diff options
| author | Nils Adermann <naderman@naderman.de> | 2014-10-22 18:35:07 -0400 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2014-10-22 18:35:07 -0400 |
| commit | df72846b8945224a431558cfc3cc7e12a463444a (patch) | |
| tree | 4cdff8103fcc2b217e4e3906a86b7b4845b45d0f /phpBB/includes | |
| parent | b5594371ab1a31e9b599eb964a3721b2e2614287 (diff) | |
| download | forums-df72846b8945224a431558cfc3cc7e12a463444a.tar forums-df72846b8945224a431558cfc3cc7e12a463444a.tar.gz forums-df72846b8945224a431558cfc3cc7e12a463444a.tar.bz2 forums-df72846b8945224a431558cfc3cc7e12a463444a.tar.xz forums-df72846b8945224a431558cfc3cc7e12a463444a.zip | |
[ticket/13205] Explicitly cast ids to integers and reformat SQL
PHPBB3-13205
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/functions_privmsgs.php | 9 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_pm.php | 1 |
2 files changed, 5 insertions, 5 deletions
diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php index 79f818caf2..838c6a0fec 100644 --- a/phpBB/includes/functions_privmsgs.php +++ b/phpBB/includes/functions_privmsgs.php @@ -918,10 +918,11 @@ function mark_folder_read($user_id, $folder_id) { global $db; - $sql = 'SELECT msg_id FROM ' . PRIVMSGS_TO_TABLE . " - WHERE folder_id = $folder_id - AND user_id = $user_id - AND pm_unread = 1"; + $sql = 'SELECT msg_id + FROM ' . PRIVMSGS_TO_TABLE . ' + WHERE folder_id = ' . ((int) $folder_id) . ' + AND user_id = ' . ((int) $user_id) . ' + AND pm_unread = 1'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) diff --git a/phpBB/includes/ucp/ucp_pm.php b/phpBB/includes/ucp/ucp_pm.php index 73519764f4..425a56cf6c 100644 --- a/phpBB/includes/ucp/ucp_pm.php +++ b/phpBB/includes/ucp/ucp_pm.php @@ -248,7 +248,6 @@ class ucp_pm if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_pms_read')) { - // mark unread mark_folder_read($user->data['user_id'], $folder_id); meta_refresh(3, $this->u_action); |