diff --git a/phpBB/includes/functions_privmsgs.php b/phpBB/includes/functions_privmsgs.php
index 79f818caf2..838c6a0fec 100644
--- a/phpBB/includes/functions_privmsgs.php
+++ b/phpBB/includes/functions_privmsgs.php
@@ -918,10 +918,11 @@ function mark_folder_read($user_id, $folder_id)
 {
 	global $db;
 
-	$sql = 'SELECT msg_id FROM ' . PRIVMSGS_TO_TABLE . "
-		WHERE folder_id = $folder_id
-			AND user_id = $user_id
-			AND pm_unread = 1";
+	$sql = 'SELECT msg_id
+		FROM ' . PRIVMSGS_TO_TABLE . '
+		WHERE folder_id = ' . ((int) $folder_id) . '
+			AND user_id = ' . ((int) $user_id) . '
+			AND pm_unread = 1';
 	$result = $db->sql_query($sql);
 
 	while ($row = $db->sql_fetchrow($result))
diff --git a/phpBB/includes/ucp/ucp_pm.php b/phpBB/includes/ucp/ucp_pm.php
index 73519764f4..425a56cf6c 100644
--- a/phpBB/includes/ucp/ucp_pm.php
+++ b/phpBB/includes/ucp/ucp_pm.php
@@ -248,7 +248,6 @@ class ucp_pm
 
 				if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_pms_read'))
 				{
-					// mark unread
 					mark_folder_read($user->data['user_id'], $folder_id);
 
 					meta_refresh(3, $this->u_action);