Fix HIGH priority issues: paths, globs, deps, wordsplit

- Fixed 3 unquoted path expansions in cleanup-toolkit-data.sh
  (lines 175, 192-193: quoted $pattern in ls/rm commands)

- Fixed 3 unquoted globs in erase/malware-scanner scripts
  (erase-toolkit-traces.sh lines 103-104, malware-scanner.sh line 229)

- Added system-detect.sh sourcing to email-functions.sh
  (fixes 5 HIGH priority DEP warnings for detect_control_panel)

- Fixed 2 WORDSPLIT issues in mysql-analyzer.sh
  (lines 137, 362: changed from for loops to while read loops
   to safely handle database/table names with spaces)

lib/email-functions.sh

@@ -6,6 +6,12 @@
 # Shared functions for email troubleshooting modules
 ################################################################################
 
+# Source system detection (for detect_control_panel function)
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+if [ -f "$SCRIPT_DIR/system-detect.sh" ]; then
+    source "$SCRIPT_DIR/system-detect.sh"
+fi
+
 # Detect MTA (Mail Transfer Agent)
 detect_mta() {
     if command -v exim &>/dev/null; then

lib/mysql-analyzer.sh

@@ -133,9 +133,8 @@ map_database_to_user_domain() {
     # Build map for all databases
     print_info "Building database to user/domain mapping..."
 
-    local all_dbs=$(mysql -Ns -e "SHOW DATABASES" 2>/dev/null | grep -v "^information_schema$\|^mysql$\|^performance_schema$\|^sys$")
-
-    for db in $all_dbs; do
+    # Use while read to safely iterate over database names (handles spaces in names)
+    mysql -Ns -e "SHOW DATABASES" 2>/dev/null | grep -v "^information_schema$\|^mysql$\|^performance_schema$\|^sys$" | while IFS= read -r db; do
         # Extract potential username from database name
         # Format: username_dbname
         local potential_user=$(echo "$db" | cut -d_ -f1)
@@ -359,11 +358,10 @@ analyze_queries_for_problems() {
         # Extract database
         local db_name=$(extract_database_from_query "$query")
 
-        # Extract tables
-        local tables=$(extract_tables_from_query "$query")
+        # Extract tables and safely iterate (handles spaces in table names)
+        extract_tables_from_query "$query" | while IFS= read -r table; do
+            [ -z "$table" ] && continue  # Skip empty lines
 
-        # Identify plugins
-        for table in $tables; do
             local plugin=$(identify_plugin_from_table "$table")
             local owner=$(get_database_owner "$db_name")
             local domain=$(get_database_domain "$db_name")

modules/maintenance/cleanup-toolkit-data.sh

@@ -172,8 +172,8 @@ fi
 
 # Session/lock files
 for pattern in /var/run/server-toolkit* /var/lock/server-toolkit*; do
-    if ls $pattern 2>/dev/null | grep -q .; then
-        rm -f $pattern 2>/dev/null
+    if ls "$pattern" 2>/dev/null | grep -q .; then
+        rm -f "$pattern" 2>/dev/null
         echo -e "  ${GREEN}✓${NC} Removed: Session/lock files"
         ((cleaned_count++))
         break
@@ -189,9 +189,9 @@ remove_logs="${remove_logs:-no}"
 
 if [ "$remove_logs" = "yes" ]; then
     for pattern in /var/log/server-toolkit*.log; do
-        if ls $pattern 2>/dev/null | grep -q .; then
-            count=$(ls $pattern 2>/dev/null | wc -l)
-            rm -f $pattern 2>/dev/null
+        if ls "$pattern" 2>/dev/null | grep -q .; then
+            count=$(ls "$pattern" 2>/dev/null | wc -l)
+            rm -f "$pattern" 2>/dev/null
             echo -e "  ${GREEN}✓${NC} Removed: $count log file(s)"
             ((cleaned_count++))
             break

modules/security/malware-scanner.sh

@@ -226,7 +226,7 @@ install_all_scanners() {
             cd maldetect-* 2>/dev/null
             ./install.sh &>/dev/null
             cd /tmp
-            rm -rf maldetect-*
+            rm -rf "maldetect-"*
         fi
 
         if is_maldet_installed; then

tools/erase-toolkit-traces.sh

@@ -100,8 +100,8 @@ echo "  ✓ Download artifacts removed"
 
 # Remove toolkit temp files
 echo "→ Removing temporary files..."
-rm -rf /tmp/live-monitor-* 2>/dev/null
-rm -rf /tmp/server-toolkit-* 2>/dev/null
+rm -rf /tmp/"live-monitor-"* 2>/dev/null
+rm -rf /tmp/"server-toolkit-"* 2>/dev/null
 echo "  ✓ Temp files removed"
 
 # Clean last log and audit trails