[ticket/11162] Use integer casting instead of SQL escape.

PHPBB3-11162
author: Andreas Fischer <bantu@phpbb.com> 2012-11-11 17:40:58 +0100
committer: Andreas Fischer <bantu@phpbb.com> 2012-11-11 17:40:58 +0100
commit: b0812c43fa05bec8c59e5ff3c7889f0f98089775 (patch)
tree: b1b9bd163610f423ad799a9cd0aa086f41ec0d92 /tests
parent: fd6ee50e06cb48c9e3a476bf23285875484ff5f7 (diff)
download: forums-b0812c43fa05bec8c59e5ff3c7889f0f98089775.tar
forums-b0812c43fa05bec8c59e5ff3c7889f0f98089775.tar.gz
forums-b0812c43fa05bec8c59e5ff3c7889f0f98089775.tar.bz2
forums-b0812c43fa05bec8c59e5ff3c7889f0f98089775.tar.xz
forums-b0812c43fa05bec8c59e5ff3c7889f0f98089775.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/tests/functions/update_rows_avoiding_duplicates_test.php b/tests/functions/update_rows_avoiding_duplicates_test.php
index 0e949717d2..e4e156209d 100644
--- a/tests/functions/update_rows_avoiding_duplicates_test.php
+++ b/tests/functions/update_rows_avoiding_duplicates_test.php
@@ -61,7 +61,7 @@ class phpbb_update_rows_avoiding_duplicates_test extends phpbb_database_test_cas
 
 		$sql = 'SELECT count(*) AS count
 			FROM ' . TOPICS_WATCH_TABLE . '
-			WHERE topic_id = ' . $db->sql_escape($to);
+			WHERE topic_id = ' . (int) $to;
 		$result = $db->sql_query($sql);
 		$result_count = $db->sql_fetchfield('count');
 		$db->sql_freeresult($result);
author	Andreas Fischer <bantu@phpbb.com>	2012-11-11 17:40:58 +0100
committer	Andreas Fischer <bantu@phpbb.com>	2012-11-11 17:40:58 +0100
commit	b0812c43fa05bec8c59e5ff3c7889f0f98089775 (patch)
tree	b1b9bd163610f423ad799a9cd0aa086f41ec0d92 /tests
parent	fd6ee50e06cb48c9e3a476bf23285875484ff5f7 (diff)
download	forums-b0812c43fa05bec8c59e5ff3c7889f0f98089775.tar forums-b0812c43fa05bec8c59e5ff3c7889f0f98089775.tar.gz forums-b0812c43fa05bec8c59e5ff3c7889f0f98089775.tar.bz2 forums-b0812c43fa05bec8c59e5ff3c7889f0f98089775.tar.xz forums-b0812c43fa05bec8c59e5ff3c7889f0f98089775.zip