http://www.mediawiki.org/wiki/Special:Code/MediaWiki/84593
Revision: 84593
Author: greg
Date: 2011-03-23 12:14:46 +0000 (Wed, 23 Mar 2011)
Log Message:
-----------
Properly quote the username for UPDATE USER calls. Per bug 27348.
Does not affect 1.17 or forward.
Modified Paths:
--------------
branches/REL1_16/phase3/maintenance/updaters.inc
Modified: branches/REL1_16/phase3/maintenance/updaters.inc
===================================================================
--- branches/REL1_16/phase3/maintenance/updaters.inc 2011-03-23 10:55:44 UTC
(rev 84592)
+++ branches/REL1_16/phase3/maintenance/updaters.inc 2011-03-23 12:14:46 UTC
(rev 84593)
@@ -1520,6 +1520,8 @@
else {
$search_path = $conf['search_path'];
}
+
+ $safeuser = $wgDatabase->quote_ident($wgDBuser);
if( strpos( $search_path, $wgDBmwschema ) === false ) {
wfOut( "Adding in schema \"$wgDBmwschema\" to search_path for
user \"$wgDBuser\"\n" );
$search_path = "$wgDBmwschema, $search_path";
@@ -1530,7 +1532,7 @@
}
$search_path = str_replace( ', ,', ',', $search_path);
if( array_key_exists( 'search_path', $conf ) === false || $search_path
!= $conf['search_path'] ) {
- $wgDatabase->doQuery( "ALTER USER $wgDBuser SET search_path =
$search_path" );
+ $wgDatabase->doQuery( "ALTER USER $safeuser SET search_path =
$search_path" );
$wgDatabase->doQuery( "SET search_path = $search_path" );
}
else {
@@ -1546,7 +1548,7 @@
$value = $goodconf[$key];
if( !array_key_exists( $key, $conf ) or $conf[$key] !== $value
) {
wfOut( "Setting $key to '$value' for user
\"$wgDBuser\"\n" );
- $wgDatabase->doQuery( "ALTER USER $wgDBuser SET $key =
'$value'" );
+ $wgDatabase->doQuery( "ALTER USER $safeuser SET $key =
'$value'" );
$wgDatabase->doQuery( "SET $key = '$value'" );
}
else {
_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs
