From 931089a92411985263da9d7d8411291cf8f53a8b Mon Sep 17 00:00:00 2001
From: appchecker <appchecker@cnpo.ru>
Date: Thu, 7 Jul 2016 20:19:05 +0300
Subject: [PATCH] prevent SQLi

---
 htdocs/societe/notify/card.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/societe/notify/card.php b/htdocs/societe/notify/card.php
index 9e412f1a7f0..dd754103ba3 100644
--- a/htdocs/societe/notify/card.php
+++ b/htdocs/societe/notify/card.php
@@ -125,7 +125,7 @@ if (empty($reshook))
     // Remove a notification
     if ($action == 'delete')
     {
-        $sql = "DELETE FROM ".MAIN_DB_PREFIX."notify_def where rowid=".$_GET["actid"];
+        $sql = "DELETE FROM ".MAIN_DB_PREFIX."notify_def where rowid=".intval($_GET["actid"]);
         $db->query($sql);
     }
 }