makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix possible SQL issue - noted by Ulf Harnhammar

Browse source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@3322 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2003-01-15 00:38:13 +00:00
parent 1246ed0b11
commit 801d6acea0
1 changed files with 11 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
phpBB/privmsg.php
View file

@ -683,7 +683,7 @@ else if ( ( $delete && $mark_list ) || $delete_all )
for($i = 0; $i < count($mark_list); $i++)
{
$s_hidden_fields .= '<input type="hidden" name="mark[]" value="' . $mark_list[$i] . '" />';
$s_hidden_fields .= '<input type="hidden" name="mark[]" value="' . intval($mark_list[$i]) . '" />';
}
//
@ -755,7 +755,11 @@ else if ( ( $delete && $mark_list ) || $delete_all )
if ( count($mark_list) )
{
$delete_sql_id = implode(', ', $mark_list);
$delete_sql_id = '';
for ($i = 0; $i < sizeof($mark_list); $i++)
{
$delete_sql_id .= (($delete_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
}
if ($folder == 'inbox' || $folder == 'outbox')
{
@ -948,7 +952,11 @@ else if ( $save && $mark_list && $folder != 'savebox' && $folder != 'outbox' )
}
}
$saved_sql_id = implode(', ', $mark_list);
$saved_sql_id = '';
for ($i = 0; $i < sizeof($mark_list); $i++)
{
$saved_sql_id .= (($saved_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
}
// Process request
$saved_sql = "UPDATE " . PRIVMSGS_TABLE;