r73878 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r73877‎ | r73878 | r73879 >
Date:09:39, 28 September 2010
Author:thomasv
Status:resolved (Comments)
Tags:
Comment:
follow up to r73453
Modified paths:
  • /trunk/extensions/ProofreadPage/ProofreadPage_body.php (modified) (history)

Diff [purge]

Index: trunk/extensions/ProofreadPage/ProofreadPage_body.php
@@ -840,17 +840,16 @@
841841 list( $page, $pagenum ) = $item;
842842 $pp[] = $page;
843843 }
844 - $pagelist = "'" . implode( "', '", $pp ) . "'";
845844 $page_ns_index = MWNamespace::getCanonicalIndex( strtolower( $page_namespace ) );
846845 $dbr = wfGetDB( DB_SLAVE );
847 - $encCat = $dbr->addQuotes( str_replace( ' ' , '_' , wfMsgForContent( 'proofreadpage_quality0_category' ) ) );
 846+ $encCat = $dbr->strencode( str_replace( ' ' , '_' , wfMsgForContent( 'proofreadpage_quality0_category' ) ) );
848847 $res = $dbr->select(
849848 array( 'page', 'categorylinks' ),
850849 array( 'page_title' ),
851850 array(
852 - "page_title IN ( $pagelist )",
853 - "cl_to=$encCat",
854 - "page_namespace=$page_ns_index"
 851+ 'page_title' => $pp,
 852+ 'cl_to' => $encCat,
 853+ 'page_namespace' => $page_ns_index
855854 ),
856855 __METHOD__,
857856 null,

Follow-up revisions

RevisionCommit summaryAuthorDate
r73893ProofreadPage -- fix for r73878: since we're using the wrappers now to genera...brion15:17, 28 September 2010

Past revisions this follows-up on

RevisionCommit summaryAuthorDate
r73453use select wrapper (follow-up to r73216)thomasv09:05, 21 September 2010

Comments

#Comment by Brion VIBBER (talk | contribs)   15:19, 28 September 2010

This actually ends up double-escaping the category name, since it's doing a strencode() and then handing that over to the DB wrappers. I've fixed this in r73893.

Note that underlying problems are still present: $page may be unset or empty, which throws an exception in makeList (vs originally giving you a SQL error due to "IN ('')" being invalid.)

Status & tagging log