From 5c64d87304774f08f7f6bc436f4ac4972e4fc0f9 Mon Sep 17 00:00:00 2001
From: Michael Erdely <mike@erdelynet.com>
Date: Fri, 11 Oct 2024 17:54:57 -0400
Subject: [PATCH] Password should be PDO::PARAM_STR, not PDO::PARAM_INT

---
 src/admin.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/admin.php b/src/admin.php
index d235ff2..2819319 100644
--- a/src/admin.php
+++ b/src/admin.php
@@ -41,7 +41,7 @@ if ($action == "approve") {
 		$stmt->execute();
 	}
 	$stmt = $smarty->dbh()->prepare("UPDATE {$opt["table_prefix"]}users SET approved = 1, password = {$opt["password_hasher"]}(?) WHERE userid = ?");
-	$stmt->bindParam(1, $pwd, PDO::PARAM_INT);
+	$stmt->bindParam(1, $pwd, PDO::PARAM_STR);
 	$stmt->bindValue(2, (int) $_GET["userid"], PDO::PARAM_INT);
 	$stmt->execute();