diff options
author | Andrew Dolgov <[email protected]> | 2017-02-25 08:51:08 +0300 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2017-02-25 08:51:08 +0300 |
commit | b4fb29e00346ec78065e875ab318885810524a22 (patch) | |
tree | 40950c1cce12b39e81488d5e09a63c82bc6a4e8b /backend.php | |
parent | abe6ca80782474e266961e49077ee566c22a0a91 (diff) |
switch to integer book ids
Diffstat (limited to 'backend.php')
-rw-r--r-- | backend.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/backend.php b/backend.php index b6e840c..c353e5c 100644 --- a/backend.php +++ b/backend.php @@ -68,7 +68,7 @@ break; case "getpagination": - $bookid = db_escape_string($_REQUEST["id"]); + $bookid = (int) $_REQUEST["id"]; if ($bookid) { $result = db_query($link, "SELECT pagination FROM epube_pagination WHERE bookid = '$bookid' LIMIT 1"); @@ -83,7 +83,7 @@ break; case "storepagination": $payload = db_escape_string($_REQUEST["payload"]); - $bookid = db_escape_string($_REQUEST["id"]); + $bookid = (int) $_REQUEST["id"]; if ($bookid && $payload) { @@ -107,7 +107,7 @@ break; case "getlastread": - $bookid = db_escape_string($_REQUEST["id"]); + $bookid = (int) $_REQUEST["id"]; $lastread = -1; if ($bookid) { @@ -126,7 +126,7 @@ case "storelastread": $page = (int) $_REQUEST["page"]; - $bookid = db_escape_string($_REQUEST["id"]); + $bookid = (int) $_REQUEST["id"]; if ($page && $bookid) { |