From 26f13ec28f4059cfa02dd13c03cb8b84a0b6cfca Mon Sep 17 00:00:00 2001 From: umherirrender Date: Fri, 4 Jan 2013 20:07:37 +0100 Subject: [PATCH] Use Database::addQuotes instead of hardcoded quotes Change-Id: I29461e5332f3fc6523cbd899e14394aa88865d93 --- includes/WikiPage.php | 2 +- includes/actions/HistoryAction.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/includes/WikiPage.php b/includes/WikiPage.php index 7620b3adc5..7ed48acd19 100644 --- a/includes/WikiPage.php +++ b/includes/WikiPage.php @@ -2062,7 +2062,7 @@ class WikiPage extends Page implements IDBAccessObject { $cutoff = $dbw->timestamp( time() - $wgRCMaxAge ); $dbw->delete( 'recentchanges', - array( "rc_timestamp < '$cutoff'" ), + array( 'rc_timestamp < ' . $dbw->addQuotes( $cutoff ) ), __METHOD__ ); } diff --git a/includes/actions/HistoryAction.php b/includes/actions/HistoryAction.php index d68ae2b5a7..c33423d304 100644 --- a/includes/actions/HistoryAction.php +++ b/includes/actions/HistoryAction.php @@ -222,7 +222,7 @@ class HistoryAction extends FormlessAction { } if ( $offset ) { - $offsets = array( "rev_timestamp $oper '$offset'" ); + $offsets = array( 'rev_timestamp $oper ' . $dbr->addQuotes( $dbr->timestamp( $offset ) ) ); } else { $offsets = array(); } @@ -231,7 +231,7 @@ class HistoryAction extends FormlessAction { return $dbr->select( 'revision', Revision::selectFields(), - array_merge( array( "rev_page=$page_id" ), $offsets ), + array_merge( array( 'rev_page' => $page_id ), $offsets ), __METHOD__, array( 'ORDER BY' => "rev_timestamp $dirs", 'USE INDEX' => 'page_timestamp', 'LIMIT' => $limit ) -- 2.20.1