gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-14 13:42:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

cast $newRole to int when passed to setRole()

Browse Source
This commit is contained in:
Uwe Steinmann 2021-09-20 16:40:00 +02:00
parent af9178aa93
commit 472b066d4b
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
SeedDMS_Core/Core/inc.ClassUser.php
View File

@ -472,7 +472,8 @@ class SeedDMS_Core_User { /* {{{ */
*/ */
function setRole($newrole) { /* {{{ */ function setRole($newrole) { /* {{{ */
$db = $this->_dms->getDB(); $db = $this->_dms->getDB();
$newrole = intval($newrole); if(!in_array($newrole, array(SeedDMS_Core_User::role_admin, SeedDMS_Core_User::role_guest, SeedDMS_Core_User::role_user), true))
return false;
$queryStr = "UPDATE `tblUsers` SET `role` = " . $newrole . " WHERE `id` = " . $this->_id; $queryStr = "UPDATE `tblUsers` SET `role` = " . $newrole . " WHERE `id` = " . $this->_id;
if (!$db->getResult($queryStr)) if (!$db->getResult($queryStr))