From: Domas Mituzas <midom@users.mediawiki.org>
Date: Thu, 30 Sep 2004 14:40:06 +0000 (+0000)
Subject: pass unescaped query string to Database::insert(), double escaping is not needed
X-Git-Tag: 1.5.0alpha1~1730
X-Git-Url: https://git.cyclocoop.org/admin/?a=commitdiff_plain;h=ce4cdc3469c2ab228f311e0b77b226b8e8e7ebeb;p=lhc%2Fweb%2Fwiklou.git

pass unescaped query string to Database::insert(), double escaping is not needed
---

diff --git a/includes/Profiling.php b/includes/Profiling.php
index 48129ec038..cf0cc4201d 100755
--- a/includes/Profiling.php
+++ b/includes/Profiling.php
@@ -179,11 +179,12 @@ class Profiler
 		$dbw =& wfGetDB( DB_MASTER );
 		$profiling = $dbw->tableName( 'profiling' );
 
-		$name = substr($dbw->strencode( $name ),0,255);
+		$name = substr($name,0,255);
+		$encname = $dbw->strencode($name);
 		$sql = "UPDATE $profiling ".
 			"SET pf_count=pf_count+{$eventCount}, ".
 			"pf_time=pf_time + {$timeSum} ".
-			"WHERE pf_name='{$name}'";
+			"WHERE pf_name='{$encname}'";
 		$dbw->query($sql);
 
 		$rc = $dbw->affectedRows();