Fixed vulnerability on id paramater

diff --git a/admin/db/security_db.inc b/admin/db/security_db.inc
index 4af9fde6316d04bc989724fc60337747dc69cd21..d1a2eefb83e3608f1876c88aaeba402d9423d41d 100644 (file)
--- a/admin/db/security_db.inc
+++ b/admin/db/security_db.inc
@@ -13,7 +13,7 @@
 
 function get_security_role($id)
 {
-       $sql = "SELECT * FROM ".TB_PREF."security_roles WHERE id='$id'";
+       $sql = "SELECT * FROM ".TB_PREF."security_roles WHERE id=".(int)$id;
        $ret = db_query($sql, "could not retrieve security roles");
        $row = db_fetch($ret);
        if ($row != false) {
@@ -45,21 +45,21 @@ function update_security_role($id, $name, $description, $sections, $areas)
        .",description=".db_escape($description)
        .",sections=".db_escape(implode(';', $sections))
        .",areas=".db_escape(implode(';', $areas))
-       ." WHERE id=$id";
+       ." WHERE id=".(int)$id;
        db_query($sql, "could not update role");
 }
 //--------------------------------------------------------------------------------------------------
 
 function delete_security_role($id)
 {
-       $sql = "DELETE FROM ".TB_PREF."security_roles WHERE id=$id";
+       $sql = "DELETE FROM ".TB_PREF."security_roles WHERE id=".(int)$id;
 
        db_query($sql, "could not delete role");
 }
 //--------------------------------------------------------------------------------------------------
 
 function check_role_used($id) {
-       $sql = "SELECT count(*) FROM ".TB_PREF."users WHERE role_id=$id";
+       $sql = "SELECT count(*) FROM ".TB_PREF."users WHERE role_id=".(int)$id;
        $ret = db_query($sql, 'cannot check role usage');
        $row = db_fetch($ret);
        return $row[0];