harden the sql queries

author: Philip Häusler <msquare@notrademark.de> 2014-12-28 13:44:56 +0100
committer: Philip Häusler <msquare@notrademark.de> 2014-12-28 13:44:56 +0100
commit: 6bede2fd229395f34c321a37efa2ea93e7b1a7ba (patch)
tree: a20c74d5bdddae9e1ec9a988e1ba468371a4a995 /includes/model/NeededAngelTypes_model.php
parent: a6ab81b834fe91b0f0704a7db33e377c8dc63a23 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/includes/model/NeededAngelTypes_model.php b/includes/model/NeededAngelTypes_model.php
index e9176d34..8d6b8cce 100644
--- a/includes/model/NeededAngelTypes_model.php
+++ b/includes/model/NeededAngelTypes_model.php
@@ -10,7 +10,7 @@ function NeededAngelTypes_by_shift($shiftId) {
         SELECT `NeededAngelTypes`.*, `AngelTypes`.`name`, `AngelTypes`.`restricted`
         FROM `NeededAngelTypes`
         JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id`
-        WHERE `shift_id`=" . sql_escape($shiftId) . "
+        WHERE `shift_id`='" . sql_escape($shiftId) . "'
         AND `count` > 0
         ORDER BY `room_id` DESC
         ");
@@ -24,7 +24,7 @@ function NeededAngelTypes_by_shift($shiftId) {
         FROM `NeededAngelTypes`
         JOIN `AngelTypes` ON `AngelTypes`.`id` = `NeededAngelTypes`.`angel_type_id`
         JOIN `Shifts` ON `Shifts`.`RID` = `NeededAngelTypes`.`room_id`
-        WHERE `Shifts`.`SID`=" . sql_escape($shiftId) . "
+        WHERE `Shifts`.`SID`='" . sql_escape($shiftId) . "'
         AND `count` > 0
         ORDER BY `room_id` DESC
         ");
author	Philip Häusler <msquare@notrademark.de>	2014-12-28 13:44:56 +0100
committer	Philip Häusler <msquare@notrademark.de>	2014-12-28 13:44:56 +0100
commit	6bede2fd229395f34c321a37efa2ea93e7b1a7ba (patch)
tree	a20c74d5bdddae9e1ec9a988e1ba468371a4a995 /includes/model/NeededAngelTypes_model.php
parent	a6ab81b834fe91b0f0704a7db33e377c8dc63a23 (diff)