cvs: pearweb /public_html package-stats-graph.php

cellog          Wed Oct 18 04:15:49 2006 UTC

  Modified files:              
    /pearweb/public_html        package-stats-graph.php 
  Log:
  remove another potential sql injection vector
  
http://cvs.php.net/viewvc.cgi/pearweb/public_html/package-stats-graph.php?r1=1.24&r2=1.25&diff_format=u
Index: pearweb/public_html/package-stats-graph.php
diff -u pearweb/public_html/package-stats-graph.php:1.24 
pearweb/public_html/package-stats-graph.php:1.25
--- pearweb/public_html/package-stats-graph.php:1.24    Wed Oct 18 00:29:24 2006
+++ pearweb/public_html/package-stats-graph.php Wed Oct 18 04:15:49 2006
@@ -15,7 +15,7 @@
    +----------------------------------------------------------------------+
    | Authors: Richard Heyes <richard@xxxxxxx>                             |
    +----------------------------------------------------------------------+
-   $Id: package-stats-graph.php,v 1.24 2006/10/18 00:29:24 cellog Exp $
+   $Id: package-stats-graph.php,v 1.25 2006/10/18 04:15:49 cellog Exp $
 */
 
 /*
@@ -81,7 +81,7 @@
                         GROUP BY dyear, dmonth
                         ORDER BY dyear DESC, dmonth DESC",
                    (int) $_GET['pid'],
-                   $release_clause = $rid > 0 ? 'AND a.release_id = ' . $rid : 
'');
+                   $release_clause = $rid > 0 ? 'AND a.release_id = ' . (int) 
$rid : '');
 
     if ($result = $dbh->query($sql)) {
         while ($row = $result->fetchRow(DB_FETCHMODE_ASSOC)) {

-- 
PEAR CVS Mailing List (http://pear.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php