Data sanitisation fix.

git-svn-id: https://code.elgg.org/elgg/trunk@2735 36083f99-b078-4883-b0ff-0f9b5a30f544
author: ben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544> 2009-02-13 12:21:27 +0000
committer: ben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544> 2009-02-13 12:21:27 +0000
commit: 9187350187d562289503d03586b43b9564c9e3f8 (patch)
tree: 43fc8d6e55cd9b21611d4d14d3085bbaeb15f0e2 /engine/lib/river2.php
parent: 12b74f845888c994b834e301e6e47dde5f6d03b0 (diff)
download: elgg-9187350187d562289503d03586b43b9564c9e3f8.tar.gz
elgg-9187350187d562289503d03586b43b9564c9e3f8.tar.bz2
1 files changed, 4 insertions, 2 deletions
diff --git a/engine/lib/river2.php b/engine/lib/river2.php
index 3648123a6..974241472 100644
--- a/engine/lib/river2.php
+++ b/engine/lib/river2.php
@@ -149,8 +149,8 @@
 						$object_guid[$key] = (int) $temp;
 					}
 				}
-				if (!empty($type)) $action_type = sanitise_string($type);
-				if (!empty($subtype)) $action_type = sanitise_string($subtype);
+				if (!empty($type)) $type = sanitise_string($type);
+				if (!empty($subtype)) $subtype = sanitise_string($subtype);
 				if (!empty($action_type)) $action_type = sanitise_string($action_type);
 				$limit = (int) $limit;
 				$offset = (int) $offset;
@@ -194,6 +194,8 @@
 			// Construct main SQL
 				$sql = "select id,type,subtype,action_type,access_id,view,subject_guid,object_guid,posted from {$CONFIG->dbprefix}river where {$whereclause} order by posted desc limit {$offset},{$limit}";
 				
+				system_message($sql);
+				
 			// Get data
 				return get_data($sql);
author	ben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544>	2009-02-13 12:21:27 +0000
committer	ben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544>	2009-02-13 12:21:27 +0000
commit	9187350187d562289503d03586b43b9564c9e3f8 (patch)
tree	43fc8d6e55cd9b21611d4d14d3085bbaeb15f0e2 /engine/lib/river2.php
parent	12b74f845888c994b834e301e6e47dde5f6d03b0 (diff)
download	elgg-9187350187d562289503d03586b43b9564c9e3f8.tar.gz elgg-9187350187d562289503d03586b43b9564c9e3f8.tar.bz2