diff --git a/main/inc/lib/add_courses_to_session_functions.lib.php b/main/inc/lib/add_courses_to_session_functions.lib.php index bb5aeaf5cb..24ee992f63 100755 --- a/main/inc/lib/add_courses_to_session_functions.lib.php +++ b/main/inc/lib/add_courses_to_session_functions.lib.php @@ -31,10 +31,10 @@ class AddCourseToSession $cond_course_code = ''; if (!empty($id_session)) { - $id_session = Database::escape_string($id_session); + $id_session = intval($id_session); // check course_code from session_rel_course table $sql = 'SELECT course_code FROM '.$tbl_session_rel_course.' - WHERE id_session ="'.(int)$id_session.'"'; + WHERE id_session = '.$id_session; $res = Database::query($sql); $course_codes = ''; if (Database::num_rows($res) > 0) { diff --git a/main/inc/lib/blog.lib.php b/main/inc/lib/blog.lib.php index 2cb3fb19f3..c2068e29a3 100755 --- a/main/inc/lib/blog.lib.php +++ b/main/inc/lib/blog.lib.php @@ -165,7 +165,7 @@ class Blog { $this_blog_id = Database::insert_id(); //update item_property (update) - api_item_property_update(api_get_course_info(), TOOL_BLOGS, Database::escape_string($blog_id), 'BlogUpdated', api_get_user_id()); + api_item_property_update(api_get_course_info(), TOOL_BLOGS, intval($blog_id), 'BlogUpdated', api_get_user_id()); // Update course homepage link $sql = "UPDATE $tbl_tool SET name = '".Database::escape_string($title)."' WHERE c_id = $course_id AND link = 'blog/blog.php?blog_id=".Database::escape_string((int)$blog_id)."' LIMIT 1"; @@ -217,7 +217,7 @@ class Blog { Database::query($sql); //update item_property (delete) - api_item_property_update(api_get_course_info(), TOOL_BLOGS, Database::escape_string($blog_id), 'delete', api_get_user_id()); + api_item_property_update(api_get_course_info(), TOOL_BLOGS, intval($blog_id), 'delete', api_get_user_id()); } /** @@ -278,7 +278,7 @@ class Blog { // Storing the attachments if any if ($result) { $sql='INSERT INTO '.$blog_table_attachment.'(c_id, filename,comment, path, post_id,size, blog_id,comment_id) '. - "VALUES ($course_id, '".Database::escape_string($file_name)."', '".Database::escape_string($comment)."', '".Database::escape_string($new_file_name)."' , '".$last_post_id."', '".intval($_FILES['user_upload']['size'])."', '".$blog_id."', '0' )"; + "VALUES ($course_id, '".Database::escape_string($file_name)."', '".$comment."', '".Database::escape_string($new_file_name)."' , '".$last_post_id."', '".intval($_FILES['user_upload']['size'])."', '".$blog_id."', '0' )"; $result=Database::query($sql); $message.=' / '.get_lang('AttachmentUpload'); } @@ -404,7 +404,7 @@ class Blog { if ($result) { $sql='INSERT INTO '.$blog_table_attachment.'(c_id, filename,comment, path, post_id,size,blog_id,comment_id) '. - "VALUES ($course_id, '".Database::escape_string($file_name)."', '".Database::escape_string($comment)."', '".Database::escape_string($new_file_name)."' , '".$post_id."', '".$_FILES['user_upload']['size']."', '".$blog_id."', '".$last_id."' )"; + "VALUES ($course_id, '".Database::escape_string($file_name)."', '".$comment."', '".Database::escape_string($new_file_name)."' , '".$post_id."', '".$_FILES['user_upload']['size']."', '".$blog_id."', '".$last_id."' )"; $result=Database::query($sql); $message.=' / '.get_lang('AttachmentUpload'); } @@ -423,9 +423,9 @@ class Blog { // Init $tbl_blogs_comments = Database::get_course_table(TABLE_BLOGS_COMMENTS); $tbl_blogs_rating = Database::get_course_table(TABLE_BLOGS_RATING); - $blog_id = Database::escape_string($blog_id); - $post_id = Database::escape_string($post_id); - $comment_id = Database::escape_string($comment_id); + $blog_id = intval($blog_id); + $post_id = intval($post_id); + $comment_id = intval($comment_id); $course_id = api_get_course_int_id(); @@ -2713,9 +2713,9 @@ function get_blog_attachment($blog_id, $post_id=null,$comment_id=null) { $blog_table_attachment = Database::get_course_table(TABLE_BLOGS_ATTACHMENT); - $blog_id = Database::escape_string($blog_id); - $comment_id = Database::escape_string($comment_id); - $post_id = Database::escape_string($post_id); + $blog_id = intval($blog_id); + $comment_id = intval($comment_id); + $post_id = intval($post_id); $row=array(); $where=''; if (!empty ($post_id) && is_numeric($post_id)) { @@ -2754,9 +2754,9 @@ function delete_all_blog_attachment($blog_id,$post_id=null,$comment_id=null) global $_course; $blog_table_attachment = Database::get_course_table(TABLE_BLOGS_ATTACHMENT); - $blog_id = Database::escape_string($blog_id); - $comment_id = Database::escape_string($comment_id); - $post_id = Database::escape_string($post_id); + $blog_id = intval($blog_id); + $comment_id = intval($comment_id); + $post_id = intval($post_id); $course_id = api_get_course_int_id(); @@ -2836,7 +2836,7 @@ function get_blog_post_from_user($course_code, $user_id) { function get_blog_comment_from_user($course_code, $user_id) { $tbl_blogs = Database::get_course_table(TABLE_BLOGS); $tbl_blog_comment = Database::get_course_table(TABLE_BLOGS_COMMENTS); - $user_id = Database::escape_string($user_id); + $user_id = intval($user_id); $course_info = api_get_course_info($course_code); $course_id = $course_info['real_id']; diff --git a/main/inc/lib/classmanager.lib.php b/main/inc/lib/classmanager.lib.php index c92c50fa81..2c634b17f9 100755 --- a/main/inc/lib/classmanager.lib.php +++ b/main/inc/lib/classmanager.lib.php @@ -160,7 +160,7 @@ class ClassManager $tbl_course_user = Database :: get_main_table(TABLE_MAIN_COURSE_USER); $sql = "INSERT IGNORE INTO $tbl_course_class SET course_code = '".Database::escape_string($course_code)."', class_id = '".Database::escape_string($class_id)."'"; Database::query($sql); - $sql = "SELECT user_id FROM $tbl_class_user WHERE class_id = '".Database::escape_string($class_id)."'"; + $sql = "SELECT user_id FROM $tbl_class_user WHERE class_id = '".intval($class_id)."'"; $res = Database::query($sql); while ($user = Database::fetch_object($res)) { CourseManager :: subscribe_user($user->user_id, $course_code); @@ -181,7 +181,7 @@ class ClassManager $single_class_users = Database::query($sql); while ($single_class_user = Database::fetch_object($single_class_users)) { - $sql = "SELECT * FROM $tbl_class_user WHERE class_id = '".Database::escape_string($class_id)."' AND user_id = '".Database::escape_string($single_class_user->user_id)."'"; + $sql = "SELECT * FROM $tbl_class_user WHERE class_id = '".intval($class_id)."' AND user_id = '".Database::escape_string($single_class_user->user_id)."'"; $res = Database::query($sql); if (Database::num_rows($res) > 0) { diff --git a/main/inc/lib/course.lib.php b/main/inc/lib/course.lib.php index fcba4c1fa8..69f0fb23b5 100755 --- a/main/inc/lib/course.lib.php +++ b/main/inc/lib/course.lib.php @@ -253,7 +253,7 @@ class CourseManager if (!in_array($orderdirection, array('ASC', 'DESC'))) { $sql .= 'ASC'; } else { - $sql .= Database::escape_string($orderdirection); + $sql .= ($orderdirection == 'ASC'?'ASC':'DESC'); } if (!empty($howmany) && is_int($howmany) and $howmany > 0) { @@ -263,7 +263,7 @@ class CourseManager } if (!empty($from)) { $from = intval($from); - $sql .= ' OFFSET '.Database::escape_string($from); + $sql .= ' OFFSET '.intval($from); } else { $sql .= ' OFFSET 0'; } @@ -301,7 +301,7 @@ class CourseManager { $result = Database::fetch_array(Database::query( "SELECT status FROM ".Database::get_main_table(TABLE_MAIN_COURSE_USER)." - WHERE course_code = '".Database::escape_string($course_code)."' AND user_id = ".Database::escape_string($user_id)) + WHERE course_code = '".Database::escape_string($course_code)."' AND user_id = ".intval($user_id)) ); return $result['status']; @@ -316,7 +316,7 @@ class CourseManager { $result = Database::fetch_array(Database::query( "SELECT tutor_id FROM ".Database::get_main_table(TABLE_MAIN_COURSE_USER)." - WHERE course_code = '".Database::escape_string($course_code)."' AND user_id = ".Database::escape_string($user_id)) + WHERE course_code = '".Database::escape_string($course_code)."' AND user_id = ".intval($user_id)) ); return $result['tutor_id']; @@ -3868,7 +3868,7 @@ class CourseManager global $_user; $output = array(); $table_category = Database::get_user_personal_table(TABLE_USER_COURSE_CATEGORY); - $sql = "SELECT * FROM ".$table_category." WHERE user_id='".Database::escape_string($_user['user_id'])."'"; + $sql = "SELECT * FROM ".$table_category." WHERE user_id='".intval($_user['user_id'])."'"; $result = Database::query($sql); while ($row = Database::fetch_array($result)) { $output[$row['id']] = $row['title']; diff --git a/main/inc/lib/course_category.lib.php b/main/inc/lib/course_category.lib.php index 7806090cd6..8fbb1801a8 100755 --- a/main/inc/lib/course_category.lib.php +++ b/main/inc/lib/course_category.lib.php @@ -101,7 +101,7 @@ function addNode($code, $name, $canHaveCourses, $parent_id) $tbl_category = Database::get_main_table(TABLE_MAIN_CATEGORY); $code = trim(Database::escape_string($code)); $name = trim(Database::escape_string($name)); - $parent_id = Database::escape_string($parent_id); + $parent_id = intval($parent_id); $canHaveCourses = Database::escape_string($canHaveCourses); $code = generate_course_code($code); @@ -220,7 +220,7 @@ function moveNodeUp($code, $tree_pos, $parent_id) $tbl_category = Database::get_main_table(TABLE_MAIN_CATEGORY); $code = Database::escape_string($code); $tree_pos = Database::escape_string($tree_pos); - $parent_id = Database::escape_string($parent_id); + $parent_id = intval($parent_id); $sql = "SELECT code,tree_pos FROM $tbl_category WHERE parent_id " . (empty($parent_id) ? "IS NULL" : "='$parent_id'") . " AND tree_pos<'$tree_pos' @@ -246,11 +246,11 @@ function moveNodeUp($code, $tree_pos, $parent_id) * @param $cpt * @return mixed */ -function compterFils($pere, $cpt) +function compterFils($parent, $cpt) { $tbl_category = Database::get_main_table(TABLE_MAIN_CATEGORY); - $pere = Database::escape_string($pere); - $result = Database::query("SELECT code FROM $tbl_category WHERE parent_id='$pere'"); + $parent = intval($parent); + $result = Database::query("SELECT code FROM $tbl_category WHERE parent_id='$parent'"); while ($row = Database::fetch_array($result)) { $cpt = compterFils($row['code'], $cpt); diff --git a/main/inc/lib/course_request.lib.php b/main/inc/lib/course_request.lib.php index 5686c868f1..68bdd295ff 100755 --- a/main/inc/lib/course_request.lib.php +++ b/main/inc/lib/course_request.lib.php @@ -299,7 +299,7 @@ class CourseRequestManager objetives = "%s", target_audience = "%s", status = "%s", info = "%s", exemplary_content = "%s" WHERE id = '.$id, Database::get_main_table(TABLE_MAIN_COURSE_REQUEST), Database::escape_string($code), - Database::escape_string($user_id), + intval($user_id), Database::escape_string($directory), Database::escape_string($db_name), Database::escape_string($course_language), diff --git a/main/inc/lib/document.lib.php b/main/inc/lib/document.lib.php index 807378884b..7d9ea11195 100755 --- a/main/inc/lib/document.lib.php +++ b/main/inc/lib/document.lib.php @@ -983,7 +983,7 @@ class DocumentManager { $TABLE_DOCUMENT = Database::get_course_table(TABLE_DOCUMENT); $course_id = $_course['real_id']; - $document_id = Database::escape_string($document_id); + $document_id = intval($document_id); $sql = "SELECT filetype FROM $TABLE_DOCUMENT WHERE c_id = $course_id AND id= $document_id"; $result = Database::fetch_array(Database::query($sql), 'ASSOC'); @@ -1467,7 +1467,7 @@ class DocumentManager '" . Database::escape_string($title) . "', '" . Database::escape_string($description) . "', '" . Database::escape_string($course_code) . "', - '" . Database::escape_string($user_id) . "', + '" . intval($user_id) . "', '" . Database::escape_string($document_id_for_template) . "', '" . Database::escape_string($image) . "')"; Database::query($sql); @@ -1486,8 +1486,8 @@ class DocumentManager { $table_template = Database::get_main_table(TABLE_MAIN_TEMPLATES); $course_code = Database::escape_string($course_code); - $user_id = Database::escape_string($user_id); - $document_id = Database::escape_string($document_id); + $user_id = intval($user_id); + $document_id = intval($document_id); $sql = 'SELECT id FROM ' . $table_template . ' WHERE @@ -1718,13 +1718,13 @@ class DocumentManager $tbl_category = Database :: get_main_table(TABLE_MAIN_GRADEBOOK_CATEGORY); $session_id = api_get_session_id(); if ($session_id == 0 || is_null($session_id)) { - $sql_session = 'AND (session_id=' . Database::escape_string($session_id) . ' OR isnull(session_id)) '; + $sql_session = 'AND (session_id=' . intval($session_id) . ' OR isnull(session_id)) '; } elseif ($session_id > 0) { - $sql_session = 'AND session_id=' . Database::escape_string($session_id); + $sql_session = 'AND session_id=' . intval($session_id); } else { $sql_session = ''; } - $sql = 'UPDATE ' . $tbl_category . ' SET document_id="' . Database::escape_string($document_id) . '" + $sql = 'UPDATE ' . $tbl_category . ' SET document_id="' . intval($document_id) . '" WHERE course_code="' . Database::escape_string($course_id) . '" ' . $sql_session; Database::query($sql); } @@ -1739,9 +1739,9 @@ class DocumentManager $tbl_category = Database :: get_main_table(TABLE_MAIN_GRADEBOOK_CATEGORY); $session_id = api_get_session_id(); if ($session_id == 0 || is_null($session_id)) { - $sql_session = 'AND (session_id=' . Database::escape_string($session_id) . ' OR isnull(session_id)) '; + $sql_session = 'AND (session_id=' . intval($session_id) . ' OR isnull(session_id)) '; } elseif ($session_id > 0) { - $sql_session = 'AND session_id=' . Database::escape_string($session_id); + $sql_session = 'AND session_id=' . intval($session_id); } else { $sql_session = ''; } @@ -1911,9 +1911,9 @@ class DocumentManager $tbl_category = Database :: get_main_table(TABLE_MAIN_GRADEBOOK_CATEGORY); $session_id = api_get_session_id(); if ($session_id == 0 || is_null($session_id)) { - $sql_session = 'AND (session_id=' . Database::escape_string($session_id) . ' OR isnull(session_id)) '; + $sql_session = 'AND (session_id=' . intval($session_id) . ' OR isnull(session_id)) '; } elseif ($session_id > 0) { - $sql_session = 'AND session_id=' . Database::escape_string($session_id); + $sql_session = 'AND session_id=' . intval($session_id); } else { $sql_session = ''; } diff --git a/main/inc/lib/events.lib.inc.php b/main/inc/lib/events.lib.inc.php index 7b566ad22a..7f4c83e27e 100755 --- a/main/inc/lib/events.lib.inc.php +++ b/main/inc/lib/events.lib.inc.php @@ -1613,8 +1613,8 @@ function event_send_mail($event_name, $params) */ function check_if_mail_already_sent($event_name, $user_from, $user_to = null) { $event_name = Database::escape_string($event_name); - $user_to = Database::escape_string($user_to); - $user_from = Database::escape_string($user_from); + $user_to = intval($user_to); + $user_from = intval($user_from); if ($user_to == null) { $sql = 'SELECT COUNT(*) as total FROM ' . Database::get_main_table(TABLE_EVENT_SENT) . ' WHERE user_from = '.$user_from.' AND event_type_name = "'.$event_name.'"'; diff --git a/main/inc/lib/extra_field_value.lib.php b/main/inc/lib/extra_field_value.lib.php index 7adcff40eb..7fe03470e8 100755 --- a/main/inc/lib/extra_field_value.lib.php +++ b/main/inc/lib/extra_field_value.lib.php @@ -384,7 +384,7 @@ class ExtraFieldValue extends Model public function get_values_by_handler_and_field_id($item_id, $field_id, $transform = false) { $field_id = intval($field_id); - $item_id = Database::escape_string($item_id); + $item_id = intval($item_id); $sql = "SELECT s.*, field_type FROM {$this->table} s INNER JOIN {$this->table_handler_field} sf ON (s.field_id = sf.id) @@ -466,7 +466,7 @@ class ExtraFieldValue extends Model */ public function get_values_by_handler_and_field_variable($item_id, $field_variable, $transform = false) { - $item_id = Database::escape_string($item_id); + $item_id = intval($item_id); $field_variable = Database::escape_string($field_variable); $sql = "SELECT s.*, field_type FROM {$this->table} s @@ -637,7 +637,7 @@ class ExtraFieldValue extends Model public function delete_values_by_handler_and_field_id($item_id, $field_id) { $field_id = intval($field_id); - $item_id = Database::escape_string($item_id); + $item_id = intval($item_id); $sql = "DELETE FROM {$this->table} WHERE {$this->handler_id} = '$item_id' AND field_id = '".$field_id."' "; Database::query($sql); diff --git a/main/inc/lib/glossary.lib.php b/main/inc/lib/glossary.lib.php index 2be1b32b72..32bcd03073 100755 --- a/main/inc/lib/glossary.lib.php +++ b/main/inc/lib/glossary.lib.php @@ -44,7 +44,7 @@ class GlossaryManager $glossary_table = Database::get_course_table(TABLE_GLOSSARY); $course_id = api_get_course_int_id(); $sql = "SELECT description FROM $glossary_table - WHERE c_id = $course_id AND glossary_id =".Database::escape_string($glossary_id); + WHERE c_id = $course_id AND glossary_id =".intval($glossary_id); $rs=Database::query($sql); if (Database::num_rows($rs) > 0) { $row = Database::fetch_array($rs); @@ -63,7 +63,7 @@ class GlossaryManager public static function get_glossary_term_by_glossary_name ($glossary_name) { $glossary_table = Database::get_course_table(TABLE_GLOSSARY); - $session_id = intval($session_id); + $session_id = api_get_session_id(); $course_id = api_get_course_int_id(); $sql_filter = api_get_session_condition($session_id); $sql = 'SELECT description FROM '.$glossary_table.' @@ -161,7 +161,7 @@ class GlossaryManager description = '".Database::escape_string($values['glossary_comment'])."' WHERE c_id = $course_id AND - glossary_id = ".Database::escape_string($values['glossary_id']); + glossary_id = ".intval($values['glossary_id']); $result = Database::query($sql); if ($result === false) { return false; @@ -170,7 +170,7 @@ class GlossaryManager api_item_property_update( api_get_course_info(), TOOL_GLOSSARY, - Database::escape_string($values['glossary_id']), + intval($values['glossary_id']), 'GlossaryUpdated', api_get_user_id() ); @@ -287,11 +287,11 @@ class GlossaryManager if (empty($glossary_id)) { return false; } - $sql = "DELETE FROM $t_glossary WHERE c_id = $course_id AND glossary_id='".Database::escape_string($glossary_id)."'"; + $sql = "DELETE FROM $t_glossary WHERE c_id = $course_id AND glossary_id='".intval($glossary_id)."'"; $result = Database::query($sql); if ($result === false or Database::affected_rows() < 1) { return false; } //update item_property (delete) - api_item_property_update(api_get_course_info(), TOOL_GLOSSARY, Database::escape_string($glossary_id), 'delete', api_get_user_id()); + api_item_property_update(api_get_course_info(), TOOL_GLOSSARY, intval($glossary_id), 'delete', api_get_user_id()); // reorder the remaining terms GlossaryManager::reorder_glossary(); @@ -538,7 +538,7 @@ class GlossaryManager $i = 1; while ($data = Database::fetch_array($res)) { $sql = "UPDATE $t_glossary SET display_order = $i - WHERE c_id = $course_id AND glossary_id = '".Database::escape_string($data['glossary_id'])."'"; + WHERE c_id = $course_id AND glossary_id = '".intval($data['glossary_id'])."'"; Database::query($sql); $i++; } diff --git a/main/inc/lib/group_portal_manager.lib.php b/main/inc/lib/group_portal_manager.lib.php index 278f22965c..5bdb20b2f7 100755 --- a/main/inc/lib/group_portal_manager.lib.php +++ b/main/inc/lib/group_portal_manager.lib.php @@ -113,7 +113,7 @@ class GroupPortalManager { $id = intval($id); $table = Database :: get_main_table(TABLE_MAIN_GROUP); - $sql = "DELETE FROM $table WHERE id = ".Database::escape_string($id); + $sql = "DELETE FROM $table WHERE id = ".intval($id); $result = Database::query($sql); // Deleting all relationship with users and groups self::delete_users($id); diff --git a/main/inc/lib/groupmanager.lib.php b/main/inc/lib/groupmanager.lib.php index 401e4e847b..cf4c44b0b2 100755 --- a/main/inc/lib/groupmanager.lib.php +++ b/main/inc/lib/groupmanager.lib.php @@ -116,7 +116,7 @@ class GroupManager $sql .= " WHERE 1=1 "; if ($category != null) { - $sql .= " AND g.category_id = '".Database::escape_string($category)."' "; + $sql .= " AND g.category_id = '".intval($category)."' "; $session_condition = api_get_session_condition($session_id); if (!empty($session_condition)) { $sql .= $session_condition; @@ -595,7 +595,7 @@ class GroupManager $table_forum = Database :: get_course_table(TABLE_FORUM); $categoryId = intval($categoryId); - $group_id = Database::escape_string($group_id); + $group_id = intval($group_id); $course_id = api_get_course_int_id(); $sql = "UPDATE ".$table_group." SET @@ -680,7 +680,7 @@ class GroupManager } $course_info = api_get_course_info($course_code); $course_id = $course_info['real_id']; - $id = Database::escape_string($id); + $id = intval($id); $table_group_cat = Database :: get_course_table(TABLE_GROUP_CATEGORY); $sql = "SELECT * FROM $table_group_cat WHERE c_id = $course_id AND id = $id LIMIT 1"; @@ -735,7 +735,7 @@ class GroupManager $course_info = api_get_course_info($course_code); $course_id = $course_info['real_id']; - $group_id = Database::escape_string($group_id); + $group_id = intval($group_id); $sql = "SELECT gc.* FROM $table_group_cat gc, $table_group g WHERE gc.c_id = $course_id AND @@ -763,7 +763,7 @@ class GroupManager $table_group = Database:: get_course_table(TABLE_GROUP); $table_group_cat = Database:: get_course_table(TABLE_GROUP_CATEGORY); - $cat_id = Database::escape_string($cat_id); + $cat_id = intval($cat_id); $sql = "SELECT id FROM $table_group WHERE c_id = $course_id AND category_id='".$cat_id."'"; $res = Database::query($sql); @@ -878,7 +878,7 @@ class GroupManager $groups_per_user ) { $table_group_category = Database::get_course_table(TABLE_GROUP_CATEGORY); - $id = Database::escape_string($id); + $id = intval($id); $course_id = api_get_course_int_id(); @@ -940,7 +940,7 @@ class GroupManager AND gu.c_id = g.c_id AND gu.group_id = g.id '; if ($category_id != null) { - $category_id = Database::escape_string($category_id); + $category_id = intval($category_id); $sql .= ' AND g.category_id = '.$category_id; } $sql .= ' GROUP BY gu.user_id ORDER BY current_max DESC LIMIT 1'; @@ -957,8 +957,8 @@ class GroupManager public static function swap_category_order($id1, $id2) { $table_group_cat = Database :: get_course_table(TABLE_GROUP_CATEGORY); - $id1 = Database::escape_string($id1); - $id2 = Database::escape_string($id2); + $id1 = intval($id1); + $id2 = intval($id2); $course_id = api_get_course_int_id(); $sql = "SELECT id,display_order FROM $table_group_cat @@ -997,7 +997,7 @@ class GroupManager $group_user_table = Database :: get_course_table(TABLE_GROUP_USER); $user_table = Database :: get_main_table(TABLE_MAIN_USER); - $group_id = Database::escape_string($group_id); + $group_id = intval($group_id); if (empty($courseId)) { $courseId = api_get_course_int_id(); } else { @@ -1266,7 +1266,7 @@ class GroupManager public static function number_of_students($group_id, $course_id = null) { $table_group_user = Database :: get_course_table(TABLE_GROUP_USER); - $group_id = Database::escape_string($group_id); + $group_id = intval($group_id); if (empty($course_id)) { $course_id = api_get_course_int_id(); } else { @@ -1287,7 +1287,7 @@ class GroupManager public static function maximum_number_of_students($group_id) { $table_group = Database :: get_course_table(TABLE_GROUP); - $group_id = Database::escape_string($group_id); + $group_id = intval($group_id); $course_id = api_get_course_int_id(); $db_result = Database::query("SELECT max_student FROM $table_group WHERE c_id = $course_id AND id = $group_id"); $db_object = Database::fetch_object($db_result); diff --git a/whoisonline.php b/whoisonline.php index 4db5fa5605..68ab3f47c2 100755 --- a/whoisonline.php +++ b/whoisonline.php @@ -100,7 +100,7 @@ if ($_GET['chatid'] != '') { $time = date("Y-m-d H:i:s", $time); $chatid = intval($_GET['chatid']); if ($_GET['chatid'] == strval(intval($_GET['chatid']))) { - $sql = "update $track_user_table set chatcall_user_id = '".Database::escape_string($_user['user_id'])."', chatcall_date = '".Database::escape_string($time)."', chatcall_text = '' where (user_id = ".(int)Database::escape_string($chatid).")"; + $sql = "update $track_user_table set chatcall_user_id = ".intval($_user['user_id']).", chatcall_date = '".Database::escape_string($time)."', chatcall_text = '' where (user_id = ".(int)Database::escape_string($chatid).")"; $result = Database::query($sql); //redirect caller to chat header("Location: ".api_get_path(WEB_CODE_PATH)."chat/chat.php?".api_get_cidreq()."&origin=whoisonline&target=".Security::remove_XSS($chatid));