From 2e3b2fcc855f50238dbe930ea3392cf48894b85f Mon Sep 17 00:00:00 2001 From: Alexander Ebert Date: Mon, 21 Jun 2021 16:13:38 +0200 Subject: [PATCH] Cast values of simple embedded objects to int These values are not guaranteed to be pure numbers. Any value could be followed by a helper comment, such as `13#Fancy page`. Explicitly calling `intval()` truncates the value to just contain the leading digits as it was intended to be. --- .../object/ArticleMessageEmbeddedObjectHandler.class.php | 2 +- .../embedded/object/MediaMessageEmbeddedObjectHandler.class.php | 2 +- .../embedded/object/PageMessageEmbeddedObjectHandler.class.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/wcfsetup/install/files/lib/system/message/embedded/object/ArticleMessageEmbeddedObjectHandler.class.php b/wcfsetup/install/files/lib/system/message/embedded/object/ArticleMessageEmbeddedObjectHandler.class.php index a7b808392b..c4a164c9aa 100644 --- a/wcfsetup/install/files/lib/system/message/embedded/object/ArticleMessageEmbeddedObjectHandler.class.php +++ b/wcfsetup/install/files/lib/system/message/embedded/object/ArticleMessageEmbeddedObjectHandler.class.php @@ -64,7 +64,7 @@ class ArticleMessageEmbeddedObjectHandler extends AbstractSimpleMessageEmbeddedO public function replaceSimple($objectType, $objectID, $value, array $attributes) { /** @var Article $article */ - $article = MessageEmbeddedObjectManager::getInstance()->getObject('com.woltlab.wcf.article', $value); + $article = MessageEmbeddedObjectManager::getInstance()->getObject('com.woltlab.wcf.article', intval($value)); if ($article === null) { return; } diff --git a/wcfsetup/install/files/lib/system/message/embedded/object/MediaMessageEmbeddedObjectHandler.class.php b/wcfsetup/install/files/lib/system/message/embedded/object/MediaMessageEmbeddedObjectHandler.class.php index 0b80f406ea..2b41589b91 100644 --- a/wcfsetup/install/files/lib/system/message/embedded/object/MediaMessageEmbeddedObjectHandler.class.php +++ b/wcfsetup/install/files/lib/system/message/embedded/object/MediaMessageEmbeddedObjectHandler.class.php @@ -93,7 +93,7 @@ class MediaMessageEmbeddedObjectHandler extends AbstractSimpleMessageEmbeddedObj public function replaceSimple($objectType, $objectID, $value, array $attributes) { /** @var Media $media */ - $media = MessageEmbeddedObjectManager::getInstance()->getObject('com.woltlab.wcf.media', $value); + $media = MessageEmbeddedObjectManager::getInstance()->getObject('com.woltlab.wcf.media', intval($value)); if ($media === null) { return; } diff --git a/wcfsetup/install/files/lib/system/message/embedded/object/PageMessageEmbeddedObjectHandler.class.php b/wcfsetup/install/files/lib/system/message/embedded/object/PageMessageEmbeddedObjectHandler.class.php index dbcdcf798d..2175529b0a 100644 --- a/wcfsetup/install/files/lib/system/message/embedded/object/PageMessageEmbeddedObjectHandler.class.php +++ b/wcfsetup/install/files/lib/system/message/embedded/object/PageMessageEmbeddedObjectHandler.class.php @@ -70,7 +70,7 @@ class PageMessageEmbeddedObjectHandler extends AbstractSimpleMessageEmbeddedObje public function replaceSimple($objectType, $objectID, $value, array $attributes) { /** @var Page $page */ - $page = MessageEmbeddedObjectManager::getInstance()->getObject('com.woltlab.wcf.page', $value); + $page = MessageEmbeddedObjectManager::getInstance()->getObject('com.woltlab.wcf.page', intval($value)); if ($page === null) { return; } -- 2.20.1