diff -r dab0e9deeb67 -r ce1c4d5e1576 inc/toolkit.inc.php
--- a/inc/toolkit.inc.php	Thu Jan 03 23:04:46 2008 +0000
+++ b/inc/toolkit.inc.php	Sat Jan 05 16:25:49 2008 +0000
@@ -158,21 +158,22 @@
         if((!level(5) || !$userid) && !level(10) && !level(5))
         {
 		// First select the zones for which we have ownership on one or more records.
-		$query = 'SELECT records.domain_id FROM records, record_owners WHERE user_id = '.$_SESSION['userid'].' AND records.id = record_owners.record_id';
+		$query = 'SELECT records.domain_id FROM records, record_owners WHERE user_id = '.$db->quote($_SESSION['userid']).' AND records.id = record_owners.record_id';
 		$result = $db->query($query);
 		$zones = array();
 		if (!PEAR::isError($result)) {
 			$zones = $result->fetchCol();
 		}
 	
-                $sqlq .= " AND (zones.owner=".$_SESSION["userid"];
+                $sqlq .= " AND (zones.owner=".$db->quote($_SESSION["userid"]);
 		if (count($zones) > 0) {
 			$sqlq .= ' OR zones.domain_id IN ('.implode(',', $zones).') '; 
 
 		}
 		$sqlq .= ')';
         }
-        $sqlq .= " AND substring(domains.name,1,1) ".$sql_regexp." '^".$letter."' LIMIT 1";
+        $sqlq .= " AND substring(domains.name,1,1) ".$sql_regexp." ".$db->quote("^".$letter);
+		$db->setLimit(1);
         $result = $db->query($sqlq);
         $numrows = $result->numRows();
         if ( $numrows == "1" ) 
@@ -283,8 +284,9 @@
 	global $db;
 	if (is_numeric($zoneid) && is_numeric($_SESSION["level"]))
 	{
-		$result = $db->query("SELECT id FROM zones WHERE owner=".$_SESSION["userid"]." AND domain_id=$zoneid");
-		$result_extra = $db->query("SELECT record_owners.id FROM record_owners,records WHERE record_owners.user_id=".$_SESSION["userid"]." AND records.domain_id = $zoneid AND records.id = record_owners.record_id LIMIT 1");
+		$result = $db->query("SELECT id FROM zones WHERE owner=".$db->quote($_SESSION["userid"])." AND domain_id=".$db->quote($zoneid));
+		$db->setLimit(1);
+		$result_extra = $db->query("SELECT record_owners.id FROM record_owners,records WHERE record_owners.user_id=".$db->quote($_SESSION["userid"])." AND records.domain_id = ".$db->quote($zoneid)." AND records.id = record_owners.record_id");
 
                 if ($result->numRows() == 1 || $_SESSION["level"] >= 5)
                 {