[MediaWiki-commits] [Gerrit] mediawiki/core[master]: Use Database::addQuotes instead of hard coded apostrophs

2017-02-24 Thread jenkins-bot (Code Review) 
jenkins-bot has submitted this change and it was merged. ( 
https://gerrit.wikimedia.org/r/339225 )

Change subject: Use Database::addQuotes instead of hard coded apostrophs
..


Use Database::addQuotes instead of hard coded apostrophs

Change-Id: I1404d68d7e2b7fde8f9a76c747bc2be0936f7bef
---
M includes/EditPage.php
M includes/WatchedItemQueryService.php
M includes/actions/HistoryAction.php
M includes/logging/LogEventsList.php
M includes/page/Article.php
M includes/page/ImagePage.php
M includes/specials/SpecialUpload.php
7 files changed, 20 insertions(+), 7 deletions(-)

Approvals:
  Florianschmidtwelzow: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/includes/EditPage.php b/includes/EditPage.php
index 34062c0..da1dfbd 100644
--- a/includes/EditPage.php
+++ b/includes/EditPage.php
@@ -2483,11 +2483,13 @@
}
# Give a notice if the user is editing a deleted/moved page...
if ( !$this->mTitle->exists() ) {
+   $dbr = wfGetDB( DB_REPLICA );
+
LogEventsList::showLogExtract( $wgOut, [ 'delete', 
'move' ], $this->mTitle,
'',
[
'lim' => 10,
-   'conds' => [ "log_action != 'revision'" 
],
+   'conds' => [ 'log_action != ' . 
$dbr->addQuotes( 'revision' ) ],
'showIfEmpty' => false,
'msgKey' => [ 
'recreate-moveddeleted-warn' ]
]
diff --git a/includes/WatchedItemQueryService.php 
b/includes/WatchedItemQueryService.php
index c80e4a5..4ff57c6 100644
--- a/includes/WatchedItemQueryService.php
+++ b/includes/WatchedItemQueryService.php
@@ -401,7 +401,7 @@
if ( !isset( $options['start'] ) && !isset( $options['end'] ) ) 
{
if ( $db->getType() === 'mysql' ) {
// This is an index optimization for mysql
-   $conds[] = "rc_timestamp > ''";
+   $conds[] = 'rc_timestamp > ' . $db->addQuotes( 
'' );
}
}
 
diff --git a/includes/actions/HistoryAction.php 
b/includes/actions/HistoryAction.php
index e8aec1c..b381edc 100644
--- a/includes/actions/HistoryAction.php
+++ b/includes/actions/HistoryAction.php
@@ -146,6 +146,9 @@
$out->setStatusCode( 404 );
}
$out->addWikiMsg( 'nohistory' );
+
+   $dbr = wfGetDB( DB_REPLICA );
+
# show deletion/move log if there is an entry
LogEventsList::showLogExtract(
$out,
@@ -153,7 +156,7 @@
$this->getTitle(),
'',
[ 'lim' => 10,
-   'conds' => [ "log_action != 'revision'" 
],
+   'conds' => [ 'log_action != ' . 
$dbr->addQuotes( 'revision' ) ],
'showIfEmpty' => false,
'msgKey' => [ 'moveddeleted-notice' ]
]
diff --git a/includes/logging/LogEventsList.php 
b/includes/logging/LogEventsList.php
index 6665336..4382910 100644
--- a/includes/logging/LogEventsList.php
+++ b/includes/logging/LogEventsList.php
@@ -544,7 +544,8 @@
 * @param string $user The user who made the log entries
 * @param array $param Associative Array with the following additional 
options:
 * - lim Integer Limit of items to show, default is 50
-* - conds Array Extra conditions for the query (e.g. "log_action != 
'revision'")
+* - conds Array Extra conditions for the query
+*   (e.g. 'log_action != ' . $dbr->addQuotes( 'revision' ))
 * - showIfEmpty boolean Set to false if you don't want any output in 
case the loglist is empty
 *   if set to true (default), "No matching items in log" is displayed 
if loglist is empty
 * - msgKey Array If you want a nice box with a message, set this to 
the key of the message.
diff --git a/includes/page/Article.php b/includes/page/Article.php
index 34ff63c..2787c1b 100644
--- a/includes/page/Article.php
+++ b/includes/page/Article.php
@@ -1171,7 +1171,10 @@
$loggedIn = $this->getContext()->getUser()->isLoggedIn();
if ( $loggedIn || $cache->get( $key ) ) {
$logTypes = [ 'delete', 'move' ];
-   $conds = [ "log_action != 'revision'" ];
+
+   $dbr = wfGetDB( DB_REPLICA );
+
+   $conds = [ 'log_action != ' . $dbr->addQuotes( 
'revision' ) ];

[MediaWiki-commits] [Gerrit] mediawiki/core[master]: Use Database::addQuotes instead of hard coded apostrophs

2017-02-22 Thread Umherirrender (Code Review) 
Umherirrender has uploaded a new change for review. ( 
https://gerrit.wikimedia.org/r/339225 )

Change subject: Use Database::addQuotes instead of hard coded apostrophs
..

Use Database::addQuotes instead of hard coded apostrophs

Change-Id: I1404d68d7e2b7fde8f9a76c747bc2be0936f7bef
---
M includes/EditPage.php
M includes/WatchedItemQueryService.php
M includes/actions/HistoryAction.php
M includes/logging/LogEventsList.php
M includes/page/Article.php
M includes/page/ImagePage.php
M includes/specials/SpecialUpload.php
7 files changed, 20 insertions(+), 7 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core 
refs/changes/25/339225/1

diff --git a/includes/EditPage.php b/includes/EditPage.php
index 34062c0..da1dfbd 100644
--- a/includes/EditPage.php
+++ b/includes/EditPage.php
@@ -2483,11 +2483,13 @@
}
# Give a notice if the user is editing a deleted/moved page...
if ( !$this->mTitle->exists() ) {
+   $dbr = wfGetDB( DB_REPLICA );
+
LogEventsList::showLogExtract( $wgOut, [ 'delete', 
'move' ], $this->mTitle,
'',
[
'lim' => 10,
-   'conds' => [ "log_action != 'revision'" 
],
+   'conds' => [ 'log_action != ' . 
$dbr->addQuotes( 'revision' ) ],
'showIfEmpty' => false,
'msgKey' => [ 
'recreate-moveddeleted-warn' ]
]
diff --git a/includes/WatchedItemQueryService.php 
b/includes/WatchedItemQueryService.php
index c80e4a5..4ff57c6 100644
--- a/includes/WatchedItemQueryService.php
+++ b/includes/WatchedItemQueryService.php
@@ -401,7 +401,7 @@
if ( !isset( $options['start'] ) && !isset( $options['end'] ) ) 
{
if ( $db->getType() === 'mysql' ) {
// This is an index optimization for mysql
-   $conds[] = "rc_timestamp > ''";
+   $conds[] = 'rc_timestamp > ' . $db->addQuotes( 
'' );
}
}
 
diff --git a/includes/actions/HistoryAction.php 
b/includes/actions/HistoryAction.php
index e8aec1c..b381edc 100644
--- a/includes/actions/HistoryAction.php
+++ b/includes/actions/HistoryAction.php
@@ -146,6 +146,9 @@
$out->setStatusCode( 404 );
}
$out->addWikiMsg( 'nohistory' );
+
+   $dbr = wfGetDB( DB_REPLICA );
+
# show deletion/move log if there is an entry
LogEventsList::showLogExtract(
$out,
@@ -153,7 +156,7 @@
$this->getTitle(),
'',
[ 'lim' => 10,
-   'conds' => [ "log_action != 'revision'" 
],
+   'conds' => [ 'log_action != ' . 
$dbr->addQuotes( 'revision' ) ],
'showIfEmpty' => false,
'msgKey' => [ 'moveddeleted-notice' ]
]
diff --git a/includes/logging/LogEventsList.php 
b/includes/logging/LogEventsList.php
index 6665336..4382910 100644
--- a/includes/logging/LogEventsList.php
+++ b/includes/logging/LogEventsList.php
@@ -544,7 +544,8 @@
 * @param string $user The user who made the log entries
 * @param array $param Associative Array with the following additional 
options:
 * - lim Integer Limit of items to show, default is 50
-* - conds Array Extra conditions for the query (e.g. "log_action != 
'revision'")
+* - conds Array Extra conditions for the query
+*   (e.g. 'log_action != ' . $dbr->addQuotes( 'revision' ))
 * - showIfEmpty boolean Set to false if you don't want any output in 
case the loglist is empty
 *   if set to true (default), "No matching items in log" is displayed 
if loglist is empty
 * - msgKey Array If you want a nice box with a message, set this to 
the key of the message.
diff --git a/includes/page/Article.php b/includes/page/Article.php
index 34ff63c..2787c1b 100644
--- a/includes/page/Article.php
+++ b/includes/page/Article.php
@@ -1171,7 +1171,10 @@
$loggedIn = $this->getContext()->getUser()->isLoggedIn();
if ( $loggedIn || $cache->get( $key ) ) {
$logTypes = [ 'delete', 'move' ];
-   $conds = [ "log_action != 'revision'" ];
+
+   $dbr = wfGetDB( DB_REPLICA );
+
+   $conds = [ 'log_action != ' . $dbr->addQuotes( 
'revision' ) ];