Validation to prevent SQL injection.

git-svn-id: https://plugins.svn.wordpress.org/cp-appointment-calendar/trunk@1088427 b8457f37-d9ea-0310-8a92-e5e31aec5664

dex_appointments.php

@@ -340,6 +340,8 @@ function dex_process_ready_to_go_appointment($itemnumber, $payer_email = "")
 {
    global $wpdb;
 
+   $itemnumber = intval($itemnumber);
+
    $myrows = $wpdb->get_results( "SELECT * FROM ".DEX_APPOINTMENTS_TABLE_NAME." WHERE id=".$itemnumber );   
 
    $SYSTEM_EMAIL = get_option('notification_from_email', DEX_APPOINTMENTS_DEFAULT_PAYPAL_EMAIL);