User "Pgehres (WMF)" changed the status of Wikimedia.r293. Old Status: new New Status: fixme
User "Pgehres (WMF)" also posted a comment on Wikimedia.r293. Full URL: http://www.mediawiki.org/wiki/Special:Code/Wikimedia/293#c22840 Commit summary: Added IPCoountryTableLoader class TableLoader constructors now initialize a connection while destructors close them Tied all connection object initialization to constructor of DataLoader Removed all other closedb() references Comment: FIXME: execute_SQL is not escaping raw sql query. I understand that you are building the queries elsewhere, but it is impossible to check each and every call of the function. I don't have a great solution off of the top of my head, but I imagine we could come up with some way to either leverage the built-in django database abstraction or make your database wrapper more explicitly safe. _______________________________________________ MediaWiki-CodeReview mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-codereview
