migrated traffic-cron and cron-usage-report to new PDO database class, refs #1287

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
2013-11-18 11:59:16 +01:00
parent e2ca3873a8
commit ca38e20345
3 changed files with 461 additions and 312 deletions
--- a/scripts/jobs/cron_traffic.php
+++ b/scripts/jobs/cron_traffic.php
@@ -17,128 +17,118 @@
 *
 */
-//Check Traffic-Lock
+// Check Traffic-Lock
-if(function_exists('pcntl_fork')) {
+if (function_exists('pcntl_fork')) {
-	$TrafficLock = dirname($lockfile)."/froxlor_cron_traffic.lock";
+	$TrafficLock = makeCorrectFile(dirname($lockfile)."/froxlor_cron_traffic.lock");
-	if(file_exists($TrafficLock) &&  is_numeric($TrafficPid=file_get_contents($TrafficLock))) {
+	if (file_exists($TrafficLock)
-		if(function_exists('posix_kill')) {
+		&& is_numeric($TrafficPid=file_get_contents($TrafficLock))
 	) {
 		if (function_exists('posix_kill')) {
 			$TrafficPidStatus = @posix_kill($TrafficPid,0);
-		}
+		} else {
 		else {
 			system("kill -CHLD " . $TrafficPid . " 1> /dev/null 2> /dev/null", $TrafficPidStatus);
 			$TrafficPidStatus = $TrafficPidStatus ? false : true;
 		}
-		if($TrafficPidStatus) {
+		if ($TrafficPidStatus) {
 			fwrite($debugHandler,"Traffic Run already in progress\n");
 			return 1;
 		}
 	}
-	//Create Traffic Log and Fork
+	// Create Traffic Log and Fork
 	// We close the database - connection before we fork, so we don't share resources with the child
-	$db->close();
+	Database::needRoot(false); // this forces the connection to be set to null
 	unset($db);
 	$TrafficPid = pcntl_fork();
-	if($TrafficPid) { //Parent
+	// Parent
-		file_put_contents($TrafficLock,$TrafficPid);
+	if ($TrafficPid) {
-		// Recreate the database - connection
+		file_put_contents($TrafficLock, $TrafficPid);
-		require ($pathtophpfiles . '/lib/userdata.inc.php');
+		// unnecessary to recreate database connection here
 		if(isset($sql['root_user']) && isset($sql['root_password']) && (!isset($sql_root) || !is_array($sql_root))) {
 			$sql_root = array(0 => array('caption' => 'Default', 'host' => $sql['host'], 'user' => $sql['root_user'], 'password' => $sql['root_password']));
 			unset($sql['root_user']);
 			unset($sql['root_password']);
 		}
 		$db = new db($sql['host'], $sql['user'], $sql['password'], $sql['db']);
 		return 0;
 	}
-	elseif($TrafficPid == 0) { //Child
+	//Child
 	elseif ($TrafficPid == 0) {
 		posix_setsid();
 		fclose($debugHandler);
-		$debugHandler = fopen("/tmp/froxlor_traffic.log","w");
+		$debugHandler = fopen("/tmp/froxlor_traffic.log", "w");
-		require ($pathtophpfiles . '/lib/userdata.inc.php'); //There is no bloody reason not to have sql values in the backend ready!
+		// re-create db
-		if(isset($sql['root_user']) && isset($sql['root_password']) && (!isset($sql_root) || !is_array($sql_root))) {
+		Database::needRoot(false);
 			$sql_root = array(0 => array('caption' => 'Default', 'host' => $sql['host'], 'user' => $sql['root_user'], 'password' => $sql['root_password']));
 			unset($sql['root_user']);
 			unset($sql['root_password']);
 		}
 		$db = new db($sql['host'], $sql['user'], $sql['password'], $sql['db']); //database handler renewal after fork()
 	}
-	else { //Fork failed
+	//Fork failed
 	else {
 		return 1;
 	}
-}
+
-else {
+} else {
 	fwrite($debugHandler,"PHP compiled without pcntl. Not forking traffic-cron, this may take a long time!");
 }
-openRootDB($debugHandler, $lockfile);
+
-require_once(makeCorrectFile(dirname(__FILE__) . '/cron_traffic.inc.functions.php'));
+require_once makeCorrectFile(dirname(__FILE__) . '/cron_traffic.inc.functions.php');
 /**
 * TRAFFIC AND DISKUSAGE MESSURE
 */
 fwrite($debugHandler, 'Traffic run started...' . "\n");
 $admin_traffic = array();
 $domainlist = array();
 $speciallogfile_domainlist = array();
-$result_domainlist = $db->query("SELECT `id`, `domain`, `customerid`, `parentdomainid`, `speciallogfile` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `aliasdomain` IS NULL AND `email_only` <> '1' ;");
+$result_domainlist_stmt = Database::query("
 	SELECT `id`, `domain`, `customerid`, `parentdomainid`, `speciallogfile`
 	FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `aliasdomain` IS NULL AND `email_only` <> '1';
 ");
-while($row_domainlist = $db->fetch_array($result_domainlist))
+while ($row_domainlist = $result_domainlist_stmt->fetch(PDO::FETCH_ASSOC)) {
-{
+
-	if(!isset($domainlist[$row_domainlist['customerid']]))
+	if (!isset($domainlist[$row_domainlist['customerid']])) {
 	{
 		$domainlist[$row_domainlist['customerid']] = array();
 	}
 	$domainlist[$row_domainlist['customerid']][$row_domainlist['id']] = $row_domainlist['domain'];
-	if($row_domainlist['parentdomainid'] == '0'
+	if ($row_domainlist['parentdomainid'] == '0'
-	   && $row_domainlist['speciallogfile'] == '1')
+		&& $row_domainlist['speciallogfile'] == '1'
-	{
+	) {
-		if(!isset($speciallogfile_domainlist[$row_domainlist['customerid']]))
+		if (!isset($speciallogfile_domainlist[$row_domainlist['customerid']])) {
 		{
 			$speciallogfile_domainlist[$row_domainlist['customerid']] = array();
 		}
 		$speciallogfile_domainlist[$row_domainlist['customerid']][$row_domainlist['id']] = $row_domainlist['domain'];
 	}
 }
 $mysqlusage_all = array();
-$databases = $db->query("SELECT * FROM " . TABLE_PANEL_DATABASES . " ORDER BY `dbserver`");
+$databases_stmt = Database::query("SELECT * FROM " . TABLE_PANEL_DATABASES . " ORDER BY `dbserver`");
 $db_root = new db($sql_root[0]['host'], $sql_root[0]['user'], $sql_root[0]['password'], '');
 $last_dbserver = 0;
 $databases_list = array();
-$databases_list_result = $db_root->query("show databases");
+Database::needRoot(true);
-while ($databases_list_row = $db->fetch_array($databases_list_result)) {
+$databases_list_result_stmt = Database::query("SHOW DATABASES");
 while ($databases_list_row = $databases_list_result_stmt->fetch(PDO::FETCH_ASSOC)) {
 	$databases_list[] = strtolower($databases_list_row['Database']);
 }
-while ($row_database = $db->fetch_array($databases)) {
+while ($row_database = $databases_stmt->fetch(PDO::FETCH_ASSOC)) {
 	if ($last_dbserver != $row_database['dbserver']) {
-		$db_root->close();
+		Database::needRoot(true, $row_database['dbserver']);
 		$db_root = new db($sql_root[$row_database['dbserver']]['host'], $sql_root[$row_database['dbserver']]['user'], $sql_root[$row_database['dbserver']]['password'], '');
 		$last_dbserver = $row_database['dbserver'];
 		$database_list = array();
-		$databases_list_result = $db_root->query("show databases");
+		$databases_list_result_stmt = Database::query("SHOW DATABASES");
-		while ($databases_list_row = $db->fetch_array($databases_list_result)) {
+		while ($databases_list_row = $databases_list_result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$databases_list[] = strtolower($databases_list_row['Database']);
 		}
 	}
 	if (in_array(strtolower($row_database['databasename']), $databases_list)) {
 		// sum up data_length and index_length
-		$mysql_usage_result = $db_root->query("
+		$mysql_usage_result_stmt = Database::prepare("
 			SELECT SUM(data_length + index_length) AS customerusage
 			FROM information_schema.TABLES
-			WHERE table_schema = '" . $db_root->escape($row_database['databasename']) . "'
+			WHERE table_schema = :database
 			GROUP BY table_schema;
 		");
 		// get the result
-		$mysql_usage_row = $db_root->fetch_array($mysql_usage_result);
+		$mysql_usage_row = Database::pexecute_first($mysql_usage_result_stmt, array('database' => $row_database['databasename']));
 		// initialize counter for customer
 		if (!isset($mysqlusage_all[$row_database['customerid']])) {
 			$mysqlusage_all[$row_database['customerid']] = 0;
@@ -150,20 +140,19 @@ while ($row_database = $db->fetch_array($databases)) {
 	}
 }
-$db_root->close();
+Database::needRoot(false);
 // We are using the file-system quota, this will speed up the diskusage - collection
 if ($settings['system']['diskquota_enabled']) {
 	$usedquota = getFilesystemQuota();
 }
-$result = $db->query("SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` ORDER BY `customerid` ASC");
+$result_stmt = Database::query("SELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "` ORDER BY `customerid` ASC");
-while ($row = $db->fetch_array($result)) {
+while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 	/**
 	 * HTTP-Traffic
 	 */
 	fwrite($debugHandler, 'http traffic for ' . $row['loginname'] . ' started...' . "\n");
 	$httptraffic = 0;
@@ -220,40 +209,17 @@ while ($row = $db->fetch_array($result)) {
 		// make the stuff readable for the customer, #258
 		makeChownWithNewStats($row);
 		/**
 		 * Webalizer/AWStats might run for some time, so we'd better check if our database is still present
 		 */
 		if (empty($db->link_id)
 		   || $db->link_id === false
 		) {
 			fwrite($debugHandler, 'Database-connection seems to be down, trying to reconnect' . "\n");
 			// just in case
 			$db->close();
 			require_once ($pathtophpfiles . '/lib/userdata.inc.php');
 			$db = new db($sql['host'], $sql['user'], $sql['password'], $sql['db']);
 			if ($db->link_id == 0) {
 				fclose($debugHandler);
 				unlink($lockfile);
 				$cronlog->logAction(CRON_ACTION, LOG_ERR, 'Database-connection crashed during traffic-cronjob, could not reconnect!');
 				die('Froxlor can\'t connect to mysqlserver. Exiting...');
 			}
 			fwrite($debugHandler, 'Database-connection re-established' . "\n");
 			unset($sql);
 			$cronlog->logAction(CRON_ACTION, LOG_WARNING, 'Database-connection crashed during traffic-cronjob, reconnected!');
 		}
 	}
 	/**
 	 * FTP-Traffic
 	 */
 	fwrite($debugHandler, 'ftp traffic for ' . $row['loginname'] . ' started...' . "\n");
-	$ftptraffic = $db->query_first("SELECT SUM(`up_bytes`) AS `up_bytes_sum`, SUM(`down_bytes`) AS `down_bytes_sum` FROM `" . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int)$row['customerid'] . "'");
+	$ftptraffic_stmt = Database::prepare("
 		SELECT SUM(`up_bytes`) AS `up_bytes_sum`, SUM(`down_bytes`) AS `down_bytes_sum`
 		FROM `" . TABLE_FTP_USERS . "` WHERE `customerid` = :customerid
 	");
 	$ftptraffic = Database::pexecute_first($ftptraffic_stmt, array('customerid' => $row['customerid']));
 	if (!is_array($ftptraffic)) {
 		$ftptraffic = array(
@@ -262,18 +228,19 @@ while ($row = $db->fetch_array($result)) {
 		);
 	}
-	$db->query("UPDATE `" . TABLE_FTP_USERS . "` SET `up_bytes`='0', `down_bytes`='0' WHERE `customerid`='" . (int)$row['customerid'] . "'");
+	$upd_stmt = Database::prepare("
 		UPDATE `" . TABLE_FTP_USERS . "` SET `up_bytes` = '0', `down_bytes` = '0' WHERE `customerid` = :customerid
 	");
 	Database::pexecute($upd_stmt, array('customerid' => $row['customerid']));
 	/**
 	 * Mail-Traffic
 	 */
 	$mailtraffic = 0;
 	/**
 	 * Total Traffic
 	 */
 	fwrite($debugHandler, 'total traffic for ' . $row['loginname'] . ' started' . "\n");
 	$current_traffic = array();
 	$current_traffic['http'] = floatval($httptraffic);
@@ -281,13 +248,42 @@ while ($row = $db->fetch_array($result)) {
 	$current_traffic['ftp_down'] = floatval(($ftptraffic['down_bytes_sum'] / 1024));
 	$current_traffic['mail'] = floatval($mailtraffic);
 	$current_traffic['all'] = $current_traffic['http'] + $current_traffic['ftp_up'] + $current_traffic['ftp_down'] + $current_traffic['mail'];
-	$db->query("INSERT INTO `" . TABLE_PANEL_TRAFFIC . "` (`customerid`, `year`, `month`, `day`, `stamp`, `http`, `ftp_up`, `ftp_down`, `mail`) VALUES('" . (int)$row['customerid'] . "', '" . date('Y') . "', '" . date('m') . "', '" . date('d') . "', '" . time() . "', '" . (float)$current_traffic['http'] . "', '" . (float)$current_traffic['ftp_up'] . "', '" . (float)$current_traffic['ftp_down'] . "', '" . (float)$current_traffic['mail'] . "')");
+
-	$sum_month_traffic = $db->query_first("SELECT SUM(`http`) AS `http`, SUM(`ftp_up`) AS `ftp_up`, SUM(`ftp_down`) AS `ftp_down`, SUM(`mail`) AS `mail` FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE `year`='" . date('Y') . "' AND `month`='" . date('m') . "' AND `customerid`='" . (int)$row['customerid'] . "'");
+	$ins_data = array(
 		'customerid' => $row['customerid'],
 		'year' => date('Y', time()),
 		'month' => date('m', time()),
 		'day' => date('d', time()),
 		'stamp' => $time(),
 		'http' => $current_traffic['http'],
 		'ftp_up' => $current_traffic['ftp_up'],
 		'ftp_down' => $current_traffic['ftp_down'],
 		'mail' => $current_traffic['mail']
 	);
 	$ins_stmt = Database::prepare("
 		INSERT INTO `" . TABLE_PANEL_TRAFFIC . "` SET
 		`customerid` = :customerid,
 		`year` = :year,
 		`month` = :month,
 		`day` = :day,
 		`stamp` = :stamp,
 		`http` = :http,
 		`ftp_up` = :ftp_up,
 		`ftp_down` = :ftp_down,
 		`mail` = :mail
 	");
 	Database::pexecute($ins_stmt, $ins_data);
 	$sum_month_traffic_stmt = Database::prepare("
 		SELECT SUM(`http`) AS `http`, SUM(`ftp_up`) AS `ftp_up`, SUM(`ftp_down`) AS `ftp_down`, SUM(`mail`) AS `mail`
 		FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE `year` = :year AND `month` = :month AND `customerid` = :customerid
 	");
 	$sum_month_traffic = Database::pexecute_first($sum_month_traffic_stmt, array('year' => date('Y', time()), 'month' => date('m', time()), 'customerid' => $row['customerid']));
 	$sum_month_traffic['all'] = $sum_month_traffic['http'] + $sum_month_traffic['ftp_up'] + $sum_month_traffic['ftp_down'] + $sum_month_traffic['mail'];
-	if(!isset($admin_traffic[$row['adminid']])
+	if (!isset($admin_traffic[$row['adminid']])
-	   || !is_array($admin_traffic[$row['adminid']]))
+		|| !is_array($admin_traffic[$row['adminid']])
-	{
+	) {
 		$admin_traffic[$row['adminid']]['http'] = 0;
 		$admin_traffic[$row['adminid']]['ftp_up'] = 0;
 		$admin_traffic[$row['adminid']]['ftp_down'] = 0;
@@ -306,32 +302,32 @@ while ($row = $db->fetch_array($result)) {
 	/**
 	 * WebSpace-Usage
 	 */
 	fwrite($debugHandler, 'calculating webspace usage for ' . $row['loginname'] . "\n");
 	$webspaceusage = 0;
-	# Using repquota, it's faster using this tool than using du traversing the complete directory
+	// Using repquota, it's faster using this tool than using du traversing the complete directory
-	if ($settings['system']['diskquota_enabled'] && isset($usedquota[$row['guid']]['block']['used']) && $usedquota[$row['guid']]['block']['used'] >= 1)
+	if ($settings['system']['diskquota_enabled']
-	{
+		&& isset($usedquota[$row['guid']]['block']['used'])
-		# We may use the array we created earlier, the used diskspace is stored in [<guid>][block][used]
+		&& $usedquota[$row['guid']]['block']['used'] >= 1
 	) {
 		// We may use the array we created earlier, the used diskspace is stored in [<guid>][block][used]
 		$webspaceusage = floatval($usedquota[$row['guid']]['block']['used']);
-	}
+
-	else
+	} else {
-	{
+
-		# Use the old fashioned way with "du"
+		// Use the old fashioned way with "du"
-		if(file_exists($row['documentroot']) && is_dir($row['documentroot']))
+		if (file_exists($row['documentroot'])
-		{
+			&& is_dir($row['documentroot'])
 		) {
 			$back = safe_exec('du -sk ' . escapeshellarg($row['documentroot']) . '');
-			foreach($back as $backrow)
+			foreach ($back as $backrow) {
 			{
 				$webspaceusage = explode(' ', $backrow);
 			}
 			$webspaceusage = floatval($webspaceusage['0']);
 			unset($back);
-		}
+
-		else
+		} else {
 		{
 			fwrite($debugHandler, 'documentroot ' . $row['documentroot'] . ' does not exist' . "\n");
 		}
 	}
@@ -339,36 +335,30 @@ while ($row = $db->fetch_array($result)) {
 	/**
 	 * MailSpace-Usage
 	 */
 	fwrite($debugHandler, 'calculating mailspace usage for ' . $row['loginname'] . "\n");
 	$emailusage = 0;
 	$maildir = makeCorrectDir($settings['system']['vmail_homedir'] . $row['loginname']);
-	if(file_exists($maildir) && is_dir($maildir))
+	if (file_exists($maildir) && is_dir($maildir)) {
 	{
 		$back = safe_exec('du -sk ' . escapeshellarg($maildir) . '');
-		foreach($back as $backrow)
+		foreach ($back as $backrow) {
 		{
 			$emailusage = explode(' ', $backrow);
 		}
 		$emailusage = floatval($emailusage['0']);
 		unset($back);
-	}
+
-	else
+	} else {
 	{
 		fwrite($debugHandler, 'maildir ' . $maildir . ' does not exist' . "\n");
 	}
 	/**
 	 * MySQLSpace-Usage
 	 */
 	fwrite($debugHandler, 'calculating mysqlspace usage for ' . $row['loginname'] . "\n");
 	$mysqlusage = 0;
-	if(isset($mysqlusage_all[$row['customerid']]))
+	if (isset($mysqlusage_all[$row['customerid']])) {
 	{
 		$mysqlusage = floatval($mysqlusage_all[$row['customerid']] / 1024);
 	}
@@ -377,11 +367,33 @@ while ($row = $db->fetch_array($result)) {
 	$current_diskspace['mail'] = floatval($emailusage);
 	$current_diskspace['mysql'] = floatval($mysqlusage);
 	$current_diskspace['all'] = $current_diskspace['webspace'] + $current_diskspace['mail'] + $current_diskspace['mysql'];
 	$db->query("INSERT INTO `" . TABLE_PANEL_DISKSPACE . "` (`customerid`, `year`, `month`, `day`, `stamp`, `webspace`, `mail`, `mysql`) VALUES('" . (int)$row['customerid'] . "', '" . date('Y') . "', '" . date('m') . "', '" . date('d') . "', '" . time() . "', '" . (float)$current_diskspace['webspace'] . "', '" . (float)$current_diskspace['mail'] . "', '" . (float)$current_diskspace['mysql'] . "')");
-	if(!isset($admin_diskspace[$row['adminid']])
+	$ins_data = array(
-	   || !is_array($admin_diskspace[$row['adminid']]))
+		'customerid' => $row['customerid'],
-	{
+		'year' => date('Y', time()),
 		'month' => date('m', time()),
 		'day' => date('d', time()),
 		'stamp' => time(),
 		'webspace' => $current_diskspace['webspace'],
 		'mail' => $current_diskspace['mail'],
 		'mysql' => $current_diskspace['mysql']
 	);
 	$ins_stmt = Database::preapre("
 		INSERT INTO `" . TABLE_PANEL_DISKSPACE . "` SET
 		`customerid` = :customerid,
 		`year` = :year,
 		`month` = :month,
 		`day` = :day,
 		`stamp` = :stamp,
 		`webspace` = :webspace,
 		`mail` = :mail,
 		`mysql` = :mysql
 	");
 	Database::pexecute($ins_stmt, $ins_data);
 	if (!isset($admin_diskspace[$row['adminid']])
 		|| !is_array($admin_diskspace[$row['adminid']])
 	) {
 		$admin_diskspace[$row['adminid']] = array();
 		$admin_diskspace[$row['adminid']]['webspace'] = 0;
 		$admin_diskspace[$row['adminid']]['mail'] = 0;
@@ -397,45 +409,64 @@ while ($row = $db->fetch_array($result)) {
 	/**
 	 * Total Usage
 	 */
-
+	if ($settings['system']['backup_count'] == 0
-	if($settings['system']['backup_count'] == 0 && file_exists($settings['system']['backup_dir'] . $row['loginname'])){
+		&& file_exists($settings['system']['backup_dir'] . $row['loginname'])
 	) {
 		$backupsize = exec('du -s ' . escapeshellarg($settings['system']['backup_dir']) . $row['loginname'] . '');
-                $diskusage = floatval($webspaceusage + $emailusage + $mysqlusage - $backupsize);
+		$diskusage = floatval($webspaceusage + $emailusage + $mysqlusage - $backupsize);
-        }
+	} else {
        else{
 		$diskusage = floatval($webspaceusage + $emailusage + $mysqlusage);
-        }
+	}
-	$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `diskspace_used`='" . (float)$current_diskspace['all'] . "', `traffic_used`='" . (float)$sum_month_traffic['all'] . "' WHERE `customerid`='" . (int)$row['customerid'] . "'");
+	$upd_data = array(
 		'diskspace' => $current_diskspace['all'],
 		'traffic' => $sum_month_traffic['all'],
 		'customerid' => $row['customerid']
 	);
 	$upd_stmt = Database::prepare("
 		UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET
 		`diskspace_used` = :diskspace,
 		`traffic_used` = :traffic
 		WHERE `customerid` = :customerid
 	");
 	Database::pexecute($upd_stmt, $upd_data);
 	/**
 	 * Proftpd Quota
 	 */
-
+	$upd_data = array(
-	$db->query("UPDATE `" . TABLE_FTP_QUOTATALLIES . "` SET `bytes_in_used`='" . (float)$current_diskspace['all'] . "'*1024 WHERE `name` = '" . $row['loginname'] . "' OR `name` LIKE '" . $row['loginname'] . $settings['customer']['ftpprefix'] . "%'");
+		'biu' => ($current_diskspace['all'] * 1024),
 		'loginname' => $row['loginname'],
 		'loginnamelike' => $row['loginname'] . $settings['customer']['ftpprefix'] . "%"
 	);
 	$upd_stmt = Database::prepare("
 		UPDATE `" . TABLE_FTP_QUOTATALLIES . "` SET
 		`bytes_in_used` = :biu WHERE `name` = :loginname OR `name` LIKE :loginnamelike
 	");
 	Database::pexecute($upd_stmt, $upd_data);
 	/**
 	 * Pureftpd Quota
 	 */
 	if ($settings['system']['ftpserver'] == "pureftpd") {
-	if($settings['system']['ftpserver'] == "pureftpd")
+		$result_quota_stmt = Database::prepare("
-	{
+			SELECT homedir FROM `" . TABLE_FTP_USERS . "` WHERE customerid = :customerid
-		$result_quota = $db->query("SELECT homedir FROM `" . TABLE_FTP_USERS . "` WHERE customerid = '" . $row['customerid'] . "'");
+		");
 		Database::pexecute($result_quota_stmt, array('customerid' => $row['customerid']));
-	        // get correct user
+		// get correct user
-	        if($settings['system']['mod_fcgid'] == 1 && $row['deactivated'] == '0')
+		if ($settings['system']['mod_fcgid'] == 1
-	        {
+			&& $row['deactivated'] == '0'
-        	        $user = $row['loginname'];
+		) {
-	                $group = $row['loginname'];
+			$user = $row['loginname'];
-	        }
+			$group = $row['loginname'];
-	        else
+		} else {
-	        {
+			$user = $row['guid'];
-	                $user = $row['guid'];
+			$group = $row['guid'];
-	                $group = $row['guid'];
+		}
 	        }
-		while($row_quota = $db->fetch_array($result_quota))
+		while ($row_quota = $result_quota_stmt->fetch(PDO::FETCH_ASSOC)) {
 		{
 			$quotafile = "" . $row_quota['homedir'] . ".ftpquota";
 			$fh = fopen($quotafile, 'w');
 			$stringdata = "0 " . $current_diskspace['all']*1024 . "";
@@ -449,27 +480,88 @@ while ($row = $db->fetch_array($result)) {
 /**
 * Admin Usage
 */
 $result_stmt = Database::query("SELECT `adminid` FROM `" . TABLE_PANEL_ADMINS . "` ORDER BY `adminid` ASC");
-$result = $db->query("SELECT `adminid` FROM `" . TABLE_PANEL_ADMINS . "` ORDER BY `adminid` ASC");
+while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-while($row = $db->fetch_array($result))
+	if (isset($admin_traffic[$row['adminid']])) {
-{
+
-	if(isset($admin_traffic[$row['adminid']]))
+		$ins_data = array(
-	{
+			'adminid' => $row['adminid'],
-		$db->query("INSERT INTO `" . TABLE_PANEL_TRAFFIC_ADMINS . "` (`adminid`, `year`, `month`, `day`, `stamp`, `http`, `ftp_up`, `ftp_down`, `mail`) VALUES('" . (int)$row['adminid'] . "', '" . date('Y') . "', '" . date('m') . "', '" . date('d') . "', '" . time() . "', '" . (float)$admin_traffic[$row['adminid']]['http'] . "', '" . (float)$admin_traffic[$row['adminid']]['ftp_up'] . "', '" . (float)$admin_traffic[$row['adminid']]['ftp_down'] . "', '" . (float)$admin_traffic[$row['adminid']]['mail'] . "')");
+			'year' => date('Y', time()),
-		$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `traffic_used`='" . (float)$admin_traffic[$row['adminid']]['sum_month'] . "' WHERE `adminid`='" . (float)$row['adminid'] . "'");
+			'month' => date('m', time()),
 			'day' => date('d', time()),
 			'stamp' => $time(),
 			'http' => $admin_traffic[$row['adminid']]['http'],
 			'ftp_up' => $admin_traffic[$row['adminid']]['ftp_up'],
 			'ftp_down' => $admin_traffic[$row['adminid']]['ftp_down'],
 			'mail' => $admin_traffic[$row['adminid']]['mail']
 		);
 		$ins_stmt = Database::prepare("
 			INSERT INTO `" . TABLE_PANEL_TRAFFIC_ADMINS . "` SET
 			`adminid` = :adminid,
 			`year` = :year,
 			`month` = :month,
 			`day` = :day,
 			`stamp` = :stamp,
 			`http` = :http,
 			`ftp_up` = :ftp_up,
 			`ftp_down` = :ftp_down,
 			`mail` = :mail
 		");
 		Database::pexecute($ins_stmt, $ins_data);
 		$upd_data = array(
 			'traffic' => $admin_traffic[$row['adminid']]['sum_month'],
 			'adminid' => $row['adminid']
 		);
 		$upd_stmt = Database::prepare("
 			UPDATE `" . TABLE_PANEL_ADMINS . "` SET
 			`traffic_used` = :traffic
 			WHERE `adminid` = :adminid
 		");
 		Database::pexecute($upd_stmt, $upd_data);
 	}
-	if(isset($admin_diskspace[$row['adminid']]))
+	if (isset($admin_diskspace[$row['adminid']])) {
-	{
+
-		$db->query("INSERT INTO `" . TABLE_PANEL_DISKSPACE_ADMINS . "` (`adminid`, `year`, `month`, `day`, `stamp`, `webspace`, `mail`, `mysql`) VALUES('" . (int)$row['adminid'] . "', '" . date('Y') . "', '" . date('m') . "', '" . date('d') . "', '" . time() . "', '" . (float)$admin_diskspace[$row['adminid']]['webspace'] . "', '" . (float)$admin_diskspace[$row['adminid']]['mail'] . "', '" . (float)$admin_diskspace[$row['adminid']]['mysql'] . "')");
+		$ins_data = array(
-		$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `diskspace_used`='" . (float)$admin_diskspace[$row['adminid']]['all'] . "' WHERE `adminid`='" . (float)$row['adminid'] . "'");
+			'adminid' => $row['adminid'],
 			'year' => date('Y', time()),
 			'month' => date('m', time()),
 			'day' => date('d', time()),
 			'stamp' => time(),
 			'webspace' => $admin_diskspace[$row['adminid']]['webspace'],
 			'mail' => $admin_diskspace[$row['adminid']]['mail'],
 			'mysql' => $admin_diskspace[$row['adminid']]['mysql']
 		);
 		$ins_stmt = Database::preapre("
 			INSERT INTO `" . TABLE_PANEL_DISKSPACE_ADMINS . "` SET
 			`adminid` = :adminid,
 			`year` = :year,
 			`month` = :month,
 			`day` = :day,
 			`stamp` = :stamp,
 			`webspace` = :webspace,
 			`mail` = :mail,
 			`mysql` = :mysql
 		");
 		$upd_data = array(
 			'diskspace' => $admin_diskspace[$row['adminid']]['all'],
 			'adminid' => $row['adminid']
 		);
 		$upd_stmt = Database::prepare("
 			UPDATE `" . TABLE_PANEL_ADMINS . "` SET
 			`diskspace_used` = :diskspace
 			WHERE `adminid` = :adminid
 		");
 		Database::pexecute($upd_stmt, $upd_data);
 	}
 }
-$db->query('UPDATE `' . TABLE_PANEL_SETTINGS . '` SET `value` = UNIX_TIMESTAMP() WHERE `settinggroup` = \'system\'   AND `varname`      = \'last_traffic_run\' ');
+Database::query("UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = UNIX_TIMESTAMP() WHERE `settinggroup` = 'system' AND `varname` = 'last_traffic_run'");
 closeRootDB();
 if (function_exists('pcntl_fork')) {
 	@unlink($TrafficLock);
--- a/scripts/jobs/cron_usage.inc.diskspace.php
+++ b/scripts/jobs/cron_usage.inc.diskspace.php
@@ -18,19 +18,20 @@
 /**
 * report about diskusage for customers
 */
-$result = $db->query("SELECT
+$result_stmt = Database::query("
-	`c`.`customerid`, `c`.`adminid`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`diskspace`,
+	SELECT `c`.`customerid`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
-	`c`.`diskspace_used`, `c`.`email`, `c`.`def_language`, 
+	`c`.`company`, `c`.`diskspace`, `c`.`diskspace_used`, `c`.`email`, `c`.`def_language`,
 	`a`.`name` AS `adminname`, `a`.`email` AS `adminmail`
 	FROM `" . TABLE_PANEL_CUSTOMERS . "` AS `c`
    LEFT JOIN `" . TABLE_PANEL_ADMINS . "` AS `a`
    ON `a`.`adminid` = `c`.`adminid`
-    WHERE `c`.`diskspace` > '0' AND `c`.`reportsent` <> '2'");
+    WHERE `c`.`diskspace` > '0' AND `c`.`reportsent` <> '2'
 ");
-while($row = $db->fetch_array($result))
+while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-{
+
-	if(isset($row['diskspace'])
+	if (isset($row['diskspace'])
-		&& $row['diskspace_used'] != NULL
+		&& $row['diskspace_used'] != null
 		&& $row['diskspace_used'] > 0
 		&& (($row['diskspace_used'] * 100) / $row['diskspace']) >= (int)$settings['system']['report_webmax']
 	) {
@@ -49,18 +50,16 @@ while($row = $db->fetch_array($result))
 			'MAX_PERCENT' => $settings['system']['report_webmax']
 		);
-		$lngfile = $db->query_first("
+		$lngfile_stmt = Database::prepare("
 			SELECT `file` FROM `" . TABLE_PANEL_LANGUAGE . "`
-			WHERE `language` ='" . $row['def_language'] . "'
+			WHERE `language` = :deflang
 		");
 		$lngfile = Database::pexecute_first($lngfile_stmt, array('deflang' => $row['def_language']));
 		if ($lngfile !== null) {
 			$langfile = $lngfile['file'];
 		} else {
-			$lngfile = $db->query_first("
+			$lngfile = Database::pexecute_first($lngfile_stmt, array('deflang' => $settings['panel']['standardlanguage']));
 				SELECT `file` FROM `" . TABLE_PANEL_LANGUAGE . "`
 				WHERE `language` ='" . $settings['panel']['standardlanguage'] . "'
 			");
 			$langfile = $lngfile['file'];
 		}
@@ -70,18 +69,22 @@ while($row = $db->fetch_array($result))
 		include_once makeCorrectFile($pathtophpfiles . '/' . $langfile);
 		// Get mail templates from database; the ones from 'admin' are fetched for fallback
-		$result2 = $db->query_first("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+		$result2_stmt = Database::prepare("
-	                                WHERE `adminid`='" . (int)$row['adminid'] . "'
+			SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
-	                                AND `language`='" . $db->escape($row['def_language']) . "'
+			WHERE `adminid` = :adminid
-	                                AND `templategroup`='mails'
+			AND `language` = :lang
-	                                AND `varname`='diskmaxpercent_subject'");
+			AND `templategroup` = 'mails' AND `varname` = :varname
 		");
 		$resul2_data = array(
 			'adminid' => $row['adminid'],
 			'lang' => $row['def_language'],
 			'varname' => 'diskmaxpercent_subject'
 		);
 		$result2 = Database::pexecute_first($result2_stmt, $result2_data);
 		$mail_subject = html_entity_decode(replace_variables((($result2['value'] != '') ? $result2['value'] : $lng['mails']['webmaxpercent']['subject']), $replace_arr));
-		$result2 = $db->query_first("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+		$resul2_data['varname'] = 'diskmaxpercent_mailbody';
-	                                WHERE `adminid`='" . (int)$row['adminid'] . "'
+		$result2 = Database::pexecute_first($result2_stmt, $result2_data);
 	                                AND `language`='" . $db->escape($row['def_language']) . "'
 	                                AND `templategroup`='mails'
 	                                AND `varname`='diskmaxpercent_mailbody'");
 		$mail_body = html_entity_decode(replace_variables((($result2['value'] != '') ? $result2['value'] : $lng['mails']['webmaxpercent']['mailbody']), $replace_arr));
 		$_mailerror = false;
@@ -106,20 +109,25 @@ while($row = $db->fetch_array($result))
 		}
 		$mail->ClearAddresses();
-		$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `reportsent`='2'
+		$upd_stmt = Database::prepare("
-	                WHERE `customerid`='" . (int)$row['customerid'] . "'");
+			UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `reportsent` = '2'
 			WHERE `customerid` = :customerid
 		");
 		Database::pexecute($upd_stmt, array('customerid' => $row['customerid']));
 	}
 }
 /**
 * report about diskusage for admins/reseller
 */
-$result = $db->query("SELECT `a`.* FROM `" . TABLE_PANEL_ADMINS . "` `a` WHERE `a`.`reportsent` <> '2'");
+$result_stmt = Database::query("
 	SELECT `a`.* FROM `" . TABLE_PANEL_ADMINS . "` `a` WHERE `a`.`reportsent` <> '2'
 ");
-while($row = $db->fetch_array($result))
+while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
-{
+
-	if(isset($row['diskspace'])
+	if (isset($row['diskspace'])
-		&& $row['diskspace_used'] != NULL
+		&& $row['diskspace_used'] != null
 		&& $row['diskspace_used'] > 0
 		&& (($row['diskspace_used'] * 100) / $row['diskspace']) >= (int)$settings['system']['report_webmax']
 	) {
@@ -132,35 +140,41 @@ while($row = $db->fetch_array($result))
 			'MAX_PERCENT' => $settings['system']['report_webmax']
 		);
-		$lngfile = $db->query_first("SELECT `file` FROM `" . TABLE_PANEL_LANGUAGE . "`
+		$lngfile_stmt = Database::prepare("
-									WHERE `language` ='" . $row['def_language'] . "'");
+			SELECT `file` FROM `" . TABLE_PANEL_LANGUAGE . "`
 			WHERE `language` = :deflang
 		");
 		$lngfile = Database::pexecute_first($lngfile_stmt, array('deflang' => $row['def_language']));
-		if($lngfile !== NULL)
+		if ($lngfile !== null) {
 		{
 			$langfile = $lngfile['file'];
-		}
+		} else {
-		else
+			$lngfile = Database::pexecute_first($lngfile_stmt, array('deflang' => $settings['panel']['standardlanguage']));
 		{
 			$lngfile = $db->query_first("SELECT `file` FROM `" . TABLE_PANEL_LANGUAGE . "`
 										WHERE `language` ='" . $settings['panel']['standardlanguage'] . "'");
 			$langfile = $lngfile['file'];
 		}
 		// include english language file (fallback)
 		include_once makeCorrectFile($pathtophpfiles . '/lng/english.lng.php');
 		// include admin/customer language file
 		include_once makeCorrectFile($pathtophpfiles . '/' . $langfile);
 		// Get mail templates from database; the ones from 'admin' are fetched for fallback
-		$result2 = $db->query_first("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+		$result2_stmt = Database::prepare("
-	                                WHERE `adminid`='" . (int)$row['adminid'] . "'
+			SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
-	                                AND `language`='" . $db->escape($row['def_language']) . "'
+			WHERE `adminid` = :adminid
-	                                AND `templategroup`='mails'
+			AND `language` = :lang
-	                                AND `varname`='diskmaxpercent_subject'");
+			AND `templategroup` = 'mails' AND `varname` = :varname
 		");
 		$resul2_data = array(
 			'adminid' => $row['adminid'],
 			'lang' => $row['def_language'],
 			'varname' => 'diskmaxpercent_subject'
 		);
 		$result2 = Database::pexecute_first($result2_stmt, $result2_data);
 		$mail_subject = html_entity_decode(replace_variables((($result2['value'] != '') ? $result2['value'] : $lng['mails']['webmaxpercent']['subject']), $replace_arr));
-		$result2 = $db->query_first("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+		$resul2_data['varname'] = 'diskmaxpercent_mailbody';
-	                                WHERE `adminid`='" . (int)$row['adminid'] . "'
+		$result2 = Database::pexecute_first($result2_stmt, $result2_data);
 	                                AND `language`='" . $db->escape($row['def_language']) . "'
 	                                AND `templategroup`='mails'
 	                                AND `varname`='diskmaxpercent_mailbody'");
 		$mail_body = html_entity_decode(replace_variables((($result2['value'] != '') ? $result2['value'] : $lng['mails']['webmaxpercent']['mailbody']), $replace_arr));
 		$_mailerror = false;
@@ -185,7 +199,10 @@ while($row = $db->fetch_array($result))
 		}
 		$mail->ClearAddresses();
-		$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `reportsent`='2'
+		$upd_stmt = Database::prepare("
-	                WHERE `adminid`='" . (int)$row['adminid'] . "'");
+			UPDATE `" . TABLE_PANEL_ADMINS . "` SET `reportsent` = '2'
 			WHERE `adminid` = :adminid
 		");
 		Database::pexecute($upd_stmt, array('adminid' => $row['adminid']));
 	}
 }
--- a/scripts/jobs/cron_usage_report.php
+++ b/scripts/jobs/cron_usage_report.php
@@ -30,23 +30,32 @@ $mail->SetFrom($settings['panel']['adminmail'], 'Froxlor Administrator');
 // Warn the customers at xx% traffic-usage
-$result = $db->query("SELECT `c`.`customerid`, `c`.`adminid`, `c`.`name`, `c`.`firstname`, `c`.`company`, `c`.`traffic`,
+$result_stmt = Database::prepare("
-                             `c`.`email`, `c`.`def_language`, `a`.`name` AS `adminname`, `a`.`email` AS `adminmail`,
+	SELECT `c`.`customerid`, `c`.`adminid`, `c`.`name`, `c`.`firstname`,
-                           (SELECT SUM(`t`.`http` + `t`.`ftp_up` + `t`.`ftp_down` + `t`.`mail`)
+	`c`.`company`, `c`.`traffic`, `c`.`email`, `c`.`def_language`,
-                            FROM `" . TABLE_PANEL_TRAFFIC . "` `t`
+	`a`.`name` AS `adminname`, `a`.`email` AS `adminmail`,
-                            WHERE `t`.`customerid` = `c`.`customerid` AND `t`.`year` = '" . (int)date("Y", $yesterday) . "'
+	(SELECT SUM(`t`.`http` + `t`.`ftp_up` + `t`.`ftp_down` + `t`.`mail`)
-                            AND `t`.`month` = '" . date("m", $yesterday) . "') as `traffic_used`
+	FROM `" . TABLE_PANEL_TRAFFIC . "` `t`
-                      FROM `" . TABLE_PANEL_CUSTOMERS . "` AS `c`
+	WHERE `t`.`customerid` = `c`.`customerid` AND `t`.`year` = :year AND `t`.`month` = :month
-                      LEFT JOIN `" . TABLE_PANEL_ADMINS . "` AS `a` ON `a`.`adminid` = `c`.`adminid`
+	) as `traffic_used`
-                      WHERE `c`.`reportsent` <> '1'");
+	FROM `" . TABLE_PANEL_CUSTOMERS . "` AS `c`
 	LEFT JOIN `" . TABLE_PANEL_ADMINS . "` AS `a`
 	ON `a`.`adminid` = `c`.`adminid` WHERE `c`.`reportsent` <> '1'
 ");
-while($row = $db->fetch_array($result))
+$result_data = array(
-{
+	'year' => date("Y", $yesterday),
-	if(isset($row['traffic'])
+	'month' => date("m", $yesterday)
-	   && $row['traffic'] > 0
+);
-	   && $row['traffic_used'] != NULL
+Database::pexecute($result_stmt, $result_data);
-	   && (($row['traffic_used'] * 100) / $row['traffic']) >= (int)$settings['system']['report_trafficmax'])
+
-	{
+while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 	if (isset($row['traffic'])
 		&& $row['traffic'] > 0
 		&& $row['traffic_used'] != null
 		&& (($row['traffic_used'] * 100) / $row['traffic']) >= (int)$settings['system']['report_trafficmax']
 	) {
 		$rep_userinfo = array(
 			'name' => $row['name'],
 			'firstname' => $row['firstname'],
@@ -60,35 +69,42 @@ while($row = $db->fetch_array($result))
 			'USAGE_PERCENT' => round(($row['traffic_used'] * 100) / $row['traffic'], 2),
 			'MAX_PERCENT' => $settings['system']['report_trafficmax']
 		);
 		$lngfile = $db->query_first("SELECT `file` FROM `" . TABLE_PANEL_LANGUAGE . "`
                                 WHERE `language` ='" . $row['def_language'] . "'");
-		if($lngfile !== NULL)
+		$lngfile_stmt = Database::prepare("
-		{
+			SELECT `file` FROM `" . TABLE_PANEL_LANGUAGE . "`
 			WHERE `language` = :deflang
 		");
 		$lngfile = Database::pexecute_first($lngfile_stmt, array('deflang' => $row['def_language']));
 		if ($lngfile !== null) {
 			$langfile = $lngfile['file'];
-		}
+		} else {
-		else
+			$lngfile = Database::pexecute_first($lngfile_stmt, array('deflang' => $settings['panel']['standardlanguage']));
 		{
 			$lngfile = $db->query_first("SELECT `file` FROM `" . TABLE_PANEL_LANGUAGE . "`
                                  WHERE `language` ='" . $settings['panel']['standardlanguage'] . "'");
 			$langfile = $lngfile['file'];
 		}
 		// include english language file (fallback)
 		include_once makeCorrectFile($pathtophpfiles . '/lng/english.lng.php');
 		// include admin/customer language file
 		include_once makeCorrectFile($pathtophpfiles . '/' . $langfile);
 		// Get mail templates from database; the ones from 'admin' are fetched for fallback
-
+		$result2_stmt = Database::prepare("
-		$result2 = $db->query_first("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+			SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
-                                WHERE `adminid`='" . (int)$row['adminid'] . "'
+			WHERE `adminid` = :adminid
-                                AND `language`='" . $db->escape($row['def_language']) . "'
+			AND `language` = :lang
-                                AND `templategroup`='mails'
+			AND `templategroup` = 'mails' AND `varname` = :varname
-                                AND `varname`='trafficmaxpercent_subject'");
+		");
 		$resul2_data = array(
 				'adminid' => $row['adminid'],
 				'lang' => $row['def_language'],
 				'varname' => 'trafficmaxpercent_subject'
 		);
 		$result2 = Database::pexecute_first($result2_stmt, $result2_data);
 		$mail_subject = html_entity_decode(replace_variables((($result2['value'] != '') ? $result2['value'] : $lng['mails']['trafficmaxpercent']['subject']), $replace_arr));
-		$result2 = $db->query_first("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+
-                                WHERE `adminid`='" . (int)$row['adminid'] . "'
+		$resul2_data['varname'] = 'trafficmaxpercent_mailbody';
-                                AND `language`='" . $db->escape($row['def_language']) . "'
+		$result2 = Database::pexecute_first($result2_stmt, $result2_data);
                                AND `templategroup`='mails'
                                AND `varname`='trafficmaxpercent_mailbody'");
 		$mail_body = html_entity_decode(replace_variables((($result2['value'] != '') ? $result2['value'] : $lng['mails']['trafficmaxpercent']['mailbody']), $replace_arr));
 		$_mailerror = false;
@@ -107,33 +123,43 @@ while($row = $db->fetch_array($result))
 			$_mailerror = true;
 		}
-		if($_mailerror)
+		if ($_mailerror) {
 		{
 			$cronlog->logAction(CRON_ACTION, LOG_ERR, 'Error sending mail: ' . $mailerr_msg);
 			echo 'Error sending mail: ' . $mailerr_msg . "\n";
 		}
 		$mail->ClearAddresses();
-		$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `reportsent`=\'1\'
+		$upd_stmt = Database::prepare("
-                WHERE `customerid`=\'' . (int)$row['customerid'] . '\'');
+			UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `reportsent` = '1'
 			WHERE `customerid` = :customerid
 		");
 		Database::pexecute($upd_stmt, array('customerid' => $row['customerid']));
 	}
 }
 // Warn the admins at xx% traffic-usage
 $result_stmt = Database::prepare("
 	SELECT `a`.*,
 	(SELECT SUM(`t`.`http` + `t`.`ftp_up` + `t`.`ftp_down` + `t`.`mail`)
 	FROM `" . TABLE_PANEL_TRAFFIC_ADMINS . "` `t`
 	WHERE `t`.`adminid` = `a`.`adminid` AND `t`.`year` = :year AND `t`.`month` = :month
 	) as `traffic_used_total`
 	FROM `" . TABLE_PANEL_ADMINS . "` `a` WHERE `a`.`reportsent` = '0'
 ");
-$result = $db->query("SELECT `a`.*,
+$result_data = array(
-                       (SELECT SUM(`t`.`http` + `t`.`ftp_up` + `t`.`ftp_down` + `t`.`mail`)
+		'year' => date("Y", $yesterday),
-                        FROM `" . TABLE_PANEL_TRAFFIC_ADMINS . "` `t`
+		'month' => date("m", $yesterday)
-                        WHERE `t`.`adminid` = `a`.`adminid` AND `t`.`year` = '" . (int)date("Y", $yesterday) . "'
+);
-                        AND `t`.`month` = '" . date("m", $yesterday) . "') as `traffic_used_total`
+Database::pexecute($result_stmt, $result_data);
-                      FROM `" . TABLE_PANEL_ADMINS . "` `a` WHERE `a`.`reportsent` = '0'");
+
 while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
 	if (isset($row['traffic'])
 		&& $row['traffic'] > 0
 		&& (($row['traffic_used_total'] * 100) / $row['traffic']) >= (int)$settings['system']['report_trafficmax']
 	) {
 while($row = $db->fetch_array($result))
 {
 	if(isset($row['traffic'])
 	   && $row['traffic'] > 0
 	   && (($row['traffic_used_total'] * 100) / $row['traffic']) >= (int)$settings['system']['report_trafficmax'])
 	{
 		$replace_arr = array(
 			'NAME' => $row['name'],
 			'TRAFFIC' => round(($row['traffic'] / 1024), 2), /* traffic is stored in KB, template uses MB */
@@ -141,35 +167,42 @@ while($row = $db->fetch_array($result))
 			'USAGE_PERCENT' => round(($row['traffic_used_total'] * 100) / $row['traffic'], 2),
 			'MAX_PERCENT' => $settings['system']['report_trafficmax']
 		);
 		$lngfile = $db->query_first("SELECT `file` FROM `" . TABLE_PANEL_LANGUAGE . "`
                                 WHERE `language` ='" . $row['def_language'] . "'");
-		if($lngfile !== NULL)
+		$lngfile_stmt = Database::prepare("
-		{
+			SELECT `file` FROM `" . TABLE_PANEL_LANGUAGE . "`
 			WHERE `language` = :deflang
 		");
 		$lngfile = Database::pexecute_first($lngfile_stmt, array('deflang' => $row['def_language']));
 		if ($lngfile !== null) {
 			$langfile = $lngfile['file'];
-		}
+		} else {
-		else
+			$lngfile = Database::pexecute_first($lngfile_stmt, array('deflang' => $settings['panel']['standardlanguage']));
 		{
 			$lngfile = $db->query_first("SELECT `file` FROM `" . TABLE_PANEL_LANGUAGE . "`
                                  WHERE `language` ='" . $settings['panel']['standardlanguage'] . "'");
 			$langfile = $lngfile['file'];
 		}
 		// include english language file (fallback)
 		include_once makeCorrectFile($pathtophpfiles . '/lng/english.lng.php');
 		// include admin/customer language file
 		include_once makeCorrectFile($pathtophpfiles . '/' . $langfile);
 		// Get mail templates from database; the ones from 'admin' are fetched for fallback
-
+		$result2_stmt = Database::prepare("
-		$result2 = $db->query_first("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+			SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
-                                WHERE `adminid`='" . (int)$row['adminid'] . "'
+			WHERE `adminid` = :adminid
-                                AND `language`='" . $db->escape($row['def_language']) . "'
+			AND `language` = :lang
-                                AND `templategroup`='mails'
+			AND `templategroup` = 'mails' AND `varname` = :varname
-                                AND `varname`='trafficmaxpercent_subject'");
+		");
 		$resul2_data = array(
 				'adminid' => $row['adminid'],
 				'lang' => $row['def_language'],
 				'varname' => 'trafficmaxpercent_subject'
 		);
 		$result2 = Database::pexecute_first($result2_stmt, $result2_data);
 		$mail_subject = html_entity_decode(replace_variables((($result2['value'] != '') ? $result2['value'] : $lng['mails']['trafficmaxpercent']['subject']), $replace_arr));
-		$result2 = $db->query_first("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
+
-                                WHERE `adminid`='" . (int)$row['adminid'] . "'
+		$resul2_data['varname'] = 'trafficmaxpercent_mailbody';
-                                AND `language`='" . $db->escape($row['def_language']) . "'
+		$result2 = Database::pexecute_first($result2_stmt, $result2_data);
                                AND `templategroup`='mails'
                                AND `varname`='trafficmaxpercent_mailbody'");
 		$mail_body = html_entity_decode(replace_variables((($result2['value'] != '') ? $result2['value'] : $lng['mails']['trafficmaxpercent']['mailbody']), $replace_arr));
 		$_mailerror = false;
@@ -194,27 +227,36 @@ while($row = $db->fetch_array($result))
 		}
 		$mail->ClearAddresses();
-		$db->query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `reportsent`='1'
+		$upd_stmt = Database::prepare("
-                WHERE `adminid`='" . (int)$row['adminid'] . "'");
+			UPDATE `" . TABLE_PANEL_ADMINS . "` SET `reportsent` = '1'
 			WHERE `adminid` = :adminid
 		");
 		Database::pexecute($upd_stmt, array('adminid' => $row['adminid']));
 	}
 	// Another month, let's build our report
 	if (date('d') == '01') {
 	if(date('d') == '01')
 	{
 		$mail_subject = 'Trafficreport ' . date("m/y", $yesterday) . ' for ' . $row['name'];
 		$mail_body = 'Trafficreport ' . date("m/y", $yesterday) . ' for ' . $row['name'] . "\n";
 		$mail_body.= '---------------------------------------------' . "\n";
 		$mail_body.= 'Loginname       Traffic used (Percent) | Traffic available' . "\n";
-		$customers = $db->query("SELECT `c`.*,
+		$customers_stmt = Database::prepare("
-                            (SELECT SUM(`t`.`http` + `t`.`ftp_up` + `t`.`ftp_down` + `t`.`mail`)
+			SELECT `c`.*,
-                            FROM `" . TABLE_PANEL_TRAFFIC . "` `t`
+			(SELECT SUM(`t`.`http` + `t`.`ftp_up` + `t`.`ftp_down` + `t`.`mail`)
-                            WHERE `t`.`customerid` = `c`.`customerid` AND `t`.`year` = '" . (int)date("Y", $yesterday) . "'
+			FROM `" . TABLE_PANEL_TRAFFIC . "` `t`
-                            AND `t`.`month` = '" . date("m", $yesterday) . "') as `traffic_used_total`
+			WHERE `t`.`customerid` = `c`.`customerid` AND `t`.`year` = :year AND `t`.`month` = :month
-                            FROM `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `c`.`adminid` = '" . $row['adminid'] . "'");
+			) as `traffic_used_total`
 			FROM `" . TABLE_PANEL_CUSTOMERS . "` `c` WHERE `c`.`adminid` = :adminid
 		");
 		$customers_data = array(
 			'year' => date("Y", $yesterday),
 			'month' => date("m", $yesterday),
 			'adminid' => $row['adminid']
 		);
 		Database::pexecute($customers_stmt, $customers_data);
-		while($customer = $db->fetch_array($customers))
+		while ($customer = $customers_stmt->fetch(PDO::FETCH_ASSOC)) {
 		{
 			if ($customer['traffic'] > 0) {
 				$mail_body.= sprintf('%-15s', $customer['loginname']) . ' ' . sprintf('%-12d', $customer['traffic_used_total']) . ' (' . sprintf('%00.3f%%', (($customer['traffic_used_total'] * 100) / $customer['traffic'])) . ')   ' . $customer['traffic'] . "\n";
 			} else {
@@ -253,9 +295,7 @@ while($row = $db->fetch_array($result))
 include dirname(__FILE__).'/cron_usage.inc.diskspace.php';
 // Another month, reset the reportstatus
-
+if (date('d') == '01') {
-if(date('d') == '01')
+	Database::query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `reportsent` = '0';");
-{
+	Database::query("UPDATE `" . TABLE_PANEL_ADMINS . "` SET `reportsent` = '0';");
 	$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `reportsent` = \'0\';');
 	$db->query('UPDATE `' . TABLE_PANEL_ADMINS . '` SET `reportsent` = \'0\';');
 }