[AppDB] Make screen shots safe from SQL injection
cmorgan at alum.wpi.edu
Mon Jun 26 22:47:47 CDT 2006
On Monday 26 June 2006 11:38 pm, Tony Lambregts wrote:
> Chris Morgan wrote:
> > Yes, having quotes around limit values breaks sql queries. I'll
> > incorporate this into the injection change patch.
> > I'm curious as to why the rest of the patch is the same though. It
> > will conflict when the other sql patch is applied.
> What other sql patch? How will it conflict? I have broken your large patch
> up in order to test it, since you refused to do it yourself. This is the
> portion of the patch that I tested. I had to modify it a bit like I said
> but the rest is yours and you get the credit.
> What do you plan on doing with this patch? Are you planning to wait until I
> have tested all various parts of your big patch and then apply it all at
> Tony Lambregts
As we've discussed before I'd rather we did a single full pass of manual
testing than several full passes. It saves us time in that we don't have to
test the same things repeatedly like we would have to do when making changes
to things like classes that are used all over the code.
In any case I'm implementing unit tests for nearly every bug I find. I
haven't thought of a good way to unit test page actions yet though.
More information about the wine-devel