From ae56e3ca621a9d89d9730b5e964ac36e705a5350 Mon Sep 17 00:00:00 2001
From: root <root@www.cacert.org>
Date: Fri, 15 Aug 2008 22:55:17 +0000
Subject: [PATCH] Improved parameter checking

---
 tverify/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tverify/index.php b/tverify/index.php
index c748acb..5b74330 100644
--- a/tverify/index.php
+++ b/tverify/index.php
@@ -53,7 +53,7 @@
 		$password = mysql_escape_string(stripslashes(trim($_REQUEST["pword"])));
 		$URL = mysql_escape_string(trim($_REQUEST["notaryURL"]));
 		$CN = mysql_escape_string($_SESSION['_config']['CN']);
-		$memid = mysql_escape_string($_SESSION['_config']['uid']);
+		$memid = intval($_SESSION['_config']['uid']);
 		$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$memid'"));
 		$tmp = mysql_fetch_assoc(mysql_query("select sum(`points`) as `points` from `notary` where `to`='$memid'"));