diff options
| author | Joas Schilling <nickvergessen@gmx.de> | 2014-01-18 12:40:12 +0100 |
|---|---|---|
| committer | Joas Schilling <nickvergessen@gmx.de> | 2014-01-18 12:40:12 +0100 |
| commit | 876e5e5fbbf3049da2b96eacc7b13b29dd484642 (patch) | |
| tree | cebc0fec71bac9af28c332c5563e01f675670146 /phpBB/phpbb/profilefields | |
| parent | 431fa7b59321376fa7ceb44ac62de30c6edb29a8 (diff) | |
| download | forums-876e5e5fbbf3049da2b96eacc7b13b29dd484642.tar forums-876e5e5fbbf3049da2b96eacc7b13b29dd484642.tar.gz forums-876e5e5fbbf3049da2b96eacc7b13b29dd484642.tar.bz2 forums-876e5e5fbbf3049da2b96eacc7b13b29dd484642.tar.xz forums-876e5e5fbbf3049da2b96eacc7b13b29dd484642.zip | |
[ticket/11201] Cast some variables to integer
PHPBB3-11201
Diffstat (limited to 'phpBB/phpbb/profilefields')
| -rw-r--r-- | phpBB/phpbb/profilefields/lang_helper.php | 6 | ||||
| -rw-r--r-- | phpBB/phpbb/profilefields/profilefields.php | 12 |
2 files changed, 9 insertions, 9 deletions
diff --git a/phpBB/phpbb/profilefields/lang_helper.php b/phpBB/phpbb/profilefields/lang_helper.php index cf4a248d1b..7bae1bdc18 100644 --- a/phpBB/phpbb/profilefields/lang_helper.php +++ b/phpBB/phpbb/profilefields/lang_helper.php @@ -70,9 +70,9 @@ class lang_helper else { $sql = 'SELECT option_id, lang_value - FROM ' . $this->language_table . " - WHERE field_id = $field_id - AND lang_id = $lang_id + FROM ' . $this->language_table . ' + WHERE field_id = ' . (int) $field_id . ' + AND lang_id = ' . (int) $lang_id . " AND field_type = '" . $this->db->sql_escape($field_type) . "' ORDER BY option_id"; $result = $this->db->sql_query($sql); diff --git a/phpBB/phpbb/profilefields/profilefields.php b/phpBB/phpbb/profilefields/profilefields.php index af0b733f32..acb1e6afcb 100644 --- a/phpBB/phpbb/profilefields/profilefields.php +++ b/phpBB/phpbb/profilefields/profilefields.php @@ -79,9 +79,9 @@ class profilefields FROM ' . $this->fields_language_table . ' l, ' . $this->fields_table . " f WHERE f.field_active = 1 $sql_where - AND l.lang_id = $lang_id + AND l.lang_id = " . (int) $lang_id . ' AND l.field_id = f.field_id - ORDER BY f.field_order"; + ORDER BY f.field_order'; $result = $this->db->sql_query($sql); while ($row = $this->db->sql_fetchrow($result)) @@ -153,8 +153,8 @@ class profilefields } $sql = 'SELECT l.*, f.* - FROM ' . $this->fields_language_table . ' l, ' . $this->fields_table . " f - WHERE l.lang_id = $lang_id + FROM ' . $this->fields_language_table . ' l, ' . $this->fields_table . ' f + WHERE l.lang_id = ' . (int) $lang_id . " AND f.field_active = 1 $sql_where AND l.field_id = f.field_id @@ -218,8 +218,8 @@ class profilefields } $sql = 'UPDATE ' . $this->fields_data_table . ' - SET ' . $this->db->sql_build_array('UPDATE', $cp_data_sql) . " - WHERE user_id = $user_id"; + SET ' . $this->db->sql_build_array('UPDATE', $cp_data_sql) . ' + WHERE user_id = ' . (int) $user_id; $this->db->sql_query($sql); if (!$this->db->sql_affectedrows()) |