[MediaWiki-commits] [Gerrit] mediawiki/core[master]: Use Database::addQuotes instead of hard coded apostrophs
jenkins-bot has submitted this change and it was merged. ( https://gerrit.wikimedia.org/r/339225 ) Change subject: Use Database::addQuotes instead of hard coded apostrophs .. Use Database::addQuotes instead of hard coded apostrophs Change-Id: I1404d68d7e2b7fde8f9a76c747bc2be0936f7bef --- M includes/EditPage.php M includes/WatchedItemQueryService.php M includes/actions/HistoryAction.php M includes/logging/LogEventsList.php M includes/page/Article.php M includes/page/ImagePage.php M includes/specials/SpecialUpload.php 7 files changed, 20 insertions(+), 7 deletions(-) Approvals: Florianschmidtwelzow: Looks good to me, approved jenkins-bot: Verified diff --git a/includes/EditPage.php b/includes/EditPage.php index 34062c0..da1dfbd 100644 --- a/includes/EditPage.php +++ b/includes/EditPage.php @@ -2483,11 +2483,13 @@ } # Give a notice if the user is editing a deleted/moved page... if ( !$this->mTitle->exists() ) { + $dbr = wfGetDB( DB_REPLICA ); + LogEventsList::showLogExtract( $wgOut, [ 'delete', 'move' ], $this->mTitle, '', [ 'lim' => 10, - 'conds' => [ "log_action != 'revision'" ], + 'conds' => [ 'log_action != ' . $dbr->addQuotes( 'revision' ) ], 'showIfEmpty' => false, 'msgKey' => [ 'recreate-moveddeleted-warn' ] ] diff --git a/includes/WatchedItemQueryService.php b/includes/WatchedItemQueryService.php index c80e4a5..4ff57c6 100644 --- a/includes/WatchedItemQueryService.php +++ b/includes/WatchedItemQueryService.php @@ -401,7 +401,7 @@ if ( !isset( $options['start'] ) && !isset( $options['end'] ) ) { if ( $db->getType() === 'mysql' ) { // This is an index optimization for mysql - $conds[] = "rc_timestamp > ''"; + $conds[] = 'rc_timestamp > ' . $db->addQuotes( '' ); } } diff --git a/includes/actions/HistoryAction.php b/includes/actions/HistoryAction.php index e8aec1c..b381edc 100644 --- a/includes/actions/HistoryAction.php +++ b/includes/actions/HistoryAction.php @@ -146,6 +146,9 @@ $out->setStatusCode( 404 ); } $out->addWikiMsg( 'nohistory' ); + + $dbr = wfGetDB( DB_REPLICA ); + # show deletion/move log if there is an entry LogEventsList::showLogExtract( $out, @@ -153,7 +156,7 @@ $this->getTitle(), '', [ 'lim' => 10, - 'conds' => [ "log_action != 'revision'" ], + 'conds' => [ 'log_action != ' . $dbr->addQuotes( 'revision' ) ], 'showIfEmpty' => false, 'msgKey' => [ 'moveddeleted-notice' ] ] diff --git a/includes/logging/LogEventsList.php b/includes/logging/LogEventsList.php index 6665336..4382910 100644 --- a/includes/logging/LogEventsList.php +++ b/includes/logging/LogEventsList.php @@ -544,7 +544,8 @@ * @param string $user The user who made the log entries * @param array $param Associative Array with the following additional options: * - lim Integer Limit of items to show, default is 50 -* - conds Array Extra conditions for the query (e.g. "log_action != 'revision'") +* - conds Array Extra conditions for the query +* (e.g. 'log_action != ' . $dbr->addQuotes( 'revision' )) * - showIfEmpty boolean Set to false if you don't want any output in case the loglist is empty * if set to true (default), "No matching items in log" is displayed if loglist is empty * - msgKey Array If you want a nice box with a message, set this to the key of the message. diff --git a/includes/page/Article.php b/includes/page/Article.php index 34ff63c..2787c1b 100644 --- a/includes/page/Article.php +++ b/includes/page/Article.php @@ -1171,7 +1171,10 @@ $loggedIn = $this->getContext()->getUser()->isLoggedIn(); if ( $loggedIn || $cache->get( $key ) ) { $logTypes = [ 'delete', 'move' ]; - $conds = [ "log_action != 'revision'" ]; + + $dbr = wfGetDB( DB_REPLICA ); + + $conds = [ 'log_action != ' . $dbr->addQuotes( 'revision' ) ];
[MediaWiki-commits] [Gerrit] mediawiki/core[master]: Use Database::addQuotes instead of hard coded apostrophs
Umherirrender has uploaded a new change for review. ( https://gerrit.wikimedia.org/r/339225 ) Change subject: Use Database::addQuotes instead of hard coded apostrophs .. Use Database::addQuotes instead of hard coded apostrophs Change-Id: I1404d68d7e2b7fde8f9a76c747bc2be0936f7bef --- M includes/EditPage.php M includes/WatchedItemQueryService.php M includes/actions/HistoryAction.php M includes/logging/LogEventsList.php M includes/page/Article.php M includes/page/ImagePage.php M includes/specials/SpecialUpload.php 7 files changed, 20 insertions(+), 7 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core refs/changes/25/339225/1 diff --git a/includes/EditPage.php b/includes/EditPage.php index 34062c0..da1dfbd 100644 --- a/includes/EditPage.php +++ b/includes/EditPage.php @@ -2483,11 +2483,13 @@ } # Give a notice if the user is editing a deleted/moved page... if ( !$this->mTitle->exists() ) { + $dbr = wfGetDB( DB_REPLICA ); + LogEventsList::showLogExtract( $wgOut, [ 'delete', 'move' ], $this->mTitle, '', [ 'lim' => 10, - 'conds' => [ "log_action != 'revision'" ], + 'conds' => [ 'log_action != ' . $dbr->addQuotes( 'revision' ) ], 'showIfEmpty' => false, 'msgKey' => [ 'recreate-moveddeleted-warn' ] ] diff --git a/includes/WatchedItemQueryService.php b/includes/WatchedItemQueryService.php index c80e4a5..4ff57c6 100644 --- a/includes/WatchedItemQueryService.php +++ b/includes/WatchedItemQueryService.php @@ -401,7 +401,7 @@ if ( !isset( $options['start'] ) && !isset( $options['end'] ) ) { if ( $db->getType() === 'mysql' ) { // This is an index optimization for mysql - $conds[] = "rc_timestamp > ''"; + $conds[] = 'rc_timestamp > ' . $db->addQuotes( '' ); } } diff --git a/includes/actions/HistoryAction.php b/includes/actions/HistoryAction.php index e8aec1c..b381edc 100644 --- a/includes/actions/HistoryAction.php +++ b/includes/actions/HistoryAction.php @@ -146,6 +146,9 @@ $out->setStatusCode( 404 ); } $out->addWikiMsg( 'nohistory' ); + + $dbr = wfGetDB( DB_REPLICA ); + # show deletion/move log if there is an entry LogEventsList::showLogExtract( $out, @@ -153,7 +156,7 @@ $this->getTitle(), '', [ 'lim' => 10, - 'conds' => [ "log_action != 'revision'" ], + 'conds' => [ 'log_action != ' . $dbr->addQuotes( 'revision' ) ], 'showIfEmpty' => false, 'msgKey' => [ 'moveddeleted-notice' ] ] diff --git a/includes/logging/LogEventsList.php b/includes/logging/LogEventsList.php index 6665336..4382910 100644 --- a/includes/logging/LogEventsList.php +++ b/includes/logging/LogEventsList.php @@ -544,7 +544,8 @@ * @param string $user The user who made the log entries * @param array $param Associative Array with the following additional options: * - lim Integer Limit of items to show, default is 50 -* - conds Array Extra conditions for the query (e.g. "log_action != 'revision'") +* - conds Array Extra conditions for the query +* (e.g. 'log_action != ' . $dbr->addQuotes( 'revision' )) * - showIfEmpty boolean Set to false if you don't want any output in case the loglist is empty * if set to true (default), "No matching items in log" is displayed if loglist is empty * - msgKey Array If you want a nice box with a message, set this to the key of the message. diff --git a/includes/page/Article.php b/includes/page/Article.php index 34ff63c..2787c1b 100644 --- a/includes/page/Article.php +++ b/includes/page/Article.php @@ -1171,7 +1171,10 @@ $loggedIn = $this->getContext()->getUser()->isLoggedIn(); if ( $loggedIn || $cache->get( $key ) ) { $logTypes = [ 'delete', 'move' ]; - $conds = [ "log_action != 'revision'" ]; + + $dbr = wfGetDB( DB_REPLICA ); + + $conds = [ 'log_action != ' . $dbr->addQuotes( 'revision' ) ];