diff options
| author | Phil Sturgeon <email@philsturgeon.co.uk> | 2011-09-03 19:11:53 +0200 |
|---|---|---|
| committer | Phil Sturgeon <email@philsturgeon.co.uk> | 2011-09-03 19:11:53 +0200 |
| commit | 7b5e924f10273af9bfb80ad251ea354a2141e95a (patch) | |
| tree | ed93ec7a185bd77a0dbc533ea47ec5789da30a4f | |
| parent | 886d87c616bd422585c6a1190b0e1b72bc661269 (diff) | |
| parent | 0e857631f5c6f38c5715450ea3f6ff514ac65b2c (diff) | |
Merge pull request #370 from kenjis/ar_offset
fixes potential SQL injection vector in Active Record offset()
| -rw-r--r-- | system/database/DB_active_rec.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/system/database/DB_active_rec.php b/system/database/DB_active_rec.php index 37d162bc1..89766e304 100644 --- a/system/database/DB_active_rec.php +++ b/system/database/DB_active_rec.php @@ -894,7 +894,7 @@ class CI_DB_active_record extends CI_DB_driver { */ public function offset($offset) { - $this->ar_offset = $offset; + $this->ar_offset = (int) $offset; return $this; } |