From 5e4dc220334b8379f645a65822f9cb09d90f3d3a Mon Sep 17 00:00:00 2001
From: Robert Sesek <rsesek@bluestatic.org>
Date: Tue, 1 Aug 2006 06:11:37 +0000
Subject: [PATCH] r1008: Make sure we sanitize the IDs where it counts when
 verifying so we don't get empty WHERE clauses

---
 includes/api_user.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/includes/api_user.php b/includes/api_user.php
index 0ea1009..185dba6 100644
--- a/includes/api_user.php
+++ b/includes/api_user.php
@@ -145,7 +145,7 @@ class UserAPI extends API
 		{
 			return $this->registry->lang->string('The specified email is invalid.');
 		}
-		if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $this->registry->db->escape_string($this->values['email']) . "' AND userid <> " . $this->values['userid']))
+		if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $this->registry->db->escape_string($this->values['email']) . "' AND userid <> " . $this->registry->clean($this->values['userid'], TYPE_UINT)))
 		{
 			return $this->registry->lang->string('The specified email is already in use.');
 		}
@@ -165,7 +165,7 @@ class UserAPI extends API
 			return $ne;
 		}
 		
-		if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE displayname = '" . $this->registry->db->escape_string($this->values['displayname']) . "' AND userid <> " . $this->values['userid']))
+		if ($this->registry->db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE displayname = '" . $this->registry->db->escape_string($this->values['displayname']) . "' AND userid <> " . $this->registry->clean($this->values['userid'], TYPE_UINT)))
 		{
 			return $this->registry->lang->string('That display name is already in use by another user.');
 		}
-- 
2.22.5