diff --git a/addcomment.php b/addcomment.php
index 439fceb..87a3fc9 100644
--- a/addcomment.php
+++ b/addcomment.php
@@ -46,21 +46,16 @@ if(isset($_REQUEST['body']))
     // get current userid
     $userId = $_SESSION['current']->userid;
 
-    $result = mysql_query("INSERT INTO appComments VALUES (NOW(), null, '".$_REQUEST['thread']."','".
+    $result = query_appdb("INSERT INTO appComments VALUES (NOW(), null, '".$_REQUEST['thread']."','".
 			   $_REQUEST['appId']."', '".$_REQUEST['versionId']."', $userId, '$hostname', '$subject', ".
 			   "'$body1', 0)");
-		
-    if (!$result)
+    if ($result)
     {
-        errorpage('Internal Database Access Error',mysql_error());
-        exit;
-    } else
-    {
-        if (isset($originator))
+        if (isset($_REQUEST['originator']))
         {
-            if (UserWantsEmail($originator))
+            if (UserWantsEmail($_REQUEST['originator']))
             {
-                $email = lookupEmail($originator);
+                $email = lookupEmail($_REQUEST['originator']);
                 $fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']);
                 $ms .= APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'].".\n";
                 $ms .= "\n";
@@ -101,8 +96,8 @@ if(isset($_REQUEST['body']))
         addmsg("mesage sent to: ".$email, "green");
 
         addmsg("New Comment Posted", "green");
-        redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
     }
+    redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
 }
 
 ################################
@@ -116,7 +111,7 @@ else if(loggedin())
 
   if($_REQUEST['thread'])
   {
-    $result = mysql_query("SELECT * FROM appComments WHERE commentId = ".$_REQUEST['thread']);
+    $result = query_appdb("SELECT * FROM appComments WHERE commentId = ".$_REQUEST['thread']);
     $ob = mysql_fetch_object($result);
     if($ob)
     {
diff --git a/deletecomment.php b/deletecomment.php
index 35af480..96c7105 100644
--- a/deletecomment.php
+++ b/deletecomment.php
@@ -28,7 +28,7 @@ if(!havepriv("admin") &&
         !$_SESSION['current']->is_maintainer($_REQUEST['appId'], 
                                              $_REQUEST['versionId']))
 {
-    errorpage('You don\'t have admin privilages');
+    errorpage('You don\'t have admin privileges');
     exit;
 }
 
@@ -36,7 +36,7 @@ opendb();
 
 /* retrieve the parentID of the comment we are deleting */
 /* so we can fix up the parentIds of this comments children */
-$result = mysql_query("SELECT parentId FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
+$result = query_appdb("SELECT parentId FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
 if (!$result)
 {
     errorpage('Internal error retrieving parent of commentId');
@@ -47,12 +47,8 @@ $ob = mysql_fetch_object($result);
 $deletedParentId = $ob->parentId;
 
 /* get the subject and body from the comment */
-$result = mysql_query("select * FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
-if (!$result)
-{
-    errorpage('Internal Database Access Error',mysql_error());
-    exit;
-}
+$result = query_appdb("select * FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
+if (!$result) redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
 $ob = mysql_fetch_object($result);
 $body = $ob->body;
 $subject = $ob->subject;
@@ -89,56 +85,49 @@ if($_SESSION['current']->getpref("confirm_comment_deletion") != "no" &&
     apidb_footer();
 } else
 {
-/* delete the comment from the database */
-$result = mysql_query("DELETE FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
-
-if (!isset($result))
-{
-    errorpage('Internal Database Access Error',mysql_error());
-    exit;
-}
-
-/* fixup the child comments so the parentId points to a valid parent comment */
-$result = mysql_query("UPDATE appComments set parentId = '$deletedParentId' WHERE parentId = '".$_REQUEST['commentId']."'");
-if(!isset($result))
-{
-    errorpage('Internal database error fixing up the parentId of child comments');
-    exit;
-}
-$email = getNotifyEmailAddressList($_REQUEST['appId'], $_REQUEST['versionId']);
-$notify_user_email=lookupEmail($ob->userId);
-$notify_user_username=lookupUsername($ob->userId);
-$email .= $notify_user_email;
-if($email)
-{
-    $fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']);
-    $ms = APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."\n";
-    $ms .= "\n";
-    $ms .= $_SESSION['current']->username." deleted comment from ".$fullAppName."\n";
-    $ms .= "\n";
-    $ms .= "This comment was made on ".substr($ob->time,0,10)." by $notify_user_username \n";
-    $ms .= "\n";
-    $ms .= "Subject: ".$subject."\n";
-    $ms .= "\n";
-    $ms .= $body."\n";
-    $ms .= "\n";
-    $ms .= "Because:\n";
-    if($_REQUEST['str_why'])
-        $ms .= stripslashes($_REQUEST['str_why'])."\n";
-    else
-        $ms .= "No reason given.\n";
-    $ms .= "\n";
-    $ms .= STANDARD_NOTIFY_FOOTER;
-    echo $ms;
-    mail(stripslashes($email), "[AppDB] ".$fullAppName ,$ms);
-} else
-{
-   $email = "no one";
-}
-addmsg("mesage sent to: ".$email, "green");
-
-addmsg("Comment deleted", "green");
-redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
+    /* delete the comment from the database */
+    $result = query_appdb("DELETE FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
+    if ($result)
+    {
+        /* fixup the child comments so the parentId points to a valid parent comment */
+        $result = query_appdb("UPDATE appComments set parentId = '$deletedParentId' WHERE parentId = '".$_REQUEST['commentId']."'");
+        if(!$result)
+        {
+            errorpage('Internal database error fixing up the parentId of child comments');
+            exit;
+        } else 
+        {
+            $email = getNotifyEmailAddressList($_REQUEST['appId'], $_REQUEST['versionId']);
+            $notify_user_email=lookupEmail($ob->userId);
+            $notify_user_username=lookupUsername($ob->userId);
+            $email .= $notify_user_email;
+            if($email)
+            {
+                $fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']);
+                $ms = APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."\n";
+                $ms .= "\n";
+                $ms .= $_SESSION['current']->username." deleted comment from ".$fullAppName."\n";
+                $ms .= "\n";
+                $ms .= "This comment was made on ".substr($ob->time,0,10)." by $notify_user_username \n";
+                $ms .= "\n";
+                $ms .= "Subject: ".$subject."\n";
+                $ms .= "\n";
+                $ms .= $body."\n";
+                $ms .= "\n";
+                $ms .= "Because:\n";
+                if($_REQUEST['str_why'])
+                    $ms .= stripslashes($_REQUEST['str_why'])."\n";
+                else
+                    $ms .= "No reason given.\n";
+                $ms .= "\n";
+                $ms .= STANDARD_NOTIFY_FOOTER;
+                mail(stripslashes($email), "[AppDB] ".$fullAppName ,$ms);
+            } else
+                $email = "no one";
+            addmsg("mesage sent to: ".$email, "green");
+            addmsg("Comment deleted", "green");
+            redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
+        }
+    }
 }
 ?>
-