From 74def328c8d6ebaa6c46011b8dc9692be4900e7f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=A1bor=20Hojtsy?= <gabor@hojtsy.hu>
Date: Thu, 27 Sep 2007 16:52:00 +0000
Subject: #167284 by Heine and pwolanin: proper field type placeholders in IN()
 queries, setting a best practice to avoid vulnerabilities

---
 modules/user/user.module | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/user/user.module')

diff --git a/modules/user/user.module b/modules/user/user.module
index f82cdde5e..b215c7efd 100644
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -453,7 +453,7 @@ function user_access($string, $account = NULL) {
   // To reduce the number of SQL queries, we cache the user's permissions
   // in a static variable.
   if (!isset($perm[$account->uid])) {
-    $result = db_query("SELECT DISTINCT(p.perm) FROM {role} r INNER JOIN {permission} p ON p.rid = r.rid WHERE r.rid IN (%s)", implode(',', array_keys($account->roles)));
+    $result = db_query("SELECT DISTINCT(p.perm) FROM {role} r INNER JOIN {permission} p ON p.rid = r.rid WHERE r.rid IN (". db_placeholders($account->roles) .")", array_keys($account->roles));
 
     $perm[$account->uid] = '';
     while ($row = db_fetch_object($result)) {
-- 
cgit v1.2.3