From 26a09199372262a58fa9432cbd9747333552f3ec Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <archlinux@cryptocrack.de>
Date: Thu, 5 Jun 2014 08:26:18 +0200
Subject: Fix SQL query when searching for a missing submitter

uid_from_username() returns a non-integer value when the user does not
exist. This results in a broken SQL query when searching for a
nonexistent submitter. Fix this by explicitly converting the result of
uid_from_username() to an integer.

Fixes FS#40625.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
---
 web/lib/pkgfuncs.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php
index fed7c03..c736051 100644
--- a/web/lib/pkgfuncs.inc.php
+++ b/web/lib/pkgfuncs.inc.php
@@ -586,7 +586,7 @@ function pkg_search_page($SID="") {
 		}
 		elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "s") {
 			/* Search by submitter. */
-			$q_where .= "AND SubmitterUID = ".uid_from_username($_GET['K'])." ";
+			$q_where .= "AND SubmitterUID = " . intval(uid_from_username($_GET['K'])) . " ";
 		}
 		elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "n") {
 			/* Search by name. */
-- 
cgit v1.2.3-54-g00ecf