r63758 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r63757‎ \| r63758 \| r63759 >
Date:	20:48, 14 March 2010
Author:	jeroendedauw
Status:	resolved (Comments)
Tags:
Comment:	Partial follow up to r63722 - will test the API module later today
Modified paths:	/trunk/extensions/Storyboard/api/ApiStoryReview.php (modified) (history) /trunk/extensions/Storyboard/specials/Story/Story_body.php (modified) (history)

Diff [purge]

Index: trunk/extensions/Storyboard/specials/Story/Story_body.php
—	—	@@ -19,28 +19,29 @@
20	20	parent::__construct( 'Story' );
21	21	}
22	22
23		~~- public function execute( $identifier ) {~~
	23	+ public function execute( $title ) {
24	24	wfProfileIn( __METHOD__ );
25	25
26		~~- if ( trim( $identifier ) == '' ) {~~
27		~~- global $wgOut;~~
28		~~- $wgOut->addHTML( wfMsg( 'storyboard-nostorytitle' ) );~~
29		~~- return;~~
30		~~- }~~
31		-
32	26	$dbr = wfGetDB( DB_SLAVE );
33	27
34		~~- if ( is_numeric( $identifier ) ) {~~
	28	+ if ( trim( $identifier ) != '' ) {
35	29	$conds = array(
36		~~- 'story_id' => $identifier~~
	30	+ 'story_title' => str_replace( '_', ' ', $title )
37	31	);
38	32	} else {
39		~~- $conds = array(~~
40		~~- 'story_title' => str_replace( '_', ' ', $identifier ) // TODO: escaping required?~~
41		~~- );~~
	33	+ $id = $wgRequest->getIntOrNull( 'id' );
	34	+ if ( $id ) {
	35	+ $conds = array(
	36	+ 'story_id' => $id
	37	+ );
	38	+ } else {
	39	+ global $wgOut;
	40	+ $wgOut->addWikiMsg( 'storyboard-nostorytitle' );
	41	+ return;
	42	+ }
42	43	}
43	44
44		~~- $stories = $dbr->Select(~~
	45	+ $stories = $dbr->selectRow(
45	46	'storyboard',
46	47	array(
47	48	'story_id',
Index: trunk/extensions/Storyboard/api/ApiStoryReview.php
—	—	@@ -43,7 +43,7 @@
44	44	global $wgUser;
45	45
46	46	if ( !$wgUser->isAllowed( 'storyreview' ) \|\| $wgUser->isBlocked() ) {
47		~~- $this->dieUsageMsg( array( 'storyreview' ) );~~
	47	+ $this->dieUsageMsg( array( 'badaccess-groups' ) );
48	48	}
49	49
50	50	$params = $this->extractRequestParams();
—	—	@@ -60,8 +60,7 @@
61	61	$dbw = wfGetDB( DB_MASTER );
62	62
63	63	if ( $params['storyaction'] == 'delete' ) {
64		~~- // TODO: does this need to be escaped, or is putting the type of the param to integer sufficient?~~
65		~~- $dbw->delete( 'storyboard', "story_id = '$params[storyid]'" );~~
	64	+ $dbw->delete( 'storyboard', array( 'story_id' => $dbw->escape( $params['storyid'] ) ) );
66	65	} else {
67	66	$conds = array(
68	67	'story_id' => $params['storyid']
—	—	@@ -114,14 +113,24 @@
115	114	'storyid' => array(
116	115	ApiBase :: PARAM_TYPE => 'integer',
117	116	),
118		~~- 'storyaction' => null,~~
	117	+ 'storyaction' => array(
	118	+ ApiBase::PARAM_TYPE => array(
	119	+ 'hide',
	120	+ 'unhide',
	121	+ 'publish',
	122	+ 'unpublish',
	123	+ 'hideimage',
	124	+ 'showimage',
	125	+ 'deleteimage',
	126	+ )
	127	+ ),
119	128	);
120	129	}
121	130
122	131	public function getParamDescription() {
123	132	return array(
124		~~- 'storyid' => '',~~
125		~~- 'storyaction' => '',~~
	133	+ 'storyid' => 'The id of the story you want to modify or delete',
	134	+ 'storyaction' => 'Indicates in what way you want to modify the story',
126	135	);
127	136	}
128	137

Follow-up revisions

Revision	Commit summary	Author	Date
r63775	Follow up to r63758 and r63763.	jeroendedauw	16:35, 15 March 2010
r63779	Follow up to r63758	jeroendedauw	19:36, 15 March 2010

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r63722	* Added (untested) stuff to ApiStoryReview to enable ajax actions on Storyrev...	jeroendedauw	01:36, 14 March 2010

Comments

#Comment by Catrope (talk | contribs) 15:31, 15 March 2010

-		$stories = $dbr->Select(
+		$stories = $dbr->selectRow(

This won't magically work. select() returns a database result you have to grab rows from (or can use foreach() on), while selectRow() returns a single row. The code using $stories below this line needs to be updated for this.

+			$dbw->delete( 'storyboard', array( 'story_id' => $dbw->escape( $params['storyid'] ) ) );

When using the key-value format to pass WHERE conditions, you don't need to escape the values; doing so will lead to double-escaping.

+			'storyaction' => array(
+				ApiBase::PARAM_TYPE => array(
...

You seem to have forgotten about 'delete', which the code does check for.

#Comment by Jeroen De Dauw (talk | contribs) 16:37, 15 March 2010

The select stuff seems to be working though - and I don't know what else it should be. The var name should have changed though.

#Comment by Catrope (talk | contribs) 17:38, 15 March 2010

You're calling $story = $dbr->fetchObject( $story ); while $story is already a row, not a result. Apparently fetchObject() doesn't mind and it works anyway, but this behavior is not documented and could break at any time, or on DBMSes other than yours.

#Comment by Jeroen De Dauw (talk | contribs) 19:03, 15 March 2010

So how do I get a story object in the correct way? I seem unable to figure out how to do this.

#Comment by Catrope (talk | contribs) 19:20, 15 March 2010

Just use the return value of selectRow(), no need to feed it through fetchObject() first.

#Comment by Jeroen De Dauw (talk | contribs) 19:33, 15 March 2010

So I can only get it as a row, and not as an object?

Status & tagging log

19:40, 15 March 2010 Catrope (talk | contribs) changed the status of r63758 [removed: fixme added: resolved]
15:31, 15 March 2010 Catrope (talk | contribs) changed the status of r63758 [removed: new added: fixme]