https://bugzilla.wikimedia.org/show_bug.cgi?id=63224
--- Comment #17 from Thiemo Mättig <thiemo.maet...@wikimedia.de> --- (In reply to Christian Dullweber from comment #16) > I tried to use addQuotes() but it didn't work with sqlite. addQuotes to what? Field names? This can't work in SQLite. addQuotes is for values, not for identifiers. There are other methods like addIdentifierQuotes that may be more suitable. > shouldn't is_float check the variable to be a float and not a string that > looks like a float? Yes, it does. Chris seems to confuse this with is_numeric. To be sure you can always add an extra floatval( $var ) or (float)$var to the places where the variable is used inside of a string, especially if it's a possible SQL injection. (In reply to Chris Steipp from comment #15) > I'm not sure if php accepts other formats that might include a space Simple answer: No. http://php.net/language.types.float.php -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
