makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-29 06:38:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/13205] Explicitly cast ids to integers and reformat SQL

Browse source 
PHPBB3-13205
This commit is contained in:
Nils Adermann 2014-10-22 18:35:07 -04:00
parent b5594371ab
commit df72846b89
2 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
phpBB/includes/functions_privmsgs.php
View file

@ -918,10 +918,11 @@ function mark_folder_read($user_id, $folder_id)
{
global $db;
$sql = 'SELECT msg_id FROM ' . PRIVMSGS_TO_TABLE . "
WHERE folder_id = $folder_id
AND user_id = $user_id
AND pm_unread = 1";
$sql = 'SELECT msg_id
FROM ' . PRIVMSGS_TO_TABLE . '
WHERE folder_id = ' . ((int) $folder_id) . '
AND user_id = ' . ((int) $user_id) . '
AND pm_unread = 1';
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))

1
phpBB/includes/ucp/ucp_pm.php
View file

@ -248,7 +248,6 @@ class ucp_pm
if ($request->variable('mark', '') == 'all' && check_link_hash($request->variable('token', ''), 'mark_all_pms_read'))
{
// mark unread
mark_folder_read($user->data['user_id'], $folder_id);
meta_refresh(3, $this->u_action);