From be39af62351022beee2e61e95c33eb248f6bb997 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Bj=C3=B6rkholm?= <danielbjorkholm@live.se>
Date: Thu, 29 May 2014 09:41:35 +0200
Subject: [PATCH] Fix security hole

---
 guilds.php | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/guilds.php b/guilds.php
index 6b56a40..4233c6c 100644
--- a/guilds.php
+++ b/guilds.php
@@ -490,9 +490,7 @@ if ($highest_access >= 2) {
 				$wars = mysql_select_multi("SELECT `id`, `guild1`, `guild2`, `status` FROM `guild_wars` WHERE (`guild1` = '$gid' OR `guild1` = '$targetGuild') AND (`guild2` = '$gid' OR `guild2` = '$targetGuild') AND `status` IN (0, 1);");
 				if ($status == false && $wars == false) {
 					guild_war_invitation($gid, $targetGuild);
-					$limit = $_POST['limit'];
-					if (empty($limit))
-						$limit = 100;
+					$limit = (empty($_POST['limit'])) ? 100 : (int)$_POST['limit'];
 					mysql_insert("INSERT INTO `znote_guild_wars` (`limit`) VALUES ('$limit');");
 					header('Location: guilds.php?name='. $_GET['name']);
 					exit();