Skip to content

Commit

Permalink
Fix SQL error invalid input syntax for integer
Browse files Browse the repository at this point in the history
  • Loading branch information
@francoisjacquet
francoisjacquet committed Apr 25, 2022
1 parent 417e33c commit 3c561a6
Show file tree
Hide file tree
Showing 4 changed files with 4 additions and 4 deletions.
2 changes: 1 addition & 1 deletion CHANGES.md
View file
Expand Up @@ -45,7 +45,7 @@ Changes in 9.0
- Fix SQL error invalid input syntax in PrintSchedules.php & TeacherCompletion.php, thanks to @scgajge12
- Filter IP, HTTP_* headers can be forged in index.php, PasswordReset.php & ErrorMessage.fnc.php
- Fix SQL error value too long for type character varying(100) in index.php
- Fix SQL error invalid input syntax for integer in Student.php, User.php, Referrals.php & Portal.php
- Fix SQL error invalid input syntax for integer in Student.php, User.php, Referrals.php, Portal.php, PortalNotes.php, PortalNotes.php & Moodle/functions.php
- Fix PHP8.1 fatal error checkdate argument must be of type int in Calendar.php
- Fix SQL error invalid input syntax for type date in Calendar.php
- Fix SQL error duplicate key value violates unique constraint "attendance_calendar_pkey" in Calendar.php
Expand Down
2 changes: 1 addition & 1 deletion modules/School_Setup/PortalNotes.php
View file
Expand Up @@ -79,7 +79,7 @@
$sql .= DBEscapeIdentifier( $column ) . "='" . $value . "',";
}

$sql = mb_substr( $sql, 0, -1 ) . " WHERE ID='" . $id . "'";
$sql = mb_substr( $sql, 0, -1 ) . " WHERE ID='" . (int) $id . "'";

DBQuery( $sql );

Expand Down
2 changes: 1 addition & 1 deletion modules/School_Setup/PortalPolls.php
View file
Expand Up @@ -100,7 +100,7 @@
}
}

$sql = mb_substr( $sql, 0, -1 ) . " WHERE ID='" . $id . "'";
$sql = mb_substr( $sql, 0, -1 ) . " WHERE ID='" . (int) $id . "'";
DBQuery( $sql );

$q = 0;
Expand Down
2 changes: 1 addition & 1 deletion plugins/Moodle/functions.php
View file
Expand Up @@ -834,6 +834,6 @@ function MoodleXRosarioGet( $column, $rosario_id )

return (int) DBGetOne( "SELECT moodle_id
FROM moodlexrosario
WHERE rosario_id='" . $rosario_id . "'
WHERE rosario_id='" . (int) $rosario_id . "'
AND \"column\"='" . DBEscapeString( $column ) . "'" );
}

0 comments on commit 3c561a6

Please sign in to comment.