1 files changed, 15 insertions, 14 deletions

diff --git a/Zotlabs/Module/Settings/Oauth2.php b/Zotlabs/Module/Settings/Oauth2.php
index 88bbea3b8..985095115 100644
--- a/Zotlabs/Module/Settings/Oauth2.php
+++ b/Zotlabs/Module/Settings/Oauth2.php
@@ -14,7 +14,8 @@ class Oauth2 {
 			$key = $_POST['remove'];
 			q("DELETE FROM tokens WHERE id='%s' AND uid=%d",
 				dbesc($key),
-				local_channel());
+				intval(local_channel())
+			);
 			goaway(z_root()."/settings/oauth2/");
 			return;			
 		}
@@ -43,24 +44,24 @@ class Oauth2 {
 								redirect_uri = '%s',
 								grant_types = '%s',
 								scope = '%s', 
-								user_id = '%s'
+								user_id = %d
 							WHERE client_id='%s'",
 							dbesc($name),
 							dbesc($secret),
 							dbesc($redirect),
 							dbesc($grant),
 							dbesc($scope),
-							dbesc(local_channel()),
+							intval(local_channel()),
 							dbesc($name));
 				} else {
 					$r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id)
-						VALUES ('%s','%s','%s','%s','%s','%s')",
+						VALUES ('%s','%s','%s','%s','%s',%d)",
 						dbesc($name),
 						dbesc($secret),
 						dbesc($redirect),
 						dbesc($grant),
 						dbesc($scope),
-						dbesc(local_channel())
+						intval(local_channel())
 					);
 					$r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ",
 						dbesc($name),
@@ -93,9 +94,9 @@ class Oauth2 {
 		}
 			
 		if((argc() > 3) && (argv(2) === 'edit')) {
-			$r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= '%s'",
+			$r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= %d",
 					dbesc(argv(3)),
-					dbesc(local_channel())
+					intval(local_channel())
 			);
 			
 			if (! $r){
@@ -123,21 +124,21 @@ class Oauth2 {
 		if((argc() > 3) && (argv(2) === 'delete')) {
 			check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2', 't');
 			
-			$r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = '%s'",
+			$r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = %d",
 					dbesc(argv(3)),
-					dbesc(local_channel())
+					intval(local_channel())
 			);
 			goaway(z_root()."/settings/oauth2/");
 			return;			
 		}
 			
 
-		$r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = '%s') AS my 
+		$r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = %d) AS my 
 				FROM oauth_clients
 				LEFT JOIN oauth_access_tokens ON oauth_clients.client_id=oauth_access_tokens.client_id
-				WHERE oauth_clients.user_id IN ('%s',0)",
-				dbesc(local_channel()),
-				dbesc(local_channel())
+				WHERE oauth_clients.user_id IN (%d,0)",
+				intval(local_channel()),
+				intval(local_channel())
 		);
 			
 		$tpl = get_markup_template("settings_oauth2.tpl");
@@ -157,4 +158,4 @@ class Oauth2 {
 			
 	}
 
-}
\ No newline at end of file
+}