X-Git-Url: https://git.nubati.net/cgi-bin/gitweb.cgi?p=e-DoKo.git;a=blobdiff_plain;f=include%2Fopenid.php;h=14024b8b132c1ba7b8be50f5523004b56696407b;hp=16c59f4de6ff1ccde10c238a0787494ea01feaca;hb=decc97576b98d2b422fc30742b7862990dd3d057;hpb=f47ddae6b4d00d950c3a29d6b7536ce1ae9ac813

diff --git a/include/openid.php b/include/openid.php
index 16c59f4..14024b8 100644
--- a/include/openid.php
+++ b/include/openid.php
@@ -142,22 +142,23 @@ function DB_GetUserId($openid_url)
 
 function DB_GetOpenIDsByUser($user_id)
 {
-  return DB_query_array_all("SELECT openid_url FROM user_openids WHERE user_id = '$user_id'");
+  return DB_query_array_all("SELECT openid_url FROM user_openids WHERE user_id =".DB_quote_smart($user_id));
 }
 
 function DB_AttachOpenID($openid_url, $user_id)
 {
-  DB_query("INSERT INTO user_openids VALUES (".DB_quote_smart(OpenIDUrlEncode($openid_url)).", '$user_id')");
+  DB_query("INSERT INTO user_openids VALUES (".DB_quote_smart(OpenIDUrlEncode($openid_url)).", ".DB_quote_smart($user_id).")");
 }
 
 function DB_DetachOpenID($openid_url, $user_id)
 {
-  DB_query("DELETE FROM user_openids WHERE openid_url = ".DB_quote_smart(OpenIDUrlEncode($openid_url))." AND user_id = '$user_id'");
+  DB_query("DELETE FROM user_openids WHERE openid_url = ".DB_quote_smart(OpenIDUrlEncode($openid_url)).
+	   " AND user_id = ".DB_quote_smart($user_id));
 }
 
 function DB_DetachOpenIDsByUser($user_id)
 {
-  DB_query("DELETE FROM user_openids WHERE user_id = '$user_id'");
+  DB_query("DELETE FROM user_openids WHERE user_id = ".DB_quote_smart($user_id));
 }
 
 ?>
\ No newline at end of file