6 files changed, 24 insertions, 35 deletions

diff --git a/themes/elegant/admin/admin.inc.php b/themes/elegant/admin/admin.inc.php
index bbb03c1c7..7f68dc072 100644
--- a/themes/elegant/admin/admin.inc.php
+++ b/themes/elegant/admin/admin.inc.php
@@ -14,8 +14,7 @@ if(isset($_POST['submit_elegant']))
   $config_send['p_pict_descr']=(isset($_POST['p_pict_descr']) and !empty($_POST['p_pict_descr'])) ? $_POST['p_pict_descr'] : 'on';
   $config_send['p_pict_comment']=(isset($_POST['p_pict_comment']) and !empty($_POST['p_pict_comment'])) ? $_POST['p_pict_comment'] : 'off';
   
-  $conf['elegant'] = serialize($config_send);
-  conf_update_param('elegant', pwg_db_real_escape_string($conf['elegant']));
+  conf_update_param('elegant', $config_send, true);
 
   array_push($page['infos'], l10n('Information data registered in database'));
 }
@@ -23,7 +22,7 @@ if(isset($_POST['submit_elegant']))
 $template->set_filenames(array(
     'theme_admin_content' => dirname(__FILE__) . '/admin.tpl'));
 
-$template->assign('options', unserialize($conf['elegant']));
+$template->assign('options', safe_unserialize($conf['elegant']));
 
 $template->assign_var_from_handle('ADMIN_CONTENT', 'theme_admin_content');
   
diff --git a/themes/elegant/admin/upgrade.inc.php b/themes/elegant/admin/upgrade.inc.php
index 6cda1318a..b07fb4768 100644
--- a/themes/elegant/admin/upgrade.inc.php
+++ b/themes/elegant/admin/upgrade.inc.php
@@ -11,21 +11,18 @@ if (!isset($conf['elegant']))
     'p_pict_descr' => 'on', //on - off - disabled
     'p_pict_comment' => 'off', //on - off - disabled
   );
-  $query = "
-INSERT INTO " . CONFIG_TABLE . " (param,value,comment)
-VALUES ('elegant' , '".pwg_db_real_escape_string(serialize($config))."' , 'p_main_menu#');";
-  pwg_query($query);
-  load_conf_from_db();
+  
+  conf_update_param('elegant', $config, true);
 }
-elseif (count(unserialize( $conf['elegant'] ))!=3)
+elseif (count(safe_unserialize( $conf['elegant'] ))!=3)
 {
-  $conff=unserialize($conf['elegant']);
+  $conff = safe_unserialize($conf['elegant']);
   $config = array(
     'p_main_menu' => (isset($conff['p_main_menu'])) ? $conff['p_main_menu'] :'on',
     'p_pict_descr' => (isset($conff['p_pict_descr'])) ? $conff['p_pict_descr'] :'on',
     'p_pict_comment' => (isset($conff['p_pict_comment'])) ? $conff['p_pict_comment'] :'off',
   );
-  conf_update_param('elegant', pwg_db_real_escape_string(serialize($config)));
-  load_conf_from_db();
+  
+  conf_update_param('elegant', $config, true);
 }
 ?>
\ No newline at end of file
diff --git a/themes/smartpocket/admin/admin.inc.php b/themes/smartpocket/admin/admin.inc.php
index a5a9300c4..6b2069837 100644
--- a/themes/smartpocket/admin/admin.inc.php
+++ b/themes/smartpocket/admin/admin.inc.php
@@ -13,8 +13,7 @@ if(isset($_POST['submit_smartpocket']))
   $config_send['loop'] = isset($_POST['loop']);
   $config_send['autohide'] = (isset($_POST['autohide']) ? 5000 : 0);
   
-  $conf['smartpocket'] = serialize($config_send);
-  conf_update_param('smartpocket', pwg_db_real_escape_string($conf['smartpocket']));
+  conf_update_param('smartpocket', $config_send, true);
 
   array_push($page['infos'], l10n('Information data registered in database'));
 }
@@ -22,7 +21,7 @@ if(isset($_POST['submit_smartpocket']))
 $template->set_filenames(array(
     'theme_admin_content' => dirname(__FILE__) . '/admin.tpl'));
 
-$template->assign('options', unserialize($conf['smartpocket']));
+$template->assign('options', safe_unserialize($conf['smartpocket']));
 
 $template->assign_var_from_handle('ADMIN_CONTENT', 'theme_admin_content');
   
diff --git a/themes/smartpocket/admin/maintain.inc.php b/themes/smartpocket/admin/maintain.inc.php
index d3beb4873..92fe7b1e3 100644
--- a/themes/smartpocket/admin/maintain.inc.php
+++ b/themes/smartpocket/admin/maintain.inc.php
@@ -14,27 +14,25 @@ class smartpocket_maintain extends ThemeMaintain
 
     if (empty($conf['smartpocket']))
     {
-      $conf['smartpocket'] = serialize($this->default_conf);
-      $query = "
-  INSERT INTO " . CONFIG_TABLE . " (param,value,comment)
-  VALUES ('smartpocket' , '".pwg_db_real_escape_string($conf['smartpocket'])."' , 'loop#autohide');";
-      pwg_query($query);
+      conf_update_param('smartpocket', $this->default_conf, true);
     }
-    elseif (count(unserialize( $conf['smartpocket'] ))!=2)
+    elseif (count(safe_unserialize($conf['smartpocket'])) != 2)
     {
-      $conff=unserialize($conf['smartpocket']);
+      $conff = safe_unserialize($conf['smartpocket']);
+      
       $config = array(
         'loop' => (!empty($conff['loop'])) ? $conff['loop'] :true,
         'autohide' => (!empty($conff['autohide'])) ? $conff['autohide'] :5000,
       );
-      conf_update_param('smartpocket', pwg_db_real_escape_string(serialize($config)));
-      load_conf_from_db();
+      
+      conf_update_param('smartpocket', $config, true);
     }
     $this->installed = true;
   }
 
   function deactivate()
-  { }
+  {
+  }
 
   function delete()
   {
diff --git a/themes/smartpocket/admin/upgrade.inc.php b/themes/smartpocket/admin/upgrade.inc.php
index 1e1925d77..53e4e1aae 100644
--- a/themes/smartpocket/admin/upgrade.inc.php
+++ b/themes/smartpocket/admin/upgrade.inc.php
@@ -10,20 +10,16 @@ if (!isset($conf['smartpocket']))
     'loop' => true,//true - false
     'autohide' => 5000,//5000 - 0
   );
-  $query = "
-INSERT INTO " . CONFIG_TABLE . " (param,value,comment)
-VALUES ('smartpocket' , '".pwg_db_real_escape_string(serialize($config))."' , 'loop#autohide');";
-  pwg_query($query);
-  load_conf_from_db();
+
+  conf_update_param('smartpocket', $config, true);
 }
-elseif (count(unserialize( $conf['smartpocket'] ))!=2)
+elseif (count(safe_unserialize($conf['smartpocket'])) != 2)
 {
-  $conff=unserialize($conf['smartpocket']);
+  $conff = safe_unserialize($conf['smartpocket']);
   $config = array(
     'loop' => (!empty($conff['loop'])) ? $conff['loop'] :true,
     'autohide' => (!empty($conff['autohide'])) ? $conff['autohide'] :5000,
   );
-  conf_update_param('smartpocket', pwg_db_real_escape_string(serialize($config)));
-  load_conf_from_db();
+  conf_update_param('smartpocket', $config, true);
 }
 ?>
\ No newline at end of file
diff --git a/themes/smartpocket/themeconf.inc.php b/themes/smartpocket/themeconf.inc.php
index 83ffd505e..419e7a68b 100644
--- a/themes/smartpocket/themeconf.inc.php
+++ b/themes/smartpocket/themeconf.inc.php
@@ -109,7 +109,7 @@ add_event_handler('init', 'mobile_link');
 function mobile_link()

 {

   global $template, $conf;

-  $config = unserialize( $conf['smartpocket'] );

+  $config = safe_unserialize( $conf['smartpocket'] );

   $template->assign( 'smartpocket', $config );

   if ( !empty($conf['mobile_theme']) && (get_device() != 'desktop' || mobile_theme()))

   {