From 0e34bade9cc2fa831f9c8a344b2ebfdf4047848c Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Mon, 27 Oct 2014 08:53:37 -0400
Subject: [PATCH] Fixed: FS#3718 - SQL injection checker false positive alert in APS installer

---
 interface/web/help/support_message_list.php |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/interface/web/help/support_message_list.php b/interface/web/help/support_message_list.php
index 42db17d..02b50aa 100644
--- a/interface/web/help/support_message_list.php
+++ b/interface/web/help/support_message_list.php
@@ -12,7 +12,7 @@
 $app->uses('listform_actions');
 
 //* Optional limit
-$app->listform_actions->SQLExtWhere = "support_message.recipient_id = ".$_SESSION['s']['user']['userid'];
+$app->listform_actions->SQLExtWhere = "support_message.recipient_id = ".$app->functions->intval($_SESSION['s']['user']['userid']);
 
 //* Start the form rendering and action ahndling
 $app->listform_actions->onLoad();

--
Gitblit v1.9.1