diff options
| author | mrgoldy <gijsmartens1@gmail.com> | 2019-10-08 20:18:20 +0200 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2019-11-03 11:48:10 +0100 |
| commit | cbb5e6f765fbebc86980e5c72321fca79324aa34 (patch) | |
| tree | 0eeacdc77d89962d6ead374051d857100293183d | |
| parent | 219955fa6cf7de3fadf96f99292c4e411b3decfc (diff) | |
| download | forums-cbb5e6f765fbebc86980e5c72321fca79324aa34.tar forums-cbb5e6f765fbebc86980e5c72321fca79324aa34.tar.gz forums-cbb5e6f765fbebc86980e5c72321fca79324aa34.tar.bz2 forums-cbb5e6f765fbebc86980e5c72321fca79324aa34.tar.xz forums-cbb5e6f765fbebc86980e5c72321fca79324aa34.zip | |
[ticket/16008] Enforce string data type as per ticket/16181
PHPBB3-16008
| -rw-r--r-- | phpBB/phpbb/auth/provider/oauth/oauth.php | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index 20810149dd..fe82663799 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -215,7 +215,12 @@ class oauth extends \phpbb\auth\provider\base ]; } - // Check to see if this provider is already associated with an account + /** + * Check to see if this provider is already associated with an account. + * + * Enforcing a data type to make sure it are strings and not integers, + * so values are quoted in the SQL WHERE statement. + */ $data = [ 'provider' => (string) utf8_strtolower($provider), 'oauth_provider_id' => (string) $unique_id |