Index: branches/2.8.x/CHANGELOG
===================================================================
--- branches/2.8.x/CHANGELOG	(revision 1947)
+++ branches/2.8.x/CHANGELOG	(revision 1948)
@@ -11,6 +11,9 @@
 ! = Update/Change
 ===============================================================================
 
+04 Aug-2013 Build 1948 M.v.d.Decken(DarkViper)
++ added $page_id compatibility to /index.php
+# solved escaping problems on save to database in modules/droplets
 03 Aug-2013 Build 1947 M.v.d.Decken(DarkViper)
 + added classes AccessFile and AccessFileHelper to /framework/
 03 Aug-2013 Build 1946 M.v.d.Decken(DarkViper)
Index: branches/2.8.x/wb/admin/interface/version.php
===================================================================
--- branches/2.8.x/wb/admin/interface/version.php	(revision 1947)
+++ branches/2.8.x/wb/admin/interface/version.php	(revision 1948)
@@ -51,5 +51,5 @@
 
 // check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)
 if(!defined('VERSION')) define('VERSION', '2.8.3');
-if(!defined('REVISION')) define('REVISION', '1947');
+if(!defined('REVISION')) define('REVISION', '1948');
 if(!defined('SP')) define('SP', '');
Index: branches/2.8.x/wb/index.php
===================================================================
--- branches/2.8.x/wb/index.php	(revision 1947)
+++ branches/2.8.x/wb/index.php	(revision 1948)
@@ -15,6 +15,9 @@
  *
  */
 
+// compatibility between old and new access file format
+if (isset($iPageId)) { $page_id = $iPageId; }
+if (isset($page_id) && !isset($iPageId)) { $iPageId = $page_id; }
 // Include config file
 $config_file = dirname(__FILE__).'/config.php';
 if(file_exists($config_file) && !defined('WB_URL'))
Index: branches/2.8.x/wb/modules/droplets/droplets.functions.php
===================================================================
--- branches/2.8.x/wb/modules/droplets/droplets.functions.php	(revision 1947)
+++ branches/2.8.x/wb/modules/droplets/droplets.functions.php	(revision 1948)
@@ -72,19 +72,19 @@
 {
 	$OK  = ' <span style="color:#006400; font-weight:bold;">OK</span> ';
 	$FAIL = ' <span style="color:#ff0000; font-weight:bold;">FAILED</span> ';
-	$database=WbDatabase::getInstance();
+	$oDb = WbDatabase::getInstance();
 	foreach ($aDropletFiles as $sDropletFile) {
 		$msgSql = '';
 		$extraSql = '';
 		$sDropletName = pathinfo ($sDropletFile, PATHINFO_FILENAME);
-		$sql = 'SELECT `code` FROM `'.$database->TablePrefix.'mod_droplets` WHERE `name` LIKE "'.$sDropletName.'" ';
-		if( !($database->get_one($sql)) ) {
-			$sql = 'INSERT INTO `'.$database->TablePrefix.'mod_droplets`';
-			$msgSql = 'INSERT Droplet `'.$sDropletName.'` INTO`'.$database->TablePrefix.'mod_droplets`'." $OK";
+		$sql = 'SELECT `code` FROM `'.$oDb->TablePrefix.'mod_droplets` WHERE `name` LIKE "'.$sDropletName.'" ';
+		if( !($oDb->get_one($sql)) ) {
+			$sql = 'INSERT INTO `'.$oDb->TablePrefix.'mod_droplets`';
+			$msgSql = 'INSERT Droplet `'.$sDropletName.'` INTO`'.$oDb->TablePrefix.'mod_droplets`'." $OK";
 		} elseif ($bOverwriteDroplets) {
-			$sql = 'UPDATE `'.$database->TablePrefix.'mod_droplets` ';
+			$sql = 'UPDATE `'.$oDb->TablePrefix.'mod_droplets` ';
 			$extraSql = 'WHERE `name` = \''.$sDropletName.'\' ';
-			$msgSql = 'UPDATE Droplet `'.$sDropletName.'` INTO`'.$database->TablePrefix.'mod_droplets`'." $OK";
+			$msgSql = 'UPDATE Droplet `'.$sDropletName.'` INTO`'.$oDb->TablePrefix.'mod_droplets`'." $OK";
 		}
 // get description, comments and oode
 		$sDropletFile = preg_replace('/^\xEF\xBB\xBF/', '', $sDropletFile);
@@ -115,19 +115,19 @@
 			}
 		$iModifiedWhen = time();
 		$iModifiedBy = (method_exists($admin, 'get_user_id') && ($admin->get_user_id()!=null) ? $admin->get_user_id() : 1);
-		$sql .= 'SET  `name` =\''.$sDropletName.'\','
-		     .       '`description` =\''.$sDescription.'\','
-		     .       '`comments` =\''.$sComments.'\','
-		     .       '`code` =\''.$database->escapeString($sCode).'\','
+		$sql .= 'SET  `name` =\''.$oDb->escapeString($sDropletName).'\','
+		     .       '`description` =\''.$oDb->escapeString($sDescription).'\','
+		     .       '`comments` =\''.$oDb->escapeString($sComments).'\','
+		     .       '`code` =\''.$oDb->escapeString($sCode).'\','
 		     .       '`modified_when` = '.$iModifiedWhen.','
 		     .       '`modified_by` = '.$iModifiedBy.','
 		     .       '`active` = 1'
 		     .       $extraSql;
 		}
-		if( $database->query($sql) ) {
+		if( $oDb->query($sql) ) {
 			if( $msgSql!='' ) { $msg[] = $msgSql; }
 		} else {
-			$msg[] = $database->get_error();
+			$msg[] = $oDb->get_error();
 		}
 	}
 	return;
Index: branches/2.8.x/wb/modules/droplets/save_droplet.php
===================================================================
--- branches/2.8.x/wb/modules/droplets/save_droplet.php	(revision 1947)
+++ branches/2.8.x/wb/modules/droplets/save_droplet.php	(revision 1948)
@@ -43,42 +43,42 @@
 	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], $module_edit_link );
 }
 $admin->print_header();
-
+$oDb = WbDatabase::getInstance();
 // Validate all fields
 if($admin->get_post('title') == '') {
 	$admin->print_error($MESSAGE['GENERIC']['FILL_IN_ALL'], WB_URL.'/modules/droplets/modify_droplet.php?droplet_id='. $admin->getIDKEY($droplet_id));
 } else {
-	$title = $admin->add_slashes($admin->get_post('title'));
+	$title = $admin->get_post('title');
 	$active = (int) $admin->get_post('active');
 	$admin_view = (int) $admin->get_post('admin_view');
 	$admin_edit = (int) $admin->get_post('admin_edit');
 	$show_wysiwyg = (int) $admin->get_post('show_wysiwyg');
-	$description = $admin->add_slashes($admin->get_post('description'));
+	$description = $admin->get_post('description');
 	$tags = array('<?php', '?>' , '<?');
-	$content = $admin->add_slashes(str_replace($tags, '', $_POST['savecontent']));
-	$comments = $admin->add_slashes($admin->get_post('comments'));
+	$content = str_replace($tags, '', $_POST['savecontent']);
+	$comments = $admin->get_post('comments');
 	$modified_when = time();
 	$modified_by = (int) $admin->get_user_id();
 }
 
 // Update row
-$sql = 'UPDATE `'.TABLE_PREFIX.'mod_droplets` SET ';
-$sql .= '`name` = \''.$title.'\', ';
+$sql = 'UPDATE `'.$oDb->TablePrefix.'mod_droplets` SET ';
+$sql .= '`name` = \''.$oDb->escapeString($title).'\', ';
 $sql .= '`active` = '.$active.', ';
 $sql .= '`admin_view` = '.$admin_view.', ';
 $sql .= '`admin_edit` = '.$admin_edit.', ';
 $sql .= '`show_wysiwyg` = '.$show_wysiwyg.', ';
-$sql .= '`description` = \''.$description.'\', ';
-$sql .= '`code` = \''.$content.'\', ';
-$sql .= '`comments` = \''.$comments.'\', ';
+$sql .= '`description` = \''.$oDb->escapeString($description).'\', ';
+$sql .= '`code` = \''.$oDb->escapeString($content).'\', ';
+$sql .= '`comments` = \''.$oDb->escapeString($comments).'\', ';
 $sql .= '`modified_when` = '.$modified_when.', ';
 $sql .= '`modified_by` = '.$modified_by.' ';
 $sql .= 'WHERE `id` = '.$droplet_id;
-$database->query($sql);
+$oDb->query($sql);
 
 // Check if there is a db error, otherwise say successful
-if($database->is_error()) {
-	$admin->print_error($database->get_error(), WB_URL.'/modules/droplets/modify_droplet.php?droplet_id='. $admin->getIDKEY($droplet_id));
+if($oDb->is_error()) {
+	$admin->print_error($oDb->get_error(), WB_URL.'/modules/droplets/modify_droplet.php?droplet_id='. $admin->getIDKEY($droplet_id));
 } else {
     $admin->print_success($TEXT['SUCCESS'], $module_edit_link);
 }