Revision: 1146
http://mrbs.svn.sourceforge.net/mrbs/?rev=1146&view=rev
Author: cimorrison
Date: 2009-07-08 09:40:57 +0000 (Wed, 08 Jul 2009)
Log Message:
-----------
Added checking of name lengths for room and area names in order to avoid SQL
errors in PostgreSQL.
Modified Paths:
--------------
mrbs/trunk/web/add.php
mrbs/trunk/web/admin.php
mrbs/trunk/web/config.inc.php
mrbs/trunk/web/edit_entry.php
mrbs/trunk/web/edit_entry_handler.php
Modified: mrbs/trunk/web/add.php
===================================================================
--- mrbs/trunk/web/add.php 2009-07-03 20:07:42 UTC (rev 1145)
+++ mrbs/trunk/web/add.php 2009-07-08 09:40:57 UTC (rev 1146)
@@ -32,6 +32,8 @@
if ($type == "area")
{
+ // Truncate the name field to the maximum length as a precaution.
+ $name = substr($name, 0, $maxlength['area.area_name']);
$area_name_q = addslashes($name);
// Acquire a mutex to lock out others who might be editing the area
if (!sql_mutex_lock("$tbl_area"))
@@ -59,6 +61,8 @@
if ($type == "room")
{
+ // Truncate the name field to the maximum length as a precaution.
+ $name = substr($name, 0, $maxlength['room.room_name']);
$room_name_q = addslashes($name);
$description_q = addslashes($description);
if (empty($capacity))
Modified: mrbs/trunk/web/admin.php
===================================================================
--- mrbs/trunk/web/admin.php 2009-07-03 20:07:42 UTC (rev 1145)
+++ mrbs/trunk/web/admin.php 2009-07-08 09:40:57 UTC (rev 1146)
@@ -147,7 +147,7 @@
<div>
<label for="area_name"><?php echo get_vocab("name") ?>:</label>
- <input type="text" id="area_name" name="name">
+ <input type="text" id="area_name" name="name" maxlength="<?php
echo $maxlength['area.area_name'] ?>">
</div>
<div>
@@ -172,7 +172,7 @@
<div>
<label for="room_name"><?php echo get_vocab("name") ?>:</label>
- <input type="text" id="room_name" name="name">
+ <input type="text" id="room_name" name="name" maxlength="<?php echo
$maxlength['room.room_name'] ?>">
</div>
<div>
Modified: mrbs/trunk/web/config.inc.php
===================================================================
--- mrbs/trunk/web/config.inc.php 2009-07-03 20:07:42 UTC (rev 1145)
+++ mrbs/trunk/web/config.inc.php 2009-07-08 09:40:57 UTC (rev 1146)
@@ -43,7 +43,9 @@
// Field lengths in the database tables
// NOTE: these must be kept in step with the database. If you change the
field
// lengths in the database then you should change the values here, and vice
versa.
-define("ENTRY_NAME_LENGTH", 80); // characters (name field in entry table)
+$maxlength['entry.name'] = 80; // characters (name field in entry
table)
+$maxlength['area.area_name'] = 30; // characters (area_name field in area
table)
+$maxlength['room.room_name'] = 25; // characters (room_name field in room
table)
/*********************************
Modified: mrbs/trunk/web/edit_entry.php
===================================================================
--- mrbs/trunk/web/edit_entry.php 2009-07-03 20:07:42 UTC (rev 1145)
+++ mrbs/trunk/web/edit_entry.php 2009-07-08 09:40:57 UTC (rev 1146)
@@ -468,7 +468,7 @@
<div id="div_name">
<label for="name"><?php echo get_vocab("namebooker")?>:</label>
<?php
- echo "<input id=\"name\" name=\"name\" maxlength=\"" . ENTRY_NAME_LENGTH
. "\" value=\"" . htmlspecialchars($name) . "\">\n";
+ echo "<input id=\"name\" name=\"name\" maxlength=\"" .
$maxlength['entry.name'] . "\" value=\"" . htmlspecialchars($name) . "\">\n";
?>
</div>
Modified: mrbs/trunk/web/edit_entry_handler.php
===================================================================
--- mrbs/trunk/web/edit_entry_handler.php 2009-07-03 20:07:42 UTC (rev
1145)
+++ mrbs/trunk/web/edit_entry_handler.php 2009-07-08 09:40:57 UTC (rev
1146)
@@ -46,7 +46,7 @@
// the MAXLENGTH attribute. Passing an oversize string to some
// databases (eg some versions of PostgreSQL) results in an SQL error,
// rather than silent truncation of the string.
-$name = substr($name, 0, ENTRY_NAME_LENGTH);
+$name = substr($name, 0, $maxlength['entry.name']);
if (empty($area))
{
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
------------------------------------------------------------------------------
Enter the BlackBerry Developer Challenge
This is your chance to win up to $100,000 in prizes! For a limited time,
vendors submitting new applications to BlackBerry App World(TM) will have
the opportunity to enter the BlackBerry Developer Challenge. See full prize
details at: http://p.sf.net/sfu/Challenge
_______________________________________________
Mrbs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mrbs-commits
