Fix 0017890: XSS in extended project browser

Extended project browser allows projects to be passed in as A;B.
helper_get_current_project() and helper_get_current_project_trace() then
explodes the string by ';' and don't check that A is an int (a project /
sub-project id). Finally, print_extended_project_browser() prints the
result of the split into a javascript array.

Paul Richards discovered the issue and wrote the original patch for it.
His code was modified to remove a redudant typecast as well as an
unnecessary foreach loop in helper_get_current_project(), replacing it
with a single type cast.