1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-10-24 13:16:16 +02:00

[ticket/11162] Use integer casting instead of SQL escape.

PHPBB3-11162
This commit is contained in:
Andreas Fischer
2012-11-11 17:40:58 +01:00
parent fd6ee50e06
commit b0812c43fa

View File

@@ -61,7 +61,7 @@ class phpbb_update_rows_avoiding_duplicates_test extends phpbb_database_test_cas
$sql = 'SELECT count(*) AS count
FROM ' . TOPICS_WATCH_TABLE . '
WHERE topic_id = ' . $db->sql_escape($to);
WHERE topic_id = ' . (int) $to;
$result = $db->sql_query($sql);
$result_count = $db->sql_fetchfield('count');
$db->sql_freeresult($result);