diff --git a/include/functions.inc.php b/include/functions.inc.php
index 95b99eb247..d3334f4b1d 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -32,6 +32,8 @@
  */
 function get_user_by_id($user_id)
 {
+  // Ensure user_id is an integer to prevent SQL injection
+  $user_id = intval($user_id);
   $query = 'SELECT * FROM '.USERS_TABLE.' WHERE id = '.$user_id;
   $result = pwg_query($query);
   return pwg_db_fetch_assoc($result);