diff options
| author | spiderr <spiderr@bitweaver.org> | 2018-09-23 16:03:01 -0400 |
|---|---|---|
| committer | spiderr <spiderr@bitweaver.org> | 2018-09-23 16:03:01 -0400 |
| commit | 22ae507450d274b32ad35a4f63b4080f50ecb50a (patch) | |
| tree | f2356c2dcf59ede0b30b881a501037f972102e84 | |
| parent | c745ba6467fa54dc9c72c9c04eed2ca14d34f7ac (diff) | |
| download | boards-22ae507450d274b32ad35a4f63b4080f50ecb50a.tar.gz boards-22ae507450d274b32ad35a4f63b4080f50ecb50a.tar.bz2 boards-22ae507450d274b32ad35a4f63b4080f50ecb50a.zip | |
verifyIdParameter for board_id
| -rw-r--r-- | BitBoardPost.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/BitBoardPost.php b/BitBoardPost.php index fc624d4..7997417 100644 --- a/BitBoardPost.php +++ b/BitBoardPost.php @@ -283,7 +283,7 @@ class BitBoardPost extends LibertyComment { $this->getServicesSql( 'content_list_sql_function', $selectSql, $joinSql, $whereSql, $bindVars, $this ); - if( !empty( $pListHash['board_id'] ) ) { + if( BitBase::verifyIdParameter( $pListHash, 'board_id' ) ) { $joinSql .= "INNER JOIN `".BIT_DB_PREFIX."boards` b ON (b.`content_id` = bm.`board_content_id`)"; $whereSql .= ' AND b.`board_id`=? '; array_push( $bindVars, (int)$pListHash['board_id'] ); |