diff --git a/html/includes/graphs/bgp/auth.inc.php b/html/includes/graphs/bgp/auth.inc.php
index 11f3f7ccff..80ed0913ae 100644
--- a/html/includes/graphs/bgp/auth.inc.php
+++ b/html/includes/graphs/bgp/auth.inc.php
@@ -3,7 +3,7 @@
if (is_numeric($id))
{
- $data = mysql_fetch_assoc(mysql_query("SELECT * FROM bgpPeers WHERE bgpPeer_id = '".$id."'"));
+ $data = dbFetchRow("SELECT * FROM bgpPeers WHERE bgpPeer_id = ?", array($id));
if (is_numeric($data['device_id']) && ($config['allow_unauth_graphs'] || device_permitted($data['device_id'])))
{
diff --git a/html/includes/graphs/bill/auth.inc.php b/html/includes/graphs/bill/auth.inc.php
index ed6d17827b..5e8b8d7ffa 100644
--- a/html/includes/graphs/bill/auth.inc.php
+++ b/html/includes/graphs/bill/auth.inc.php
@@ -6,27 +6,14 @@ include("../includes/billing.php");
if (is_numeric($_GET['id']) && ($config['allow_unauth_graphs'] || bill_permitted($_GET['id'])))
{
- $bill_query = mysql_query("SELECT * FROM `bills` WHERE bill_id = '".mres($_GET['id'])."'");
- $bill = mysql_fetch_assoc($bill_query);
-
-# $day_data = getDates($bill['bill_day']);
-# $datefrom = $day_data['0'];
-# $dateto = $day_data['1'];
-
-#print_r($day_data);
-
-
- $datefrom = date('YmdHis', $_GET['from']);
- $dateto = date('YmdHis', $_GET['to']);
-
-
+ $bill = dbFetchRow("SELECT * FROM `bills` WHERE bill_id = ?", array($_GET['id']));
+ $datefrom = date('YmdHis', $_GET['from']);
+ $dateto = date('YmdHis', $_GET['to']);
$rates = getRates($_GET['id'], $datefrom, $dateto);
- $ports = mysql_query("SELECT * FROM `bill_ports` AS B, `ports` AS P, `devices` AS D
- WHERE B.bill_id = '".mres($_GET['id'])."' AND P.interface_id = B.port_id
- AND D.device_id = P.device_id");
+ $ports = dbFetchRows("SELECT * FROM `bill_ports` AS B, `ports` AS P, `devices` AS D WHERE B.bill_id = ? AND P.interface_id = B.port_id AND D.device_id = P.device_id", array($_GET['id']));
$auth = TRUE;
}
diff --git a/html/includes/graphs/cefswitching/auth.inc.php b/html/includes/graphs/cefswitching/auth.inc.php
index 07e2bc92b5..0696b7b451 100644
--- a/html/includes/graphs/cefswitching/auth.inc.php
+++ b/html/includes/graphs/cefswitching/auth.inc.php
@@ -2,8 +2,7 @@
if (is_numeric($id))
{
- $query = mysql_query("SELECT * FROM `cef_switching` AS C, `devices` AS D WHERE C.cef_switching_id = '".$id."' AND C.device_id = D.device_id");
- $cef = mysql_fetch_assoc($query);
+ $cef = dbFetchRow("SELECT * FROM `cef_switching` AS C, `devices` AS D WHERE C.cef_switching_id = ? AND C.device_id = D.device_id", array($id));
if (is_numeric($cef['device_id']) && ($config['allow_unauth_graphs'] || device_permitted($cef['device_id'])))
{
diff --git a/html/includes/graphs/device/auth.inc.php b/html/includes/graphs/device/auth.inc.php
index 461a774f37..f176c97bf5 100644
--- a/html/includes/graphs/device/auth.inc.php
+++ b/html/includes/graphs/device/auth.inc.php
@@ -7,4 +7,4 @@ if (is_numeric($id) && ($config['allow_unauth_graphs'] || device_permitted($id))
$auth = TRUE;
}
-?>
\ No newline at end of file
+?>
diff --git a/html/includes/graphs/diskio/auth.inc.php b/html/includes/graphs/diskio/auth.inc.php
index 07eacb4250..97b5485c93 100644
--- a/html/includes/graphs/diskio/auth.inc.php
+++ b/html/includes/graphs/diskio/auth.inc.php
@@ -2,8 +2,7 @@
if (is_numeric($id))
{
- $query = mysql_query("SELECT * FROM `ucd_diskio` AS U, `devices` AS D WHERE U.diskio_id = '".$id."' AND U.device_id = D.device_id");
- $disk = mysql_fetch_assoc($query);
+ $disk = dbFetchRow("SELECT * FROM `ucd_diskio` AS U, `devices` AS D WHERE U.diskio_id = ? AND U.device_id = D.device_id", array($id));
if (is_numeric($disk['device_id']) && ($config['allow_unauth_graphs'] || device_permitted($disk['device_id'])))
{
@@ -17,4 +16,4 @@ if (is_numeric($id))
}
}
-?>
\ No newline at end of file
+?>
diff --git a/html/includes/graphs/macaccounting/auth.inc.php b/html/includes/graphs/macaccounting/auth.inc.php
index 7aa3ece809..111a08b924 100644
--- a/html/includes/graphs/macaccounting/auth.inc.php
+++ b/html/includes/graphs/macaccounting/auth.inc.php
@@ -3,10 +3,7 @@
if (is_numeric($id))
{
- $query = mysql_query("SELECT * FROM `mac_accounting` AS M, `ports` AS I, `devices` AS D WHERE M.ma_id = '".mres($id)."'
- AND I.interface_id = M.interface_id AND I.device_id = D.device_id");
-
- $acc = mysql_fetch_assoc($query);
+ $acc = dbFetchRow("SELECT * FROM `mac_accounting` AS M, `ports` AS I, `devices` AS D WHERE M.ma_id = ? AND I.interface_id = M.interface_id AND I.device_id = D.device_id", array($id));
if (($config['allow_unauth_graphs'] || port_permitted($acc['interface_id']))
&& is_file($config['rrd_dir'] . "/" . $acc['hostname'] . "/" . safename("cip-" . $acc['ifIndex'] . "-" . $acc['mac'] . ".rrd")))
@@ -19,8 +16,6 @@ if (is_numeric($id))
$title .= " :: Port ".generate_port_link($port);
$title .= " :: " . formatMac($acc['mac']);
$auth = TRUE;
-
}
-
}
?>
diff --git a/html/includes/graphs/mempool/auth.inc.php b/html/includes/graphs/mempool/auth.inc.php
index 7c64cd9bca..03f35a93be 100755
--- a/html/includes/graphs/mempool/auth.inc.php
+++ b/html/includes/graphs/mempool/auth.inc.php
@@ -2,8 +2,7 @@
if (is_numeric($id))
{
- $sql = mysql_query("SELECT * FROM `mempools` AS C, `devices` AS D where C.`mempool_id` = '".mres($id)."' AND C.device_id = D.device_id");
- $mempool = mysql_fetch_assoc($sql);
+ $mempool = dbFetchRow("SELECT * FROM `mempools` AS C, `devices` AS D where C.`mempool_id` = ? AND C.device_id = D.device_id", array($id));
if (is_numeric($mempool['device_id']) && ($config['allow_unauth_graphs'] || device_permitted($mempool['device_id'])))
{
@@ -15,4 +14,4 @@ if (is_numeric($id))
}
}
-?>
\ No newline at end of file
+?>
diff --git a/html/includes/graphs/processor/auth.inc.php b/html/includes/graphs/processor/auth.inc.php
index 7e2d79686e..5c19b8ee78 100755
--- a/html/includes/graphs/processor/auth.inc.php
+++ b/html/includes/graphs/processor/auth.inc.php
@@ -1,7 +1,6 @@
\ No newline at end of file
+?>
diff --git a/html/includes/graphs/sensor/auth.inc.php b/html/includes/graphs/sensor/auth.inc.php
index c16346dfab..21b5205c07 100644
--- a/html/includes/graphs/sensor/auth.inc.php
+++ b/html/includes/graphs/sensor/auth.inc.php
@@ -2,7 +2,7 @@
if (is_numeric($id))
{
- $sensor = mysql_fetch_assoc(mysql_query("SELECT * FROM sensors WHERE sensor_id = '".mres($id)."'"));
+ $sensor = dbFetchRow("SELECT * FROM sensors WHERE sensor_id = ?", array($id));
if (is_numeric($sensor['device_id']) && ($config['allow_unauth_graphs'] || device_permitted($sensor['device_id'])))
{
diff --git a/html/includes/graphs/service/auth.inc.php b/html/includes/graphs/service/auth.inc.php
index c7849f8b79..dab7d313e7 100644
--- a/html/includes/graphs/service/auth.inc.php
+++ b/html/includes/graphs/service/auth.inc.php
@@ -2,7 +2,7 @@
if (is_numeric($id))
{
- $service = mysql_fetch_assoc(mysql_query("SELECT * FROM services WHERE service_id = '".mres($id)."'"));
+ $service = dbFetchRow("SELECT * FROM services WHERE service_id = ?", array($id));
if (is_numeric($service['device_id']) && ($config['allow_unauth_graphs'] || device_permitted($service['device_id'])))
{
@@ -17,4 +17,4 @@ if (is_numeric($id))
}
}
-?>
\ No newline at end of file
+?>
diff --git a/html/includes/graphs/storage/auth.inc.php b/html/includes/graphs/storage/auth.inc.php
index 21a466fd4a..c2038c6972 100755
--- a/html/includes/graphs/storage/auth.inc.php
+++ b/html/includes/graphs/storage/auth.inc.php
@@ -2,8 +2,7 @@
if (is_numeric($id))
{
- $sql = mysql_query("SELECT * FROM `storage` WHERE `storage_id` = '".mres($id)."'");
- $storage = mysql_fetch_assoc($sql);
+ $storage = dbFetchRow("SELECT * FROM `storage` WHERE `storage_id` = ?", array($id));
if (is_numeric($storage['device_id']) && ($config['allow_unauth_graphs'] || device_permitted($storage['device_id'])))
{
@@ -16,4 +15,4 @@ if (is_numeric($id))
}
}
-?>
\ No newline at end of file
+?>