- Applied a patch from Loui to fix session removal.

- Replaced all occurences of mysql_escape_string()
  with mysql_real_escape_string().

web/html/account.php

@@ -106,7 +106,7 @@ if (isset($_COOKIE["AURSID"])) {
 			$q.= "WHERE AccountTypes.ID = Users.AccountTypeID ";
 			$q.= "AND Users.ID = Sessions.UsersID ";
 			$q.= "AND Sessions.SessionID = '";
-			$q.= mysql_escape_string($_COOKIE["AURSID"])."'";
+			$q.= mysql_real_escape_string($_COOKIE["AURSID"])."'";
 			$result = db_query($q, $dbh);
 			if (!mysql_num_rows($result)) {
 				print __("Could not retrieve information for the specified user.");

web/html/index.php

@@ -28,8 +28,8 @@ if (isset($_REQUEST["user"]) || isset($_REQUEST["pass"])) {
 		$_REQUEST["pass"] = md5($_REQUEST["pass"]);
 		$dbh = db_connect();
 		$q = "SELECT ID, Suspended FROM Users ";
-		$q.= "WHERE Username = '" . mysql_escape_string($_REQUEST["user"]) . "' ";
+		$q.= "WHERE Username = '" . mysql_real_escape_string($_REQUEST["user"]) . "' ";
-		$q.= "AND Passwd = '" . mysql_escape_string($_REQUEST["pass"]) . "'";
+		$q.= "AND Passwd = '" . mysql_real_escape_string($_REQUEST["pass"]) . "'";
 		$result = db_query($q, $dbh);
 		if (!$result) {
 			$login_error = __("Error looking up username, %s.",

web/html/logout.php

@@ -11,9 +11,9 @@ set_lang();                 # this sets up the visitor's language
 # sending any HTML output.
 #
 if (isset($_COOKIE["AURSID"])) {
-	$q = "DELETE FROM Sessions WHERE SessionID = '";
-	$q.= mysql_escape_string($_COOKIE["AURSID"]) . "'";
 	$dbh = db_connect();
+	$q = "DELETE FROM Sessions WHERE SessionID = '";
+	$q.= mysql_real_escape_string($_COOKIE["AURSID"]) . "'";
 	db_query($q, $dbh);
 	setcookie("AURSID", "", time() - (60*60*24*30), "/");
 	setcookie("AURLANG", "", time() - (60*60*24*30), "/");

web/html/pkgedit.php

@@ -73,7 +73,7 @@ if ($_REQUEST["add_Comment"]) {
 		$q = "INSERT INTO PackageComments ";
 		$q.= "(PackageID, UsersID, Comments, CommentTS) VALUES (";
 		$q.= intval($_REQUEST["ID"]).", ".uid_from_sid($_COOKIE["AURSID"]) . ", ";
-		$q.= "'".mysql_escape_string($_REQUEST["comment"])."', ";
+		$q.= "'".mysql_real_escape_string($_REQUEST["comment"])."', ";
 		$q.= "UNIX_TIMESTAMP())";
 		db_query($q, $dbh);
 		print __("Comment has been added.")."<br />&nbsp;<br />\n";

web/html/pkgsubmit.php

@@ -374,7 +374,7 @@ if ($_COOKIE["AURSID"]) {
 			# purged.
 			#
 			$q = "SELECT * FROM Packages ";
-			$q.= "WHERE Name = '".mysql_escape_string($new_pkgbuild['pkgname'])."'";
+			$q.= "WHERE Name = '".mysql_real_escape_string($new_pkgbuild['pkgname'])."'";
 			$result = db_query($q, $dbh);
 			$pdata = mysql_fetch_assoc($result);
 
@@ -402,13 +402,13 @@ if ($_COOKIE["AURSID"]) {
 				} else {
 					$q.="ModifiedTS = UNIX_TIMESTAMP(), ";
 				}
-				$q.="Name='".mysql_escape_string($new_pkgbuild['pkgname'])."', ";
+				$q.="Name='".mysql_real_escape_string($new_pkgbuild['pkgname'])."', ";
-				$q.="Version='".mysql_escape_string($new_pkgbuild['pkgver'])."-".
+				$q.="Version='".mysql_real_escape_string($new_pkgbuild['pkgver'])."-".
-				  mysql_escape_string($new_pkgbuild['pkgrel'])."',";
+				  mysql_real_escape_string($new_pkgbuild['pkgrel'])."',";
-				$q.="CategoryID=".mysql_escape_string($_REQUEST['category']).", ";
+				$q.="CategoryID=".mysql_real_escape_string($_REQUEST['category']).", ";
-                $q.="License='".mysql_escape_string($new_pkgbuild['license'])."', ";
+                $q.="License='".mysql_real_escape_string($new_pkgbuild['license'])."', ";
-                $q.="Description='".mysql_escape_string($new_pkgbuild['pkgdesc'])."', ";
+                $q.="Description='".mysql_real_escape_string($new_pkgbuild['pkgdesc'])."', ";
-				$q.="URL='".mysql_escape_string($new_pkgbuild['url'])."', ";
+				$q.="URL='".mysql_real_escape_string($new_pkgbuild['url'])."', ";
 				$q.="LocationID=2, ";
 				if (account_from_sid($_COOKIE["AURSID"]) == "Trusted User" || account_from_sid($_COOKIE["AURSID"]) == "Developer") {
 					$q.="Safe=1, VerifiedBy=".uid_from_sid($_COOKIE["AURSID"]).", ";
@@ -416,9 +416,9 @@ if ($_COOKIE["AURSID"]) {
 					$q.="Safe=0, ";
 				}
 				$fspath=$INCOMING_DIR.$pkg_name."/".$_FILES["pfile"]["name"];
-				$q.="FSPath='".mysql_escape_string($fspath)."', ";
+				$q.="FSPath='".mysql_real_escape_string($fspath)."', ";
 				$urlpath=$URL_DIR.$pkg_name."/".$_FILES["pfile"]["name"];
-				$q.="URLPath='".mysql_escape_string($urlpath)."' ";
+				$q.="URLPath='".mysql_real_escape_string($urlpath)."' ";
 				$q.="WHERE ID = " . $pdata["ID"];
 				$result = db_query($q, $dbh);
 
@@ -461,7 +461,7 @@ if ($_COOKIE["AURSID"]) {
 				$sources = explode(" ", $new_pkgbuild['source']);
 				while (list($k, $v) = each($sources)) {
 					$q = "INSERT INTO PackageSources (PackageID, Source) VALUES (";
-					$q .= $pdata["ID"].", '".mysql_escape_string($v)."')";
+					$q .= $pdata["ID"].", '".mysql_real_escape_string($v)."')";
 					db_query($q, $dbh);
 				}
 
@@ -470,7 +470,7 @@ if ($_COOKIE["AURSID"]) {
 				$q = "INSERT INTO PackageComments ";
 				$q.= "(PackageID, UsersID, Comments, CommentTS) VALUES (";
 				$q.= $pdata["ID"] . ", " . uid_from_sid($_COOKIE['AURSID']);
-				$q.= ", '" . mysql_escape_string($_REQUEST["comments"]);
+				$q.= ", '" . mysql_real_escape_string($_REQUEST["comments"]);
 				$q.= "', UNIX_TIMESTAMP())";
 				db_query($q);
 
@@ -484,13 +484,13 @@ if ($_COOKIE["AURSID"]) {
 				}
 				$q.= " SubmittedTS, SubmitterUID, MaintainerUID, FSPath, URLPath) ";
 				$q.= "VALUES ('";
-				$q.= mysql_escape_string($new_pkgbuild['pkgname'])."', '";
+				$q.= mysql_real_escape_string($new_pkgbuild['pkgname'])."', '";
-                $q.= mysql_escape_string($new_pkgbuild['license'])."', '";
+                $q.= mysql_real_escape_string($new_pkgbuild['license'])."', '";
-				$q.= mysql_escape_string($new_pkgbuild['pkgver'])."-".
+				$q.= mysql_real_escape_string($new_pkgbuild['pkgver'])."-".
-				  mysql_escape_string($new_pkgbuild['pkgrel'])."', ";
+				  mysql_real_escape_string($new_pkgbuild['pkgrel'])."', ";
-				$q.= mysql_escape_string($_REQUEST['category']).", '";
+				$q.= mysql_real_escape_string($_REQUEST['category']).", '";
-				$q.= mysql_escape_string($new_pkgbuild['pkgdesc'])."', '";
+				$q.= mysql_real_escape_string($new_pkgbuild['pkgdesc'])."', '";
-				$q.= mysql_escape_string($new_pkgbuild['url']);
+				$q.= mysql_real_escape_string($new_pkgbuild['url']);
 				$q.= "', 2, ";
 				if (account_from_sid($_COOKIE["AURSID"]) == "Trusted User" || account_from_sid($_COOKIE["AURSID"]) == "Developer") {
 					$q.= "1, ".uid_from_sid($_COOKIE["AURSID"]).", ";
@@ -499,9 +499,9 @@ if ($_COOKIE["AURSID"]) {
 				$q.= uid_from_sid($_COOKIE["AURSID"]).", ";
 				$q.= uid_from_sid($_COOKIE["AURSID"]).", '";
 				$fspath=$INCOMING_DIR.$pkg_name."/".$_FILES["pfile"]["name"];
-				$q.= mysql_escape_string($fspath)."', '";
+				$q.= mysql_real_escape_string($fspath)."', '";
 				$urlpath=$URL_DIR.$pkg_name."/".$_FILES["pfile"]["name"];
-				$q.= mysql_escape_string($urlpath)."')";
+				$q.= mysql_real_escape_string($urlpath)."')";
 				$result = db_query($q, $dbh);
 #				print $result . "<br>";
 
@@ -539,7 +539,7 @@ if ($_COOKIE["AURSID"]) {
 				$sources = explode(" ", $new_pkgbuild['source']);
 				while (list($k, $v) = each($sources)) {
 					$q = "INSERT INTO PackageSources (PackageID, Source) VALUES (";
-					$q .= $packageID.", '".mysql_escape_string($v)."')";
+					$q .= $packageID.", '".mysql_real_escape_string($v)."')";
 					db_query($q, $dbh);
 				}
 
@@ -548,7 +548,7 @@ if ($_COOKIE["AURSID"]) {
 				$q = "INSERT INTO PackageComments ";
 				$q.= "(PackageID, UsersID, Comments, CommentTS) VALUES (";
 				$q.= $packageID . ", " . uid_from_sid($_COOKIE["AURSID"]) . ", '";
-				$q.= mysql_escape_string($_REQUEST["comments"]);
+				$q.= mysql_real_escape_string($_REQUEST["comments"]);
 				$q.= "', UNIX_TIMESTAMP())";
 				db_query($q, $dbh);
 			}

web/lib/acctfuncs.inc

@@ -206,7 +206,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
 		# NOTE: a race condition exists here if we care...
 		#
 		$q = "SELECT COUNT(*) AS CNT FROM Users ";
-		$q.= "WHERE Username = '".mysql_escape_string($U)."'";
+		$q.= "WHERE Username = '".mysql_real_escape_string($U)."'";
 		if ($TYPE == "edit") {
 			$q.= " AND ID != ".intval($UID);
 		}
@@ -224,7 +224,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
 		# NOTE: a race condition exists here if we care...
 		#
 		$q = "SELECT COUNT(*) AS CNT FROM Users ";
-		$q.= "WHERE Email = '".mysql_escape_string($E)."'";
+		$q.= "WHERE Email = '".mysql_real_escape_string($E)."'";
 		if ($TYPE == "edit") {
 			$q.= " AND ID != ".intval($UID);
 		}
@@ -250,12 +250,12 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
 			$P = md5($P);
 			$q = "INSERT INTO Users (AccountTypeID, Suspended, Username, Email, ";
 			$q.= "Passwd, RealName, LangPreference, IRCNick, NewPkgNotify) ";
-			$q.= "VALUES (1, 0, '".mysql_escape_string($U)."'";
+			$q.= "VALUES (1, 0, '".mysql_real_escape_string($U)."'";
-			$q.= ", '".mysql_escape_string($E)."'";
+			$q.= ", '".mysql_real_escape_string($E)."'";
-			$q.= ", '".mysql_escape_string($P)."'";
+			$q.= ", '".mysql_real_escape_string($P)."'";
-			$q.= ", '".mysql_escape_string($R)."'";
+			$q.= ", '".mysql_real_escape_string($R)."'";
-			$q.= ", '".mysql_escape_string($L)."'";
+			$q.= ", '".mysql_real_escape_string($L)."'";
-			$q.= ", '".mysql_escape_string($I)."'";
+			$q.= ", '".mysql_real_escape_string($I)."'";
 			if ($N) {
 				$q.= ", 1)";
 			} else {
@@ -281,7 +281,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
 
 			#md5 hash the password
 			$q = "UPDATE Users SET ";
-			$q.= "Username = '".mysql_escape_string($U)."'";
+			$q.= "Username = '".mysql_real_escape_string($U)."'";
 			if ($T) {
 				$q.= ", AccountTypeID = ".intval($T);
 			}
@@ -290,13 +290,13 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
 			} else {
 				$q.= ", Suspended = 0";
 			}
-			$q.= ", Email = '".mysql_escape_string($E)."'";
+			$q.= ", Email = '".mysql_real_escape_string($E)."'";
 			if ($P) {
-				$q.= ", Passwd = '".mysql_escape_string(md5($P))."'";
+				$q.= ", Passwd = '".mysql_real_escape_string(md5($P))."'";
 			}
-			$q.= ", RealName = '".mysql_escape_string($R)."'";
+			$q.= ", RealName = '".mysql_real_escape_string($R)."'";
-			$q.= ", LangPreference = '".mysql_escape_string($L)."'";
+			$q.= ", LangPreference = '".mysql_real_escape_string($L)."'";
-			$q.= ", IRCNick = '".mysql_escape_string($I)."'";
+			$q.= ", IRCNick = '".mysql_real_escape_string($I)."'";
 			$q.= ", NewPkgNotify = ";
 			if ($N) {
 				$q.= "1 ";
@@ -435,19 +435,19 @@ function search_results_page($UTYPE,$O=0,$SB="",$U="",$T="",
 		$search_vars[] = "S";
 	}
 	if ($U) {
-		$q.= "AND Username LIKE '%".mysql_escape_string($U)."%' ";
+		$q.= "AND Username LIKE '%".mysql_real_escape_string($U)."%' ";
 		$search_vars[] = "U";
 	}
 	if ($E) {
-		$q.= "AND Email LIKE '%".mysql_escape_string($E)."%' ";
+		$q.= "AND Email LIKE '%".mysql_real_escape_string($E)."%' ";
 		$search_vars[] = "E";
 	}
 	if ($R) {
-		$q.= "AND RealName LIKE '%".mysql_escape_string($R)."%' ";
+		$q.= "AND RealName LIKE '%".mysql_real_escape_string($R)."%' ";
 		$search_vars[] = "R";
 	}
 	if ($I) {
-		$q.= "AND IRCNick LIKE '%".mysql_escape_string($I)."%' ";
+		$q.= "AND IRCNick LIKE '%".mysql_real_escape_string($I)."%' ";
 		$search_vars[] = "I";
 	}
 	switch ($SB) {

web/lib/aur.inc

@@ -93,7 +93,7 @@ function check_sid() {
 		#
 		$dbh = db_connect();
 		$q = "SELECT LastUpdateTS, UNIX_TIMESTAMP() FROM Sessions ";
-		$q.= "WHERE SessionID = '" . mysql_escape_string($_COOKIE["AURSID"]) . "'";
+		$q.= "WHERE SessionID = '" . mysql_real_escape_string($_COOKIE["AURSID"]) . "'";
 		$result = db_query($q, $dbh);
 		if (!$result) {
 			# Invalid SessionID - hacker alert!
@@ -118,7 +118,7 @@ function check_sid() {
 			# the main page where they can log in again.
 			#
 			$q = "DELETE FROM Sessions WHERE SessionID = '";
-			$q.= mysql_escape_string($_COOKIE["AURSID"]) . "'";
+			$q.= mysql_real_escape_string($_COOKIE["AURSID"]) . "'";
 			db_query($q, $dbh);
 
 			setcookie("AURSID", "", time() - (60*60*24*30), "/");
@@ -129,7 +129,7 @@ function check_sid() {
 			# and update the idle timestamp
 			#
 			$q = "UPDATE Sessions SET LastUpdateTS = UNIX_TIMESTAMP() ";
-			$q.= "WHERE SessionID = '".mysql_escape_string($_COOKIE["AURSID"])."'";
+			$q.= "WHERE SessionID = '".mysql_real_escape_string($_COOKIE["AURSID"])."'";
 			db_query($q, $dbh);
 		}
 	}
@@ -172,7 +172,7 @@ function username_from_id($id="") {
 		return "";
 	}
 	$dbh = db_connect();
-	$q = "SELECT Username FROM Users WHERE ID = " . mysql_escape_string($id);
+	$q = "SELECT Username FROM Users WHERE ID = " . mysql_real_escape_string($id);
 	$result = db_query($q, $dbh);
 	if (!$result) {
 		return "None";
@@ -193,7 +193,7 @@ function username_from_sid($sid="") {
 	$q = "SELECT Username ";
 	$q.= "FROM Users, Sessions ";
 	$q.= "WHERE Users.ID = Sessions.UsersID ";
-	$q.= "AND Sessions.SessionID = '" . mysql_escape_string($sid) . "'";
+	$q.= "AND Sessions.SessionID = '" . mysql_real_escape_string($sid) . "'";
 	$result = db_query($q, $dbh);
 	if (!$result) {
 		return "";
@@ -213,7 +213,7 @@ function email_from_sid($sid="") {
 	$q = "SELECT Email ";
 	$q.= "FROM Users, Sessions ";
 	$q.= "WHERE Users.ID = Sessions.UsersID ";
-	$q.= "AND Sessions.SessionID = '" . mysql_escape_string($sid) . "'";
+	$q.= "AND Sessions.SessionID = '" . mysql_real_escape_string($sid) . "'";
 	$result = db_query($q, $dbh);
 	if (!$result) {
 		return "";
@@ -235,7 +235,7 @@ function account_from_sid($sid="") {
 	$q.= "FROM Users, AccountTypes, Sessions ";
 	$q.= "WHERE Users.ID = Sessions.UsersID ";
 	$q.= "AND AccountTypes.ID = Users.AccountTypeID ";
-	$q.= "AND Sessions.SessionID = '" . mysql_escape_string($sid) . "'";
+	$q.= "AND Sessions.SessionID = '" . mysql_real_escape_string($sid) . "'";
 	$result = db_query($q, $dbh);
 	if (!$result) {
 		return "";
@@ -255,7 +255,7 @@ function uid_from_sid($sid="") {
 	$q = "SELECT Users.ID ";
 	$q.= "FROM Users, Sessions ";
 	$q.= "WHERE Users.ID = Sessions.UsersID ";
-	$q.= "AND Sessions.SessionID = '" . mysql_escape_string($sid) . "'";
+	$q.= "AND Sessions.SessionID = '" . mysql_real_escape_string($sid) . "'";
 	$result = db_query($q, $dbh);
 	if (!$result) {
 		return 0;
@@ -329,7 +329,7 @@ function set_lang() {
 		$q = "SELECT LangPreference FROM Users, Sessions ";
 		$q.= "WHERE Users.ID = Sessions.UsersID ";
 		$q.= "AND Sessions.SessionID = '";
-		$q.= mysql_escape_string($_COOKIE["AURSID"])."'";
+		$q.= mysql_real_escape_string($_COOKIE["AURSID"])."'";
 		$result = db_query($q, $dbh);
 		if (!$result) {
 			$LANG = "en";
@@ -491,7 +491,7 @@ function can_overwrite_pkg($name="", $sid="") {
 	if (!$name || !$sid) {return 0;}
 	$dbh = db_connect();
 	$q = "SELECT SubmitterUID, MaintainerUID, AURMaintainerUID ";
-	$q.= "FROM Packages WHERE Name = '".mysql_escape_string($name)."'";
+	$q.= "FROM Packages WHERE Name = '".mysql_real_escape_string($name)."'";
 	$result = db_query($q, $dbh);
 	if (!$result) {return 0;}
 	$row = mysql_fetch_row($result);
@@ -561,7 +561,7 @@ function uid_from_username($username="")
 		return "";
 	}
 	$dbh = db_connect();
-	$q = "SELECT ID FROM Users WHERE Username = '".mysql_escape_string($username)
+	$q = "SELECT ID FROM Users WHERE Username = '".mysql_real_escape_string($username)
 				."'";
 	$result = db_query($q, $dbh);
 	if (!$result) {

web/lib/pkgfuncs.inc

@@ -125,7 +125,7 @@ function package_exists($name="") {
 	if (!$name) {return NULL;}
 	$dbh = db_connect();
 	$q = "SELECT ID FROM Packages ";
-	$q.= "WHERE Name = '".mysql_escape_string($name)."' ";
+	$q.= "WHERE Name = '".mysql_real_escape_string($name)."' ";
 	$q.= "AND DummyPkg = 0";
 	$result = db_query($q, $dbh);
 	if (!$result) {return NULL;}
@@ -141,7 +141,7 @@ function package_dependencies($pkgid=0) {
 		$dbh = db_connect();
 		$q = "SELECT DepPkgID, Name, DummyPkg, DepCondition FROM PackageDepends, Packages ";
 		$q.= "WHERE PackageDepends.DepPkgID = Packages.ID ";
-		$q.= "AND PackageDepends.PackageID = ".mysql_escape_string($pkgid);
+		$q.= "AND PackageDepends.PackageID = ".mysql_real_escape_string($pkgid);
 		$q.= " ORDER BY Name";
 		$result = db_query($q, $dbh);
 		if (!$result) {return array();}
@@ -161,14 +161,14 @@ function create_dummy($pname="", $sid="") {
 		if (!$uid) {return NULL;}
 		$dbh = db_connect();
 		$q = "SELECT ID FROM Packages WHERE Name = '";
-		$q.= mysql_escape_string($pname)."'";
+		$q.= mysql_real_escape_string($pname)."'";
 		$result = db_query($q, $dbh);
 		if (!mysql_num_rows($result)) {
 			# Insert the dummy
 			#
 			$q = "INSERT INTO Packages (Name, Description, URL, SubmittedTS, ";
 			$q.= "SubmitterUID, DummyPkg) VALUES ('";
-			$q.= mysql_escape_string($pname)."', 'A dummy package', '/#', ";
+			$q.= mysql_real_escape_string($pname)."', 'A dummy package', '/#', ";
 			$q.= "UNIX_TIMESTAMP(), ".$uid.", 1)";
 			$result = db_query($q, $dbh);
 			if (!$result) {
@@ -193,7 +193,7 @@ function package_comments($pkgid=0) {
 		$q = "SELECT PackageComments.ID, UserName, UsersID, Comments, CommentTS ";
 		$q.= "FROM PackageComments, Users ";
 		$q.= "WHERE PackageComments.UsersID = Users.ID";
-		$q.= " AND PackageID = ".mysql_escape_string($pkgid);
+		$q.= " AND PackageID = ".mysql_real_escape_string($pkgid);
 		$q.= " AND DelUsersID = 0"; # only display non-deleted comments
 		$q.= " ORDER BY CommentTS DESC";
 		$result = db_query($q, $dbh);
@@ -212,7 +212,7 @@ function package_sources($pkgid=0) {
 	if ($pkgid) {
 		$dbh = db_connect();
 		$q = "SELECT Source FROM PackageSources ";
-		$q.= "WHERE PackageID = ".mysql_escape_string($pkgid);
+		$q.= "WHERE PackageID = ".mysql_real_escape_string($pkgid);
 		$q.= " ORDER BY Source";
 		$result = db_query($q, $dbh);
 		if (!$result) {return array();}
@@ -234,7 +234,7 @@ function pkgvotes_from_sid($sid="") {
 	$q.= "FROM PackageVotes, Users, Sessions ";
 	$q.= "WHERE Users.ID = Sessions.UsersID ";
 	$q.= "AND Users.ID = PackageVotes.UsersID ";
-	$q.= "AND Sessions.SessionID = '".mysql_escape_string($sid)."'";
+	$q.= "AND Sessions.SessionID = '".mysql_real_escape_string($sid)."'";
 	$result = db_query($q, $dbh);
 	if ($result) {
 		while ($row = mysql_fetch_row($result)) {
@@ -901,10 +901,10 @@ function pkg_search_page($SID="") {
 		#search by maintainer
 		if ($_REQUEST["SeB"] == "m"){
 			if (!$has_where) {
-				$q.= "WHERE Username = '".mysql_escape_string($K)."' ";
+				$q.= "WHERE Username = '".mysql_real_escape_string($K)."' ";
 				$has_where = 1;
 			} else {
-				$q.= "AND Username = '".mysql_escape_string($K)."' ";
+				$q.= "AND Username = '".mysql_real_escape_string($K)."' ";
 			}
         } elseif ($_REQUEST["SeB"] == "s") {
 			if (!$has_where) {
@@ -916,12 +916,12 @@ function pkg_search_page($SID="") {
 		# the default behaivior, query the name/description
 		} else {
 			if (!$has_where) {
-				$q.= "WHERE (Name LIKE '%".mysql_escape_string($K)."%' OR ";
+				$q.= "WHERE (Name LIKE '%".mysql_real_escape_string($K)."%' OR ";
-				$q.= "Description LIKE '%".mysql_escape_string($K)."%') ";
+				$q.= "Description LIKE '%".mysql_real_escape_string($K)."%') ";
 				$has_where = 1;
 			} else {
-				$q.= "AND (Name LIKE '%".mysql_escape_string($K)."%' OR ";
+				$q.= "AND (Name LIKE '%".mysql_real_escape_string($K)."%' OR ";
-				$q.= "Description LIKE '%".mysql_escape_string($K)."%') ";
+				$q.= "Description LIKE '%".mysql_real_escape_string($K)."%') ";
 			}
 		}
 	}