[+TASK] Extbase (Utility): implemented validation of arguments passed to sql statemen...

diff --git a/typo3/sysext/extbase/Classes/Utility/Cache.php b/typo3/sysext/extbase/Classes/Utility/Cache.php
index 55f8852..390d03c 100644 (file)
--- a/typo3/sysext/extbase/Classes/Utility/Cache.php
+++ b/typo3/sysext/extbase/Classes/Utility/Cache.php
@@ -67,7 +67,10 @@ class Tx_Extbase_Utility_Cache {
                                $pageCache->flush();
                        }
                } elseif ($pageIds !== NULL) {
-                       $GLOBALS['TYPO3_DB']->exec_DELETEquery('cache_pages', 'page_id IN (' . implode(',', $pageIds) . ')');
+                       $GLOBALS['TYPO3_DB']->exec_DELETEquery(
+                               'cache_pages',
+                               'page_id IN (' . implode(',', $GLOBALS['TYPO3_DB']->cleanIntArray($pageIds)) . ')'
+                       );
                } else {
                        $GLOBALS['TYPO3_DB']->exec_TRUNCATEquery('cache_pages');
                }
@@ -91,7 +94,10 @@ class Tx_Extbase_Utility_Cache {
                                $pageSectionCache->flush();
                        }
                } elseif ($pageIds !== NULL) {
-                       $GLOBALS['TYPO3_DB']->exec_DELETEquery('cache_pagesection', 'page_id IN (' . implode(',', $pageIds) . ')');
+                       $GLOBALS['TYPO3_DB']->exec_DELETEquery(
+                               'cache_pagesection',
+                               'page_id IN (' . implode(',', $GLOBALS['TYPO3_DB']->cleanIntArray($pageIds)) . ')'
+                       );
                } else {
                        $GLOBALS['TYPO3_DB']->exec_TRUNCATEquery('cache_pagesection');
                }