From 5ca959fa688255a8de61f89fe2751eb4d24a6912 Mon Sep 17 00:00:00 2001
From: Florian Schaal <florian@schaal-24.de>
Date: Tue, 22 Mar 2016 09:22:07 -0400
Subject: [PATCH] fixed typo

---
 interface/web/help/faq_list.php |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/interface/web/help/faq_list.php b/interface/web/help/faq_list.php
index 2f48b4d..128480d 100644
--- a/interface/web/help/faq_list.php
+++ b/interface/web/help/faq_list.php
@@ -18,7 +18,7 @@
 // Optional limit
 $hf_section = 0;
 if(isset($_GET['hfs_id']))
-	$hf_section = preg_replace("/[^0-9]/", "", $_GET['hfs_id']);
+	$hf_section = $app->functions->intval(preg_replace("/[^0-9]/", "", $_GET['hfs_id']));
 
 // if section id is not specified in the url, choose the first existing section
 if(!$hf_section)
@@ -29,7 +29,7 @@
 $app->listform_actions->SQLExtWhere = "help_faq.hf_section = $hf_section";
 
 
-if($hf_section) $res = $app->db->queryOneRecord("SELECT hfs_name FROM help_faq_sections WHERE hfs_id=$hf_section");
+if($hf_section) $res = $app->db->queryOneRecord("SELECT hfs_name FROM help_faq_sections WHERE hfs_id=?", $hf_section);
 // Start the form rendering and action ahndling
 echo "<h2>FAQ: ".$res['hfs_name']."</h2>";
 if($hf_section) $app->listform_actions->onLoad();

--
Gitblit v1.9.1