From 1362d196083d4290fe1b94e7a28ec068cb5d5820 Mon Sep 17 00:00:00 2001
From: Peter Goodhall <peter@magicbug.co.uk>
Date: Thu, 7 Nov 2024 11:03:33 +0000
Subject: [PATCH] fix Unauthenticated SQL Injection in in function
 delete_oqrs_line

Fixes injection issue reported by @trungpc19
---
 application/models/Oqrs_model.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/application/models/Oqrs_model.php b/application/models/Oqrs_model.php
index ccc12ef9..486bc303 100644
--- a/application/models/Oqrs_model.php
+++ b/application/models/Oqrs_model.php
@@ -190,7 +190,7 @@ class Oqrs_model extends CI_Model {
 	}
 
 	function delete_oqrs_line($id) {
-        $sql = 'delete from oqrs where id =' . xss_clean($id);
+		$sql = 'delete from oqrs where id =' . xss_clean((intval($id)));
 
         $query = $this->db->query($sql);