1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-22 23:02:42 +01:00

Clean up a few "%Q" stragglers in SVN repository browsing code

Summary: See <https://discourse.phabricator-community.org/t/unsafe-raw-string-warning-for-svn-in-diffusion/2469>.

Test Plan: Browed a Subversion repository in Diffusion. These are all reachable from the main landing page if the repository has commits/files, I think. Before change: errors in log; after change: no issues.

Reviewers: amckinley

Reviewed By: amckinley

Differential Revision: https://secure.phabricator.com/D20244
This commit is contained in:
epriestley 2019-03-02 06:13:58 -08:00
parent 9b0b50fbf4
commit 34e90d8f51
2 changed files with 15 additions and 9 deletions

View file

@ -368,9 +368,9 @@ final class DiffusionBrowseQueryConduitAPIMethod
}
if ($commit) {
$slice_clause = 'AND svnCommit <= '.(int)$commit;
$slice_clause = qsprintf($conn_r, 'AND svnCommit <= %d', $commit);
} else {
$slice_clause = '';
$slice_clause = qsprintf($conn_r, '');
}
$index = queryfx_all(
@ -439,9 +439,11 @@ final class DiffusionBrowseQueryConduitAPIMethod
$sql = array();
foreach ($index as $row) {
$sql[] =
'(pathID = '.(int)$row['pathID'].' AND '.
'svnCommit = '.(int)$row['maxCommit'].')';
$sql[] = qsprintf(
$conn_r,
'(pathID = %d AND svnCommit = %d)',
$row['pathID'],
$row['maxCommit']);
}
$browse = queryfx_all(

View file

@ -215,13 +215,17 @@ final class DiffusionHistoryQueryConduitAPIMethod
return array();
}
$filter_query = '';
$filter_query = qsprintf($conn_r, '');
if ($need_direct_changes) {
if ($need_child_changes) {
$type = DifferentialChangeType::TYPE_CHILD;
$filter_query = 'AND (isDirect = 1 OR changeType = '.$type.')';
$filter_query = qsprintf(
$conn_r,
'AND (isDirect = 1 OR changeType = %s)',
DifferentialChangeType::TYPE_CHILD);
} else {
$filter_query = 'AND (isDirect = 1)';
$filter_query = qsprintf(
$conn_r,
'AND (isDirect = 1)');
}
}