Index: branches/5.1.x/core/units/user_groups/user_groups_eh.php =================================================================== diff -u -N -r12127 -r12657 --- branches/5.1.x/core/units/user_groups/user_groups_eh.php (.../user_groups_eh.php) (revision 12127) +++ branches/5.1.x/core/units/user_groups/user_groups_eh.php (.../user_groups_eh.php) (revision 12657) @@ -1,6 +1,6 @@ Application->GetVar('u_id'); $table_name = $this->Application->GetTempName(TABLE_PREFIX.'UserGroup', 'prefix:u'); $sql = 'SELECT GroupId FROM '.$table_name.' - WHERE PortalUserId = '.$user_id; + WHERE PortalUserId = '.(int)$user_id; $old_groups = $this->Conn->GetCol($sql); - + $new_groups = array_diff($new_groups, $old_groups); if ($new_groups) { foreach ($new_groups as $new_group) { @@ -54,17 +56,17 @@ if (!$new_users) { return ; } - + $new_users = array_keys($new_users); - + // don't insert duplicate group membership record $group_id = $this->Application->GetVar('g_id'); $table_name = $this->Application->GetTempName(TABLE_PREFIX.'UserGroup', 'prefix:g'); $sql = 'SELECT PortalUserId - FROM '.$table_name.' - WHERE GroupId = '.$group_id; + FROM ' . $table_name . ' + WHERE GroupId = ' . (int)$group_id; $old_users = $this->Conn->GetCol($sql); - + $new_users = array_diff($new_users, $old_users); if ($new_users) { foreach ($new_users as $new_user) { @@ -77,11 +79,11 @@ } } } - + $this->Application->StoreVar($this->Application->GetTopmostPrefix($event->Prefix).'_modified', '1'); $event->SetRedirectParam('opener', 'u'); } - + /** * Sets primary group for user (in editing only) * @@ -94,21 +96,21 @@ $id = array_shift($ids); $object =& $event->getObject( Array('skip_autoload' => true) ); $user_id = $this->Application->GetVar('u_id'); - - $sql = 'UPDATE '.$object->TableName.' + + $sql = 'UPDATE ' . $object->TableName . ' SET PrimaryGroup = 0 - WHERE PortalUserId = '.$user_id; + WHERE PortalUserId = ' . (int)$user_id; $this->Conn->Query($sql); - - $sql = 'UPDATE '.$object->TableName.' + + $sql = 'UPDATE ' . $object->TableName . ' SET PrimaryGroup = 1 - WHERE '.$object->IDField.' = '.$id.' AND PortalUserId = '.$user_id; + WHERE ' . $object->IDField . ' = ' . $id . ' AND PortalUserId = ' . (int)$user_id; $this->Conn->Query($sql); } - + $this->clearSelectedIDs($event); } - + /** * Don't allow primary group record deleting * @@ -120,25 +122,24 @@ $ids = $event->getEventParam('ids'); if ($ids) { $object =& $event->getObject( Array('skip_autoload' => true) ); - + if ($event->Prefix == 'u-ug') { $user_id = $this->Application->GetVar('u_id'); $sql = 'SELECT '.$object->IDField.' FROM '.$object->TableName.' - WHERE '.$object->IDField.' IN ('.implode(',', $ids).') AND PortalUserId = '.$user_id.' AND PrimaryGroup = 0'; + WHERE '.$object->IDField.' IN ('.implode(',', $ids).') AND PortalUserId = '.(int)$user_id.' AND PrimaryGroup = 0'; $ids = $this->Conn->GetCol($sql); } elseif ($event->Prefix == 'g-ug') { $group_id = $this->Application->GetVar('g_id'); $sql = 'SELECT '.$object->IDField.' FROM '.$object->TableName.' - WHERE '.$object->IDField.' IN ('.implode(',', $ids).') AND GroupId = '.$group_id.' AND PrimaryGroup = 0'; + WHERE '.$object->IDField.' IN ('.implode(',', $ids).') AND GroupId = '.(int)$group_id.' AND PrimaryGroup = 0'; $ids = $this->Conn->GetCol($sql); } $event->setEventParam('ids', $ids); } } } - } -?> \ No newline at end of file + } \ No newline at end of file