[AppDB] Problem with xinha, compile_update_string() and query_parameters()

Chris Morgan cmorgan at alum.wpi.edu
Mon Jul 3 21:14:23 CDT 2006 

We'll want to remove ALL uses of compile_update_string() and 
compile_insert_string().  I'll take care of this since there are 9 or 10 
other instances of it.

Chris


On Sunday 02 July 2006 5:08 pm, Tony Lambregts wrote:
> Chris Morgan wrote:
> > Is this the case when inserting data from a xinha editor into the
> > database?  Is this being seen only in application related data?
> >
> > Sorry for the time you've spent investigating this, it only took a
> > moment for me to realize what the problem was after knowing the
> > symptoms.  I should have caught this earlier.
> >
> > I'm pretty sure this is an easy fix of simply not using
> > compile_update_string() or compile_insert_string().  If you look at
> > the use of these functions you'll see something like:
> >
> > $sBlah = compile_insert(update)_string(...);
> >
> > query_parameters("update/insert ".$sBlah." where '?' ...", a, b, c);
> >
> > The problem is that $sBlah contains characters that are special to
> > query_parameters() like '~', '?', '&'.  Because we incorrectly put
> > $sBlah into the format portion of query_parameters(), we insert these
> > special characters into the format parameter of query_parameters().
> >
> > So, the fix is quite simple, stop using compile_insert_string() and
> > compile_update_string() and let query_parameters() do the work.  This
> > way we can be sure that we won't be inserting strings with special
> > formatting characters into the format portion of the
> > query_parameters() call.
> >
> > I'll take care of fixing this as soon as I get back home.
> >
> > Chris
>
> I was not really comfortable with that solution. compile_update_string was
> very nice for aligning the field with the value so it looked very clean.
> The trouble with doing it this way is that it is more prone to errors but
> if you say that is OK with  you then I suppose it will do for me too.
>
>
>
> Change Log: Fix crash in updateing xinha fields.
>
> Files changed: include/testResults.php

More information about the wine-devel mailing list