http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7977
--- Comment #50 from Chris Nighswonger <cnighswon...@foundations.edu> --- (In reply to comment #48) > QA Comment for Bug 7977: Quote-of-the-day (QOTD) Feature for OPAC > > - backquotes exist in sql files (updatedatabase and kohastructure) This is a non-issue since both of these files are DB specific and targeted for MySQL. Backticks are not optional for MySQL since certain keywords used as field/table names could cause problems. Its my opinion that those concerned with porting to other DBs should construct files specific to those DB's until such a time as we move to a DB agnostic interface. I think I mentioned this in the commit message. > - Debug javascript message is commited (console.log) > - + var sEmptyTable = _('No quotes available. Please use the \"Add > Quote\" button to add a quote.'); > Why do you escaped double quote ? > - html comments are commited (+<!-- > <th>Actions</th>-->) These are leftovers from development. I'll submit a followup patch to remove them. > - you use new font family (+ font-family: "Georgia","Palatino","Times New > Roman",sans-serif;). Currently, these fonts are not used in Koha. Isn't it > better to use already used fonts ? This was unintentional, where is it located? > - + my $like = " id LIKE \"%$filter%\" OR source LIKE \"%$filter%\" > OR text LIKE \"%$filter%\" OR timestamp LIKE \"%$filter%\""; > Why don't you use bind parameters to protect against SQL injection attacks ? Good catch. I'll include this in the followup patch. Thanks for the QA and the feedback! -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/