Skip to content

Commit

Permalink
Explicit SQL injection protection
Browse files Browse the repository at this point in the history
  • Loading branch information
@Flerex
Flerex committed Jun 29, 2020
1 parent e7fc348 commit af7e64c
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions service/auth_service.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -176,7 +176,7 @@ public function get_ip_login_attempts(): int
*/
public function add_login_attempt_for_user(int $user_id): void
{
$sql = 'UPDATE ' . USERS_TABLE . ' SET user_login_attempts = user_login_attempts + 1 WHERE user_id = ' . $user_id;
$sql = 'UPDATE ' . USERS_TABLE . ' SET user_login_attempts = user_login_attempts + 1 WHERE user_id = ' . (int) $user_id;
$this->db->sql_query($sql);
}

Expand All @@ -187,7 +187,7 @@ public function add_login_attempt_for_user(int $user_id): void
*/
public function restore_login_attempt_for_user(int $user_id): void
{
$sql = 'UPDATE ' . USERS_TABLE . ' SET user_login_attempts = 0 WHERE user_id = ' . $user_id;
$sql = 'UPDATE ' . USERS_TABLE . ' SET user_login_attempts = 0 WHERE user_id = ' . (int) $user_id;
$this->db->sql_query($sql);
}

Expand Down Expand Up @@ -222,7 +222,7 @@ public function add_ip_login_attempt(string $username, int $user_id = 0): void
*/
public function remove_ip_login_attempt_for_user(int $user_id = 0): void
{
$sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . ' WHERE user_id = ' . $user_id;
$sql = 'DELETE FROM ' . LOGIN_ATTEMPT_TABLE . ' WHERE user_id = ' . (int) $user_id;
$this->db->sql_query($sql);
}

Expand Down

0 comments on commit af7e64c

Please sign in to comment.