makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 22:28:51 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/16181] Enforce string data type

Browse source 
PHPBB3-16181
This commit is contained in:
mrgoldy 2019-10-08 20:12:24 +02:00
parent c75c13e555
commit 1f669a31a0
1 changed files with 8 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
phpBB/phpbb/auth/provider/oauth/oauth.php
View file

@ -216,10 +216,15 @@ class oauth extends \phpbb\auth\provider\base
$this->service_providers[$service_name]->set_external_service_provider($service); $this->service_providers[$service_name]->set_external_service_provider($service);
$unique_id = $this->service_providers[$service_name]->perform_auth_login(); $unique_id = $this->service_providers[$service_name]->perform_auth_login();
// Check to see if this provider is already assosciated with an account /**
* Check to see if this provider is already assosciated with an account.
*
* Enforcing a data type to make sure it are strings and not integers,
* so values are quoted in the SQL WHERE statement.
*/
$data = array( $data = array(
'provider' => $service_name_original, 'provider' => (string) $service_name_original,
'oauth_provider_id' => $unique_id 'oauth_provider_id' => (string) $unique_id
); );
$sql = 'SELECT user_id FROM ' . $this->auth_provider_oauth_token_account_assoc . ' $sql = 'SELECT user_id FROM ' . $this->auth_provider_oauth_token_account_assoc . '