Commit: b75fa9c0ebdcf7da01c2d68500c2de13a5ea2d83 Author: kovacs.ferenc <[email protected]> Wed, 11 Jun 2014 14:31:19 +0200 Parents: e7dca7e9d57a29cf93c2a5673c0d8acd275e4c1e Branches: master
Link: http://git.php.net/?p=web/master.git;a=commitdiff;h=b75fa9c0ebdcf7da01c2d68500c2de13a5ea2d83 Log: enforce types for numeric vars Changed paths: M manage/user-notes.php Diff: diff --git a/manage/user-notes.php b/manage/user-notes.php index d88fec8..bfd3511 100644 --- a/manage/user-notes.php +++ b/manage/user-notes.php @@ -447,14 +447,14 @@ if (preg_match("/^(.+)\\s+(\\d+)\$/", $action, $m)) { /* hack around the rewrite rules */ if (isset($_GET['action']) && ($_GET['action'] == 'resetall' || $_GET['action'] == 'resetup' || $_GET['action'] == 'resetdown' || $_GET['action'] == 'deletevotes')) { $action = $_GET['action']; - $id = isset($_GET['id']) ? $_GET['id'] : null; + $id = isset($_GET['id']) ? (int)$_GET['id'] : null; } switch($action) { case 'mass': if (!allow_mass_change($cuser)) { die("You are not allowed to take this action!"); } head("user notes"); - $step = (isset($_REQUEST["step"]) ? $_REQUEST["step"] : 0); + $step = (isset($_REQUEST["step"]) ? (int)$_REQUEST["step"] : 0); $where = array(); if (!empty($_REQUEST["old_sect"])) { $where[] = "sect = '". real_clean($_REQUEST["old_sect"]) ."'"; -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
