Skip to content
Permalink
Browse files Browse the repository at this point in the history
Update to avoid sql vulnerabilities.
git-svn-id: https://plugins.svn.wordpress.org/cp-polls/trunk@1031343 b8457f37-d9ea-0310-8a92-e5e31aec5664
  • Loading branch information
codepeople committed Nov 23, 2014
1 parent 900688a commit 6d7168c
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion cp-admin-int-message-list.inc.php
Expand Up @@ -14,7 +14,7 @@

if (isset($_GET['lu']) && $_GET['lu'] != '')
{
$wpdb->query('UPDATE `'.$wpdb->prefix.$this->table_messages.'` SET paid='.esc_sql($_GET["status"]).' WHERE id='.$_GET['lu']);
$wpdb->query('UPDATE `'.$wpdb->prefix.$this->table_messages.'` SET paid='.esc_sql($_GET["status"]).' WHERE id='.intval($_GET['lu']));
$message = "Item updated";
}
else if (isset($_GET['ld']) && $_GET['ld'] != '')
Expand Down

0 comments on commit 6d7168c

Please sign in to comment.