From 6bede2fd229395f34c321a37efa2ea93e7b1a7ba Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Sun, 28 Dec 2014 13:44:56 +0100
Subject: harden the sql queries

---
 db/update.d/16_admin_user_angeltypes.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'db')

diff --git a/db/update.d/16_admin_user_angeltypes.php b/db/update.d/16_admin_user_angeltypes.php
index de1803ea..29fc9f54 100644
--- a/db/update.d/16_admin_user_angeltypes.php
+++ b/db/update.d/16_admin_user_angeltypes.php
@@ -5,7 +5,7 @@
 if (sql_num_query("SELECT * FROM `Privileges` WHERE `name`='admin_user_angeltypes'") == 0) {
 	sql_query("INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES ( NULL , 'admin_user_angeltypes', 'Confirm restricted angel types' );");
 	$id = sql_id();
-	sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=-5, `privilege_id`=" . sql_escape($id));
+	sql_query("INSERT INTO `GroupPrivileges` SET `group_id`=-5, `privilege_id`='" . sql_escape($id) . "'");
 	sql_query("INSERT INTO `Sprache` (
 		`TextID` ,
 		`Sprache` ,
-- 
cgit v1.2.3-54-g00ecf