From 5efbfbe9b414745a15946dbac8aa488008663352 Mon Sep 17 00:00:00 2001
From: Brion Vibber <brion@users.mediawiki.org>
Date: Tue, 4 Sep 2007 14:25:55 +0000
Subject: [PATCH] Use 'enc' variable naming convention for interpolated
 pre-encoded variables in raw SQL strings. This'll keep your release manager
 from freaking out when he sees raw variables being dumped into raw SQL.

---
 includes/api/ApiQueryCategoryMembers.php | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/includes/api/ApiQueryCategoryMembers.php b/includes/api/ApiQueryCategoryMembers.php
index d46e8450f1..96e75b5a9f 100644
--- a/includes/api/ApiQueryCategoryMembers.php
+++ b/includes/api/ApiQueryCategoryMembers.php
@@ -152,13 +152,14 @@ class ApiQueryCategoryMembers extends ApiQueryGeneratorBase {
 		if ($hasError)
 			$this->dieUsage("Invalid continue param. You should pass the original value returned by the previous query", "badcontinue");
 
-		$sortKey = $this->getDB()->addQuotes($continueList[0]);
+		$encSortKey = $this->getDB()->addQuotes($continueList[0]);
+		$encFrom = $this->getDB()->addQuotes($from);
 
 		if ($from != 0) {
 			// Duplicate sort key continue
-			$this->addWhere( "cl_sortkey>$sortKey OR (cl_sortkey=$sortKey AND cl_from>=$from)" );
+			$this->addWhere( "cl_sortkey>$encSortKey OR (cl_sortkey=$encSortKey AND cl_from>=$encFrom)" );
 		} else {
-			$this->addWhere( "cl_sortkey>=$sortKey" );
+			$this->addWhere( "cl_sortkey>=$encSortKey" );
 		}
 	}
 
-- 
2.20.1