r84593 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r84592‎ \| r84593 \| r84594 >
Date:	12:14, 23 March 2011
Author:	greg
Status:	ok
Tags:
Comment:	Properly quote the username for UPDATE USER calls. Per bug 27348. Does not affect 1.17 or forward.
Modified paths:	/branches/REL1_16/phase3/maintenance/updaters.inc (modified) (history)

Diff [purge]

Index: branches/REL1_16/phase3/maintenance/updaters.inc
—	—	@@ -1520,6 +1520,8 @@
1521	1521	else {
1522	1522	$search_path = $conf['search_path'];
1523	1523	}
	1524	+
	1525	+ $safeuser = $wgDatabase->quote_ident($wgDBuser);
1524	1526	if( strpos( $search_path, $wgDBmwschema ) === false ) {
1525	1527	wfOut( "Adding in schema \"$wgDBmwschema\" to search_path for user \"$wgDBuser\"\n" );
1526	1528	$search_path = "$wgDBmwschema, $search_path";
—	—	@@ -1530,7 +1532,7 @@
1531	1533	}
1532	1534	$search_path = str_replace( ', ,', ',', $search_path);
1533	1535	if( array_key_exists( 'search_path', $conf ) === false \|\| $search_path != $conf['search_path'] ) {
1534		~~- $wgDatabase->doQuery( "ALTER USER $wgDBuser SET search_path = $search_path" );~~
	1536	+ $wgDatabase->doQuery( "ALTER USER $safeuser SET search_path = $search_path" );
1535	1537	$wgDatabase->doQuery( "SET search_path = $search_path" );
1536	1538	}
1537	1539	else {
—	—	@@ -1546,7 +1548,7 @@
1547	1549	$value = $goodconf[$key];
1548	1550	if( !array_key_exists( $key, $conf ) or $conf[$key] !== $value ) {
1549	1551	wfOut( "Setting $key to '$value' for user \"$wgDBuser\"\n" );
1550		~~- $wgDatabase->doQuery( "ALTER USER $wgDBuser SET $key = '$value'" );~~
	1552	+ $wgDatabase->doQuery( "ALTER USER $safeuser SET $key = '$value'" );
1551	1553	$wgDatabase->doQuery( "SET $key = '$value'" );
1552	1554	}
1553	1555	else {

20:53, 15 April 2011 😂 (talk | contribs) changed the status of r84593 [removed: new added: ok]