Use Database::addQuotes instead of hard coded apostrophs

[lhc/web/wiklou.git] / includes / WatchedItemQueryService.php

diff --git a/includes/WatchedItemQueryService.php b/includes/WatchedItemQueryService.php
index 0c3d52a..4ff57c6 100644 (file)
--- a/includes/WatchedItemQueryService.php
+++ b/includes/WatchedItemQueryService.php
@@ -401,7 +401,7 @@ class WatchedItemQueryService {
                if ( !isset( $options['start'] ) && !isset( $options['end'] ) ) {
                        if ( $db->getType() === 'mysql' ) {
                                // This is an index optimization for mysql
-                               $conds[] = "rc_timestamp > ''";
+                               $conds[] = 'rc_timestamp > ' . $db->addQuotes( '' );
                        }
                }
 
@@ -422,10 +422,7 @@ class WatchedItemQueryService {
                        $ownersToken = $watchlistOwner->getOption( 'watchlisttoken' );
                        $token = $options['watchlistOwnerToken'];
                        if ( $ownersToken == '' || !hash_equals( $ownersToken, $token ) ) {
-                               throw new UsageException(
-                                       'Incorrect watchlist token provided -- please set a correct token in Special:Preferences',
-                                       'bad_wltoken'
-                               );
+                               throw ApiUsageException::newWithMessage( null, 'apierror-bad-watchlist-token', 'bad_wltoken' );
                        }
                        return $watchlistOwner->getId();
                }
@@ -474,7 +471,7 @@ class WatchedItemQueryService {
        }
 
        private function getStartEndConds( IDatabase $db, array $options ) {
-               if ( !isset( $options['start'] ) && ! isset( $options['end'] ) ) {
+               if ( !isset( $options['start'] ) && !isset( $options['end'] ) ) {
                        return [];
                }