diff --git a/html/pages/device/edit/services.inc.php b/html/pages/device/edit/services.inc.php
index a49ee27f19..fa25dc6458 100644
--- a/html/pages/device/edit/services.inc.php
+++ b/html/pages/device/edit/services.inc.php
@@ -37,7 +37,6 @@ if ($updated) { print_message("Device Settings Saved"); }
 if (dbFetchCell("SELECT COUNT(*) from `services` WHERE `device_id` = ?" array($device['device_id'])) > '0')
 {
   $i = "1";
-  $service_query = mysql_query("select * from services WHERE device_id = '".$device['device_id']."' ORDER BY service_type");
   foreach (dbFetchRows("select * from services WHERE device_id = ? ORDER BY service_type", array($device['device_id'])) as $service)
   {
     $existform .= "<option value='" . $service['service_id'] . "'>" . $service['service_type'] . "</option>";
diff --git a/html/pages/device/routing/bgp.inc.php b/html/pages/device/routing/bgp.inc.php
index 0eded8a2b1..990ac1cf84 100644
--- a/html/pages/device/routing/bgp.inc.php
+++ b/html/pages/device/routing/bgp.inc.php
@@ -51,11 +51,10 @@ echo('<table border="0" cellspacing="0" cellpadding="5" width="100%">');
 echo('<tr style="height: 30px"><td width=1></td><th></th><th>Peer address</th><th>Type</th><th>Remote AS</th><th>State</th><th>Uptime</th></tr>');
 
 $i = "1";
-$peer_query = mysql_query("select * from bgpPeers WHERE device_id = '".$device['device_id']."' ORDER BY bgpPeerRemoteAs, bgpPeerIdentifier");
 
-while ($peer = mysql_fetch_assoc($peer_query))
+foreach (dbFetchRows("SELECT * FROM `bgpPeers` WHERE `device_id` = ? ORDER BY `bgpPEerRemoteAs`, `bgpPeerIdentifier`", array($device['device_id'])) as $peer)
 {
-  $has_macaccounting = mysql_result(mysql_query("SELECT COUNT(*) FROM `ipv4_mac` AS I, mac_accounting AS M WHERE I.ipv4_address = '".$peer['bgpPeerIdentifier']."' AND M.mac = I.mac_address"),0);
+  $has_macaccounting = dbFetchCell("SELECT COUNT(*) FROM `ipv4_mac` AS I, mac_accounting AS M WHERE I.ipv4_address = ? AND M.mac = I.mac_address", array($peer['bgpPeerIdentifier']));
   unset($bg_image);
   if (!is_integer($i/2)) { $bg_colour = $list_colour_a; } else { $bg_colour = $list_colour_b; }
 
@@ -69,14 +68,14 @@ while ($peer = mysql_fetch_assoc($peer_query))
   if ($peer['bgpPeerRemoteAs'] == $device['bgpLocalAs']) { $peer_type = "<span style='color: #00f;'>iBGP</span>"; } else { $peer_type = "<span style='color: #0a0;'>eBGP</span>"; }
 
   $query = "SELECT * FROM ipv4_addresses AS A, ports AS I, devices AS D WHERE ";
-  $query .= "(A.ipv4_address = '".$peer['bgpPeerIdentifier']."' AND I.interface_id = A.interface_id)";
+  $query .= "(A.ipv4_address = ? AND I.interface_id = A.interface_id)";
   $query .= " AND D.device_id = I.device_id";
-  $ipv4_host = mysql_fetch_assoc(mysql_query($query));
+  $ipv4_host = dbFetchRow($query,array($peer['bgpPeerIdentifier']));
 
   $query = "SELECT * FROM ipv6_addresses AS A, ports AS I, devices AS D WHERE ";
-  $query .= "(A.ipv6_address = '".$peer['bgpPeerIdentifier']."' AND I.interface_id = A.interface_id)";
+  $query .= "(A.ipv6_address = ? AND I.interface_id = A.interface_id)";
   $query .= " AND D.device_id = I.device_id";
-  $ipv6_host = mysql_fetch_assoc(mysql_query($query));
+  $ipv6_host = dbFetchRow($query,array($peer['bgpPeerIdentifier']));
 
   if ($ipv4_host)
   {
@@ -102,11 +101,10 @@ while ($peer = mysql_fetch_assoc($peer_query))
     }
   }
 
-  $af_query = mysql_query("SELECT * FROM `bgpPeers_cbgp` WHERE `device_id` = '".$device['device_id']."' AND bgpPeerIdentifier = '".$peer['bgpPeerIdentifier']."'");
   unset($peer_af);
   unset($sep);
 
-  while ($afisafi = mysql_fetch_assoc($af_query))
+  foreach (dbFetchRows("SELECT * FROM `bgpPeers_cbgp` WHERE `device_id` = ? AND bgpPeerIdentifier = ?", array($device['device_id'], $peer['bgpPeerIdentifier'])) as $afisafi)
   {
     $afi = $afisafi['afi'];
     $safi = $afisafi['safi'];
@@ -159,7 +157,7 @@ while ($peer = mysql_fetch_assoc($peer_query))
   {
     case 'macaccounting_bits':
     case 'macaccounting_pkts':
-      $acc = mysql_fetch_assoc(mysql_query("SELECT * FROM `ipv4_mac` AS I, `mac_accounting` AS M, `ports` AS P, `devices` AS D WHERE I.ipv4_address = '".$peer['bgpPeerIdentifier']."' AND M.mac = I.mac_address AND P.interface_id = M.interface_id AND D.device_id = P.device_id"));
+      $acc = dbFetchRow("SELECT * FROM `ipv4_mac` AS I, `mac_accounting` AS M, `ports` AS P, `devices` AS D WHERE I.ipv4_address = ? AND M.mac = I.mac_address AND P.interface_id = M.interface_id AND D.device_id = P.device_id", array($peer['bgpPeerIdentifier']));
       $database = $config['rrd_dir'] . "/" . $device['hostname'] . "/cip-" . $acc['ifIndex'] . "-" . $acc['mac'] . ".rrd";
       if (is_array($acc) && is_file($database))
       {
diff --git a/html/pages/device/routing/cef.inc.php b/html/pages/device/routing/cef.inc.php
index b2e30f921b..4c4cf15e8a 100644
--- a/html/pages/device/routing/cef.inc.php
+++ b/html/pages/device/routing/cef.inc.php
@@ -29,8 +29,6 @@ print_optionbar_end();
 echo('<div id="content">
         <table  border="0" cellspacing="0" cellpadding="5" width="100%">');
 
-$cef_query = mysql_query("SELECT * FROM `cef_switching` WHERE `device_id` = '".$device['device_id']."' ORDER BY `entPhysicalIndex`, `afi`, `cef_index`");
-
 echo('<tr><th><a title="Physical hardware entity">Entity</a></th>
           <th><a title="Address Family">AFI</a></th>
           <th><a title="CEF Switching Path">Path</a></th>
@@ -41,11 +39,10 @@ echo('<tr><th><a title="Physical hardware entity">Entity</a></th>
 
 $i=0;
 
-while ($cef = mysql_fetch_assoc($cef_query))
+foreach (dbFetchRows("SELECT * FROM `cef_switching` WHERE `device_id` = ?  ORDER BY `entPhysicalIndex`, `afi`, `cef_index`", array($device['device_id'])) as $cef)
 {
 
-  $entity_query = mysql_query("SELECT * FROM `entPhysical` WHERE device_id = '".$device['device_id']."' AND `entPhysicalIndex` = '".$cef['entPhysicalIndex']."'");
-  $entity = mysql_fetch_assoc($entity_query);
+  $entity = dbFetchRow("SELECT * FROM `entPhysical` WHERE device_id = ? AND `entPhysicalIndex` = ?", array($device['device_id'], $cef['entPhysicalIndex']));
 
   if (!is_integer($i/2)) { $bg_colour = $list_colour_a; } else { $bg_colour = $list_colour_b; }
 
@@ -53,8 +50,7 @@ while ($cef = mysql_fetch_assoc($cef_query))
 
   if(!$entity['entPhysicalModelName'] && $entity['entPhysicalContainedIn']) 
   {
-    $parent_entity_query = mysql_query("SELECT * FROM `entPhysical` WHERE device_id = '".$device['device_id']."' AND `entPhysicalIndex` = '".$entity['entPhysicalContainedIn']."'");
-    $parent_entity = mysql_fetch_assoc($parent_entity_query); 
+    $parent_entity = dbFetchRow("SELECT * FROM `entPhysical` WHERE device_id = ? AND `entPhysicalIndex` = ?", array($device['device_id'], $entity['entPhysicalContainedIn']));
     $entity_descr = $entity['entPhysicalName'] . " (" . $parent_entity['entPhysicalModelName'] .")";
   } else {
     $entity_descr = $entity['entPhysicalName'] . " (" . $entity['entPhysicalModelName'] .")";
diff --git a/html/pages/device/routing/ospf.inc.php b/html/pages/device/routing/ospf.inc.php
index 9e69b68e93..a75ff381f2 100644
--- a/html/pages/device/routing/ospf.inc.php
+++ b/html/pages/device/routing/ospf.inc.php
@@ -13,15 +13,15 @@ while ($instance = mysql_fetch_assoc($query))
 {
   if (!is_integer($i_i/2)) { $instance_bg = $list_colour_a; } else { $instance_bg = $list_colour_b; }
 
-  $area_count = mysql_result(mysql_query("SELECT COUNT(*) FROM `ospf_areas` WHERE `device_id` = '".$device['device_id']."'"),0);
-  $port_count = mysql_result(mysql_query("SELECT COUNT(*) FROM `ospf_ports` WHERE `device_id` = '".$device['device_id']."'"),0);
-  $port_count_enabled = mysql_result(mysql_query("SELECT COUNT(*) FROM `ospf_ports` WHERE `ospfIfAdminStat` = 'enabled' AND `device_id` = '".$device['device_id']."'"),0);
-  $nbr_count = mysql_result(mysql_query("SELECT COUNT(*) FROM `ospf_nbrs` WHERE `device_id` = '".$device['device_id']."'"),0);
+  $area_count = dbFetchCell("SELECT COUNT(*) FROM `ospf_areas` WHERE `device_id` = ?", array($device['device_id']));
+  $port_count = dbFetchCell("SELECT COUNT(*) FROM `ospf_ports` WHERE `device_id` = ?", array($device['device_id']));
+  $port_count_enabled = dbFetchCell("SELECT COUNT(*) FROM `ospf_ports` WHERE `ospfIfAdminStat` = 'enabled' AND `device_id` = ?", array($device['device_id']));
+  $nbr_count = dbFetchCell("SELECT COUNT(*) FROM `ospf_nbrs` WHERE `device_id` = ?", array($device['device_id']));
 
   $query = "SELECT * FROM ipv4_addresses AS A, ports AS I WHERE ";
-  $query .= "(A.ipv4_address = '".$peer['bgpPeerIdentifier']."' AND I.interface_id = A.interface_id)";
-  $query .= " AND I.device_id = '".$device['device_id']."'";
-  $ipv4_host = mysql_fetch_assoc(mysql_query($query));
+  $query .= "(A.ipv4_address = ? AND I.interface_id = A.interface_id)";
+  $query .= " AND I.device_id = ?";
+  $ipv4_host = dbFetchRow($query, array($peer['bgpPeerIdentifier'], $device['device_id']));
 
   if ($instance['ospfAdminStat'] == "enabled") { $enabled = '<span style="color: #00aa00">enabled</span>'; } else { $enabled = '<span style="color: #aaaaaa">disabled</span>'; }
   if ($instance['ospfAreaBdrRtrStatus'] == "true") { $abr = '<span style="color: #00aa00">yes</span>'; } else { $abr = '<span style="color: #aaaaaa">no</span>'; }
@@ -45,14 +45,12 @@ while ($instance = mysql_fetch_assoc($query))
 
   ##### Loop Areas
   $i_a = 0;
-  $a_sql   = "SELECT * FROM `ospf_areas` WHERE `device_id` = '".$device['device_id']."'";
-  $a_query = mysql_query($a_sql);
-  while ($area = mysql_fetch_assoc($a_query))
+  foreach (dbFetchRows("SELECT * FROM `ospf_areas` WHERE `device_id` = ?", array($device['device_id'])) as $area)
   {
     if (!is_integer($i_a/2)) { $area_bg = $list_colour_b_a; } else { $area_bg = $list_colour_b_b; }
 
-    $area_port_count = mysql_result(mysql_query("SELECT COUNT(*) FROM `ospf_ports` WHERE `device_id` = '".$device['device_id']."' AND `ospfIfAreaId` = '".$area['ospfAreaId']."'"),0);
-    $area_port_count_enabled = mysql_result(mysql_query("SELECT COUNT(*) FROM `ospf_ports` WHERE `ospfIfAdminStat` = 'enabled' AND `device_id` = '".$device['device_id']."' AND `ospfIfAreaId` = '".$area['ospfAreaId']."'"),0);
+    $area_port_count = dbFetchCell("SELECT COUNT(*) FROM `ospf_ports` WHERE `device_id` = ? AND `ospfIfAreaId` = ?", array($device['device_id'], $area['ospfAreaId']));
+    $area_port_count_enabled = dbFetchCell("SELECT COUNT(*) FROM `ospf_ports` WHERE `ospfIfAdminStat` = 'enabled' AND `device_id` = ? AND `ospfIfAreaId` = ?", array($device['device_id'], $area['ospfAreaId']));
 
     echo('<tr bgcolor="'.$area_bg.'">');
     echo('  <td width=5></td>');
@@ -68,9 +66,8 @@ while ($instance = mysql_fetch_assoc($query))
 
     ##### Loop Ports
     $i_p = $i_a + 1;
-    $p_sql   = "SELECT * FROM `ospf_ports` AS O, `ports` AS P WHERE O.`ospfIfAdminStat` = 'enabled' AND O.`device_id` = '".$device['device_id']."' AND O.`ospfIfAreaId` = '".$area['ospfAreaId']."' AND P.interface_id = O.interface_id";
-    $p_query = mysql_query($p_sql);
-    while ($ospfport = mysql_fetch_assoc($p_query))
+    $p_sql   = "SELECT * FROM `ospf_ports` AS O, `ports` AS P WHERE O.`ospfIfAdminStat` = 'enabled' AND O.`device_id` = ? AND O.`ospfIfAreaId` = ? AND P.interface_id = O.interface_id";
+    foreach (dbFetchRows($p_sql, array($device['device_id'], $area['ospfAreaId'])) as $ospfport)
     {
       if (!is_integer($i_a/2))
       {
@@ -108,14 +105,12 @@ while ($instance = mysql_fetch_assoc($query))
 
   ## Loop Neigbours
   $i_n = 1;
-  $n_sql   = "SELECT * FROM `ospf_nbrs` WHERE `device_id` = '".$device['device_id']."'";
-  $n_query = mysql_query($n_sql);
-  while ($nbr = mysql_fetch_assoc($n_query))
+  foreach (dbFetchRows("SELECT * FROM `ospf_nbrs` WHERE `device_id` = ?", array($device['device_id'])) as $nbr)
   {
     if (!is_integer($i_n/2)) { $nbr_bg = $list_colour_b_a; } else { $nbr_bg = $list_colour_b_b; }
 
-    $host = @mysql_fetch_assoc(mysql_query("SELECT * FROM ipv4_addresses AS A, ports AS I, devices AS D WHERE A.ipv4_address = '".$nbr['ospfNbrRtrId']."'
-                                            AND I.interface_id = A.interface_id AND D.device_id = I.device_id"));
+    $host = @dbFetchRow("SELECT * FROM ipv4_addresses AS A, ports AS I, devices AS D WHERE A.ipv4_address = ?
+                                            AND I.interface_id = A.interface_id AND D.device_id = I.device_id", array($nbr['ospfNbrRtrId']));
 
     if(is_array($host)) { $rtr_id = generate_dev_link($host, $nbr['ospfNbrRtrId']); } else { $rtr_id = "unknown"; }