diff options
author | Lukas Fleischer <archlinux@cryptocrack.de> | 2014-06-05 08:26:18 +0200 |
---|---|---|
committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2014-06-05 15:12:10 +0200 |
commit | 26a09199372262a58fa9432cbd9747333552f3ec (patch) | |
tree | 59df1ce40d4fdb697a07817d41faa2d28d575762 /web/lib | |
parent | b1c754300a774fbd01c2d88da20626e893a93095 (diff) | |
download | aurweb-26a09199372262a58fa9432cbd9747333552f3ec.tar.xz |
Fix SQL query when searching for a missing submitter
uid_from_username() returns a non-integer value when the user does not
exist. This results in a broken SQL query when searching for a
nonexistent submitter. Fix this by explicitly converting the result of
uid_from_username() to an integer.
Fixes FS#40625.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/lib')
-rw-r--r-- | web/lib/pkgfuncs.inc.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php index fed7c03..c736051 100644 --- a/web/lib/pkgfuncs.inc.php +++ b/web/lib/pkgfuncs.inc.php @@ -586,7 +586,7 @@ function pkg_search_page($SID="") { } elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "s") { /* Search by submitter. */ - $q_where .= "AND SubmitterUID = ".uid_from_username($_GET['K'])." "; + $q_where .= "AND SubmitterUID = " . intval(uid_from_username($_GET['K'])) . " "; } elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "n") { /* Search by name. */ |