fix bug 518: anyone can delete or validate a comment

comment_id must be int: use of intval function to use it in the query. svn merge -r1534:1535 from branch 1.6 into trunk git-svn-id: http://piwigo.org/svn/trunk@1536 68402e56-0260-453c-a942-63ccdbb3a9ee
author: nikrou <nikrou@piwigo.org> 2006-08-14 20:57:50 +0000
committer: nikrou <nikrou@piwigo.org> 2006-08-14 20:57:50 +0000
commit: bc1f5319b151c22cd0bed853fc940617e700a29f (patch)
tree: 2900973bf306bf8dbce00cc0ed935ff76820e329
parent: fdf392c07d7d016eb3a8b3a4e3f6b61e24fca0f2 (diff)
1 files changed, 5 insertions, 2 deletions
diff --git a/comments.php b/comments.php
index bd332b46e..e88ce04fb 100644
--- a/comments.php
+++ b/comments.php
@@ -148,8 +148,9 @@ if (isset($_GET['keyword']) and !empty($_GET['keyword']))
 // |                         comments management                           |
 // +-----------------------------------------------------------------------+
 // comments deletion
-if (isset($_POST['delete']) and count($_POST['comment_id']) > 0)
+if (isset($_POST['delete']) and count($_POST['comment_id']) > 0 and is_admin())
 {
+  $_POST['comment_id'] = array_map('intval', $_POST['comment_id']);
   $query = '
 DELETE FROM '.COMMENTS_TABLE.'
   WHERE id IN ('.implode(',', $_POST['comment_id']).')
@@ -157,8 +158,10 @@ DELETE FROM '.COMMENTS_TABLE.'
   pwg_query($query);
 }
 // comments validation
-if (isset($_POST['validate']) and count($_POST['comment_id']) > 0)
+if (isset($_POST['validate']) and count($_POST['comment_id']) > 0 
+   and is_admin())
 {
+  $_POST['comment_id'] = array_map('intval', $_POST['comment_id']);
   $query = '
 UPDATE '.COMMENTS_TABLE.'
   SET validated = \'true\'
author	nikrou <nikrou@piwigo.org>	2006-08-14 20:57:50 +0000
committer	nikrou <nikrou@piwigo.org>	2006-08-14 20:57:50 +0000
commit	bc1f5319b151c22cd0bed853fc940617e700a29f (patch)
tree	2900973bf306bf8dbce00cc0ed935ff76820e329
parent	fdf392c07d7d016eb3a8b3a4e3f6b61e24fca0f2 (diff)