From 98ad3d7a5d864f1fc4e06543237d4b5f3c671c54 Mon Sep 17 00:00:00 2001
From: "Matteo Nastasi (mop)" <nastasi@alternativeoutput.it>
Date: Mon, 23 Nov 2015 19:03:08 +0100
Subject: [PATCH] check for info parameters

---
 web/Obj/dbase_pgsql.phh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/web/Obj/dbase_pgsql.phh b/web/Obj/dbase_pgsql.phh
index 8463884..911b2b6 100644
--- a/web/Obj/dbase_pgsql.phh
+++ b/web/Obj/dbase_pgsql.phh
@@ -887,13 +887,15 @@ INSERT INTO %smails (code, ucode, type, tstamp, subj, body_txt, body_htm, hash)
         do {
             $friend = usersnet_friend_getid($json->friend);
 
+            $json->skill = intval($json->skill);
+            $json->trust = intval($json->trust);
+
             if ($json->skill < 1 || $json->skill > 5 ||
                 $json->trust < 1 || $json->trust > 5 ||
                 $friend == FALSE) {
                 $ret = 1;
                 break;
             }
-
             $this->transaction('BEGIN');
             $trans = TRUE;
 
-- 
2.17.1