makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 14:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix possible SQL issue - noted by Ulf Harnhammar

Browse source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@3322 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2003-01-15 00:38:13 +00:00
parent 1246ed0b11
commit 801d6acea0
1 changed files with 11 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
phpBB/privmsg.php
View file

@ -683,7 +683,7 @@ else if ( ( $delete && $mark_list ) || $delete_all )
for($i = 0; $i < count($mark_list); $i++) for($i = 0; $i < count($mark_list); $i++)
{ {
$s_hidden_fields .= '<input type="hidden" name="mark[]" value="' . $mark_list[$i] . '" />'; $s_hidden_fields .= '<input type="hidden" name="mark[]" value="' . intval($mark_list[$i]) . '" />';
} }
// //
@ -755,7 +755,11 @@ else if ( ( $delete && $mark_list ) || $delete_all )
if ( count($mark_list) ) if ( count($mark_list) )
{ {
$delete_sql_id = implode(', ', $mark_list); $delete_sql_id = '';
for ($i = 0; $i < sizeof($mark_list); $i++)
{
$delete_sql_id .= (($delete_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
}
if ($folder == 'inbox' || $folder == 'outbox') if ($folder == 'inbox' || $folder == 'outbox')
{ {
@ -948,7 +952,11 @@ else if ( $save && $mark_list && $folder != 'savebox' && $folder != 'outbox' )
} }
} }
$saved_sql_id = implode(', ', $mark_list); $saved_sql_id = '';
for ($i = 0; $i < sizeof($mark_list); $i++)
{
$saved_sql_id .= (($saved_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
}
// Process request // Process request
$saved_sql = "UPDATE " . PRIVMSGS_TABLE; $saved_sql = "UPDATE " . PRIVMSGS_TABLE;