From a69dc8bc2d910f00a5a65cef887f3cb1050d270f Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Mon, 21 Jan 2019 10:06:58 +0100 Subject: [PATCH] Minor - add int casting --- main/inc/lib/usergroup.lib.php | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/main/inc/lib/usergroup.lib.php b/main/inc/lib/usergroup.lib.php index 8c591a0627..827b1ff29a 100755 --- a/main/inc/lib/usergroup.lib.php +++ b/main/inc/lib/usergroup.lib.php @@ -407,6 +407,7 @@ class UserGroup extends Model /** * @param array $options + * @param int $type * * @return array */ @@ -550,7 +551,8 @@ class UserGroup extends Model ], ], ]; - $from = $this->usergroup_rel_course_table." as c INNER JOIN ".$this->access_url_rel_usergroup." a + $from = $this->usergroup_rel_course_table." as c + INNER JOIN ".$this->access_url_rel_usergroup." a ON c.usergroup_id = a.usergroup_id"; } else { $options = ['where' => ['c.course_id = ?' => $course_id]]; @@ -1369,6 +1371,8 @@ class UserGroup extends Model public function update_group_picture($group_id, $file = null, $source_file = null) { // Validation 1. + $group_id = (int) $group_id; + if (empty($group_id)) { return false; } @@ -1774,12 +1778,12 @@ class UserGroup extends Model default: // Base: empty, the result path below will be relative. $base = ''; } + $id = (int) $id; if (empty($id) || empty($type)) { return $anonymous ? ['dir' => $base.'img/', 'file' => 'unknown.jpg'] : ['dir' => '', 'file' => '']; } - $id = (int) $id; $group_table = Database::get_main_table(TABLE_USERGROUP); $sql = "SELECT picture FROM $group_table WHERE id = ".$id; $res = Database::query($sql); @@ -1976,7 +1980,7 @@ class UserGroup extends Model { $table_url_rel_group = $this->usergroup_rel_user_table; $result_array = []; - $relation_type = intval($relation_type); + $relation_type = (int) $relation_type; if (is_array($user_list) && is_array($group_list)) { foreach ($group_list as $group_id) { @@ -1987,7 +1991,7 @@ class UserGroup extends Model SET user_id = ".intval($user_id).", usergroup_id = ".intval($group_id).", - relation_type = ".intval($relation_type); + relation_type = ".$relation_type; $result = Database::query($sql); if ($result) { @@ -2093,15 +2097,16 @@ class UserGroup extends Model * * @author Julio Montoya * */ - public function get_groups_by_user($user_id = '', $relation_type = GROUP_USER_PERMISSION_READER, $with_image = false) + public function get_groups_by_user($user_id, $relation_type = GROUP_USER_PERMISSION_READER, $with_image = false) { $table_group_rel_user = $this->usergroup_rel_user_table; $tbl_group = $this->table; + $user_id = (int) $user_id; if ($relation_type == 0) { $relationCondition = ''; } else { - $relation_type = intval($relation_type); + $relation_type = (int) $relation_type; $relationCondition = " AND gu.relation_type = $relation_type "; } @@ -2536,7 +2541,6 @@ class UserGroup extends Model $from = intval($from); $number_of_items = intval($number_of_items); - //$sql .= " ORDER BY col$column $direction "; $sql .= " LIMIT $from,$number_of_items"; $res = Database::query($sql); @@ -2559,6 +2563,8 @@ class UserGroup extends Model public static function get_parent_groups($group_id) { $t_rel_group = Database::get_main_table(TABLE_USERGROUP_REL_USERGROUP); + $group_id = (int) $group_id; + $max_level = 10; $select_part = "SELECT "; $cond_part = ''; @@ -2605,7 +2611,7 @@ class UserGroup extends Model $relationType = GROUP_USER_PERMISSION_ADMIN, $includeSubgroupsUsers = true ) { - $userId = intval($userId); + $userId = (int) $userId; $groups = $this->get_groups_by_user($userId, $relationType); $groupsId = array_keys($groups); $subgroupsId = []; @@ -2656,7 +2662,7 @@ class UserGroup extends Model public static function getGroupsByDepthLevel($groupId, $levels = 10) { $groups = []; - $groupId = intval($groupId); + $groupId = (int) $groupId; $groupTable = Database::get_main_table(TABLE_USERGROUP); $groupRelGroupTable = Database::get_main_table(TABLE_USERGROUP_REL_USERGROUP);