diff options
| author | Fyorl <gaelreth@gmail.com> | 2012-08-14 14:43:36 +0100 |
|---|---|---|
| committer | Fyorl <gaelreth@gmail.com> | 2012-08-14 14:43:36 +0100 |
| commit | 9729fa9a3e6fbc559156ccd2b83b64b73e4b0194 (patch) | |
| tree | b502cbd3366853334defb6fbef94067c55da75df /phpBB/includes | |
| parent | c6449b48255bcb60de271114c008df724f78d82c (diff) | |
| download | forums-9729fa9a3e6fbc559156ccd2b83b64b73e4b0194.tar forums-9729fa9a3e6fbc559156ccd2b83b64b73e4b0194.tar.gz forums-9729fa9a3e6fbc559156ccd2b83b64b73e4b0194.tar.bz2 forums-9729fa9a3e6fbc559156ccd2b83b64b73e4b0194.tar.xz forums-9729fa9a3e6fbc559156ccd2b83b64b73e4b0194.zip | |
[feature/attach-dl] Cast variables to int
PHPBB3-11042
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/functions_download.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php index ed2f598429..0be12aa617 100644 --- a/phpBB/includes/functions_download.php +++ b/phpBB/includes/functions_download.php @@ -689,9 +689,9 @@ function phpbb_download_check_pm_auth($db, $user_id, $msg_id) // Check if the attachment is within the users scope... $sql = 'SELECT user_id, author_id FROM ' . PRIVMSGS_TO_TABLE . ' - WHERE msg_id = ' . $msg_id . " - AND user_id = $user_id - OR author_id = $user_id"; + WHERE msg_id = ' . (int) $msg_id . ' + AND user_id = ' . (int) $user_id . ' + OR author_id = ' . (int) $user_id; $result = $db->sql_query_limit($sql, 1); $allowed = $db->sql_fetchrow($result); $db->sql_freeresult($result); |