From 6bede2fd229395f34c321a37efa2ea93e7b1a7ba Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Sun, 28 Dec 2014 13:44:56 +0100
Subject: harden the sql queries

---
 includes/model/Message_model.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'includes/model/Message_model.php')

diff --git a/includes/model/Message_model.php b/includes/model/Message_model.php
index 1e1923e8..7bae0dd4 100644
--- a/includes/model/Message_model.php
+++ b/includes/model/Message_model.php
@@ -14,7 +14,7 @@ function Message_ids() {
  *          ID
  */
 function Message($id) {
-  $message_source = sql_select("SELECT * FROM `Messages` WHERE `id`=" . sql_escape($id) . " LIMIT 1");
+  $message_source = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($id) . "' LIMIT 1");
   if ($message_source === false)
     return false;
   if (count($message_source) > 0)
@@ -38,8 +38,8 @@ function Message_send($id, $text) {
   $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($text));
   $to = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($id));
   
-  if (($text != "" && is_numeric($to)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`=" . sql_escape($to) . " AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0)) {
-    sql_query("INSERT INTO `Messages` SET `Datum`=" . sql_escape(time()) . ", `SUID`=" . sql_escape($user['UID']) . ", `RUID`=" . sql_escape($to) . ", `Text`='" . sql_escape($text) . "'");
+  if (($text != "" && is_numeric($to)) && (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($to) . "' AND NOT `UID`='" . sql_escape($user['UID']) . "' LIMIT 1") > 0)) {
+    sql_query("INSERT INTO `Messages` SET `Datum`='" . sql_escape(time()) . "', `SUID`='" . sql_escape($user['UID']) . "', `RUID`='" . sql_escape($to) . "', `Text`='" . sql_escape($text) . "'");
     return true;
   } else {
     return false;
-- 
cgit v1.2.3-54-g00ecf