Index: branches/5.0.x/core/units/user_groups/user_groups_eh.php
===================================================================
diff -u -r12299 -r12511
--- branches/5.0.x/core/units/user_groups/user_groups_eh.php	(.../user_groups_eh.php)	(revision 12299)
+++ branches/5.0.x/core/units/user_groups/user_groups_eh.php	(.../user_groups_eh.php)	(revision 12511)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: user_groups_eh.php 12299 2009-08-17 01:51:27Z dmitrya $
+* @version	$Id: user_groups_eh.php 12511 2009-09-15 19:27:06Z alex $
 * @package	In-Portal
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license      GNU/GPL
@@ -36,7 +36,7 @@
 			$table_name = $this->Application->GetTempName(TABLE_PREFIX.'UserGroup', 'prefix:u');
 			$sql = 'SELECT GroupId
 					FROM '.$table_name.'
-					WHERE PortalUserId = '.$user_id;
+					WHERE PortalUserId = '.(int)$user_id;
 			$old_groups = $this->Conn->GetCol($sql);
 
 			$new_groups = array_diff($new_groups, $old_groups);
@@ -63,8 +63,8 @@
 				$group_id = $this->Application->GetVar('g_id');
 				$table_name = $this->Application->GetTempName(TABLE_PREFIX.'UserGroup', 'prefix:g');
 				$sql = 'SELECT PortalUserId
-						FROM '.$table_name.'
-						WHERE GroupId = '.$group_id;
+						FROM ' . $table_name . '
+						WHERE GroupId = ' . (int)$group_id;
 				$old_users = $this->Conn->GetCol($sql);
 
 				$new_users = array_diff($new_users, $old_users);
@@ -97,14 +97,14 @@
 				$object =& $event->getObject( Array('skip_autoload' => true) );
 				$user_id = $this->Application->GetVar('u_id');
 
-				$sql = 'UPDATE '.$object->TableName.'
+				$sql = 'UPDATE ' . $object->TableName . '
 						SET PrimaryGroup = 0
-						WHERE PortalUserId = '.$user_id;
+						WHERE PortalUserId = ' . (int)$user_id;
 				$this->Conn->Query($sql);
 
-				$sql = 'UPDATE '.$object->TableName.'
+				$sql = 'UPDATE ' . $object->TableName . '
 						SET PrimaryGroup = 1
-						WHERE '.$object->IDField.' = '.$id.' AND PortalUserId = '.$user_id;
+						WHERE ' . $object->IDField . ' = ' . $id . ' AND PortalUserId = ' . (int)$user_id;
 				$this->Conn->Query($sql);
 			}
 
@@ -127,14 +127,14 @@
 					$user_id = $this->Application->GetVar('u_id');
 					$sql = 'SELECT '.$object->IDField.'
 							FROM '.$object->TableName.'
-							WHERE '.$object->IDField.' IN ('.implode(',', $ids).') AND PortalUserId = '.$user_id.' AND PrimaryGroup = 0';
+							WHERE '.$object->IDField.' IN ('.implode(',', $ids).') AND PortalUserId = '.(int)$user_id.' AND PrimaryGroup = 0';
 					$ids = $this->Conn->GetCol($sql);
 					}
 					elseif ($event->Prefix == 'g-ug') {
 						$group_id = $this->Application->GetVar('g_id');
 						$sql = 'SELECT '.$object->IDField.'
 								FROM '.$object->TableName.'
-								WHERE '.$object->IDField.' IN ('.implode(',', $ids).') AND GroupId = '.$group_id.' AND PrimaryGroup = 0';
+								WHERE '.$object->IDField.' IN ('.implode(',', $ids).') AND GroupId = '.(int)$group_id.' AND PrimaryGroup = 0';
 						$ids = $this->Conn->GetCol($sql);
 					}
 					$event->setEventParam('ids', $ids);