbx_dbstr($triggerid)); + +- $result = DBselect('SELECT s.serviceid FROM services s WHERE s.triggerid='.$triggerid); ++ $result = DBselect('SELECT s.serviceid FROM services s WHERE s.triggerid='.zbx_dbstr($triggerid)); + while ($row = DBfetch($result)) { + add_service_alarm($row['serviceid'], $status, time()); + update_services_rec($row['serviceid']); +@@ -415,7 +415,7 @@ + ); + while ($row = DBfetch($result)) { + $status = get_service_status($row['serviceid'], $row['algorithm'], $row['triggerid']); +- DBexecute('UPDATE services SET status='.$status.' WHERE serviceid='.$row['serviceid']); ++ DBexecute('UPDATE services SET status='.zbx_dbstr($status).' WHERE serviceid='.$row['serviceid']); + add_service_alarm($row['serviceid'], $status, time()); + } + +@@ -441,7 +441,7 @@ + $result = DBselect( + 'SELECT sa.servicealarmid,sa.value'. + ' FROM service_alarms sa'. +- ' WHERE sa.serviceid='.$serviceid. ++ ' WHERE sa.serviceid='.zbx_dbstr($serviceid). + ' ORDER BY sa.servicealarmid DESC', 1 + ); + $row = DBfetch($result); +@@ -457,7 +457,7 @@ + if (latest_service_alarm($serviceid, $status)) { + return true; + } +- return DBexecute('INSERT INTO service_alarms (servicealarmid,serviceid,clock,value) VALUES ('.get_dbid('service_alarms', 'servicealarmid').','.$serviceid.','.$clock.','.$status.')'); ++ return DBexecute('INSERT INTO service_alarms (servicealarmid,serviceid,clock,value) VALUES ('.get_dbid('service_alarms', 'servicealarmid').','.zbx_dbstr($serviceid).','.zbx_dbstr($clock).','.zbx_dbstr($status).')'); + } + + /** +Index: frontends/php/include/profiles.inc.php +=================================================================== +--- ./frontends/php/include/profiles.inc.php (revision 38884) ++++ ./frontends/php/include/profiles.inc.php (working copy) +@@ -148,9 +148,9 @@ + 'profileid' => get_dbid('profiles', 'profileid'), + 'userid' => self::$userDetails['userid'], + 'idx' => zbx_dbstr($idx), +- $value_type => ($value_type == 'value_str') ? zbx_dbstr($value) : $value, +- 'type' => $type, +- 'idx2' => $idx2 ++ $value_type => zbx_dbstr($value), ++ 'type' => zbx_dbstr($type), ++ 'idx2' => zbx_dbstr($idx2) + ); + return DBexecute('INSERT INTO profiles ('.implode(', ', array_keys($values)).') VALUES ('.implode(', ', $values).')'); + } +@@ -163,16 +163,15 @@ + } + + if ($idx2 > 0) { +- $sql_cond .= ' AND idx2='.$idx2.' AND '.DBin_node('idx2', false); ++ $sql_cond .= ' AND idx2='.zbx_dbstr($idx2).' AND '.DBin_node('idx2', false); + } + + $value_type = self::getFieldByType($type); +- $value = ($value_type == 'value_str') ? zbx_dbstr($value) : $value; + + return DBexecute( + 'UPDATE profiles SET '. +- $value_type.'='.$value.','. +- ' type='.$type. ++ $value_type.'='.zbx_dbstr($value).','. ++ ' type='.zbx_dbstr($type). + ' WHERE userid='.self::$userDetails['userid']. + ' AND idx='.zbx_dbstr($idx). + $sql_cond +@@ -242,7 +241,7 @@ + } + } + if (isset($configs['alert_usrgrpid'])) { +- if ($configs['alert_usrgrpid'] != 0 && !DBfetch(DBselect('SELECT u.usrgrpid FROM usrgrp u WHERE u.usrgrpid='.$configs['alert_usrgrpid']))) { ++ if ($configs['alert_usrgrpid'] != 0 && !DBfetch(DBselect('SELECT u.usrgrpid FROM usrgrp u WHERE u.usrgrpid='.zbx_dbstr($configs['alert_usrgrpid'])))) { + error(_('Incorrect user group.')); + return false; + } +@@ -393,7 +392,7 @@ + $history5 = DBfetch(DBSelect( + 'SELECT uh.title5,uh.url5'. + ' FROM user_history uh'. +- ' WHERE uh.userid='.$userid ++ ' WHERE uh.userid='.zbx_dbstr($userid) + )); + + if ($history5 && ($history5['title5'] == $title)) { +@@ -401,7 +400,7 @@ + // title same, url isnt, change only url + $sql = 'UPDATE user_history'. + ' SET url5='.zbx_dbstr($url). +- ' WHERE userid='.$userid; ++ ' WHERE userid='.zbx_dbstr($userid); + } + else { + // no need to change anything; +@@ -413,7 +412,7 @@ + if ($history5 === false) { + $userhistoryid = get_dbid('user_history', 'userhistoryid'); + $sql = 'INSERT INTO user_history (userhistoryid, userid, title5, url5)'. +- ' VALUES('.$userhistoryid.', '.$userid.', '.zbx_dbstr($title).', '.zbx_dbstr($url).')'; ++ ' VALUES('.$userhistoryid.', '.zbx_dbstr($userid).', '.zbx_dbstr($title).', '.zbx_dbstr($url).')'; + } + else { + $sql = 'UPDATE user_history'. +@@ -427,7 +426,7 @@ + ' url4=url5,'. + ' title5='.zbx_dbstr($title).','. + ' url5='.zbx_dbstr($url). +- ' WHERE userid='.$userid; ++ ' WHERE userid='.zbx_dbstr($userid); + } + } + return DBexecute($sql); +@@ -464,7 +463,7 @@ + 'profileid' => get_dbid('profiles', 'profileid'), + 'userid' => CWebUser::$data['userid'], + 'idx' => zbx_dbstr($favobj), +- 'value_id' => $favid, ++ 'value_id' => zbx_dbstr($favid), + 'type' => PROFILE_TYPE_ID + ); + if (!is_null($source)) { +@@ -478,7 +477,7 @@ + 'DELETE FROM profiles'. + ' WHERE userid='.CWebUser::$data['userid']. + ' AND idx='.zbx_dbstr($favobj). +- ($favid > 0 ? ' AND value_id='.$favid : ''). ++ ($favid > 0 ? ' AND value_id='.zbx_dbstr($favid) : ''). + (is_null($source) ? '' : ' AND source='.zbx_dbstr($source)) + ); + } +Index: frontends/php/include/graphs.inc.php +=================================================================== +--- ./frontends/php/include/graphs.inc.php (revision 38884) ++++ ./frontends/php/include/graphs.inc.php (working copy) +@@ -120,7 +120,7 @@ + $dbGraphs = DBselect( + 'SELECT MAX(g.graphtype) AS graphtype,MIN(gi.yaxisside) AS yaxissidel,MAX(gi.yaxisside) AS yaxissider,MAX(g.height) AS height'. + ' FROM graphs g,graphs_items gi'. +- ' WHERE g.graphid='.$graphid. ++ ' WHERE g.graphid='.zbx_dbstr($graphid). + ' AND gi.graphid=g.graphid' + ); + if ($graph = DBfetch($dbGraphs)) { +@@ -154,7 +154,7 @@ + ' FROM graphs g,graphs_items gi,items i'. + ' WHERE g.graphid=gi.graphid'. + ' AND gi.itemid=i.itemid'. +- ' AND i.hostid='.$hostid ++ ' AND i.hostid='.zbx_dbstr($hostid) + ); + } + +@@ -172,7 +172,7 @@ + ' FROM graphs_items gi,items i,hosts h'. + ' WHERE h.hostid=i.hostid'. + ' AND gi.itemid=i.itemid'. +- ' AND gi.graphid='.$graphid ++ ' AND gi.graphid='.zbx_dbstr($graphid) + ); + } + +@@ -187,7 +187,7 @@ + $dbItems = DBselect( + 'SELECT DISTINCT gi.itemid'. + ' FROM graphs_items gi'. +- ' WHERE gi.graphid='.$graphid ++ ' WHERE gi.graphid='.zbx_dbstr($graphid) + ); + while ($item = DBfetch($dbItems)) { + $itemids[$item['itemid']] = $item['itemid']; +@@ -280,7 +280,7 @@ + } + + function get_graph_by_graphid($graphid) { +- $dbGraphs = DBselect('SELECT g.* FROM graphs g WHERE g.graphid='.$graphid); ++ $dbGraphs = DBselect('SELECT g.* FROM graphs g WHERE g.graphid='.zbx_dbstr($graphid)); + $dbGraphs = DBfetch($dbGraphs); + if (!empty($dbGraphs)) { + return $dbGraphs; +@@ -307,8 +307,8 @@ + 'SELECT dest.itemid,src.key_'. + ' FROM items dest,items src'. + ' WHERE dest.key_=src.key_'. +- ' AND dest.hostid='.$dest_hostid. +- ' AND src.itemid='.$gitem['itemid'] ++ ' AND dest.hostid='.zbx_dbstr($dest_hostid). ++ ' AND src.itemid='.zbx_dbstr($gitem['itemid']) + )); + + if ($dbItem) { +Index: frontends/php/include/db.inc.php +=================================================================== +--- ./frontends/php/include/db.inc.php (revision 38884) ++++ ./frontends/php/include/db.inc.php (working copy) +@@ -150,7 +150,7 @@ + ); + db2_set_option($DB['DB'], $options, 1); + if (isset($DB['SCHEMA']) && ($DB['SCHEMA'] != '')) { +- DBexecute("SET CURRENT SCHEMA='".$DB['SCHEMA']."'"); ++ DBexecute('SET CURRENT SCHEMA='.zbx_dbstr($DB['SCHEMA'])); + } + } + break; +@@ -563,7 +563,7 @@ + + $result = false; + +- if (!isset($DB['DB']) || empty($DB['DB'])) { ++ if (!isset($DB['DB']) || empty($DB['DB']) || is_bool($cursor)) { + return $result; + } + +Index: frontends/php/include/views/configuration.screen.constructor.edit.php +=================================================================== +--- ./frontends/php/include/views/configuration.screen.constructor.edit.php (revision 38884) ++++ ./frontends/php/include/views/configuration.screen.constructor.edit.php (working copy) +@@ -419,7 +419,7 @@ + 'SELECT DISTINCT n.name AS node_name,s.screenid,s.name'. + ' FROM screens s'. + ' LEFT JOIN nodes n ON n.nodeid='.DBid2nodeid('s.screenid'). +- ' WHERE s.screenid='.$resourceid ++ ' WHERE s.screenid='.zbx_dbstr($resourceid) + ); + while ($row = DBfetch($db_screens)) { + $screen = API::Screen()->get(array( +Index: frontends/php/include/classes/class.chostsinfo.php +=================================================================== +--- ./frontends/php/include/classes/class.chostsinfo.php (revision 38884) ++++ ./frontends/php/include/classes/class.chostsinfo.php (working copy) +@@ -55,7 +55,7 @@ + $cond_from = ''; + if (remove_nodes_from_id($this->groupid) > 0) { + $cond_from = ', hosts_groups hg '; +- $cond_where = 'AND hg.hostid=h.hostid AND hg.groupid='.$this->groupid; ++ $cond_where = 'AND hg.hostid=h.hostid AND hg.groupid='.zbx_dbstr($this->groupid); + } + else { + $cond_where = ' AND '.DBin_node('h.hostid', $this->nodeid); +Index: frontends/php/include/classes/import/CImportReferencer.php +=================================================================== +--- ./frontends/php/include/classes/import/CImportReferencer.php (revision 38884) ++++ ./frontends/php/include/classes/import/CImportReferencer.php (working copy) +@@ -595,7 +595,7 @@ + foreach ($this->applications as $host => $applications) { + $hostId = $this->resolveHostOrTemplate($host); + if ($hostId) { +- $sqlWhere[] = '(hostid='.$hostId.' AND '.dbConditionString('name', $applications).')'; ++ $sqlWhere[] = '(hostid='.zbx_dbstr($hostId).' AND '.dbConditionString('name', $applications).')'; + } + } + +@@ -626,7 +626,7 @@ + foreach ($this->items as $host => $keys) { + $hostId = $this->resolveHostOrTemplate($host); + if ($hostId) { +- $sqlWhere[] = '(i.hostid='.$hostId.' AND '.dbConditionString('i.key_', $keys).')'; ++ $sqlWhere[] = '(i.hostid='.zbx_dbstr($hostId).' AND '.dbConditionString('i.key_', $keys).')'; + } + } + +@@ -778,7 +778,7 @@ + foreach ($this->macros as $host => $macros) { + $hostId = $this->resolveHostOrTemplate($host); + if ($hostId) { +- $sqlWhere[] = '(hm.hostid='.$hostId.' AND '.dbConditionString('hm.macro', $macros).')'; ++ $sqlWhere[] = '(hm.hostid='.zbx_dbstr($hostId).' AND '.dbConditionString('hm.macro', $macros).')'; + } + } + +Index: frontends/php/include/classes/class.cpie.php +=================================================================== +--- ./frontends/php/include/classes/class.cpie.php (revision 38884) ++++ ./frontends/php/include/classes/class.cpie.php (working copy) +@@ -170,9 +170,9 @@ + 'MAX(i.lastvalue) AS lst'. + ' FROM history h'. + ' LEFT JOIN items i ON h.itemid=i.itemid'. +- ' WHERE h.itemid='.$this->items[$i]['itemid']. +- ' AND h.clock>='.$from_time. +- ' AND h.clock<='.$to_time. ++ ' WHERE h.itemid='.zbx_dbstr($this->items[$i]['itemid']). ++ ' AND h.clock>='.zbx_dbstr($from_time). ++ ' AND h.clock<='.zbx_dbstr($to_time). + ' GROUP BY h.itemid' + , + 'SELECT hu.itemid,'. +@@ -181,9 +181,9 @@ + 'MAX(i.lastvalue) AS lst'. + ' FROM history_uint hu'. + ' LEFT JOIN items i ON hu.itemid=i.itemid'. +- ' WHERE hu.itemid='.$this->items[$i]['itemid']. +- ' AND hu.clock>='.$from_time. +- ' AND hu.clock<='.$to_time. ++ ' WHERE hu.itemid='.zbx_dbstr($this->items[$i]['itemid']). ++ ' AND hu.clock>='.zbx_dbstr($from_time). ++ ' AND hu.clock<='.zbx_dbstr($to_time). + ' GROUP BY hu.itemid' + ); + } +@@ -196,9 +196,9 @@ + 'MAX(i.lastvalue) AS lst'. + ' FROM trends t'. + ' LEFT JOIN items i ON t.itemid=i.itemid'. +- ' WHERE t.itemid='.$this->items[$i]['itemid']. +- ' AND t.clock>='.$from_time. +- ' AND t.clock<='.$to_time. ++ ' WHERE t.itemid='.zbx_dbstr($this->items[$i]['itemid']). ++ ' AND t.clock>='.zbx_dbstr($from_time). ++ ' AND t.clock<='.zbx_dbstr($to_time). + ' GROUP BY t.itemid' + , + 'SELECT t.itemid,'. +@@ -207,9 +207,9 @@ + 'MAX(i.lastvalue) AS lst'. + ' FROM trends_uint t'. + ' LEFT JOIN items i ON t.itemid=i.itemid'. +- ' WHERE t.itemid='.$this->items[$i]['itemid']. +- ' AND t.clock>='.$from_time. +- ' AND t.clock<='.$to_time. ++ ' WHERE t.itemid='.zbx_dbstr($this->items[$i]['itemid']). ++ ' AND t.clock>='.zbx_dbstr($from_time). ++ ' AND t.clock<='.zbx_dbstr($to_time). + ' GROUP BY t.itemid' + ); + } +Index: frontends/php/include/classes/screens/CScreenDataOverview.php +=================================================================== +--- ./frontends/php/include/classes/screens/CScreenDataOverview.php (revision 38884) ++++ ./frontends/php/include/classes/screens/CScreenDataOverview.php (working copy) +@@ -28,7 +28,7 @@ + */ + public function get() { + $hostids = array(); +- $dbHostGroups = DBselect('SELECT DISTINCT hg.hostid FROM hosts_groups hg WHERE hg.groupid='.$this->screenitem['resourceid']); ++ $dbHostGroups = DBselect('SELECT DISTINCT hg.hostid FROM hosts_groups hg WHERE hg.groupid='.zbx_dbstr($this->screenitem['resourceid'])); + while ($dbHostGroup = DBfetch($dbHostGroups)) { + $hostids[$dbHostGroup['hostid']] = $dbHostGroup['hostid']; + } +Index: frontends/php/include/classes/screens/CScreenTriggersOverview.php +=================================================================== +--- ./frontends/php/include/classes/screens/CScreenTriggersOverview.php (revision 38884) ++++ ./frontends/php/include/classes/screens/CScreenTriggersOverview.php (working copy) +@@ -28,7 +28,7 @@ + */ + public function get() { + $hostids = array(); +- $dbHostGroups = DBselect('SELECT DISTINCT hg.hostid FROM hosts_groups hg WHERE hg.groupid='.$this->screenitem['resourceid']); ++ $dbHostGroups = DBselect('SELECT DISTINCT hg.hostid FROM hosts_groups hg WHERE hg.groupid='.zbx_dbstr($this->screenitem['resourceid'])); + while ($dbHostGroup = DBfetch($dbHostGroups)) { + $hostids[$dbHostGroup['hostid']] = $dbHostGroup['hostid']; + } +Index: frontends/php/include/classes/class.cchart.php +=================================================================== +--- ./frontends/php/include/classes/class.cchart.php (revision 38884) ++++ ./frontends/php/include/classes/class.cchart.php (working copy) +@@ -225,18 +225,18 @@ + 'COUNT(*) AS count,AVG(value) AS avg,MIN(value) as min,'. + 'MAX(value) AS max,MAX(clock) AS clock'. + ' FROM history '. +- ' WHERE itemid='.$this->items[$i]['itemid']. +- ' AND clock>='.$from_time. +- ' AND clock<='.$to_time. ++ ' WHERE itemid='.zbx_dbstr($this->items[$i]['itemid']). ++ ' AND clock>='.zbx_dbstr($from_time). ++ ' AND clock<='.zbx_dbstr($to_time). + ' GROUP BY itemid,'.$calc_field + , + 'SELECT itemid,'.$calc_field.' AS i,'. + 'COUNT(*) AS count,AVG(value) AS avg,MIN(value) AS min,'. + 'MAX(value) AS max,MAX(clock) AS clock'. + ' FROM history_uint '. +- ' WHERE itemid='.$this->items[$i]['itemid']. +- ' AND clock>='.$from_time. +- ' AND clock<='.$to_time. ++ ' WHERE itemid='.zbx_dbstr($this->items[$i]['itemid']). ++ ' AND clock>='.zbx_dbstr($from_time). ++ ' AND clock<='.zbx_dbstr($to_time). + ' GROUP BY itemid,'.$calc_field + ); + } +@@ -248,17 +248,17 @@ + 'MAX(value_max) AS max,MAX(clock) AS clock'. + ' FROM trends'. + ' WHERE itemid='.$this->items[$i]['itemid']. +- ' AND clock>='.$from_time. +- ' AND clock<='.$to_time. ++ ' AND clock>='.zbx_dbstr($from_time). ++ ' AND clock<='.zbx_dbstr($to_time). + ' GROUP BY itemid,'.$calc_field + , + 'SELECT itemid,'.$calc_field.' AS i,'. + 'SUM(num) AS count,AVG(value_avg) AS avg,MIN(value_min) AS min,'. + 'MAX(value_max) AS max,MAX(clock) AS clock'. + ' FROM trends_uint '. +- ' WHERE itemid='.$this->items[$i]['itemid']. +- ' AND clock>='.$from_time. +- ' AND clock<='.$to_time. ++ ' WHERE itemid='.zbx_dbstr($this->items[$i]['itemid']). ++ ' AND clock>='.zbx_dbstr($from_time). ++ ' AND clock<='.zbx_dbstr($to_time). + ' GROUP BY itemid,'.$calc_field + ); + +@@ -438,7 +438,7 @@ + ' AND tr.status='.TRIGGER_STATUS_ENABLED. + ' AND i.itemid=f.itemid'. + ' AND h.hostid=i.hostid'. +- ' AND f.itemid='.$item['itemid']. ++ ' AND f.itemid='.zbx_dbstr($item['itemid']). + ' ORDER BY tr.priority' + ); + while (($trigger = DBfetch($db_triggers)) && $cnt < $max) { +Index: frontends/php/include/classes/helpers/trigger/CTriggerDescription.php +=================================================================== +--- ./frontends/php/include/classes/helpers/trigger/CTriggerDescription.php (revision 38884) ++++ ./frontends/php/include/classes/helpers/trigger/CTriggerDescription.php (working copy) +@@ -59,7 +59,7 @@ + $trigger = DBfetch(DBselect( + 'SELECT DISTINCT t.description,t.expression,t.triggerid'. + ' FROM triggers t'. +- ' WHERE t.triggerid='.$triggerId ++ ' WHERE t.triggerid='.zbx_dbstr($triggerId) + )); + $triggers = $this->expandDescriptions(array($trigger['triggerid'] => $trigger)); + $trigger = reset($triggers); +Index: frontends/php/include/maps.inc.php +=================================================================== +--- ./frontends/php/include/maps.inc.php (revision 38884) ++++ ./frontends/php/include/maps.inc.php (working copy) +@@ -252,7 +252,7 @@ + $res = DBselect('SELECT hi.ip,hi.dns,hi.useip,h.host,h.name,hi.type AS interfacetype'. + ' FROM interface hi,hosts h'. + ' WHERE hi.hostid=h.hostid'. +- ' AND hi.main=1 AND hi.hostid='.$selement['elementid']); ++ ' AND hi.main=1 AND hi.hostid='.zbx_dbstr($selement['elementid'])); + + // process interface priorities + $tmpPriority = 0; +@@ -272,7 +272,7 @@ + ' WHERE h.hostid=hi.hostid'. + ' AND hi.hostid=i.hostid'. + ' AND i.itemid=f.itemid'. +- ' AND hi.main=1 AND f.triggerid='.$selement['elementid']. ++ ' AND hi.main=1 AND f.triggerid='.zbx_dbstr($selement['elementid']). + ' ORDER BY f.functionid'); + + // process interface priorities, build $hostsByFunctionId array +@@ -473,7 +473,7 @@ + 'SELECT '.$function.'(value) AS value'. + ' FROM '.$history_table[$item['value_type']]. + ' WHERE clock>'.(time() - $parameter). +- ' AND itemid='.$item['itemid'] ++ ' AND itemid='.zbx_dbstr($item['itemid']) + ); + if (null === ($row = DBfetch($result))) { + $label = str_replace($expr, '('._('no data').')', $label); +@@ -502,7 +502,7 @@ + $db_mapselements = DBselect( + 'SELECT DISTINCT se.elementtype,se.elementid'. + ' FROM sysmaps_elements se'. +- ' WHERE se.sysmapid='.$db_element['elementid'] ++ ' WHERE se.sysmapid='.zbx_dbstr($db_element['elementid']) + ); + while ($db_mapelement = DBfetch($db_mapselements)) { + get_map_elements($db_mapelement, $elements); +Index: frontends/php/include/hosts.inc.php +=================================================================== +--- ./frontends/php/include/hosts.inc.php (revision 38884) ++++ ./frontends/php/include/hosts.inc.php (working copy) +@@ -483,7 +483,7 @@ + } + + function get_hostgroup_by_groupid($groupid) { +- $groups = DBfetch(DBselect('SELECT g.* FROM groups g WHERE g.groupid='.$groupid)); ++ $groups = DBfetch(DBselect('SELECT g.* FROM groups g WHERE g.groupid='.zbx_dbstr($groupid))); + if (!empty($groups)) { + return $groups; + } +@@ -522,7 +522,7 @@ + } + + function get_host_by_hostid($hostid, $no_error_message = 0) { +- $row = DBfetch(DBselect('SELECT h.* FROM hosts h WHERE h.hostid='.$hostid)); ++ $row = DBfetch(DBselect('SELECT h.* FROM hosts h WHERE h.hostid='.zbx_dbstr($hostid))); + if ($row) { + return $row; + } +@@ -1109,7 +1109,7 @@ + + if ($_REQUEST['groupid'] > 0) { + if ($_REQUEST['hostid'] > 0) { +- if (!DBfetch(DBselect('SELECT hg.groupid FROM hosts_groups hg WHERE hg.hostid='.$_REQUEST['hostid'].' AND hg.groupid='.$_REQUEST['groupid']))) { ++ if (!DBfetch(DBselect('SELECT hg.groupid FROM hosts_groups hg WHERE hg.hostid='.zbx_dbstr($_REQUEST['hostid']).' AND hg.groupid='.zbx_dbstr($_REQUEST['groupid'])))) { + $_REQUEST['hostid'] = 0; + } + } +@@ -1145,7 +1145,7 @@ + } + + function get_application_by_applicationid($applicationid, $no_error_message = 0) { +- $row = DBfetch(DBselect('SELECT a.* FROM applications a WHERE a.applicationid='.$applicationid)); ++ $row = DBfetch(DBselect('SELECT a.* FROM applications a WHERE a.applicationid='.zbx_dbstr($applicationid))); + if ($row) { + return $row; + } +@@ -1157,7 +1157,7 @@ + } + + function get_applications_by_templateid($applicationid) { +- return DBselect('SELECT a.* FROM applications a WHERE a.templateid='.$applicationid); ++ return DBselect('SELECT a.* FROM applications a WHERE a.templateid='.zbx_dbstr($applicationid)); + } + + function get_realhost_by_applicationid($applicationid) { +@@ -1169,7 +1169,7 @@ + } + + function get_host_by_applicationid($applicationid) { +- $row = DBfetch(DBselect('SELECT h.* FROM hosts h,applications a WHERE a.hostid=h.hostid AND a.applicationid='.$applicationid)); ++ $row = DBfetch(DBselect('SELECT h.* FROM hosts h,applications a WHERE a.hostid=h.hostid AND a.applicationid='.zbx_dbstr($applicationid))); + if ($row) { + return $row; + } +@@ -1327,7 +1327,7 @@ + } + + function isTemplate($hostid) { +- $dbHost = DBfetch(DBselect('SELECT h.status FROM hosts h WHERE h.hostid='.$hostid)); ++ $dbHost = DBfetch(DBselect('SELECT h.status FROM hosts h WHERE h.hostid='.zbx_dbstr($hostid))); + + return !empty($dbHost) && $dbHost['status'] == HOST_STATUS_TEMPLATE; + } +Index: frontends/php/include/users.inc.php +=================================================================== +--- ./frontends/php/include/users.inc.php (revision 38884) ++++ ./frontends/php/include/users.inc.php (working copy) +@@ -90,9 +90,9 @@ + function add_user_to_group($userid, $usrgrpid) { + $result = false; + if (granted2move_user($userid,$usrgrpid)) { +- DBexecute('DELETE FROM users_groups WHERE userid='.$userid.' AND usrgrpid='.$usrgrpid); ++ DBexecute('DELETE FROM users_groups WHERE userid='.zbx_dbstr($userid).' AND usrgrpid='.zbx_dbstr($usrgrpid)); + $users_groups_id = get_dbid('users_groups', 'id'); +- $result = DBexecute('INSERT INTO users_groups (id,usrgrpid,userid) VALUES ('.$users_groups_id.','.$usrgrpid.','.$userid.')'); ++ $result = DBexecute('INSERT INTO users_groups (id,usrgrpid,userid) VALUES ('.$users_groups_id.','.zbx_dbstr($usrgrpid).','.zbx_dbstr($userid).')'); + } + else{ + error(_('User cannot change status of himself.')); +@@ -103,7 +103,7 @@ + function remove_user_from_group($userid, $usrgrpid) { + $result = false; + if (granted2move_user($userid,$usrgrpid)) { +- $result = DBexecute('DELETE FROM users_groups WHERE userid='.$userid.' AND usrgrpid='.$usrgrpid); ++ $result = DBexecute('DELETE FROM users_groups WHERE userid='.zbx_dbstr($userid).' AND usrgrpid='.zbx_dbstr($usrgrpid)); + } + else { + error(_('User cannot change status of himself.')); +@@ -138,7 +138,7 @@ + } + + if ($grant) { +- $result = DBexecute('UPDATE usrgrp SET users_status='.$users_status.' WHERE '.dbConditionInt('usrgrpid', $usrgrpids)); ++ $result = DBexecute('UPDATE usrgrp SET users_status='.zbx_dbstr($users_status).' WHERE '.dbConditionInt('usrgrpid', $usrgrpids)); + } + else { + error(_('User cannot change status of himself.')); +@@ -154,7 +154,7 @@ + $grant = granted2update_group($usrgrpids); + } + if ($grant) { +- $result = DBexecute('UPDATE usrgrp SET gui_access='.$gui_access.' WHERE '.dbConditionInt('usrgrpid',$usrgrpids)); ++ $result = DBexecute('UPDATE usrgrp SET gui_access='.zbx_dbstr($gui_access).' WHERE '.dbConditionInt('usrgrpid',$usrgrpids)); + } + else { + error(_('User cannot change GUI access for himself.')); +@@ -164,6 +164,6 @@ + + function change_group_debug_mode($usrgrpids, $debug_mode){ + zbx_value2array($usrgrpids); +- return DBexecute('UPDATE usrgrp SET debug_mode='.$debug_mode.' WHERE '.dbConditionInt('usrgrpid', $usrgrpids)); ++ return DBexecute('UPDATE usrgrp SET debug_mode='.zbx_dbstr($debug_mode).' WHERE '.dbConditionInt('usrgrpid', $usrgrpids)); + } + ?> +Index: frontends/php/include/events.inc.php +=================================================================== +--- ./frontends/php/include/events.inc.php (revision 38884) ++++ ./frontends/php/include/events.inc.php (working copy) +@@ -33,7 +33,7 @@ + function get_tr_event_by_eventid($eventid) { + $sql = 'SELECT e.*,t.triggerid,t.description,t.expression,t.priority,t.status,t.type'. + ' FROM events e,triggers t'. +- ' WHERE e.eventid='.$eventid. ++ ' WHERE e.eventid='.zbx_dbstr($eventid). + ' AND e.object='.EVENT_OBJECT_TRIGGER. + ' AND t.triggerid=e.objectid'; + return DBfetch(DBselect($sql)); +@@ -100,9 +100,9 @@ + + $sql = 'SELECT e.*'. + ' FROM events e'. +- ' WHERE e.objectid='.$currentEvent['objectid']. +- ' AND e.eventid>'.$currentEvent['eventid']. +- ' AND e.object='.$currentEvent['object']. ++ ' WHERE e.objectid='.zbx_dbstr($currentEvent['objectid']). ++ ' AND e.eventid>'.zbx_dbstr($currentEvent['eventid']). ++ ' AND e.object='.zbx_dbstr($currentEvent['object']). + ($showUnknown ? '' : ' AND e.value_changed='.TRIGGER_VALUE_CHANGED_YES). + ' ORDER BY e.object,e.objectid,e.eventid'; + return DBfetch(DBselect($sql, 1)); +Index: frontends/php/include/images.inc.php +=================================================================== +--- ./frontends/php/include/images.inc.php (revision 38884) ++++ ./frontends/php/include/images.inc.php (working copy) +@@ -36,7 +36,7 @@ + static $images = array(); + + if (!isset($images[$imageid])) { +- $row = DBfetch(DBselect('SELECT i.* FROM images i WHERE i.imageid='.$imageid)); ++ $row = DBfetch(DBselect('SELECT i.* FROM images i WHERE i.imageid='.zbx_dbstr($imageid))); + $row['image'] = zbx_unescape_image($row['image']); + $images[$imageid] = $row; + } +Index: frontends/php/include/maintenances.inc.php +=================================================================== +--- ./frontends/php/include/maintenances.inc.php (revision 38884) ++++ ./frontends/php/include/maintenances.inc.php (working copy) +@@ -23,7 +23,7 @@ + $sql = 'SELECT m.*'. + ' FROM maintenances m'. + ' WHERE '.DBin_node('m.maintenanceid'). +- ' AND maintenanceid='.$maintenanceid; ++ ' AND maintenanceid='.zbx_dbstr($maintenanceid); + return DBfetch(DBselect($sql)); + } + +Index: frontends/php/include/discovery.inc.php +=================================================================== +--- ./frontends/php/include/discovery.inc.php (revision 38884) ++++ ./frontends/php/include/discovery.inc.php (working copy) +@@ -164,7 +164,7 @@ + } + + function get_discovery_rule_by_druleid($druleid) { +- return DBfetch(DBselect('SELECT d.* FROM drules d WHERE d.druleid='.$druleid)); ++ return DBfetch(DBselect('SELECT d.* FROM drules d WHERE d.druleid='.zbx_dbstr($druleid))); + } + + function delete_discovery_rule($druleid) { +@@ -174,7 +174,7 @@ + 'SELECT DISTINCT c.actionid'. + ' FROM conditions c'. + ' WHERE c.conditiontype='.CONDITION_TYPE_DRULE. +- ' AND c.value=\''.$druleid.'\'' ++ ' AND c.value='.zbx_dbstr($druleid) + ); + while ($action = DBfetch($dbActions)) { + $actionids[] = $action['actionid']; +@@ -183,8 +183,8 @@ + // disabling actions with deleted conditions + if (!empty($actionids)) { + DBexecute('UPDATE actions SET status='.ACTION_STATUS_DISABLED.' WHERE '.dbConditionInt('actionid', $actionids)); +- DBexecute('DELETE FROM conditions WHERE conditiontype='.CONDITION_TYPE_DRULE.' AND value=\''.$druleid.'\''); ++ DBexecute('DELETE FROM conditions WHERE conditiontype='.CONDITION_TYPE_DRULE.' AND value='.zbx_dbstr($druleid)); + } +- return DBexecute('DELETE FROM drules WHERE druleid='.$druleid); ++ return DBexecute('DELETE FROM drules WHERE druleid='.zbx_dbstr($druleid)); + } + ?> +Index: frontends/php/include/nodes.inc.php +=================================================================== +--- ./frontends/php/include/nodes.inc.php (revision 38884) ++++ ./frontends/php/include/nodes.inc.php (working copy) +@@ -281,23 +281,22 @@ + error(_('Master node already exists.')); + return false; + } +- $masterid = 'NULL'; + break; + default: + error(_('Incorrect node type.')); + return false; + } + +- if (DBfetch(DBselect('SELECT n.nodeid FROM nodes n WHERE n.nodeid='.$nodeid))) { ++ if (DBfetch(DBselect('SELECT n.nodeid FROM nodes n WHERE n.nodeid='.zbx_dbstr($nodeid)))) { + error(_('Node with same ID already exists.')); + return false; + } + + $result = DBexecute('INSERT INTO nodes (nodeid,name,ip,port,nodetype,masterid)'. +- ' VALUES ('.$nodeid.','.zbx_dbstr($name).','.zbx_dbstr($ip).','.$port.','.$nodetype.','.$masterid.')'); ++ ' VALUES ('.$nodeid.','.zbx_dbstr($name).','.zbx_dbstr($ip).','.zbx_dbstr($port).','.zbx_dbstr($nodetype).','.($masterid ? zbx_dbstr($masterid) : 'NULL').')'); + + if ($result && $nodetype == ZBX_NODE_MASTER) { +- DBexecute('UPDATE nodes SET masterid='.$nodeid.' WHERE nodeid='.$ZBX_LOCALNODEID); ++ DBexecute('UPDATE nodes SET masterid='.zbx_dbstr($nodeid).' WHERE nodeid='.$ZBX_LOCALNODEID); + $ZBX_CURMASTERID = $nodeid; // apply master node for this script + } + +@@ -309,12 +308,12 @@ + error(_('Incorrect characters used for Node name.')); + return false; + } +- return DBexecute('UPDATE nodes SET name='.zbx_dbstr($name).',ip='.zbx_dbstr($ip).',port='.$port.' WHERE nodeid='.$nodeid); ++ return DBexecute('UPDATE nodes SET name='.zbx_dbstr($name).',ip='.zbx_dbstr($ip).',port='.zbx_dbstr($port).' WHERE nodeid='.zbx_dbstr($nodeid)); + } + + function delete_node($nodeid) { + $result = false; +- $node = DBfetch(DBselect('SELECT n.nodeid,n.masterid FROM nodes n WHERE n.nodeid='.$nodeid)); ++ $node = DBfetch(DBselect('SELECT n.nodeid,n.masterid FROM nodes n WHERE n.nodeid='.zbx_dbstr($nodeid))); + $nodetype = detect_node_type($node['nodeid'], $node['masterid']); + + if ($nodetype == ZBX_NODE_LOCAL) { +@@ -322,8 +321,8 @@ + } + else { + $result = ( +- DBexecute('UPDATE nodes SET masterid=NULL WHERE masterid='.$nodeid) && +- DBexecute('DELETE FROM nodes WHERE nodeid='.$nodeid) ++ DBexecute('UPDATE nodes SET masterid=NULL WHERE masterid='.zbx_dbstr($nodeid)) && ++ DBexecute('DELETE FROM nodes WHERE nodeid='.zbx_dbstr($nodeid)) + ); + if ($nodetype != ZBX_NODE_MASTER) { + error(_('Please be aware that database still contains data related to the deleted node.')); +@@ -333,7 +332,7 @@ + } + + function get_node_by_nodeid($nodeid) { +- return DBfetch(DBselect('SELECT n.* FROM nodes n WHERE n.nodeid='.$nodeid)); ++ return DBfetch(DBselect('SELECT n.* FROM nodes n WHERE n.nodeid='.zbx_dbstr($nodeid))); + } + + function get_node_path($nodeid, $result = '') { +Index: frontends/php/include/valuemap.inc.php +=================================================================== +--- ./frontends/php/include/valuemap.inc.php (revision 38884) ++++ ./frontends/php/include/valuemap.inc.php (working copy) +@@ -59,7 +59,7 @@ + unset($valueMap['valuemapid']); + + // check existence +- if (!DBfetch(DBselect('SELECT v.valuemapid FROM valuemaps v WHERE v.valuemapid='.$valueMapId))) { ++ if (!DBfetch(DBselect('SELECT v.valuemapid FROM valuemaps v WHERE v.valuemapid='.zbx_dbstr($valueMapId)))) { + throw new Exception(_s('Value map with valuemapid "%1$s" does not exist.', $valueMapId)); + } + +@@ -228,7 +228,7 @@ + $dbMappings = DBselect( + 'SELECT m.mappingid,m.value,m.newvalue'. + ' FROM mappings m'. +- ' WHERE m.valuemapid='.$valueMapId ++ ' WHERE m.valuemapid='.zbx_dbstr($valueMapId) + ); + while ($mapping = DBfetch($dbMappings)) { + $mappings[$mapping['mappingid']] = $mapping; +@@ -260,7 +260,7 @@ + $dbMappings = DBselect( + 'SELECT m.newvalue'. + ' FROM mappings m'. +- ' WHERE m.valuemapid='.$valueMapId. ++ ' WHERE m.valuemapid='.zbx_dbstr($valueMapId). + ' AND m.value='.zbx_dbstr($value) + ); + if ($mapping = DBfetch($dbMappings)) { +Index: frontends/php/include/httptest.inc.php +=================================================================== +--- ./frontends/php/include/httptest.inc.php (revision 38884) ++++ ./frontends/php/include/httptest.inc.php (working copy) +@@ -72,10 +72,10 @@ + } + + function activate_httptest($httptestid) { +- $result = DBexecute('UPDATE httptest SET status='.HTTPTEST_STATUS_ACTIVE.' WHERE httptestid='.$httptestid); ++ $result = DBexecute('UPDATE httptest SET status='.HTTPTEST_STATUS_ACTIVE.' WHERE httptestid='.zbx_dbstr($httptestid)); + + $itemids = array(); +- $items_db = DBselect('SELECT hti.itemid FROM httptestitem hti WHERE hti.httptestid='.$httptestid); ++ $items_db = DBselect('SELECT hti.itemid FROM httptestitem hti WHERE hti.httptestid='.zbx_dbstr($httptestid)); + while ($itemid = Dbfetch($items_db)) { + $itemids[] = $itemid['itemid']; + } +@@ -84,7 +84,7 @@ + 'SELECT hsi.itemid'. + ' FROM httpstep hs,httpstepitem hsi'. + ' WHERE hs.httpstepid=hsi.httpstepid'. +- ' AND hs.httptestid='.$httptestid ++ ' AND hs.httptestid='.zbx_dbstr($httptestid) + ); + while ($itemid = Dbfetch($items_db)) { + $itemids[] = $itemid['itemid']; +@@ -96,10 +96,10 @@ + } + + function disable_httptest($httptestid) { +- $result = DBexecute('UPDATE httptest SET status='.HTTPTEST_STATUS_DISABLED.' WHERE httptestid='.$httptestid); ++ $result = DBexecute('UPDATE httptest SET status='.HTTPTEST_STATUS_DISABLED.' WHERE httptestid='.zbx_dbstr($httptestid)); + + $itemids = array(); +- $items_db = DBselect('SELECT hti.itemid FROM httptestitem hti WHERE hti.httptestid='.$httptestid); ++ $items_db = DBselect('SELECT hti.itemid FROM httptestitem hti WHERE hti.httptestid='.zbx_dbstr($httptestid)); + while ($itemid = Dbfetch($items_db)) { + $itemids[] = $itemid['itemid']; + } +@@ -108,7 +108,7 @@ + 'SELECT hsi.itemid'. + ' FROM httpstep hs,httpstepitem hsi'. + ' WHERE hs.httpstepid=hsi.httpstepid'. +- ' AND hs.httptestid='.$httptestid ++ ' AND hs.httptestid='.zbx_dbstr($httptestid) + ); + while ($itemid = Dbfetch($items_db)) { + $itemids[] = $itemid['itemid']; +@@ -125,7 +125,7 @@ + ' FROM items i,httpstepitem si,httpstep s'. + ' WHERE i.itemid=si.itemid'. + ' AND si.httpstepid=s.httpstepid'. +- ' AND s.httptestid='.$httptestid ++ ' AND s.httptestid='.zbx_dbstr($httptestid) + ); + while ($item_data = DBfetch($db_items)) { + if (!delete_history_by_itemid($item_data['itemid'])) { +@@ -137,11 +137,11 @@ + } + + function get_httptest_by_httptestid($httptestid) { +- return DBfetch(DBselect('SELECT ht.* FROM httptest ht WHERE ht.httptestid='.$httptestid)); ++ return DBfetch(DBselect('SELECT ht.* FROM httptest ht WHERE ht.httptestid='.zbx_dbstr($httptestid))); + } + + function get_httpstep_by_no($httptestid, $no) { +- return DBfetch(DBselect('SELECT hs.* FROM httpstep hs WHERE hs.httptestid='.$httptestid.' AND hs.no='.$no)); ++ return DBfetch(DBselect('SELECT hs.* FROM httpstep hs WHERE hs.httptestid='.zbx_dbstr($httptestid).' AND hs.no='.zbx_dbstr($no))); + } + + function get_httptests_by_hostid($hostids) { +Index: frontends/php/include/acknow.inc.php +=================================================================== +--- ./frontends/php/include/acknow.inc.php (revision 38884) ++++ ./frontends/php/include/acknow.inc.php (working copy) +@@ -23,7 +23,7 @@ + $dbEvents = DBfetch(DBselect( + 'SELECT e.*'. + ' FROM events e'. +- ' WHERE e.objectid='.$triggerid. ++ ' WHERE e.objectid='.zbx_dbstr($triggerid). + ' AND e.object='.EVENT_OBJECT_TRIGGER. + ' AND e.value<>'.TRIGGER_VALUE_UNKNOWN. + ' AND e.value_changed='.TRIGGER_VALUE_CHANGED_YES. +@@ -35,7 +35,7 @@ + } + + function get_acknowledges_by_eventid($eventid) { +- return DBselect('SELECT a.*,u.alias FROM acknowledges a LEFT JOIN users u ON u.userid=a.userid WHERE a.eventid='.$eventid); ++ return DBselect('SELECT a.*,u.alias FROM acknowledges a LEFT JOIN users u ON u.userid=a.userid WHERE a.eventid='.zbx_dbstr($eventid)); + } + + /** +Index: frontends/php/include/triggers.inc.php +=================================================================== +--- ./frontends/php/include/triggers.inc.php (revision 38884) ++++ ./frontends/php/include/triggers.inc.php (working copy) +@@ -107,7 +107,7 @@ + function get_service_status_of_trigger($triggerid) { + $sql = 'SELECT t.triggerid,t.priority'. + ' FROM triggers t'. +- ' WHERE t.triggerid='.$triggerid. ++ ' WHERE t.triggerid='.zbx_dbstr($triggerid). + ' AND t.status='.TRIGGER_STATUS_ENABLED. + ' AND t.value='.TRIGGER_VALUE_TRUE; + $rows = DBfetch(DBselect($sql, 1)); +@@ -259,7 +259,7 @@ + } + + function get_trigger_by_triggerid($triggerid) { +- $db_trigger = DBfetch(DBselect('SELECT t.* FROM triggers t WHERE t.triggerid='.$triggerid)); ++ $db_trigger = DBfetch(DBselect('SELECT t.* FROM triggers t WHERE t.triggerid='.zbx_dbstr($triggerid))); + if (!empty($db_trigger)) { + return $db_trigger; + } +@@ -284,7 +284,7 @@ + return DBselect( + 'SELECT DISTINCT t.*'. + ' FROM triggers t,functions f,items i'. +- ' WHERE i.hostid='.$hostid. ++ ' WHERE i.hostid='.zbx_dbstr($hostid). + ' AND f.itemid=i.itemid'. + ' AND f.triggerid=t.triggerid' + ); +@@ -679,7 +679,7 @@ + $state = ''; + $sql = 'SELECT h.host,i.itemid,i.key_,f.function,f.triggerid,f.parameter,i.itemid,i.status,i.type,i.flags'. + ' FROM items i,functions f,hosts h'. +- ' WHERE f.functionid='.$functionid. ++ ' WHERE f.functionid='.zbx_dbstr($functionid). + ' AND i.itemid=f.itemid'. + ' AND h.hostid=i.hostid'; + +@@ -1068,8 +1068,8 @@ + ' FROM triggers t,functions f,items i'. + ' WHERE t.triggerid=f.triggerid'. + ' AND f.itemid=i.itemid'. +- ' AND t.templateid='.$val. +- ' AND i.hostid='.$hostid; ++ ' AND t.templateid='.zbx_dbstr($val). ++ ' AND i.hostid='.zbx_dbstr($hostid); + if ($db_new_dep = DBfetch(DBselect($sql))) { + $deps[$id] = $db_new_dep['triggerid']; + } +@@ -1395,9 +1395,9 @@ + if ($period_start > 0 && $period_start <= time()) { + $sql = 'SELECT e.eventid,e.value'. + ' FROM events e'. +- ' WHERE e.objectid='.$triggerid. ++ ' WHERE e.objectid='.zbx_dbstr($triggerid). + ' AND e.object='.EVENT_OBJECT_TRIGGER. +- ' AND e.clock<'.$period_start. ++ ' AND e.clock<'.zbx_dbstr($period_start). + ' ORDER BY e.eventid DESC'; + if ($row = DBfetch(DBselect($sql, 1))) { + $start_value = $row['value']; +@@ -1407,13 +1407,13 @@ + + $sql = 'SELECT COUNT(e.eventid) AS cnt,MIN(e.clock) AS min_clock,MAX(e.clock) AS max_clock'. + ' FROM events e'. +- ' WHERE e.objectid='.$triggerid. ++ ' WHERE e.objectid='.zbx_dbstr($triggerid). + ' AND e.object='.EVENT_OBJECT_TRIGGER; + if ($period_start != 0) { +- $sql .= ' AND clock>='.$period_start; ++ $sql .= ' AND clock>='.zbx_dbstr($period_start); + } + if ($period_end != 0) { +- $sql .= ' AND clock<='.$period_end; ++ $sql .= ' AND clock<='.zbx_dbstr($period_end); + } + + $db_events = DBfetch(DBselect($sql)); +@@ -1455,7 +1455,7 @@ + $db_events = DBselect( + 'SELECT e.eventid,e.clock,e.value'. + ' FROM events e'. +- ' WHERE e.objectid='.$triggerid. ++ ' WHERE e.objectid='.zbx_dbstr($triggerid). + ' AND e.object='.EVENT_OBJECT_TRIGGER. + ' AND e.clock BETWEEN '.$min.' AND '.$max. + ' ORDER BY e.eventid' +Index: frontends/php/include/forms.inc.php +=================================================================== +--- ./frontends/php/include/forms.inc.php (revision 38884) ++++ ./frontends/php/include/forms.inc.php (working copy) +@@ -66,7 +66,7 @@ + $data['user_medias'] = array(); + $dbMedia = DBselect('SELECT m.mediaid,m.mediatypeid,m.period,m.sendto,m.severity,m.active'. + ' FROM media m'. +- ' WHERE m.userid='.$userid ++ ' WHERE m.userid='.zbx_dbstr($userid) + ); + while ($dbMedium = DBfetch($dbMedia)) { + $data['user_medias'][] = $dbMedium; +@@ -1104,7 +1104,7 @@ + $data['db_applications'] = DBfetchArray(DBselect( + 'SELECT DISTINCT a.applicationid,a.name'. + ' FROM applications a'. +- ' WHERE a.hostid='.$data['hostid'] ++ ' WHERE a.hostid='.zbx_dbstr($data['hostid']) + )); + order_result($data['db_applications'], 'name'); + +@@ -1117,7 +1117,7 @@ + // valuemapid + if ($data['limited']) { + if (!empty($data['valuemapid'])) { +- if ($map_data = DBfetch(DBselect('SELECT v.name FROM valuemaps v WHERE v.valuemapid='.$data['valuemapid']))) { ++ if ($map_data = DBfetch(DBselect('SELECT v.name FROM valuemaps v WHERE v.valuemapid='.zbx_dbstr($data['valuemapid'])))) { + $data['valuemaps'] = $map_data['name']; + } + } +@@ -1270,7 +1270,7 @@ + ' LEFT JOIN items i ON f.itemid=i.itemid'. + ' LEFT JOIN hosts h ON i.hostid=h.hostid'. + ' LEFT JOIN item_discovery id ON i.itemid=id.itemid'. +- ' WHERE t.triggerid='.$tmp_triggerid ++ ' WHERE t.triggerid='.zbx_dbstr($tmp_triggerid) + )); + if (bccomp($data['triggerid'], $tmp_triggerid) != 0) { + // parent trigger prototype link +@@ -1313,7 +1313,7 @@ + 'SELECT t.triggerid,t.description'. + ' FROM triggers t,trigger_depends d'. + ' WHERE t.triggerid=d.triggerid_up'. +- ' AND d.triggerid_down='.$data['triggerid'] ++ ' AND d.triggerid_down='.zbx_dbstr($data['triggerid']) + ); + while ($trigger = DBfetch($db_triggers)) { + if (uint_in_array($trigger['triggerid'], $data['dependencies'])) { +@@ -1720,7 +1720,7 @@ + $table_titles = zbx_toHash($table_titles, 'db_field'); + $sql_fields = implode(', ', array_keys($table_titles)); + +- $sql = 'SELECT '.$sql_fields.' FROM host_inventory WHERE hostid='.$_REQUEST['hostid']; ++ $sql = 'SELECT '.$sql_fields.' FROM host_inventory WHERE hostid='.zbx_dbstr($_REQUEST['hostid']); + $result = DBselect($sql); + + $row = DBfetch($result); +@@ -1740,7 +1740,7 @@ + $sql = 'SELECT re.* '. + ' FROM regexps re '. + ' WHERE '.DBin_node('re.regexpid'). +- ' AND re.regexpid='.$_REQUEST['regexpid']; ++ ' AND re.regexpid='.zbx_dbstr($_REQUEST['regexpid']); + $regexp = DBfetch(DBSelect($sql)); + + $rename = $regexp['name']; +@@ -1750,7 +1750,7 @@ + $sql = 'SELECT e.* '. + ' FROM expressions e '. + ' WHERE '.DBin_node('e.expressionid'). +- ' AND e.regexpid='.$regexp['regexpid']. ++ ' AND e.regexpid='.zbx_dbstr($regexp['regexpid']). + ' ORDER BY e.expression_type'; + + $db_exps = DBselect($sql); +@@ -1888,7 +1888,7 @@ + $sql = 'SELECT e.* '. + ' FROM expressions e '. + ' WHERE '.DBin_node('e.expressionid'). +- ' AND e.regexpid='.$_REQUEST['regexpid']. ++ ' AND e.regexpid='.zbx_dbstr($_REQUEST['regexpid']). + ' ORDER BY e.expression_type'; + + $db_exps = DBselect($sql); +Index: frontends/php/include/regexp.inc.php +=================================================================== +--- ./frontends/php/include/regexp.inc.php (revision 38884) ++++ ./frontends/php/include/regexp.inc.php (working copy) +@@ -24,7 +24,7 @@ + 'SELECT re.*'. + ' FROM regexps re'. + ' WHERE '.DBin_node('re.regexpid'). +- ' AND regexpid='.$regexpId ++ ' AND regexpid='.zbx_dbstr($regexpId) + )); + } + +@@ -35,7 +35,7 @@ + 'SELECT e.expressionid,e.expression,e.expression_type,e.exp_delimiter,e.case_sensitive'. + ' FROM expressions e'. + ' WHERE '.DBin_node('e.expressionid'). +- ' AND regexpid='.$regexpId ++ ' AND regexpid='.zbx_dbstr($regexpId) + ); + while ($expression = DBfetch($dbExpressions)) { + $expressions[$expression['expressionid']] = $expression; +Index: frontends/php/include/actions.inc.php +=================================================================== +--- ./frontends/php/include/actions.inc.php (revision 38884) ++++ ./frontends/php/include/actions.inc.php (working copy) +@@ -203,7 +203,7 @@ + 'SELECT dr.name,c.dcheckid,c.type,c.key_,c.ports'. + ' FROM drules dr,dchecks c'. + ' WHERE dr.druleid=c.druleid'. +- ' AND c.dcheckid='.$value ++ ' AND c.dcheckid='.zbx_dbstr($value) + )); + if ($row) { + $str_val = $row['name'].': '.discovery_check2str($row['type'], $row['key_'], $row['ports']); +@@ -409,7 +409,7 @@ + $sql = 'SELECT a.def_shortdata,a.def_longdata '. + ' FROM actions a,operations o '. + ' WHERE a.actionid=o.actionid '. +- ' AND o.operationid='.$data['operationid']; ++ ' AND o.operationid='.zbx_dbstr($data['operationid']); + if ($rows = DBfetch(DBselect($sql, 1))) { + $result[] = array(bold(_('Subject').': '), BR(), zbx_nl2br($rows['def_shortdata'])); + $result[] = array(bold(_('Message').': '), BR(), zbx_nl2br($rows['def_longdata'])); +@@ -873,8 +873,8 @@ + ' FROM events e,alerts a'. + ' LEFT JOIN users u ON u.userid=a.userid'. + ' LEFT JOIN media_type mt ON mt.mediatypeid=a.mediatypeid'. +- ' WHERE a.eventid='.$eventid. +- (is_null($status)?'':' AND a.status='.$status). ++ ' WHERE a.eventid='.zbx_dbstr($eventid). ++ (is_null($status)?'':' AND a.status='.zbx_dbstr($status)). + ' AND e.eventid=a.eventid'. + ' AND a.alerttype IN ('.ALERT_TYPE_MESSAGE.','.ALERT_TYPE_COMMAND.')'. + ' AND '.DBin_node('a.alertid'). +Index: frontends/php/include/screens.inc.php +=================================================================== +--- ./frontends/php/include/screens.inc.php (revision 38884) ++++ ./frontends/php/include/screens.inc.php (working copy) +@@ -57,7 +57,7 @@ + } + + function get_screen_by_screenid($screenid) { +- $dbScreen = DBfetch(DBselect('SELECT s.* FROM screens s WHERE s.screenid='.$screenid)); ++ $dbScreen = DBfetch(DBselect('SELECT s.* FROM screens s WHERE s.screenid='.zbx_dbstr($screenid))); + return !empty($dbScreen) ? $dbScreen : false; + } + +@@ -69,7 +69,7 @@ + $db_scr_items = DBselect( + 'SELECT si.resourceid'. + ' FROM screens_items si'. +- ' WHERE si.screenid='.$child_screenid. ++ ' WHERE si.screenid='.zbx_dbstr($child_screenid). + ' AND si.resourcetype='.SCREEN_RESOURCE_SCREEN + ); + while ($scr_item = DBfetch($db_scr_items)) { +@@ -84,7 +84,7 @@ + $db_slides = DBfetch(DBselect( + 'SELECT MIN(s.step) AS min_step,MAX(s.step) AS max_step'. + ' FROM slides s'. +- ' WHERE s.slideshowid='.$slideshowid ++ ' WHERE s.slideshowid='.zbx_dbstr($slideshowid) + )); + if (!$db_slides || is_null($db_slides['min_step'])) { + return false; +@@ -101,9 +101,9 @@ + return DBfetch(DBselect( + 'SELECT sl.*'. + ' FROM slides sl,slideshows ss'. +- ' WHERE ss.slideshowid='.$slideshowid. ++ ' WHERE ss.slideshowid='.zbx_dbstr($slideshowid). + ' AND sl.slideshowid=ss.slideshowid'. +- ' AND sl.step='.$curr_step ++ ' AND sl.step='.zbx_dbstr($curr_step) + )); + } + +@@ -112,7 +112,7 @@ + + $sql = 'SELECT s.slideshowid'. + ' FROM slideshows s'. +- ' WHERE s.slideshowid='.$slideshowid. ++ ' WHERE s.slideshowid='.zbx_dbstr($slideshowid). + ' AND '.DBin_node('s.slideshowid', get_current_nodeid(null, $perm) + ); + if (DBselect($sql)) { +@@ -122,7 +122,7 @@ + $db_screens = DBselect( + 'SELECT DISTINCT s.screenid'. + ' FROM slides s'. +- ' WHERE s.slideshowid='.$slideshowid ++ ' WHERE s.slideshowid='.zbx_dbstr($slideshowid) + ); + while ($slide_data = DBfetch($db_screens)) { + $screenids[$slide_data['screenid']] = $slide_data['screenid']; +@@ -147,7 +147,7 @@ + } + + function get_slideshow_by_slideshowid($slideshowid) { +- return DBfetch(DBselect('SELECT s.* FROM slideshows s WHERE s.slideshowid='.$slideshowid)); ++ return DBfetch(DBselect('SELECT s.* FROM slideshows s WHERE s.slideshowid='.zbx_dbstr($slideshowid))); + } + + function add_slideshow($name, $delay, $slides) { +@@ -182,7 +182,7 @@ + $slideshowid = get_dbid('slideshows', 'slideshowid'); + $result = DBexecute( + 'INSERT INTO slideshows (slideshowid,name,delay)'. +- ' VALUES ('.$slideshowid.','.zbx_dbstr($name).','.$delay.')' ++ ' VALUES ('.zbx_dbstr($slideshowid).','.zbx_dbstr($name).','.zbx_dbstr($delay).')' + ); + + // create slides +@@ -197,7 +197,7 @@ + + $result = DBexecute( + 'INSERT INTO slides (slideid,slideshowid,screenid,step,delay)'. +- ' VALUES ('.$slideid.','.$slideshowid.','.$slide['screenid'].','.($i++).','.$slide['delay'].')' ++ ' VALUES ('.zbx_dbstr($slideid).','.zbx_dbstr($slideshowid).','.zbx_dbstr($slide['screenid']).','.($i++).','.zbx_dbstr($slide['delay']).')' + ); + if (!$result) { + return false; +@@ -228,14 +228,14 @@ + } + + // validate slide name +- $sql = 'SELECT s.slideshowid FROM slideshows s WHERE s.name='.zbx_dbstr($name).' AND s.slideshowid<>'.$slideshowid; ++ $sql = 'SELECT s.slideshowid FROM slideshows s WHERE s.name='.zbx_dbstr($name).' AND s.slideshowid<>'.zbx_dbstr($slideshowid); + $db_slideshow = DBfetch(DBselect($sql, 1)); + if (!empty($db_slideshow)) { + error(_s('Slide show "%s" already exists.', $name)); + return false; + } + +- $db_slideshow = DBfetchArray(DBselect('SELECT * FROM slideshows WHERE slideshowid='.$slideshowid)); ++ $db_slideshow = DBfetchArray(DBselect('SELECT * FROM slideshows WHERE slideshowid='.zbx_dbstr($slideshowid))); + $db_slideshow = $db_slideshow[0]; + $changed = false; + $slideshow = array('name' => $name, 'delay' => $delay); +@@ -246,13 +246,13 @@ + } + } + if ($changed) { +- if (!$result = DBexecute('UPDATE slideshows SET name='.zbx_dbstr($name).',delay='.$delay.' WHERE slideshowid='.$slideshowid)) { ++ if (!$result = DBexecute('UPDATE slideshows SET name='.zbx_dbstr($name).',delay='.zbx_dbstr($delay).' WHERE slideshowid='.zbx_dbstr($slideshowid))) { + return false; + } + } + + // get slides +- $db_slides = DBfetchArrayAssoc(DBselect('SELECT s.* FROM slides s WHERE s.slideshowid='.$slideshowid), 'slideid'); ++ $db_slides = DBfetchArrayAssoc(DBselect('SELECT s.* FROM slides s WHERE s.slideshowid='.zbx_dbstr($slideshowid)), 'slideid'); + + $slidesToDel = zbx_objectValues($db_slides, 'slideid'); + $slidesToDel = zbx_toHash($slidesToDel); +@@ -262,7 +262,7 @@ + if (isset($db_slides[$slide['slideid']])) { + // update slide + if ($db_slides[$slide['slideid']]['delay'] != $slide['delay'] || $db_slides[$slide['slideid']]['step'] != $step) { +- $result = DBexecute('UPDATE slides SET step='.$step.', delay='.$slide['delay'].' WHERE slideid='.$slide['slideid']); ++ $result = DBexecute('UPDATE slides SET step='.zbx_dbstr($step).', delay='.zbx_dbstr($slide['delay']).' WHERE slideid='.zbx_dbstr($slide['slideid'])); + } + // do nothing with slide + else { +@@ -275,7 +275,7 @@ + $slideid = get_dbid('slides', 'slideid'); + $result = DBexecute( + 'INSERT INTO slides (slideid,slideshowid,screenid,step,delay)'. +- ' VALUES ('.$slideid.','.$slideshowid.','.$slide['screenid'].','.$step.','.$slide['delay'].')' ++ ' VALUES ('.zbx_dbstr($slideid).','.zbx_dbstr($slideshowid).','.zbx_dbstr($slide['screenid']).','.zbx_dbstr($step).','.zbx_dbstr($slide['delay']).')' + ); + } + $step ++; +@@ -293,9 +293,9 @@ + } + + function delete_slideshow($slideshowid) { +- $result = DBexecute('DELETE FROM slideshows where slideshowid='.$slideshowid); +- $result &= DBexecute('DELETE FROM slides where slideshowid='.$slideshowid); +- $result &= DBexecute('DELETE FROM profiles WHERE idx=\'web.favorite.screenids\' AND source=\'slideshowid\' AND value_id='.$slideshowid); ++ $result = DBexecute('DELETE FROM slideshows where slideshowid='.zbx_dbstr($slideshowid)); ++ $result &= DBexecute('DELETE FROM slides where slideshowid='.zbx_dbstr($slideshowid)); ++ $result &= DBexecute('DELETE FROM profiles WHERE idx=\'web.favorite.screenids\' AND source=\'slideshowid\' AND value_id='.zbx_dbstr($slideshowid)); + return $result; + } + +@@ -304,13 +304,13 @@ + if ($config == 0) { + $sql = 'SELECT si.screenitemid'. + ' FROM screens_items si'. +- ' WHERE si.screenid='.$elid. ++ ' WHERE si.screenid='.zbx_dbstr($elid). + ' AND si.dynamic='.SCREEN_DYNAMIC_ITEM; + } + else { + $sql = 'SELECT si.screenitemid'. + ' FROM slides s,screens_items si'. +- ' WHERE s.slideshowid='.$elid. ++ ' WHERE s.slideshowid='.zbx_dbstr($elid). + ' AND si.screenid=s.screenid'. + ' AND si.dynamic='.SCREEN_DYNAMIC_ITEM; + } +Index: frontends/php/include/perm.inc.php +=================================================================== +--- ./frontends/php/include/perm.inc.php (revision 38884) ++++ ./frontends/php/include/perm.inc.php (working copy) +@@ -46,7 +46,7 @@ + function check_perm2system($userid) { + $sql = 'SELECT g.usrgrpid'. + ' FROM usrgrp g,users_groups ug'. +- ' WHERE ug.userid='.$userid. ++ ' WHERE ug.userid='.zbx_dbstr($userid). + ' AND g.usrgrpid=ug.usrgrpid'. + ' AND g.users_status='.GROUP_STATUS_DISABLED; + if ($res = DBfetch(DBselect($sql, 1))) { +@@ -91,7 +91,7 @@ + + $sql = 'SELECT MAX(g.gui_access) AS gui_access'. + ' FROM usrgrp g,users_groups ug'. +- ' WHERE ug.userid='.$userid. ++ ' WHERE ug.userid='.zbx_dbstr($userid). + ' AND g.usrgrpid=ug.usrgrpid'; + $db_access = DBfetch(DBselect($sql)); + if (!zbx_empty($db_access['gui_access'])) { +@@ -206,7 +206,7 @@ + ' LEFT JOIN rights r ON r.id=hg.groupid'. + ' LEFT JOIN users_groups g ON r.groupid=g.usrgrpid'. + ' LEFT JOIN nodes n ON '.DBid2nodeid('hg.groupid').'=n.nodeid'. +- ' WHERE g.userid='.$userid. ++ ' WHERE g.userid='.zbx_dbstr($userid). + ' AND '.DBin_node('hg.groupid', $nodeid). + ' GROUP BY n.nodeid,n.name,hg.groupid,hg.name,g.userid'. + ' ORDER BY node_name,hg.name,permission'; +@@ -306,7 +306,7 @@ + foreach ($node_data as $nodeid => $node) { + switch ($perm_res) { + case PERM_RES_DATA_ARRAY: +- $db_node = DBfetch(DBselect('SELECT n.* FROM nodes n WHERE n.nodeid='.$nodeid.' ORDER BY n.name')); ++ $db_node = DBfetch(DBselect('SELECT n.* FROM nodes n WHERE n.nodeid='.zbx_dbstr($nodeid).' ORDER BY n.name')); + + if (!ZBX_DISTRIBUTED) { + if (!$node) { +@@ -552,7 +552,7 @@ + if (!isset($userGroups[$userId])) { + $userGroups[$userId] = array(); + +- $result = DBselect('SELECT usrgrpid FROM users_groups WHERE userid='.$userId); ++ $result = DBselect('SELECT usrgrpid FROM users_groups WHERE userid='.zbx_dbstr($userId)); + while ($row = DBfetch($result)) { + $userGroups[$userId][] = $row['usrgrpid']; + } +Index: frontends/php/include/blocks.inc.php +=================================================================== +--- ./frontends/php/include/blocks.inc.php (revision 38884) ++++ ./frontends/php/include/blocks.inc.php (working copy) +@@ -1043,7 +1043,7 @@ + ' AND hti.type='.HTTPSTEP_ITEM_TYPE_LASTSTEP. + ' AND ht.status='.HTTPTEST_STATUS_ACTIVE. + ' AND '.dbConditionInt('hg.hostid', $availableHostIds). +- ' AND hg.groupid='.$group['groupid'] ++ ' AND hg.groupid='.zbx_dbstr($group['groupid']) + ); + while ($row = DBfetch($result)) { + $showGroup = true; |