Isn't $aid already escaped by intval() ?

Gianluca

On Fri, Jun 22, 2012 at 10:13 PM, Yaniv Shaked <yaniv0a (at) gmail (dot) com [email concealed]> wrote:
>
> Look at the code at announcements.php:
>
> $aid = intval($mybb->input['aid']);
>
> [Boring lines?]
>
> [Boring lines?]
>
> $query = $db->query("
>        SELECT u.*, u.us...

[ more ]