[svn r11117] casting $blog_id, $_user['id'], $task_id, ... and alike

and using mysql_real_escape_string
to fix XSS and SQL injections
http://www.dokeos.com/forum/viewtopic.php?t=8464

main/blog/blog_admin.php

@@ -61,15 +61,15 @@ if ($_POST['new_blog_submit'])
 }
 if ($_POST['edit_blog_submit'])
 {
-	Blog::edit_blog(mysql_real_escape_string($_POST['blog_id']),mysql_real_escape_string($_POST['blog_name']),mysql_real_escape_string($_POST['blog_subtitle']));
+	Blog::edit_blog(mysql_real_escape_string((int)$_POST['blog_id']),mysql_real_escape_string($_POST['blog_name']),mysql_real_escape_string($_POST['blog_subtitle']));
 }
 if ($_GET['action'] == 'visibility')
 {
-	Blog::change_blog_visibility(mysql_real_escape_string($_GET['blog_id']));
+	Blog::change_blog_visibility(mysql_real_escape_string((int)$_GET['blog_id']));
 }
 if ($_GET['action'] == 'delete')
 {
-	Blog::delete_blog(mysql_real_escape_string($_GET['blog_id']));
+	Blog::delete_blog(mysql_real_escape_string((int)$_GET['blog_id']));
 }
 
 
@@ -88,7 +88,7 @@ api_display_tool_title($nameTools);
 	}
 	if ($_GET['action'] == 'edit')
 	{
-		Blog::display_edit_blog_form(mysql_real_escape_string($_GET['blog_id']));
+		Blog::display_edit_blog_form(mysql_real_escape_string((int)$_GET['blog_id']));
 	}
 
 	echo "<a href='".$_SERVER['PHP_SELF']."?action=add'>",