Uncasted user input cause SQL issues

silverstripe · Mar 24, 2013 · 5c9a962 · 5c9a962
1 parent 6f1f3a2
commit 5c9a962
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/code/formfields/FieldEditor.php b/code/formfields/FieldEditor.php
@@ -180,7 +180,7 @@ public function addfield() {
 		$parentID = $this->form->getRecord()->ID;
 
 		if($parentID) {
-			$parentID = Convert::raw2sql($parentID);
+			$parentID = (int)$parentID;
 
 			$sqlQuery = new SQLQuery();
 			$sqlQuery = $sqlQuery
@@ -222,7 +222,7 @@ public function addoptionfield() {
 
 		// work out the sort by getting the sort of the last field in the form +1
 		if($parent) {
-			$sql_parent = Convert::raw2sql($parent);
+			$sql_parent = (int)$parent;
 
 			$sqlQuery = new SQLQuery();
 			$sqlQuery = $sqlQuery