dépôts / lhc / web / wiklou.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1231395) | patch
SECURITY: quote booleans as string (not integer) in DatabaseMysqlBase
authorGergő Tisza <gtisza@wikimedia.org>
Thu, 6 Oct 2016 17:39:08 +0000 (17:39 +0000)
committerBrad Jorsch <bjorsch@wikimedia.org>
Tue, 11 Oct 2016 15:16:50 +0000 (11:16 -0400)
commit24a108b334f94c5f304c6e6be2ff34b096be027c
treece7468a6fa7ca8e9fed2aaee8c1bcebda84a0bb5tree | snapshot
parent12313956c58e88b98d4baf722464e09b4a351bf3commit | diff
SECURITY: quote booleans as string (not integer) in DatabaseMysqlBase

Comparing a string column to 0 will produce spurious matches, and it is easy
to get a false value in unexpected places. Comparing an int column to '0'
does not seem to cause any problems.

Bug: T147537
Change-Id: I5ad547de509b3417b5937be6bdda9befb8aed8b6
includes/libs/rdbms/database/DatabaseMysqlBase.php diff | blob | history
Wiklou, le Wiki du Wiklou