Adding intval, see #7440

12 years ago · 0bad83d937
parent e85a6b0274
commit 0bad83d937
4 changed files with 12 additions and 10 deletions
--- a/main/forum/forumfunction.inc.php
+++ b/main/forum/forumfunction.inc.php
@ -440,9 +440,10 @@ function delete_forum_image($forum_id)
 {
    $table_forums = Database::get_course_table(TABLE_FORUM);
    $course_id = api_get_course_int_id();
+    $forum_id = intval($forum_id);

-    $forum_id = Database::escape_string($forum_id);
-    $sql = "SELECT forum_image FROM $table_forums WHERE forum_id = '".$forum_id."' AND c_id = $course_id";
+    $sql = "SELECT forum_image FROM $table_forums
+            WHERE forum_id = '".$forum_id."' AND c_id = $course_id";
    $result = Database::query($sql);
    $row = Database::fetch_array($result);
    if ($row['forum_image'] != '') {
@ -1133,6 +1134,7 @@ function move_up_down($content, $direction, $id)
    $table_forums = Database :: get_course_table(TABLE_FORUM);
    $table_item_property = Database :: get_course_table(TABLE_ITEM_PROPERTY);
    $course_id = api_get_course_int_id();
+    $id = intval($id);

    // Determine which field holds the sort order.
    if ($content == 'forumcategory') {
@ -2302,9 +2304,6 @@ function store_thread($current_forum, $values)
        $message = get_lang('NewThreadStored');
        // Storing the attachments if any.
        if ($has_attachment) {
-            $course_dir = $_course['path'].'/upload/forum';
-            $sys_course_path = api_get_path(SYS_COURSE_PATH);
-            $updir = $sys_course_path.$course_dir;

            // Try to add an extension to the file if it hasn't one.
            $new_file_name = add_ext_on_mime(stripslashes($_FILES['user_upload']['name']), $_FILES['user_upload']['type']);
--- a/main/reservation/m_category.php
+++ b/main/reservation/m_category.php
@ -51,7 +51,7 @@ switch ($_GET['action']) {
 		api_display_tool_title(get_lang('EditResourceType'));
 		$form = new FormValidator('category', 'post', 'm_category.php?action=edit');
 		$form->add_textfield('name', get_lang('ResourceTypeName'), true, array ('maxlength' => '128'));
-		$form->addElement('hidden', 'id', $_GET['id']);
+		$form->addElement('hidden', 'id', intval($_GET['id']));
 		$form->addElement('style_submit_button', 'submit', get_lang('ModifyResourceType'),'class="save"');
 		$form->setDefaults(Rsys :: get_category($_GET['id']));
 		if ($form->validate()) {
--- a/main/reservation/rsys.php
+++ b/main/reservation/rsys.php
@ -176,6 +176,7 @@ class Rsys {
 	 *  @param  -   int     $id     The id
 	 */
 	function delete_category($id) {
+        $id = intval($id);
 		$sql = "SELECT id FROM ".Rsys :: getTable("item")." WHERE category_id=".Database::escape_string($id)."";
 		$result = Database::query($sql);
 		if (Database::num_rows($result) == 0) {
@ -196,6 +197,7 @@ class Rsys {
 	 *  @return -   Array               One or all rows of the category-table
 	 */
 	function get_category($id = null, $orderby = "name ASC") {
+        $id = intval($id);
 		$sql = "SELECT * FROM ".Rsys :: getTable("category");
 		if (!empty ($id))
 			$sql .= " WHERE id = ".Database::escape_string($id)."";
--- a/main/tracking/userLog.php
+++ b/main/tracking/userLog.php
@ -8,8 +8,8 @@
 * @todo clean code - structure is unclear and difficult to modify
 */

-$uInfo = $_REQUEST['uInfo'];
-$view  = $_REQUEST['view'];
+$uInfo = intval($_REQUEST['uInfo']);
+$view  = Security::remove_XSS($_REQUEST['view']);

 // name of the language file that needs to be included
 $language_file = 'tracking';
@ -299,12 +299,13 @@ if( ( $is_allowedToTrack || $is_allowedToTrackEverybodyInCourse )) {
                    echo "</td></tr>";
                    if ($ar['id'] == $scormcontopen) {
                        //have to list the students here
-                        $contentId=$ar['id'];
+                        $contentId = intval($ar['id']);
                        $sql3 = "SELECT iv.status, iv.score, i.title, iv.total_time " .
                                "FROM $tbl_learnpath_item i " .
                                "INNER JOIN $tbl_learnpath_item_view iv ON i.id=iv.lp_item_id " .
                                "INNER JOIN $tbl_learnpath_view v ON iv.lp_view_id=v.id " .
-                                "WHERE (v.user_id=".Database::escape_string($uInfo)." and v.lp_id=$contentId) ORDER BY v.id, i.id";
+                                "WHERE (v.user_id=".Database::escape_string($uInfo)." and v.lp_id=$contentId)
+                                ORDER BY v.id, i.id";
                        $result3=Database::query($sql3);
                        $ar3=Database::fetch_array($result3);
                        if (is_array($ar3)) {