[AppDB] Make screen shots safe from SQL injection
Tony Lambregts
tony.lambregts at gmail.com
Tue Jun 27 07:16:50 CDT 2006
Chris Morgan wrote:
> On Monday 26 June 2006 11:38 pm, Tony Lambregts wrote:
>> Chris Morgan wrote:
>>> Yes, having quotes around limit values breaks sql queries. I'll
>>> incorporate this into the injection change patch.
>>>
>>> I'm curious as to why the rest of the patch is the same though. It
>>> will conflict when the other sql patch is applied.
>> What other sql patch? How will it conflict? I have broken your large patch
>> up in order to test it, since you refused to do it yourself. This is the
>> portion of the patch that I tested. I had to modify it a bit like I said
>> but the rest is yours and you get the credit.
>>
>> What do you plan on doing with this patch? Are you planning to wait until I
>> have tested all various parts of your big patch and then apply it all at
>> once?
>>
>> --
>>
>> Tony Lambregts
>
> As we've discussed before I'd rather we did a single full pass of manual
> testing than several full passes. It saves us time in that we don't have to
> test the same things repeatedly like we would have to do when making changes
> to things like classes that are used all over the code.
Your logic is flawed and only applies if the patch has no bugs. By breaking up
the patch into smaller pieces you save time in testing when there are problems.
>
> In any case I'm implementing unit tests for nearly every bug I find. I
> haven't thought of a good way to unit test page actions yet though.
>
I have no answer for that.
--
Tony Lambregts
More information about the wine-devel
mailing list