From: Brion Vibber <brion@users.mediawiki.org>
Date: Tue, 4 Sep 2007 14:25:55 +0000 (+0000)
Subject: Use 'enc' variable naming convention for interpolated pre-encoded variables in raw... 
X-Git-Tag: 1.31.0-rc.0~51529
X-Git-Url: http://git.cyclocoop.org/%24action?a=commitdiff_plain;h=5efbfbe9b414745a15946dbac8aa488008663352;p=lhc%2Fweb%2Fwiklou.git

Use 'enc' variable naming convention for interpolated pre-encoded variables in raw SQL strings. This'll keep your release manager from freaking out when he sees raw variables being dumped into raw SQL.
---

diff --git a/includes/api/ApiQueryCategoryMembers.php b/includes/api/ApiQueryCategoryMembers.php
index d46e8450f1..96e75b5a9f 100644
--- a/includes/api/ApiQueryCategoryMembers.php
+++ b/includes/api/ApiQueryCategoryMembers.php
@@ -152,13 +152,14 @@ class ApiQueryCategoryMembers extends ApiQueryGeneratorBase {
 		if ($hasError)
 			$this->dieUsage("Invalid continue param. You should pass the original value returned by the previous query", "badcontinue");
 
-		$sortKey = $this->getDB()->addQuotes($continueList[0]);
+		$encSortKey = $this->getDB()->addQuotes($continueList[0]);
+		$encFrom = $this->getDB()->addQuotes($from);
 
 		if ($from != 0) {
 			// Duplicate sort key continue
-			$this->addWhere( "cl_sortkey>$sortKey OR (cl_sortkey=$sortKey AND cl_from>=$from)" );
+			$this->addWhere( "cl_sortkey>$encSortKey OR (cl_sortkey=$encSortKey AND cl_from>=$encFrom)" );
 		} else {
-			$this->addWhere( "cl_sortkey>=$sortKey" );
+			$this->addWhere( "cl_sortkey>=$encSortKey" );
 		}
 	}