Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix SQLi from media type #645
  • Loading branch information
rjmackay committed Jul 5, 2012
1 parent 8375c57 commit d954093
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion application/controllers/json.php
Expand Up @@ -563,7 +563,7 @@ public function timeline($category_id = 0)
if (isset($_GET['m']) AND intval($_GET['m']) > 0)
{
$query = "SELECT incident_id AS id FROM ".$this->table_prefix."media "
. "WHERE media_type = ".$_GET['m']
. "WHERE media_type = ".intval($_GET['m'])
. $incident_id_in;

$incident_id_in = $this->_exec_timeline_data_query($db, $query);
Expand Down

0 comments on commit d954093

Please sign in to comment.