magento · parhamr · Aug 21, 2013 · Oct 17, 2013
diff --git a/app/code/Mage/Adminhtml/Block/Catalog/Product/Attribute/Set/Main/Formset.php b/app/code/Mage/Adminhtml/Block/Catalog/Product/Attribute/Set/Main/Formset.php
@@ -40,7 +40,7 @@ class Mage_Adminhtml_Block_Catalog_Product_Attribute_Set_Main_Formset extends Ma
     protected function _prepareForm()
     {
         $data = Mage::getModel('Mage_Eav_Model_Entity_Attribute_Set')
-            ->load($this->getRequest()->getParam('id'));
+            ->load((int)$this->getRequest()->getParam('id'));
 
         $form = new Varien_Data_Form();
         $fieldset = $form->addFieldset('set_name', array('legend'=> Mage::helper('Mage_Catalog_Helper_Data')->__('Edit Set Name')));

diff --git a/app/code/Mage/Adminhtml/Block/Catalog/Product/Created.php b/app/code/Mage/Adminhtml/Block/Catalog/Product/Created.php
@@ -145,7 +145,7 @@ public function getProduct()
         if ($this->_product === null) {
             $this->_product = Mage::getModel('Mage_Catalog_Model_Product')
                 ->setStore(0)
-                ->load($this->getRequest()->getParam('id'));
+                ->load((int)$this->getRequest()->getParam('id'));
         }
         return $this->_product;
     }

diff --git a/app/code/Mage/Adminhtml/Block/Catalog/Product/Edit/Tab/Alerts/Stock.php b/app/code/Mage/Adminhtml/Block/Catalog/Product/Edit/Tab/Alerts/Stock.php
@@ -48,10 +48,10 @@ protected function _construct()
 
     protected function _prepareCollection()
     {
-        $productId = $this->getRequest()->getParam('id');
+        $productId = (int) $this->getRequest()->getParam('id');
         $websiteId = 0;
         if ($store = $this->getRequest()->getParam('store')) {
-            $websiteId = Mage::app()->getStore($store)->getWebsiteId();
+            $websiteId = Mage::app()->getStore((int) $store)->getWebsiteId();
         }
         if (Mage::helper('Mage_Catalog_Helper_Data')->isModuleEnabled('Mage_ProductAlert')) {
             $collection = Mage::getModel('Mage_ProductAlert_Model_Stock')
@@ -101,10 +101,10 @@ protected function _prepareColumns()
 
     public function getGridUrl()
     {
-        $productId = $this->getRequest()->getParam('id');
+        $productId = (int) $this->getRequest()->getParam('id');
         $storeId   = $this->getRequest()->getParam('store', 0);
         if ($storeId) {
-            $storeId = Mage::app()->getStore($storeId)->getId();
+            $storeId = Mage::app()->getStore((int) $storeId)->getId();
         }
         return $this->getUrl('*/catalog_product/alertsStockGrid', array(
             'id'    => $productId,

diff --git a/app/code/Mage/Adminhtml/Block/Poll/Edit/Tab/Answers/Grid.php b/app/code/Mage/Adminhtml/Block/Poll/Edit/Tab/Answers/Grid.php
@@ -47,7 +47,7 @@ protected function _prepareCollection()
     {
         $collection = Mage::getModel('Mage_Poll_Model_Poll_Answer')
             ->getResourceCollection()
-            ->addPollFilter($this->getRequest()->getParam('id'));
+            ->addPollFilter((int) $this->getRequest()->getParam('id'));
         $this->setCollection($collection);
         return parent::_prepareCollection();
     }

diff --git a/app/code/Mage/Adminhtml/Block/Report/Review/Detail.php b/app/code/Mage/Adminhtml/Block/Report/Review/Detail.php
@@ -39,7 +39,7 @@ protected function _construct()
     {
         $this->_controller = 'report_review_detail';
 
-        $product = Mage::getModel('Mage_Catalog_Model_Product')->load($this->getRequest()->getParam('id'));
+        $product = Mage::getModel('Mage_Catalog_Model_Product')->load((int)$this->getRequest()->getParam('id'));
         $this->_headerText = Mage::helper('Mage_Reports_Helper_Data')->__('Reviews for %s', $product->getName());
 
         parent::_construct();

diff --git a/app/code/Mage/Adminhtml/Block/Review/Edit.php b/app/code/Mage/Adminhtml/Block/Review/Edit.php
@@ -45,7 +45,7 @@ protected function _construct()
         $actionPager = Mage::helper('Mage_Review_Helper_Action_Pager');
         $actionPager->setStorageId('reviews');
 
-        $reviewId = $this->getRequest()->getParam('id');
+        $reviewId = (int)$this->getRequest()->getParam('id');
         $prevId = $actionPager->getPreviousItemId($reviewId);
         $nextId = $actionPager->getNextItemId($reviewId);
         if ($prevId !== false) {

diff --git a/app/code/Mage/Adminhtml/controllers/Catalog/Product/ReviewController.php b/app/code/Mage/Adminhtml/controllers/Catalog/Product/ReviewController.php
@@ -119,7 +119,7 @@ public function newAction()
 
     public function saveAction()
     {
-        if (($data = $this->getRequest()->getPost()) && ($reviewId = $this->getRequest()->getParam('id'))) {
+        if (($data = $this->getRequest()->getPost()) && ($reviewId = (int)$this->getRequest()->getParam('id'))) {
             $review = Mage::getModel('Mage_Review_Model_Review')->load($reviewId);
             $session = Mage::getSingleton('Mage_Adminhtml_Model_Session');
             if (! $review->getId()) {
@@ -175,7 +175,7 @@ public function deleteAction()
         $session    = Mage::getSingleton('Mage_Adminhtml_Model_Session');
 
         try {
-            Mage::getModel('Mage_Review_Model_Review')->setId($reviewId)
+            Mage::getModel('Mage_Review_Model_Review')->setId((int)$reviewId)
                 ->aggregate()
                 ->delete();
 
@@ -298,8 +298,7 @@ public function reviewGridAction()
     public function jsonProductInfoAction()
     {
         $response = new Varien_Object();
-        $id = $this->getRequest()->getParam('id');
-        if( intval($id) > 0 ) {
+        if($id = (int)$this->getRequest()->getParam('id')) {
             $product = Mage::getModel('Mage_Catalog_Model_Product')
                 ->load($id);
 
@@ -328,7 +327,7 @@ public function postAction()
             $review = Mage::getModel('Mage_Review_Model_Review')->setData($data);
 
             $product = Mage::getModel('Mage_Catalog_Model_Product')
-                ->load($productId);
+                ->load((int)$productId);
 
             try {
                 $review->setEntityId(1) // product

diff --git a/app/code/Mage/Adminhtml/controllers/Checkout/AgreementController.php b/app/code/Mage/Adminhtml/controllers/Checkout/AgreementController.php
@@ -52,7 +52,7 @@ public function editAction()
     {
         $this->_title($this->__('Sales'))->_title($this->__('Terms and Conditions'));
 
-        $id  = $this->getRequest()->getParam('id');
+        $id  = (int)$this->getRequest()->getParam('id');
         $agreementModel  = Mage::getModel('Mage_Checkout_Model_Agreement');
 
         if ($id) {

diff --git a/app/code/Mage/Adminhtml/controllers/Customer/GroupController.php b/app/code/Mage/Adminhtml/controllers/Customer/GroupController.php
@@ -38,8 +38,7 @@ protected function _initGroup()
         $this->_title($this->__('Customers'))->_title($this->__('Customer Groups'));
 
         Mage::register('current_group', Mage::getModel('Mage_Customer_Model_Group'));
-        $groupId = $this->getRequest()->getParam('id');
-        if (!is_null($groupId)) {
+        if ($groupId = (int)$this->getRequest()->getParam('id')) {
             Mage::registry('current_group')->load($groupId);
         }
 

diff --git a/app/code/Mage/Adminhtml/controllers/CustomerController.php b/app/code/Mage/Adminhtml/controllers/CustomerController.php
@@ -485,7 +485,7 @@ public function viewWishlistAction()
     public function cartAction()
     {
         $this->_initCustomer();
-        $websiteId = $this->getRequest()->getParam('website_id');
+        $websiteId = (int)$this->getRequest()->getParam('website_id');
 
         // delete an item from cart
         $deleteItemId = $this->getRequest()->getPost('delete');
@@ -582,7 +582,7 @@ protected function _validateCustomer($response)
             $customer = $this->_objectManager->create('Mage_Customer_Model_Customer');
             $customerId = $this->getRequest()->getParam('id');
             if ($customerId) {
-                $customer->load($customerId);
+                $customer->load((int)$customerId);
             }
 
             /* @var $customerForm Mage_Customer_Model_Form */
@@ -751,7 +751,7 @@ public function massAssignGroupAction()
             try {
                 foreach ($customersIds as $customerId) {
                     $customer = Mage::getModel('Mage_Customer_Model_Customer')->load($customerId);
-                    $customer->setGroupId($this->getRequest()->getParam('group'));
+                    $customer->setGroupId((int)$this->getRequest()->getParam('group'));
                     $customer->save();
                 }
                 Mage::getSingleton('Mage_Adminhtml_Model_Session')->addSuccess(

diff --git a/app/code/Mage/Adminhtml/controllers/Newsletter/QueueController.php b/app/code/Mage/Adminhtml/controllers/Newsletter/QueueController.php
@@ -95,7 +95,7 @@ public function gridAction()
     public function startAction()
     {
         $queue = Mage::getModel('Mage_Newsletter_Model_Queue')
-            ->load($this->getRequest()->getParam('id'));
+            ->load((int)$this->getRequest()->getParam('id'));
         if ($queue->getId()) {
             if (!in_array($queue->getQueueStatus(),
                           array(Mage_Newsletter_Model_Queue::STATUS_NEVER,
@@ -115,7 +115,7 @@ public function startAction()
     public function pauseAction()
     {
         $queue = Mage::getSingleton('Mage_Newsletter_Model_Queue')
-            ->load($this->getRequest()->getParam('id'));
+            ->load((int)$this->getRequest()->getParam('id'));
 
         if (!in_array($queue->getQueueStatus(),
                       array(Mage_Newsletter_Model_Queue::STATUS_SENDING))) {
@@ -132,7 +132,7 @@ public function pauseAction()
     public function resumeAction()
     {
         $queue = Mage::getSingleton('Mage_Newsletter_Model_Queue')
-            ->load($this->getRequest()->getParam('id'));
+            ->load((int)$this->getRequest()->getParam('id'));
 
         if (!in_array($queue->getQueueStatus(),
                       array(Mage_Newsletter_Model_Queue::STATUS_PAUSE))) {
@@ -149,7 +149,7 @@ public function resumeAction()
     public function cancelAction()
     {
         $queue = Mage::getSingleton('Mage_Newsletter_Model_Queue')
-            ->load($this->getRequest()->getParam('id'));
+            ->load((int)$this->getRequest()->getParam('id'));
 
         if (!in_array($queue->getQueueStatus(),
                       array(Mage_Newsletter_Model_Queue::STATUS_SENDING))) {
@@ -184,8 +184,8 @@ public function editAction()
 
         Mage::register('current_queue', Mage::getSingleton('Mage_Newsletter_Model_Queue'));
 
-        $id = $this->getRequest()->getParam('id');
-        $templateId = $this->getRequest()->getParam('template_id');
+        $id = (int) $this->getRequest()->getParam('id');
+        $templateId = (int) $this->getRequest()->getParam('template_id');
 
         if ($id) {
             $queue = Mage::registry('current_queue')->load($id);
@@ -216,7 +216,7 @@ public function saveAction()
             /* @var $queue Mage_Newsletter_Model_Queue */
             $queue = Mage::getModel('Mage_Newsletter_Model_Queue');
 
-            $templateId = $this->getRequest()->getParam('template_id');
+            $templateId = (int) $this->getRequest()->getParam('template_id');
             if ($templateId) {
                 /* @var $template Mage_Newsletter_Model_Template */
                 $template = Mage::getModel('Mage_Newsletter_Model_Template')->load($templateId);
@@ -228,7 +228,7 @@ public function saveAction()
                 $queue->setTemplateId($template->getId())
                     ->setQueueStatus(Mage_Newsletter_Model_Queue::STATUS_NEVER);
             } else {
-                $queue->load($this->getRequest()->getParam('id'));
+                $queue->load((int)$this->getRequest()->getParam('id'));
             }
 
             if (!in_array($queue->getQueueStatus(),

diff --git a/app/code/Mage/Adminhtml/controllers/Newsletter/TemplateController.php b/app/code/Mage/Adminhtml/controllers/Newsletter/TemplateController.php
@@ -102,7 +102,7 @@ public function editAction ()
         $this->_setTitle();
 
         $model = Mage::getModel('Mage_Newsletter_Model_Template');
-        if ($id = $this->getRequest()->getParam('id')) {
+        if ($id = (int)$this->getRequest()->getParam('id')) {
             $model->load($id);
         }
 
@@ -211,7 +211,7 @@ public function saveAction ()
     public function deleteAction ()
     {
         $template = Mage::getModel('Mage_Newsletter_Model_Template')
-            ->load($this->getRequest()->getParam('id'));
+            ->load((int)$this->getRequest()->getParam('id'));
         if ($template->getId()) {
             try {
                 $template->delete();

diff --git a/app/code/Mage/Adminhtml/controllers/NotificationController.php b/app/code/Mage/Adminhtml/controllers/NotificationController.php
@@ -47,7 +47,7 @@ public function indexAction()
 
     public function markAsReadAction()
     {
-        if ($id = $this->getRequest()->getParam('id')) {
+        if ($id = (int)$this->getRequest()->getParam('id')) {
             $session = Mage::getSingleton('Mage_Adminhtml_Model_Session');
             $model = Mage::getModel('Mage_AdminNotification_Model_Inbox')
                 ->load($id);
@@ -104,7 +104,7 @@ public function massMarkAsReadAction()
 
     public function removeAction()
     {
-        if ($id = $this->getRequest()->getParam('id')) {
+        if ($id = (int)$this->getRequest()->getParam('id')) {
             $session = Mage::getSingleton('Mage_Adminhtml_Model_Session');
             $model = Mage::getModel('Mage_AdminNotification_Model_Inbox')
                 ->load($id);

diff --git a/app/code/Mage/Adminhtml/controllers/PollController.php b/app/code/Mage/Adminhtml/controllers/PollController.php
@@ -50,7 +50,7 @@ public function editAction()
     {
         $this->_title($this->__('CMS'))->_title($this->__('Polls'));
 
-        $pollId     = $this->getRequest()->getParam('id');
+        $pollId     = (int)$this->getRequest()->getParam('id');
         $pollModel  = Mage::getModel('Mage_Poll_Model_Poll')->load($pollId);
 
         if ($pollModel->getId() || $pollId == 0) {
@@ -76,7 +76,7 @@ public function editAction()
 
     public function deleteAction()
     {
-        if ($id = $this->getRequest()->getParam('id')) {
+        if ($id = (int)$this->getRequest()->getParam('id')) {
             try {
                 $model = Mage::getModel('Mage_Poll_Model_Poll');
                 $model->setId($id);
@@ -133,7 +133,7 @@ public function validateAction()
                       ->setClosed($this->getRequest()->getParam('closed'));
 
                 if( $this->getRequest()->getParam('id') > 0 ) {
-                    $pollModel->setId($this->getRequest()->getParam('id'));
+                    $pollModel->setId((int)$this->getRequest()->getParam('id'));
                 }
 
                 $stores = $this->getRequest()->getParam('store_ids');

diff --git a/app/code/Mage/Adminhtml/controllers/Promo/CatalogController.php b/app/code/Mage/Adminhtml/controllers/Promo/CatalogController.php
@@ -77,7 +77,7 @@ public function editAction()
     {
         $this->_title($this->__('Promotions'))->_title($this->__('Catalog Price Rules'));
 
-        $id = $this->getRequest()->getParam('id');
+        $id = (int) $this->getRequest()->getParam('id');
         $model = Mage::getModel('Mage_CatalogRule_Model_Rule');
 
         if ($id) {
@@ -123,7 +123,7 @@ public function saveAction()
                 );
                 $data = $this->getRequest()->getPost();
                 $data = $this->_filterDates($data, array('from_date', 'to_date'));
-                if ($id = $this->getRequest()->getParam('rule_id')) {
+                if ($id = (int)$this->getRequest()->getParam('rule_id')) {
                     $model->load($id);
                     if ($id != $model->getId()) {
                         Mage::throwException(Mage::helper('Mage_CatalogRule_Helper_Data')->__('Wrong rule specified.'));
@@ -184,7 +184,7 @@ public function saveAction()
 
     public function deleteAction()
     {
-        if ($id = $this->getRequest()->getParam('id')) {
+        if ($id = (int)$this->getRequest()->getParam('id')) {
             try {
                 $model = Mage::getModel('Mage_CatalogRule_Model_Rule');
                 $model->load($id);
@@ -216,7 +216,7 @@ public function deleteAction()
 
     public function newConditionHtmlAction()
     {
-        $id = $this->getRequest()->getParam('id');
+        $id = (int)$this->getRequest()->getParam('id');
         $typeArr = explode('|', str_replace('-', '/', $this->getRequest()->getParam('type')));
         $type = $typeArr[0];
 
@@ -253,7 +253,7 @@ public function chooserAction()
 
     public function newActionHtmlAction()
     {
-        $id = $this->getRequest()->getParam('id');
+        $id = (int)$this->getRequest()->getParam('id');
         $typeArr = explode('|', str_replace('-', '/', $this->getRequest()->getParam('type')));
         $type = $typeArr[0];
 

diff --git a/app/code/Mage/Adminhtml/controllers/Promo/QuoteController.php b/app/code/Mage/Adminhtml/controllers/Promo/QuoteController.php
@@ -68,7 +68,7 @@ public function newAction()
 
     public function editAction()
     {
-        $id = $this->getRequest()->getParam('id');
+        $id = (int) $this->getRequest()->getParam('id');
         $model = Mage::getModel('Mage_SalesRule_Model_Rule');
 
         if ($id) {
@@ -122,7 +122,7 @@ public function saveAction()
                     array('request' => $this->getRequest()));
                 $data = $this->getRequest()->getPost();
                 $data = $this->_filterDates($data, array('from_date', 'to_date'));
-                $id = $this->getRequest()->getParam('rule_id');
+                $id = (int) $this->getRequest()->getParam('rule_id');
                 if ($id) {
                     $model->load($id);
                     if ($id != $model->getId()) {
@@ -193,7 +193,7 @@ public function saveAction()
 
     public function deleteAction()
     {
-        if ($id = $this->getRequest()->getParam('id')) {
+        if ($id = (int) $this->getRequest()->getParam('id')) {
             try {
                 $model = Mage::getModel('Mage_SalesRule_Model_Rule');
                 $model->load($id);
@@ -219,7 +219,7 @@ public function deleteAction()
 
     public function newConditionHtmlAction()
     {
-        $id = $this->getRequest()->getParam('id');
+        $id = (int) $this->getRequest()->getParam('id');
         $typeArr = explode('|', str_replace('-', '/', $this->getRequest()->getParam('type')));
         $type = $typeArr[0];
 
@@ -243,7 +243,7 @@ public function newConditionHtmlAction()
 
     public function newActionHtmlAction()
     {
-        $id = $this->getRequest()->getParam('id');
+        $id = (int) $this->getRequest()->getParam('id');
         $typeArr = explode('|', str_replace('-', '/', $this->getRequest()->getParam('type')));
         $type = $typeArr[0];
 
@@ -339,7 +339,7 @@ public function couponsMassDeleteAction()
         if (is_array($codesIds)) {
 
             $couponsCollection = Mage::getResourceModel('Mage_SalesRule_Model_Resource_Coupon_Collection')
-                ->addFieldToFilter('coupon_id', array('in' => $codesIds));
+                ->addFieldToFilter('coupon_id', array('in' => array_map("intval", $codesIds)));
 
             foreach ($couponsCollection as $coupon) {
                 $coupon->delete();