diff -r 1.8.1/ajax/api.php 1.8.1-mod/ajax/api.php 5a6,7 > global $wpdb; > 9c11 < $params[$key] = mysql_real_escape_string(stripslashes(trim($val))); --- > $params[$key] = mysql_real_escape_string(stripslashes(trim($val)), $wpdb->dbh); diff -r 1.8.1/ajax/misc.php 1.8.1-mod/ajax/misc.php 4a5 > global $wpdb; 8c9 < ${$key} = mysql_real_escape_string(stripslashes(trim($val))); --- > ${$key} = mysql_real_escape_string(stripslashes(trim($val)), $wpdb->dbh); diff -r 1.8.1/ajax/package.php 1.8.1-mod/ajax/package.php 3a4 > global $wpdb; 124c125 < $val[$k] = mysql_real_escape_string($v); --- > $val[$k] = mysql_real_escape_string($v, $wpdb->dbh); 141c142 < $fieldval[$k] = mysql_real_escape_string($v); --- > $fieldval[$k] = mysql_real_escape_string($v, $wpdb->dbh); 180c181 < $val[$k] = mysql_real_escape_string($v); --- > $val[$k] = mysql_real_escape_string($v, $wpdb->dbh); 202c203 < $val[$k] = mysql_real_escape_string($v); --- > $val[$k] = mysql_real_escape_string($v, $wpdb->dbh); 224c225 < $val[$k] = mysql_real_escape_string($v); --- > $val[$k] = mysql_real_escape_string($v, $wpdb->dbh); diff -r 1.8.1/core/Pod.class.php 1.8.1-mod/core/Pod.class.php 297c297,298 < $helper = mysql_real_escape_string(trim($helper)); --- > global $wpdb; > $helper = mysql_real_escape_string(trim($helper), $wpdb->dbh); 459a461 > global $wpdb; 473c475 < $val = mysql_real_escape_string(trim($_GET['search'])); --- > $val = mysql_real_escape_string(trim($_GET['search']), $wpdb->dbh); 495c497 < $val = mysql_real_escape_string(trim($_GET[$field_name])); --- > $val = mysql_real_escape_string(trim($_GET[$field_name]), $wpdb->dbh); diff -r 1.8.1/core/PodAPI.class.php 1.8.1-mod/core/PodAPI.class.php 376a377 > global $wpdb; 438c439 < $val = mysql_real_escape_string(stripslashes(trim($_POST[$key]))); --- > $val = mysql_real_escape_string(stripslashes(trim($_POST[$key])), $wpdb->dbh); 531c532 < $name = mysql_real_escape_string(trim($name)); --- > $name = mysql_real_escape_string(trim($name), $wpdb->dbh); 930a932 > global $wpdb; 1012c1014 < $set_data[] = mysql_real_escape_string(trim($field_value)); --- > $set_data[] = mysql_real_escape_string(trim($field_value), $wpdb->dbh); 1025c1027 < $pod_name = mysql_real_escape_string(trim($data_row['name'])); --- > $pod_name = mysql_real_escape_string(trim($data_row['name']), $wpdb->dbh); diff -r 1.8.1/core/functions.php 1.8.1-mod/core/functions.php 104a105 > global $wpdb; 132c133 < $output = mysql_real_escape_string(trim($input)); --- > $output = mysql_real_escape_string(trim($input), $wpdb->dbh); diff -r 1.8.1/core/manage_content.php 1.8.1-mod/core/manage_content.php 3a4 > global $wpdb; 231c232 < $where[] = "t.name = '" . mysql_real_escape_string(trim($dtname)) . "'"; --- > $where[] = "t.name = '" . mysql_real_escape_string(trim($dtname), $wpdb->dbh) . "'"; 236c237 < $where[] = "p.name LIKE '%" . mysql_real_escape_string(trim($_GET['keywords'])) . "%'"; --- > $where[] = "p.name LIKE '%" . mysql_real_escape_string(trim($_GET['keywords']), $wpdb->dbh) . "%'"; diff -r 1.8.1/init.php 1.8.1-mod/init.php 298a299 > global $wpdb; 303c304 < $uri = mysql_real_escape_string($uri); --- > $uri = mysql_real_escape_string($uri, $wpdb->dbh); diff -r 1.8.1/sql/update.php 1.8.1-mod/sql/update.php 3a4 > global $wpdb; 36c37 < ${$key} = mysql_real_escape_string(trim($val)); --- > ${$key} = mysql_real_escape_string(trim($val), $wpdb->dbh); 68a70 > global $wpdb; 89c91 < ${$key} = mysql_real_escape_string($val); --- > ${$key} = mysql_real_escape_string($val, $wpdb->dbh);