merge r30563 from trunk to branch 2.5

bug 3178 fixed, in_array check is not reliable when you compare string (user input) and numeric values


git-svn-id: http://piwigo.org/svn/branches/2.5@30568 68402e56-0260-453c-a942-63ccdbb3a9ee

include/functions_rate.inc.php

@@ -34,6 +34,7 @@ function rate_picture($image_id, $rate)
 
   if (!isset($rate)
       or !$conf['rate']
+      or !preg_match('/^[0-9]+$/', $rate)
       or !in_array($rate, $conf['rate_items']))
   {
     return false;