PhotoPost Community - View Single Post

Chuck S · December 2nd, 2005, 09:58 AM

well I would like to know how the query is running for one. Notice the wrap saying is_numeric($cat) well thats definitely not a numeric cat.

elseif ( is_numeric($cat) ) {
$query = "SELECT id,catname,template FROM {$Globals['pp_db_prefix']}categories WHERE id=$cat";
$ctitleq = ppmysql_query($query, $link);
if ( $ctitleq ) {
list( $catid, $thecatname, $Globals['cattemp'] ) = mysql_fetch_row($ctitleq);
}

I would not worry probally an quirk but I do the query is properly sanitized. $cat is ran through the typecast function and there is even a constraint phrase to only run this query is cat is numeric

December 2nd, 2005, 09:58 AM	#2 (permalink)
Chuck S Photopost Developer Verified Customer Join Date: Jun 2002 Location: Abingdon,MD Posts: 66,752	well I would like to know how the query is running for one. Notice the wrap saying is_numeric($cat) well thats definitely not a numeric cat. elseif ( is_numeric($cat) ) { $query = "SELECT id,catname,template FROM {$Globals['pp_db_prefix']}categories WHERE id=$cat"; $ctitleq = ppmysql_query($query, $link); if ( $ctitleq ) { list( $catid, $thecatname, $Globals['cattemp'] ) = mysql_fetch_row($ctitleq); } I would not worry probally an quirk but I do the query is properly sanitized. $cat is ran through the typecast function and there is even a constraint phrase to only run this query is cat is numeric __________________ Photopost Developer and Support Engineer Please do not PM me for support or sales questions. Thank you for your understanding.