From 714c26033defc713296ea1f0fdf8aba8600e503b Mon Sep 17 00:00:00 2001
From: Benjamin Sonntag <benjamin@alternc.org>
Date: Tue, 9 Jul 2013 21:59:13 +0000
Subject: [PATCH] fixing mysql_real_escape_string issue (deprecated)

---
 bureau/class/config.php |  2 +-
 bureau/class/m_mail.php | 12 ++++++------
 debian/changelog        |  7 ++++---
 3 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/bureau/class/config.php b/bureau/class/config.php
index 18b5ef31..1085e688 100644
--- a/bureau/class/config.php
+++ b/bureau/class/config.php
@@ -29,7 +29,7 @@
 */
 
 // To enable the display of the alternc debug error, do the following :
-// # touch /etc/alternc/alternc_display_php_error
+// # touch /etc/alternc/alternc_display_php_error
 if (file_exists('/etc/alternc/alternc_display_php_error')) {
   ini_set('display_errors', true);
 }
diff --git a/bureau/class/m_mail.php b/bureau/class/m_mail.php
index 26df0241..808652b9 100644
--- a/bureau/class/m_mail.php
+++ b/bureau/class/m_mail.php
@@ -601,7 +601,7 @@ ORDER BY
    */ 
   function set_details($mail_id, $islocal, $quotamb, $recipients,$delivery="dovecot",$dontcheck=false) {
     global $err,$db,$cuid,$quota,$dom,$hooks;
-    $delivery=mysql_escape_string($delivery);
+    $delivery=mysql_real_escape_string($delivery);
     $err->log("mail","set_details");
     if (!($me=$this->get_details($mail_id))) {
       return false;
@@ -772,8 +772,8 @@ ORDER BY
    */
   function check_slave_account($login,$pass) {
     global $db,$err;
-    $login=mysql_escape_string($login);
-    $pass=mysql_escape_string($pass);
+    $login=mysql_real_escape_string($login);
+    $pass=mysql_real_escape_string($pass);
     $db->query("SELECT * FROM mxaccount WHERE login='$login' AND pass='$pass';");
     if ($db->next_record()) {
         return true;
@@ -819,8 +819,8 @@ ORDER BY
    */
   function add_slave_account($login,$pass) {
     global $db,$err;
-    $login=mysql_escape_string($login);
-    $pass=mysql_escape_string($pass);
+    $login=mysql_real_escape_string($login);
+    $pass=mysql_real_escape_string($pass);
     $db->query("SELECT * FROM mxaccount WHERE login='$login'");
     if ($db->next_record()) {
       $err->raise("mail",_("The slave MX account was not found"));
@@ -838,7 +838,7 @@ ORDER BY
    */
   function del_slave_account($login) {
     global $db,$err;
-    $login=mysql_escape_string($login);
+    $login=mysql_real_escape_string($login);
     $db->query("DELETE FROM mxaccount WHERE login='$login'");
     return true;
   }
diff --git a/debian/changelog b/debian/changelog
index 5943a7a0..ffc633da 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,12 +1,13 @@
-alternc (3.1~alpha012) experimental; urgency=low
+alternc (3.1~alpha014) experimental; urgency=low
 
   * menu became dynamic with a class
-  * /var/alternc disapear to became Debian-compliant (but we upgrade properly, keeping an existing /var/alternc)
+  * /var/alternc disapear to become Debian-compliant (but we upgrade properly, keeping an existing /var/alternc)
   * fix detection of ACL using pre-depends
   * fix dovecot SSL certificate (was pointing to an non-existing file)
   * configure dovecot properly when using /etc/alternc/alternc.pem
+  * 3.1 can be built for Squeeze or Wheezy (with dovecot 1.2 or 2.0) although the 2 versions slightly differs
 
- -- Benjamin Sonntag <benjamin@sonntag.fr>  Thu, 28 May 2013 06:09:00 +0100
+ -- Benjamin Sonntag <benjamin@sonntag.fr>  Thu, 15 Jun 2013 09:09:00 +0200
 
 alternc (3.0) stable; urgency=low