diff options
author | Tristan Darricau <tristan.darricau@sensiolabs.com> | 2016-03-25 11:20:06 +0100 |
---|---|---|
committer | Tristan Darricau <tristan.darricau@sensiolabs.com> | 2016-03-25 11:20:06 +0100 |
commit | 2168cb7f8e5a54c4676edddfb5804e1441baf179 (patch) | |
tree | fc6d3b365004b338a412fbef6c7ca8fb5871c621 /phpBB/memberlist.php | |
parent | 53a9131db68d17de092fe2b6bf04b411226a1134 (diff) | |
parent | f77142c0b67acf4cf102035ec521f8cec395b43e (diff) | |
download | forums-2168cb7f8e5a54c4676edddfb5804e1441baf179.tar forums-2168cb7f8e5a54c4676edddfb5804e1441baf179.tar.gz forums-2168cb7f8e5a54c4676edddfb5804e1441baf179.tar.bz2 forums-2168cb7f8e5a54c4676edddfb5804e1441baf179.tar.xz forums-2168cb7f8e5a54c4676edddfb5804e1441baf179.zip |
Merge pull request #4231 from Senky/ticket/13630
[ticket/13630] Prevent empty parameter select_single
* Senky/ticket/13630:
[ticket/13630] Prevent empty parameter select_single
Diffstat (limited to 'phpBB/memberlist.php')
-rw-r--r-- | phpBB/memberlist.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php index 7cf39f4eb7..70e834b682 100644 --- a/phpBB/memberlist.php +++ b/phpBB/memberlist.php @@ -1277,7 +1277,8 @@ switch ($mode) } $param = call_user_func_array('request_var', $call); - $param = urlencode($key) . '=' . ((is_string($param)) ? urlencode($param) : $param); + // Encode strings, convert everything else to int in order to prevent empty parameters. + $param = urlencode($key) . '=' . ((is_string($param)) ? urlencode($param) : (int) $param); $params[] = $param; if ($key != 'first_char') |