From b7f72dd62feeec84732caf513aca51a8d0509ba3 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Sat, 12 Nov 2011 20:25:18 +0400
Subject: feeds/editSave: stricter type checking

---
 modules/pref-feeds.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/modules/pref-feeds.php b/modules/pref-feeds.php
index 89ea93203..b033a3787 100644
--- a/modules/pref-feeds.php
+++ b/modules/pref-feeds.php
@@ -711,11 +711,11 @@
 
 			$feed_title = db_escape_string(trim($_POST["title"]));
 			$feed_link = db_escape_string(trim($_POST["feed_url"]));
-			$upd_intl = db_escape_string($_POST["update_interval"]);
-			$purge_intl = db_escape_string($_POST["purge_interval"]);
-			$feed_id = db_escape_string($_POST["id"]); /* editSave */
+			$upd_intl = (int) db_escape_string($_POST["update_interval"]);
+			$purge_intl = (int) db_escape_string($_POST["purge_interval"]);
+			$feed_id = (int) db_escape_string($_POST["id"]); /* editSave */
 			$feed_ids = db_escape_string($_POST["ids"]); /* batchEditSave */
-			$cat_id = db_escape_string($_POST["cat_id"]);
+			$cat_id = (int) db_escape_string($_POST["cat_id"]);
 			$auth_login = db_escape_string(trim($_POST["auth_login"]));
 			$auth_pass = db_escape_string(trim($_POST["auth_pass"]));
 			$private = checkbox_to_sql_bool(db_escape_string($_POST["private"]));
-- 
cgit v1.2.3