Dzahn has uploaded a new change for review.
https://gerrit.wikimedia.org/r/157324
Change subject: sanitize input, dont break when names incl. "'s
......................................................................
sanitize input, dont break when names incl. "'s
when importing wikis, and fetching their names,
escape the input and replace literal "'s
Change-Id: If0e89b34a3a9e88d66276000f7eb5eef85729dc5
---
M usr/lib/wikistats/update.php
1 file changed, 2 insertions(+), 1 deletion(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/debs/wikistats
refs/changes/24/157324/1
diff --git a/usr/lib/wikistats/update.php b/usr/lib/wikistats/update.php
index 8c363e7..ca86728 100644
--- a/usr/lib/wikistats/update.php
+++ b/usr/lib/wikistats/update.php
@@ -328,7 +328,8 @@
$admins=$result["admins"];
if (isset($import) && $import) {
- $wikiname=get_name_from_api($url);
+ $wikiname=mysql_escape_string(get_name_from_api($url));
+ $wikiname=str_replace("\"","'",$wikiname);
}
} elseif ($parsing_answer == 3) {
echo "\\n 991 error ! - http: ".$row['http']." method:
".$row['method']." url: ".$row['statsurl']." version: ".$row['version']."
agent: $user_agent API: $url\n";
--
To view, visit https://gerrit.wikimedia.org/r/157324
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: If0e89b34a3a9e88d66276000f7eb5eef85729dc5
Gerrit-PatchSet: 1
Gerrit-Project: operations/debs/wikistats
Gerrit-Branch: master
Gerrit-Owner: Dzahn <dz...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
