From 9895084627f9c4ac1f3a5bfec9659113c9b59e7f Mon Sep 17 00:00:00 2001
From: appchecker <appchecker@cnpo.ru>
Date: Thu, 7 Jul 2016 20:23:38 +0300
Subject: [PATCH] prevent SQLi

---
 htdocs/admin/menus/edit.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/admin/menus/edit.php b/htdocs/admin/menus/edit.php
index b299a1f18fe..47d77e380c6 100644
--- a/htdocs/admin/menus/edit.php
+++ b/htdocs/admin/menus/edit.php
@@ -243,7 +243,7 @@ if ($action == 'confirm_delete' && $_POST["confirm"] == 'yes')
 {
     $this->db->begin();
 
-    $sql = "DELETE FROM ".MAIN_DB_PREFIX."menu WHERE rowid = ".$_GET['menuId'];
+    $sql = "DELETE FROM ".MAIN_DB_PREFIX."menu WHERE rowid = ".intval($_GET['menuId']);
     $db->query($sql);
 
     if ($result == 0)
@@ -312,7 +312,7 @@ if ($action == 'create')
     $parent_rowid = $_GET['menuId'];
     if ($_GET['menuId'])
     {
-        $sql = "SELECT m.rowid, m.mainmenu, m.leftmenu, m.level, m.langs FROM ".MAIN_DB_PREFIX."menu as m WHERE m.rowid = ".$_GET['menuId'];
+        $sql = "SELECT m.rowid, m.mainmenu, m.leftmenu, m.level, m.langs FROM ".MAIN_DB_PREFIX."menu as m WHERE m.rowid = ".intval($_GET['menuId']);
         $res  = $db->query($sql);
         if ($res)
         {