diff --git a/interface/lib/classes/tform.inc.php b/interface/lib/classes/tform.inc.php
index 40736a33a33faa18ff25f4135a621c5581767dc5..2f5c08d0ab0a4176358b661e098e0cce3c9d730c 100644
--- a/interface/lib/classes/tform.inc.php
+++ b/interface/lib/classes/tform.inc.php
@@ -1048,6 +1048,8 @@ class tform {
 	function getSQL($record, $tab, $action = 'INSERT', $primary_id = 0, $sql_ext_where = '') {
 
 		global $app;
+		
+		$primary_id = $app->functions->intval($primary_id);
 
 		// If there are no data records on the tab, return empty sql string
 		if(count($this->formDef['tabs'][$tab]['fields']) == 0) return '';
@@ -1272,6 +1274,7 @@ class tform {
 	function getDataRecord($primary_id) {
 		global $app;
 		$escape = '`';
+		$primary_id = $app->functions->intval($primary_id);
 		$sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id." AND ".$this->getAuthSQL('r', $this->formDef['db_table']);
 		return $app->db->queryOneRecord($sql);
 	}
@@ -1285,6 +1288,11 @@ class tform {
 	}
 
 	function getAuthSQL($perm, $table = '') {
+		global $app;
+		
+		$perm = $app->db->quote($perm);
+		$table = $app->db->quote($table);
+		
 		if($_SESSION["s"]["user"]["typ"] == 'admin') {
 			return '1';
 		} else {
@@ -1309,6 +1317,7 @@ class tform {
 	function checkPerm($record_id, $perm) {
 		global $app;
 
+		$record_id = $app->functions->intval($record_id);
 		if($record_id > 0) {
 			// Add backticks for incomplete table names.
 			if(stristr($this->formDef['db_table'], '.')) {
@@ -1403,7 +1412,7 @@ class tform {
 		if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');
 
 		// Get the limits of the client that is currently logged in
-		$client_group_id = $_SESSION["s"]["user"]["default_group"];
+		$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
 		$client = $app->db->queryOneRecord("SELECT $limit_name as number, parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 		// Check if the user may add another item
@@ -1425,7 +1434,7 @@ class tform {
 		if($limit_name == '') $app->error('Limit name missing in function checkClientLimit.');
 
 		// Get the limits of the client that is currently logged in
-		$client_group_id = $_SESSION["s"]["user"]["default_group"];
+		$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
 		$client = $app->db->queryOneRecord("SELECT parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 		//* If the client belongs to a reseller, we will check against the reseller Limit too
diff --git a/interface/lib/classes/tform_actions.inc.php b/interface/lib/classes/tform_actions.inc.php
index 336d2fb5d08ac8db4240d54e4beb291da773742b..bb9e78e011d4a8254025fad791a0960dbd99db80 100644
--- a/interface/lib/classes/tform_actions.inc.php
+++ b/interface/lib/classes/tform_actions.inc.php
@@ -81,7 +81,7 @@ class tform_actions {
 
 		// check if the client is locked - he may not change anything, then.
 		if(!$app->auth->is_admin()) {
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT client.locked FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ".$app->functions->intval($client_group_id));
 			if(is_array($client) && $client['locked'] == 'y') {
 				$app->tform->errorMessage .= $app->lng("client_you_are_locked")."<br />";
diff --git a/interface/lib/classes/validate_client.inc.php b/interface/lib/classes/validate_client.inc.php
index 6bd001530d99b7d785f9a3dca8c9594deaaa147b..c6f2dcb2ec65a887c9d3a461f82d59fea713c7a1 100644
--- a/interface/lib/classes/validate_client.inc.php
+++ b/interface/lib/classes/validate_client.inc.php
@@ -53,7 +53,7 @@ class validate_client {
 				}
 			}
 		} else {
-			$num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM sys_user WHERE username = '".$app->db->quote($field_value)."' AND client_id != ".$client_id);
+			$num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM sys_user WHERE username = '".$app->db->quote($field_value)."' AND client_id != ".$app->functions->intval($client_id));
 			if($num_rec["number"] > 0) {
 				$errmsg = $validator['errmsg'];
 				if(isset($app->tform->wordbook[$errmsg])) {
diff --git a/interface/lib/classes/validate_dns.inc.php b/interface/lib/classes/validate_dns.inc.php
index 99ff6c5b4503c0312b352534fe67e9988d3218c4..413be16e987cef21798e35039a618d390b1ee8ec 100644
--- a/interface/lib/classes/validate_dns.inc.php
+++ b/interface/lib/classes/validate_dns.inc.php
@@ -104,7 +104,7 @@ class validate_dns {
 		}
 
 		if(substr($field, -1) == '.' && $area == 'Name'){
-			$soa = $app->db->queryOneRecord("SELECT * FROM soa WHERE id = ".$zoneid);
+			$soa = $app->db->queryOneRecord("SELECT * FROM soa WHERE id = ".intval($zoneid));
 			if(substr($field, (strlen($field) - strlen($soa['origin']))) != $soa['origin']) $error .= $desc." ".$app->tform->wordbook['error_out_of_zone']."<br>\r\n";
 		}
 
@@ -267,7 +267,7 @@ class validate_dns {
 		global $app, $conf;
 
 		// increase serial
-		$serial_date = substr($serial, 0, 8);
+		$serial_date = $app->functions->intval(substr($serial, 0, 8));
 		$count = $app->functions->intval(substr($serial, 8, 2));
 		$current_date = date("Ymd");
 		if($serial_date >= $current_date){
diff --git a/interface/lib/classes/validate_domain.inc.php b/interface/lib/classes/validate_domain.inc.php
index 3135c7a9d6191b6e96f809b2ae84500b8deb1001..988945df4c96caa4683b03b41d2cf48b3acc4e65 100644
--- a/interface/lib/classes/validate_domain.inc.php
+++ b/interface/lib/classes/validate_domain.inc.php
@@ -118,7 +118,7 @@ class validate_domain {
 
 		if($domain['ip_address'] == '' || $domain['ipv6_address'] == ''){
 			if($domain['parent_domain_id'] > 0){
-				$parent_domain = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$domain['parent_domain_id']);
+				$parent_domain = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($domain['parent_domain_id']));
 			}
 		}
 
@@ -217,7 +217,7 @@ class validate_domain {
 					// if alias/subdomain: check IP addresses of parent domain
 					if($check['ip_address'] == '' || $check['ipv6_address'] == ''){
 						if($check['parent_domain_id'] > 0){
-							$check_parent_domain = $app->db->queryOneRecord("SELECT * FROM `web_domain` WHERE `domain_id` = ".$check['parent_domain_id']);
+							$check_parent_domain = $app->db->queryOneRecord("SELECT * FROM `web_domain` WHERE `domain_id` = ".$app->functions->intval($check['parent_domain_id']));
 						}
 					}
 
@@ -282,7 +282,7 @@ class validate_domain {
 
 		if($_SESSION["s"]["user"]["typ"] != 'admin') {
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_wildcard FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			if($client["limit_wildcard"] == 'y') return true;
diff --git a/interface/web/dns/dns_a_edit.php b/interface/web/dns/dns_a_edit.php
index 99d0d992593a6c8d14c372e54163d6d0f21cf644..729c3c370ff2426937a72d26440ca3187725e7ab 100644
--- a/interface/web/dns/dns_a_edit.php
+++ b/interface/web/dns/dns_a_edit.php
@@ -57,7 +57,7 @@ class page_action extends tform_actions {
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
 
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
@@ -84,7 +84,7 @@ class page_action extends tform_actions {
 		// Check the client limits, if user is not the admin
 		if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
@@ -97,7 +97,7 @@ class page_action extends tform_actions {
 		} // end if user is not admin
 
 		//* Check for duplicates where IP and hostname are the same
-		$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_rr WHERE (type = 'A' AND name = '".$this->dataRecord["name"]."' AND zone = '".$this->dataRecord["zone"]."' and data = '".$this->dataRecord["data"]."' and id != ".$this->id.") OR (type = 'CNAME' AND name = '".$this->dataRecord["name"]."' AND zone = '".$this->dataRecord["zone"]."' and id != ".$this->id.")");
+		$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_rr WHERE (type = 'A' AND name = '".$app->db->quote($this->dataRecord["name"])."' AND zone = '".$app->db->quote($this->dataRecord["zone"])."' and data = '".$app->db->quote($this->dataRecord["data"])."' and id != ".$this->id.") OR (type = 'CNAME' AND name = '".$app->db->quote($this->dataRecord["name"])."' AND zone = '".$app->db->quote($this->dataRecord["zone"])."' and id != ".$this->id.")");
 		if($tmp['number'] > 0) $app->tform->errorMessage .= $app->tform->lng("data_error_duplicate")."<br>";
 		unset($tmp);
 
diff --git a/interface/web/dns/dns_aaaa_edit.php b/interface/web/dns/dns_aaaa_edit.php
index 02aea58cd8ccf94aa1ae9fae4574ebf1130e8140..ba7ae963a977b309e684ecbf129ca77934189ece 100644
--- a/interface/web/dns/dns_aaaa_edit.php
+++ b/interface/web/dns/dns_aaaa_edit.php
@@ -84,7 +84,7 @@ class page_action extends tform_actions {
 		// Check the client limits, if user is not the admin
 		if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
@@ -113,7 +113,7 @@ class page_action extends tform_actions {
 
 		//* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record
 		$soa = $app->db->queryOneRecord("SELECT sys_groupid,serial FROM dns_soa WHERE id = '".$app->functions->intval($this->dataRecord["zone"])."' AND ".$app->tform->getAuthSQL('r'));
-		$app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id);
+		$app->db->datalogUpdate('dns_rr', "sys_groupid = ".intval($soa['sys_groupid']), 'id', $this->id);
 
 		//* Update the serial number of the SOA record
 		$soa_id = $app->functions->intval($_POST["zone"]);
diff --git a/interface/web/dns/dns_alias_edit.php b/interface/web/dns/dns_alias_edit.php
index dc370a6420d527104783b35b0a6a52a1d6764a14..5613810e81c91ac1efeb6d00eb9935a354929814 100644
--- a/interface/web/dns/dns_alias_edit.php
+++ b/interface/web/dns/dns_alias_edit.php
@@ -57,7 +57,7 @@ class page_action extends tform_actions {
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
 
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
@@ -84,7 +84,7 @@ class page_action extends tform_actions {
 		// Check the client limits, if user is not the admin
 		if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
diff --git a/interface/web/dns/dns_cname_edit.php b/interface/web/dns/dns_cname_edit.php
index 5d9d19bfb625f00346c2db9b5e7bf4a6db314e01..8ab1e6be910a4570ad92f409cfb806a37a567dc7 100644
--- a/interface/web/dns/dns_cname_edit.php
+++ b/interface/web/dns/dns_cname_edit.php
@@ -57,7 +57,7 @@ class page_action extends tform_actions {
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
 
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
@@ -84,7 +84,7 @@ class page_action extends tform_actions {
 		// Check the client limits, if user is not the admin
 		if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
@@ -97,7 +97,7 @@ class page_action extends tform_actions {
 		} // end if user is not admin
 
 		//* Check for duplicates where IP and hostname are the same
-		$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_rr WHERE (type = 'A' AND name = '".$this->dataRecord["name"]."' AND zone = '".$this->dataRecord["zone"]."' and id != ".$this->id.") OR (type = 'CNAME' AND name = '".$this->dataRecord["name"]."' AND zone = '".$this->dataRecord["zone"]."' and id != ".$this->id.")");
+		$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_rr WHERE (type = 'A' AND name = '".$app->db->quote($this->dataRecord["name"])."' AND zone = '".$app->db->quote($this->dataRecord["zone"])."' and id != ".$this->id.") OR (type = 'CNAME' AND name = '".$app->db->quote($this->dataRecord["name"])."' AND zone = '".$app->db->quote($this->dataRecord["zone"])."' and id != ".$this->id.")");
 		if($tmp['number'] > 0) $app->tform->errorMessage .= $app->tform->lng("data_error_duplicate")."<br>";
 		unset($tmp);
 
diff --git a/interface/web/dns/dns_hinfo_edit.php b/interface/web/dns/dns_hinfo_edit.php
index 0c3f0045c961ff7dc00a9788a74ce70afc61e50a..ed25dccdb74d9c70dc1c1056bc8752bb026580b2 100644
--- a/interface/web/dns/dns_hinfo_edit.php
+++ b/interface/web/dns/dns_hinfo_edit.php
@@ -57,7 +57,7 @@ class page_action extends tform_actions {
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
 
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
@@ -84,7 +84,7 @@ class page_action extends tform_actions {
 		// Check the client limits, if user is not the admin
 		if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
diff --git a/interface/web/dns/dns_import.php b/interface/web/dns/dns_import.php
index b015453ff634f5957c868596b543527939e677b6..42d9fc3529cb99cb5880469e7277d9dde2f41f82 100644
--- a/interface/web/dns/dns_import.php
+++ b/interface/web/dns/dns_import.php
@@ -52,7 +52,7 @@ $domain = (isset($_POST['domain'])&&!empty($_POST['domain']))?$_POST['domain']:N
 if($_SESSION['s']['user']['typ'] == 'admin') {
 	$server_id = (isset($_POST['server_id']))?$app->functions->intval($_POST['server_id']):1;
 } else {
-	$client_group_id = $_SESSION["s"]["user"]["default_group"];
+	$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 	$client = $app->db->queryOneRecord("SELECT default_dnsserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 	$server_id = $client["default_dnsserver"];
 }
@@ -101,14 +101,14 @@ if($_SESSION['s']['user']['typ'] == 'admin') {
 if ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
 
 	// Get the limits of the client
-	$client_group_id = $_SESSION["s"]["user"]["default_group"];
+	$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 	$client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 
 	// load the list of clients
-	$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id'];
+	$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".intval($client['client_id']);
 	$clients = $app->db->queryAllRecords($sql);
-	$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$client['client_id']);
+	$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".intval($client['client_id']));
 	$client_select = '<option value="'.$tmp['groupid'].'">'.$client['contactname'].'</option>';
 	if(is_array($clients)) {
 		foreach( $clients as $client) {
@@ -648,7 +648,7 @@ if(isset($_FILES['file']['name']) && is_uploaded_file($_FILES['file']['tmp_name'
 			foreach($dns_rr as $rr)
 			{
 				$insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `zone`, `name`, `type`, `data`, `aux`, `ttl`, `active`) VALUES
-				('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$dns_soa_id', '$rr[name]', '$rr[type]', '$rr[data]', '$rr[aux]', '$rr[ttl]', 'Y')";
+				('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$dns_soa_id', '".$app->db->quote($rr['name'])."', '".$app->db->quote($rr['type'])."', '".$app->db->quote($rr['data'])."', '".$app->db->quote($rr['aux'])."', '".$app->db->quote($rr['ttl'])."', 'Y')";
 				$dns_rr_id = $app->db->datalogInsert('dns_rr', $insert_data, 'id');
 			}
 		}
diff --git a/interface/web/dns/dns_mx_edit.php b/interface/web/dns/dns_mx_edit.php
index a839f70ffd493cf952784739018448e877b45b71..7f41b784506128664217b66dbdf7311961e91637 100644
--- a/interface/web/dns/dns_mx_edit.php
+++ b/interface/web/dns/dns_mx_edit.php
@@ -57,7 +57,7 @@ class page_action extends tform_actions {
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
 
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
@@ -84,7 +84,7 @@ class page_action extends tform_actions {
 		// Check the client limits, if user is not the admin
 		if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
@@ -112,7 +112,7 @@ class page_action extends tform_actions {
 		global $app, $conf;
 
 		// Check if record is existing already
-		$duplicate_mx = $app->db->queryOneRecord("SELECT * FROM dns_rr WHERE zone = ".$app->functions->intval($this->dataRecord["zone"])." AND name = '".$this->dataRecord["name"]."' AND type = '".$this->dataRecord["type"]."' AND data = '".$this->dataRecord["data"]."' AND ".$app->tform->getAuthSQL('r'));
+		$duplicate_mx = $app->db->queryOneRecord("SELECT * FROM dns_rr WHERE zone = ".$app->functions->intval($this->dataRecord["zone"])." AND name = '".$app->db->quote($this->dataRecord["name"])."' AND type = '".$app->db->quote($this->dataRecord["type"])."' AND data = '".$app->db->quote($this->dataRecord["data"])."' AND ".$app->tform->getAuthSQL('r'));
 
 		if(is_array($duplicate_mx) && !empty($duplicate_mx)) $app->error($app->tform->wordbook["duplicate_mx_record_txt"]);
 
@@ -123,7 +123,7 @@ class page_action extends tform_actions {
 		global $app, $conf;
 
 		// Check if record is existing already
-		$duplicate_mx = $app->db->queryOneRecord("SELECT * FROM dns_rr WHERE zone = ".$app->functions->intval($this->dataRecord["zone"])." AND name = '".$this->dataRecord["name"]."' AND type = '".$this->dataRecord["type"]."' AND data = '".$this->dataRecord["data"]."' AND id != ".$app->functions->intval($this->dataRecord["id"])." AND ".$app->tform->getAuthSQL('r'));
+		$duplicate_mx = $app->db->queryOneRecord("SELECT * FROM dns_rr WHERE zone = ".$app->functions->intval($this->dataRecord["zone"])." AND name = '".$app->db->quote($this->dataRecord["name"])."' AND type = '".$app->db->quote($this->dataRecord["type"])."' AND data = '".$app->db->quote($this->dataRecord["data"])."' AND id != ".$app->functions->intval($this->dataRecord["id"])." AND ".$app->tform->getAuthSQL('r'));
 
 		if(is_array($duplicate_mx) && !empty($duplicate_mx)) $app->error($app->tform->wordbook["duplicate_mx_record_txt"]);
 
diff --git a/interface/web/dns/dns_ns_edit.php b/interface/web/dns/dns_ns_edit.php
index 31df6ef339bcb9d83a9ec42520617d6cc1a6a554..b61254dac722a9fb308cc309c6050b8d150cd85c 100644
--- a/interface/web/dns/dns_ns_edit.php
+++ b/interface/web/dns/dns_ns_edit.php
@@ -57,7 +57,7 @@ class page_action extends tform_actions {
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
 
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
@@ -84,7 +84,7 @@ class page_action extends tform_actions {
 		// Check the client limits, if user is not the admin
 		if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
diff --git a/interface/web/dns/dns_ptr_edit.php b/interface/web/dns/dns_ptr_edit.php
index 323d76c4cba9aff92ec10aba4135f3db5d66505a..4e26f226ed2eb2566195a203c70351974b272a53 100644
--- a/interface/web/dns/dns_ptr_edit.php
+++ b/interface/web/dns/dns_ptr_edit.php
@@ -57,7 +57,7 @@ class page_action extends tform_actions {
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
 
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
@@ -84,7 +84,7 @@ class page_action extends tform_actions {
 		// Check the client limits, if user is not the admin
 		if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
diff --git a/interface/web/dns/dns_rp_edit.php b/interface/web/dns/dns_rp_edit.php
index a4f81a046dec6290486cf07e987c295f7d458557..62bf1a9ac6e4ac96de247e7c22c116327efedb76 100644
--- a/interface/web/dns/dns_rp_edit.php
+++ b/interface/web/dns/dns_rp_edit.php
@@ -84,7 +84,7 @@ class page_action extends tform_actions {
 		// Check the client limits, if user is not the admin
 		if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
diff --git a/interface/web/dns/dns_slave_edit.php b/interface/web/dns/dns_slave_edit.php
index a9688044fa6ab4f596bd8069be0293f8d98a7c90..ecf825d321654cf253f4f84b75fab4af1c8186d8 100644
--- a/interface/web/dns/dns_slave_edit.php
+++ b/interface/web/dns/dns_slave_edit.php
@@ -87,7 +87,7 @@ class page_action extends tform_actions {
 		} else if($app->auth->has_clients($_SESSION['s']['user']['userid'])) {
 
 				// Get the limits of the client
-				$client_group_id = $_SESSION["s"]["user"]["default_group"];
+				$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 				$client = $app->db->queryOneRecord("SELECT client.client_id, sys_group.name, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 				// Fill the client select field
@@ -122,7 +122,7 @@ class page_action extends tform_actions {
 
 		if($_SESSION["s"]["user"]["typ"] != 'admin') {
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_slave_zone, default_slave_dnsserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// When the record is updated
@@ -150,7 +150,7 @@ class page_action extends tform_actions {
 		if(strlen($this->dataRecord["origin"]) > 0 && substr($this->dataRecord["origin"], -1, 1) != '.') $this->dataRecord["origin"] .= '.';
 
 		//* Check if a primary zone with the same name already exists
-		$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_soa WHERE origin = \"".$this->dataRecord["origin"]."\" AND server_id= \"".$this->dataRecord["server_id"]."\"");
+		$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_soa WHERE origin = \"".$app->db->quote($this->dataRecord["origin"])."\" AND server_id= \"".$app->db->quote($this->dataRecord["server_id"])."\"");
 		if($tmp["number"] > 0) {
 			$app->error($app->tform->wordbook["origin_error_unique"]);
 		}
@@ -162,7 +162,7 @@ class page_action extends tform_actions {
 		global $app, $conf;
 
 		// Check if record is existing already
-		$duplicate_slave = $app->db->queryOneRecord("SELECT * FROM dns_slave WHERE origin = '".$this->dataRecord["origin"]."' AND server_id = ".$app->functions->intval($this->dataRecord["server_id"])." AND ".$app->tform->getAuthSQL('r'));
+		$duplicate_slave = $app->db->queryOneRecord("SELECT * FROM dns_slave WHERE origin = '".$app->db->quote($this->dataRecord["origin"])."' AND server_id = ".$app->functions->intval($this->dataRecord["server_id"])." AND ".$app->tform->getAuthSQL('r'));
 
 		if(is_array($duplicate_slave) && !empty($duplicate_slave)) $app->error($app->tform->wordbook["origin_error_unique"]);
 
diff --git a/interface/web/dns/dns_soa_edit.php b/interface/web/dns/dns_soa_edit.php
index 94ce065fa86d3b15564e6cd233e0887dba426817..93407d38cfb93941d183fc6de966662dd3c17965 100644
--- a/interface/web/dns/dns_soa_edit.php
+++ b/interface/web/dns/dns_soa_edit.php
@@ -97,7 +97,7 @@ class page_action extends tform_actions {
 		} else if($app->auth->has_clients($_SESSION['s']['user']['userid'])) {
 
 				// Get the limits of the client
-				$client_group_id = $_SESSION["s"]["user"]["default_group"];
+				$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 				$client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 				// Fill the client select field
@@ -132,7 +132,7 @@ class page_action extends tform_actions {
 
 		if($_SESSION["s"]["user"]["typ"] != 'admin') {
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_zone, default_dnsserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// When the record is updated
@@ -177,7 +177,7 @@ class page_action extends tform_actions {
 		$this->dataRecord["also_notify"] = preg_replace('/\s+/', '', $this->dataRecord["also_notify"]);
 
 		//* Check if a secondary zone with the same name already exists
-		$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_slave WHERE origin = \"".$this->dataRecord["origin"]."\" AND server_id = \"".$this->dataRecord["server_id"]."\"");
+		$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM dns_slave WHERE origin = \"".$app->db->quote($this->dataRecord["origin"])."\" AND server_id = \"".$app->db->quote($this->dataRecord["server_id"])."\"");
 		if($tmp["number"] > 0) {
 			$app->error($app->tform->wordbook["origin_error_unique"]);
 		}
diff --git a/interface/web/dns/dns_srv_edit.php b/interface/web/dns/dns_srv_edit.php
index a382e617848b654a91d144b5e66e81ac29477d20..e2d0beae209d0a46f6c15655b94eb1078c0a78e2 100644
--- a/interface/web/dns/dns_srv_edit.php
+++ b/interface/web/dns/dns_srv_edit.php
@@ -57,7 +57,7 @@ class page_action extends tform_actions {
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
 
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
diff --git a/interface/web/dns/dns_txt_edit.php b/interface/web/dns/dns_txt_edit.php
index 2bacd357629417f7c5b8e30fc7db895872d02bc6..ca5b8384c5e1dbd2f7e25831723ec908235964dd 100644
--- a/interface/web/dns/dns_txt_edit.php
+++ b/interface/web/dns/dns_txt_edit.php
@@ -57,7 +57,7 @@ class page_action extends tform_actions {
 		if($_SESSION["s"]["user"]["typ"] == 'user') {
 
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
@@ -84,7 +84,7 @@ class page_action extends tform_actions {
 		// Check the client limits, if user is not the admin
 		if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin
 			// Get the limits of the client
-			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 			$client = $app->db->queryOneRecord("SELECT limit_dns_record FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Check if the user may add another mailbox.
diff --git a/interface/web/dns/dns_wizard.php b/interface/web/dns/dns_wizard.php
index e51c76dd2ca99b5c0272a06fb93f658fad844d26..ad6fda9a13d13d0fe88b12b3334625c00fce7687 100644
--- a/interface/web/dns/dns_wizard.php
+++ b/interface/web/dns/dns_wizard.php
@@ -49,9 +49,9 @@ $sys_groupid = (isset($_POST['client_group_id']))?$app->functions->intval($_POST
 if($_SESSION['s']['user']['typ'] == 'admin') {
 	$server_id = (isset($_POST['server_id']))?$app->functions->intval($_POST['server_id']):1;
 } else {
-	$client_group_id = $_SESSION["s"]["user"]["default_group"];
+	$client_group_id = intval($_SESSION["s"]["user"]["default_group"]);
 	$client = $app->db->queryOneRecord("SELECT default_dnsserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-	$server_id = $client["default_dnsserver"];
+	$server_id = intval($client["default_dnsserver"]);
 }
 
 
@@ -105,7 +105,7 @@ if ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSIO
 	// load the list of clients
 	$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id'];
 	$clients = $app->db->queryAllRecords($sql);
-	$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$client['client_id']);
+	$tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".intval($client['client_id']));
 	$client_select = '<option value="'.$tmp['groupid'].'">'.$client['contactname'].'</option>';
 	if(is_array($clients)) {
 		foreach( $clients as $client) {