aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/functions_privmsgs.php
diff options
context:
space:
mode:
authorNils Adermann <naderman@naderman.de>2014-10-22 18:35:07 -0400
committerNils Adermann <naderman@naderman.de>2014-10-22 18:35:07 -0400
commitdf72846b8945224a431558cfc3cc7e12a463444a (patch)
tree4cdff8103fcc2b217e4e3906a86b7b4845b45d0f /phpBB/includes/functions_privmsgs.php
parentb5594371ab1a31e9b599eb964a3721b2e2614287 (diff)
downloadforums-df72846b8945224a431558cfc3cc7e12a463444a.tar
forums-df72846b8945224a431558cfc3cc7e12a463444a.tar.gz
forums-df72846b8945224a431558cfc3cc7e12a463444a.tar.bz2
forums-df72846b8945224a431558cfc3cc7e12a463444a.tar.xz
forums-df72846b8945224a431558cfc3cc7e12a463444a.zip
[ticket/13205] Explicitly cast ids to integers and reformat SQL
PHPBB3-13205
Diffstat (limited to 'phpBB/includes/functions_privmsgs.php')
-rw-r--r--phpBB/includes/functions_privmsgs.php9
1 files changed, 5 insertions, 4 deletions
diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php
index 79f818caf2..838c6a0fec 100644
--- a/phpBB/includes/functions_privmsgs.php
+++ b/phpBB/includes/functions_privmsgs.php
@@ -918,10 +918,11 @@ function mark_folder_read($user_id, $folder_id)
{
global $db;
- $sql = 'SELECT msg_id FROM ' . PRIVMSGS_TO_TABLE . "
- WHERE folder_id = $folder_id
- AND user_id = $user_id
- AND pm_unread = 1";
+ $sql = 'SELECT msg_id
+ FROM ' . PRIVMSGS_TO_TABLE . '
+ WHERE folder_id = ' . ((int) $folder_id) . '
+ AND user_id = ' . ((int) $user_id) . '
+ AND pm_unread = 1';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
generated by cgit v1.2.1 (git 2.21.0) at 2025-10-09 07:12:48 +0000