Security patch, see docs/NEWS

2016-09-22 12:51:00 +02:00
parent ce7af03e66
commit cfd75ec877
71 changed files with 313 additions and 54 deletions
@@ -1482,7 +1482,7 @@ function serendipity_updertEntry($entry) {
                    if (is_numeric($cat)) {
                        serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}entrycat (entryid, categoryid) VALUES ({$entry['id']}, {$cat})");
                    } elseif (is_array($cat) && !empty($cat['categoryid'])) {
-                        serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}entrycat (entryid, categoryid) VALUES ({$entry['id']}, {$cat['categoryid']})");
+                        serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}entrycat (entryid, categoryid) VALUES ({$entry['id']}, " . (int)$cat['categoryid'] . ")");
                    }
                }
            }