revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-23 23:32:40 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/infrastructure/query
History
epriestley 9dc114d115 Make formatOrderClause() safer 
Summary:
Ref T7803. Instead of trusting subqueries to provide safe values, escape them explicitly.

(We'll probably have a few cases somewhere where this doesn't work, but can make them the exception rather than the rule.)

Test Plan: Issued all "order" queries in Diffusion.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7803

Differential Revision: https://secure.phabricator.com/D12351
2015-04-13 11:58:13 -07:00
..
policy Make formatOrderClause() safer 2015-04-13 11:58:13 -07:00
PhabricatorEmptyQueryException.php Apply some autofix linter rules 2014-09-10 06:55:05 +10:00
PhabricatorOffsetPagedQuery.php Delete license headers from files 2012-11-05 11:16:51 -08:00
PhabricatorQuery.php Delete license headers from files 2012-11-05 11:16:51 -08:00