makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/11162] Use integer casting instead of SQL escape.

Browse source 
PHPBB3-11162
This commit is contained in:
Andreas Fischer 2012-11-11 17:40:58 +01:00
parent fd6ee50e06
commit b0812c43fa
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
tests/functions/update_rows_avoiding_duplicates_test.php
View file

@ -61,7 +61,7 @@ class phpbb_update_rows_avoiding_duplicates_test extends phpbb_database_test_cas
$sql = 'SELECT count(*) AS count $sql = 'SELECT count(*) AS count
FROM ' . TOPICS_WATCH_TABLE . ' FROM ' . TOPICS_WATCH_TABLE . '
WHERE topic_id = ' . $db->sql_escape($to); WHERE topic_id = ' . (int) $to;
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
$result_count = $db->sql_fetchfield('count'); $result_count = $db->sql_fetchfield('count');
$db->sql_freeresult($result); $db->sql_freeresult($result);