Browse Source

Incorrect parameter type.

The parameter was bound with the wrong type. I guess the type isn't
enforced judging by how the code still seemed to work, but it probably
should be fixed.
pull/40/head
Macil Tech 10 years ago
parent
commit
3a9ed90c58
  1. 2
      inc/functions.php

2
inc/functions.php

@ -527,7 +527,7 @@ function checkFlood($post) {
$query = prepare(sprintf("SELECT * FROM `posts_%s` WHERE (`ip` = :ip AND `time` >= :floodtime) OR (`ip` = :ip AND `body` != '' AND `body` = :body AND `time` >= :floodsameiptime) OR (`body` != '' AND `body` = :body AND `time` >= :floodsametime) LIMIT 1", $board['uri']));
$query->bindValue(':ip', $_SERVER['REMOTE_ADDR']);
$query->bindValue(':body', $post['body'], PDO::PARAM_INT);
$query->bindValue(':body', $post['body']);
$query->bindValue(':floodtime', time()-$config['flood_time'], PDO::PARAM_INT);
$query->bindValue(':floodsameiptime', time()-$config['flood_time_ip'], PDO::PARAM_INT);
$query->bindValue(':floodsametime', time()-$config['flood_time_same'], PDO::PARAM_INT);

Loading…
Cancel
Save