check for info parameters

author Matteo Nastasi (mop) <nastasi@alternativeoutput.it>

Mon, 23 Nov 2015 18:03:08 +0000 (19:03 +0100)

committer Matteo Nastasi (mop) <nastasi@alternativeoutput.it>

Mon, 23 Nov 2015 18:03:08 +0000 (19:03 +0100)
author Matteo Nastasi (mop) <nastasi@alternativeoutput.it>
Mon, 23 Nov 2015 18:03:08 +0000 (19:03 +0100)
committer Matteo Nastasi (mop) <nastasi@alternativeoutput.it>
Mon, 23 Nov 2015 18:03:08 +0000 (19:03 +0100)
diff --git a/web/Obj/dbase_pgsql.phh b/web/Obj/dbase_pgsql.phh

index 8463884..911b2b6 100644 (file)
--- a/web/Obj/dbase_pgsql.phh
+++ b/web/Obj/dbase_pgsql.phh
@@ -887,13 +887,15 @@ INSERT INTO %smails (code, ucode, type, tstamp, subj, body_txt, body_htm, hash)
          do {
              $friend = usersnet_friend_getid($json->friend);
  
+            $json->skill = intval($json->skill);
+            $json->trust = intval($json->trust);
+
              if ($json->skill < 1 || $json->skill > 5 ||
                  $json->trust < 1 || $json->trust > 5 ||
                  $friend == FALSE) {
                  $ret = 1;
                  break;
              }
-
              $this->transaction('BEGIN');
              $trans = TRUE;
author	Matteo Nastasi (mop) <nastasi@alternativeoutput.it>
	Mon, 23 Nov 2015 18:03:08 +0000 (19:03 +0100)
committer	Matteo Nastasi (mop) <nastasi@alternativeoutput.it>
	Mon, 23 Nov 2015 18:03:08 +0000 (19:03 +0100)