use is_int instead of is_numeric if we want to reject numeric strings, should fix #681

2019-09-29 17:58:56 +01:00 · 2019-09-29 17:58:56 +01:00 · 0f4a0275b5
commit 0f4a0275b5
parent 160f673060
3 changed files with 5 additions and 5 deletions
--- a/core/database.php
+++ b/core/database.php
@ -213,7 +213,7 @@ class Database
            // $stmt = $this->db->prepare($query);
            if (!array_key_exists(0, $args)) {
                foreach ($args as $name=>$value) {
-                    if (is_numeric($value)) {
+                    if (is_int($value)) {
                        $stmt->bindValue(':'.$name, $value, PDO::PARAM_INT);
                    } else {
                        $stmt->bindValue(':'.$name, $value, PDO::PARAM_STR);
--- a/core/imageboard/image.php
+++ b/core/imageboard/image.php
@ -81,9 +81,9 @@ class Image
            }
            $this->locked = bool_escape($this->locked);

-            assert(is_numeric($this->id));
-            assert(is_numeric($this->height));
-            assert(is_numeric($this->width));
+            assert(is_int($this->id));
+            assert(is_int($this->height));
+            assert(is_int($this->width));
        }
    }

--- a/core/polyfills.php
+++ b/core/polyfills.php
@ -503,7 +503,7 @@ function bool_escape($input): bool
    */
    if (is_bool($input)) {
        return $input;
-    } elseif (is_numeric($input)) {
+    } elseif (is_int($input)) {
        return ($input === 1);
    } else {
        $value = filter_var($input, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);