From: Matteo Nastasi (mop) <nastasi@alternativeoutput.it>
Date: Mon, 23 Nov 2015 18:03:08 +0000 (+0100)
Subject: check for info parameters
X-Git-Tag: v5.3.0~44
X-Git-Url: http://mop.ddnsfree.com/gitweb/?p=brisk.git;a=commitdiff_plain;h=98ad3d7a5d864f1fc4e06543237d4b5f3c671c54

check for info parameters
---

diff --git a/web/Obj/dbase_pgsql.phh b/web/Obj/dbase_pgsql.phh
index 8463884..911b2b6 100644
--- a/web/Obj/dbase_pgsql.phh
+++ b/web/Obj/dbase_pgsql.phh
@@ -887,13 +887,15 @@ INSERT INTO %smails (code, ucode, type, tstamp, subj, body_txt, body_htm, hash)
         do {
             $friend = usersnet_friend_getid($json->friend);
 
+            $json->skill = intval($json->skill);
+            $json->trust = intval($json->trust);
+
             if ($json->skill < 1 || $json->skill > 5 ||
                 $json->trust < 1 || $json->trust > 5 ||
                 $friend == FALSE) {
                 $ret = 1;
                 break;
             }
-
             $this->transaction('BEGIN');
             $trans = TRUE;