Adding intval function to querys see DT#4389

skala
Julio Montoya 16 years ago
parent 87738b2fe7
commit 2092248273
  1. 2
      main/coursecopy/copy_course_session.php
  2. 2
      main/inc/course_document.inc.php
  3. 4
      main/inc/local.inc.php

@ -145,7 +145,7 @@ function search_courses($id_session,$type) {
$sql = "SELECT c.code, c.visual_code, c.title, src.id_session
FROM $tbl_course c, $tbl_session_rel_course src
WHERE src.course_code = c.code
AND src.id_session = '".intval($id_session)."'";
AND src.id_session = '".$id_session."'";
$rs = Database::query($sql, __FILE__, __LINE__);
$course_list = array();

@ -19,7 +19,7 @@ if(!api_is_platform_admin()){
//session
if(isset($_GET['id_session']))
$_SESSION['id_session'] = $_GET['id_session'];
$_SESSION['id_session'] = intval($_GET['id_session']);
$htmlHeadXtra[] =
"<script type=\"text/javascript\">

@ -818,7 +818,7 @@ if (isset($cidReset) && $cidReset) { // course session data refresh requested or
if (!empty($_GET['id_session'])) {
$_SESSION['id_session'] = Database::escape_string($_GET['id_session']);
$sql = 'SELECT name FROM '.$tbl_session . ' WHERE id="'.$_SESSION['id_session'] . '"';
$sql = 'SELECT name FROM '.$tbl_session . ' WHERE id="'.intval($_SESSION['id_session']) . '"';
$rs = Database::query($sql,__FILE__,__LINE__);
list($_SESSION['session_name']) = Database::fetch_array($rs);
} else {
@ -848,7 +848,7 @@ if (isset($cidReset) && $cidReset) { // course session data refresh requested or
if (!empty($_GET['id_session'])) {
$tbl_session = Database::get_main_table(TABLE_MAIN_SESSION);
$_SESSION['id_session'] = Database::escape_string($_GET['id_session']);
$sql = 'SELECT name FROM '.$tbl_session . ' WHERE id="'.$_SESSION['id_session'] . '"';
$sql = 'SELECT name FROM '.$tbl_session . ' WHERE id="'.intval($_SESSION['id_session']). '"';
$rs = Database::query($sql,__FILE__,__LINE__);
list($_SESSION['session_name']) = Database::fetch_array($rs);
}

Loading…
Cancel
Save