diff --git a/lib/classes/database/class.Database.php b/lib/classes/database/class.Database.php
index fef3002f..ea3a3516 100644
--- a/lib/classes/database/class.Database.php
+++ b/lib/classes/database/class.Database.php
@@ -239,7 +239,8 @@ class Database {
 			self::$_sqldata = array(
 					'user' => $user,
 					'passwd' => $password,
-					'host' => $host
+					'host' => $host,
+					'db' => $sql["db"]
 			);
 		}
 
diff --git a/lib/functions/database/function.correctMysqlUsers.php b/lib/functions/database/function.correctMysqlUsers.php
index 9bbd7db4..10e38457 100644
--- a/lib/functions/database/function.correctMysqlUsers.php
+++ b/lib/functions/database/function.correctMysqlUsers.php
@@ -17,75 +17,91 @@
  *
  */
 
-function correctMysqlUsers($mysql_access_host_array)
-{
-	global $db, $settings, $sql, $sql_root, $theme;
-	
-	foreach($sql_root as $mysql_server => $mysql_server_details)
-	{
-		$db_root = new db($mysql_server_details['host'], $mysql_server_details['user'], $mysql_server_details['password'], '');
-		unset($mysql_server_details['password']);
+function correctMysqlUsers($mysql_access_host_array) {
+
+	global $settings;
+
+	// get sql-root access data
+	Database::needRoot(true);
+	Database::needSqlData(true);
+	$sql_root = Database::getSqlData();
+	Database::needRoot(false);
+
+	foreach ($sql_root as $mysql_server => $mysql_server_details) {
+
+		Database::needRoot(true);
 
 		$users = array();
-		$users_result = $db_root->query('SELECT * FROM `mysql`.`user`');
+		$users_result_stmt = Database::query("SELECT * FROM `mysql`.`user`");
 
-		while($users_row = $db_root->fetch_array($users_result))
-		{
-			if(!isset($users[$users_row['User']])
-			   || !is_array($users[$users_row['User']]))
-			{
+		while ($users_row = $users_result_stmt->fetch(PDO::FETCH_ASSOC)) {
+			if (!isset($users[$users_row['User']])
+					|| !is_array($users[$users_row['User']])
+			) {
 				$users[$users_row['User']] = array(
-					'password' => $users_row['Password'],
-					'hosts' => array()
+						'password' => $users_row['Password'],
+						'hosts' => array()
 				);
 			}
-
 			$users[$users_row['User']]['hosts'][] = $users_row['Host'];
 		}
 
 		$databases = array(
-			$sql['db']
+				$sql_root['db']
 		);
-		$databases_result = $db->query('SELECT * FROM `' . TABLE_PANEL_DATABASES . '` WHERE `dbserver` = \'' . $mysql_server . '\'');
+		$databases_result_stmt = Database::prepare("
+			SELECT * FROM `" . TABLE_PANEL_DATABASES . "`
+			WHERE `dbserver` = :mysqlserver
+		");
+		Database::pexecute($databases_result_stmt, array('mysqlserver' => $mysql_server));
 
-		while($databases_row = $db->fetch_array($databases_result))
-		{
+		while ($databases_row = $databases_result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$databases[] = $databases_row['databasename'];
 		}
 
-		foreach($databases as $username)
-		{
-			if(isset($users[$username])
-			   && is_array($users[$username])
-			   && isset($users[$username]['hosts'])
-			   && is_array($users[$username]['hosts']))
-			{
+		foreach ($databases as $username) {
+
+			if (isset($users[$username])
+					&& is_array($users[$username])
+					&& isset($users[$username]['hosts'])
+					&& is_array($users[$username]['hosts'])
+			) {
+
 				$password = $users[$username]['password'];
-				foreach($mysql_access_host_array as $mysql_access_host)
-				{
+
+				foreach ($mysql_access_host_array as $mysql_access_host) {
+
 					$mysql_access_host = trim($mysql_access_host);
 
-					if(!in_array($mysql_access_host, $users[$username]['hosts']))
-					{
-						$db_root->query('GRANT ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($username)) . '`.* TO `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '` IDENTIFIED BY \'password\'');
-						$db_root->query('SET PASSWORD FOR `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '` = \'' . $db_root->escape($password) . '\'');
+					if (!in_array($mysql_access_host, $users[$username]['hosts'])) {
+						$stmt = Database::prepare("GRANT ALL PRIVILEGES ON `" . $username . "`.*
+							TO :username@:host
+							IDENTIFIED BY 'password'"
+						);
+						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host));
+						$stmt = Database::prepare("SET PASSWORD FOR :username@:host = :password");
+						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host, "password" => $password));
 					}
 				}
 
-				foreach($users[$username]['hosts'] as $mysql_access_host)
-				{
-					if(!in_array($mysql_access_host, $mysql_access_host_array))
-					{
-						$db_root->query('REVOKE ALL PRIVILEGES ON * . * FROM `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '`');
-						$db_root->query('REVOKE ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($username)) . '` . * FROM `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '`');
-						$db_root->query('DELETE FROM `mysql`.`user` WHERE `User` = "' . $db_root->escape($username) . '" AND `Host` = "' . $db_root->escape($mysql_access_host) . '"');
+				foreach ($users[$username]['hosts'] as $mysql_access_host) {
+
+					if (!in_array($mysql_access_host, $mysql_access_host_array)) {
+
+						if (Database::getAttribute(PDO::ATTR_SERVER_VERSION) < '5.0.2') {
+							// Revoke privileges (only required for MySQL 4.1.2 - 5.0.1)
+							$stmt = Database::prepare("REVOKE ALL PRIVILEGES ON * . * FROM `". $username . "`@`".$mysql_access_host."`");
+							Database::pexecute($stmt);
+						}
+						// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
+						$stmt = Database::prepare("DROP USER :username@:host");
+						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host));
 					}
 				}
 			}
 		}
 
-		$db_root->query('FLUSH PRIVILEGES');
-		$db_root->close();
-		unset($db_root);
+		Database::query('FLUSH PRIVILEGES');
+		Database::needRoot(false);
 	}
 }