From b5f6a1a03de9343ffc718ce253f7730e4d8d6c19 Mon Sep 17 00:00:00 2001
From: Till Brehm <tbrehm@ispconfig.org>
Date: Tue, 29 Mar 2016 13:36:35 -0400
Subject: [PATCH] Fix for #3812 Insufficient validation of PHP version selector for ISPConfig 3.1 branch.

---
 interface/web/admin/directive_snippets_edit.php |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/interface/web/admin/directive_snippets_edit.php b/interface/web/admin/directive_snippets_edit.php
index f5c48af..de80358 100644
--- a/interface/web/admin/directive_snippets_edit.php
+++ b/interface/web/admin/directive_snippets_edit.php
@@ -53,7 +53,7 @@
 		global $app, $conf;
 		
 		if($this->id > 0){
-			$record = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ".intval($this->id));
+			$record = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ?", $this->id);
 			if($record['master_directive_snippets_id'] > 0){
 				unset($app->tform->formDef["tabs"]['directive_snippets']['fields']['name'], $app->tform->formDef["tabs"]['directive_snippets']['fields']['type'], $app->tform->formDef["tabs"]['directive_snippets']['fields']['snippet'], $app->tform->formDef["tabs"]['directive_snippets']['fields']['required_php_snippets']);
 			}
@@ -84,7 +84,7 @@
 		global $app, $conf;
 		
 		if($this->id > 0){
-			$record = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ".intval($this->id));
+			$record = $app->db->queryOneRecord("SELECT * FROM directive_snippets WHERE directive_snippets_id = ?", $this->id);
 			if($record['master_directive_snippets_id'] > 0){
 				unset($app->tform->formDef["tabs"]['directive_snippets']['fields']['name'], $app->tform->formDef["tabs"]['directive_snippets']['fields']['type'], $app->tform->formDef["tabs"]['directive_snippets']['fields']['snippet'], $app->tform->formDef["tabs"]['directive_snippets']['fields']['required_php_snippets']);
 			}

--
Gitblit v1.9.1