From 5cae905afb7b9075cf3f2a7287908f937551d2b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20T=C3=A4nzer?= Date: Thu, 1 May 2014 01:31:19 +0200 Subject: bug 1138: This is an int, no need to mysql_real_escape() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Michael Tänzer --- pages/account/43.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pages/account/43.php b/pages/account/43.php index fb10e69..c889ce3 100644 --- a/pages/account/43.php +++ b/pages/account/43.php @@ -130,7 +130,7 @@ if(intval($_REQUEST['userid']) > 0) { if (!write_se_log($userid, $_SESSION['profile']['id'], 'SE assurance revoke', $ticketno)) { $ticketmsg=_("Writing to the admin log failed. Can't continue."); } else { - $assurance = mysql_real_escape_string(intval($_REQUEST['assurance'])); + $assurance = intval($_REQUEST['assurance']); $trow = 0; $res = mysql_query("select `to` from `notary` where `id`='".intval($assurance)."' and `deleted` = 0"); if ($res) { -- cgit v1.2.1