diff options
| author | Joas Schilling <nickvergessen@gmx.de> | 2014-01-18 12:40:12 +0100 |
|---|---|---|
| committer | Joas Schilling <nickvergessen@gmx.de> | 2014-01-18 12:40:12 +0100 |
| commit | 876e5e5fbbf3049da2b96eacc7b13b29dd484642 (patch) | |
| tree | cebc0fec71bac9af28c332c5563e01f675670146 /phpBB/phpbb/profilefields/profilefields.php | |
| parent | 431fa7b59321376fa7ceb44ac62de30c6edb29a8 (diff) | |
| download | forums-876e5e5fbbf3049da2b96eacc7b13b29dd484642.tar forums-876e5e5fbbf3049da2b96eacc7b13b29dd484642.tar.gz forums-876e5e5fbbf3049da2b96eacc7b13b29dd484642.tar.bz2 forums-876e5e5fbbf3049da2b96eacc7b13b29dd484642.tar.xz forums-876e5e5fbbf3049da2b96eacc7b13b29dd484642.zip | |
[ticket/11201] Cast some variables to integer
PHPBB3-11201
Diffstat (limited to 'phpBB/phpbb/profilefields/profilefields.php')
| -rw-r--r-- | phpBB/phpbb/profilefields/profilefields.php | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/phpBB/phpbb/profilefields/profilefields.php b/phpBB/phpbb/profilefields/profilefields.php index af0b733f32..acb1e6afcb 100644 --- a/phpBB/phpbb/profilefields/profilefields.php +++ b/phpBB/phpbb/profilefields/profilefields.php @@ -79,9 +79,9 @@ class profilefields FROM ' . $this->fields_language_table . ' l, ' . $this->fields_table . " f WHERE f.field_active = 1 $sql_where - AND l.lang_id = $lang_id + AND l.lang_id = " . (int) $lang_id . ' AND l.field_id = f.field_id - ORDER BY f.field_order"; + ORDER BY f.field_order'; $result = $this->db->sql_query($sql); while ($row = $this->db->sql_fetchrow($result)) @@ -153,8 +153,8 @@ class profilefields } $sql = 'SELECT l.*, f.* - FROM ' . $this->fields_language_table . ' l, ' . $this->fields_table . " f - WHERE l.lang_id = $lang_id + FROM ' . $this->fields_language_table . ' l, ' . $this->fields_table . ' f + WHERE l.lang_id = ' . (int) $lang_id . " AND f.field_active = 1 $sql_where AND l.field_id = f.field_id @@ -218,8 +218,8 @@ class profilefields } $sql = 'UPDATE ' . $this->fields_data_table . ' - SET ' . $this->db->sql_build_array('UPDATE', $cp_data_sql) . " - WHERE user_id = $user_id"; + SET ' . $this->db->sql_build_array('UPDATE', $cp_data_sql) . ' + WHERE user_id = ' . (int) $user_id; $this->db->sql_query($sql); if (!$this->db->sql_affectedrows()) |