claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
778 Commits 1 Branch 0 Tags
d06cba3977ee98bc9f5856034f2bc69a8ca196c1
Commit Graph

18 Commits

Author SHA1 Message Date
Chris Morgan
1366e5fba1 query_parameters() usage example and the rule that all variables should be passed as parameters 2006-07-04 06:19:06 +00:00
Chris Morgan
fad9278013 Stop using compile_update_string(). compile_update_string() can be passed a value that includes a character considered 
special by query_parameters().  We then use the output from compile_update_string() as a part of the first
parameter to query_parameters(), the format string.  Having extra special characters causes a token mismatch
and query_parameters() will reject the queries entirely.  Remove now unused compile_update_string().
 2006-07-04 03:43:06 +00:00
Chris Morgan
e3f9e5371a Use query_parameters() in SQL select, update and delete statements to protect against 
sql injection attacks
 2006-06-27 19:16:27 +00:00
Chris Morgan
f3c64ff48f Unit test for query_parameters(), fix bugs in query_parameters() found by the unit test 2006-06-27 16:39:40 +00:00
Chris Morgan
fb0f3b5dd3 Protect against sql injection attacks in sql INSERT statements 2006-06-24 04:20:32 +00:00
Chris Morgan
415ddb3654 Don't continue working on the bugzilla database if we were unable to connect to it 2005-08-01 20:53:44 +00:00
Paul van Schayck
ecbeaa4d21 * Make sure PHP really opens a new connection. 2005-01-14 16:05:14 +00:00
WineHQ
6b806b79e1 Authors: Jonathan Ernst <Jonathan@ernstfamily.ch>, Paul van Schayck <polleke@gmail.com>, Tony Lambregts <tony_lambregts@telusplanet.net> 
New preferences fix
 2005-01-14 05:28:58 +00:00
Tony Lambregts
2a153fec68 Fix user preferences screen 2005-01-13 05:37:52 +00:00
Chris Morgan
dd3993d6fa Replace other instance of mysql_pconnect() 2005-01-12 20:17:16 +00:00
Chris Morgan
cf8ddf6e49 Display the query when we display the query error. 2005-01-12 17:29:04 +00:00
WineHQ
80a8f4d937 Don't use mysql_pconnect() as we don't know when to close the database connection 2005-01-12 16:24:45 +00:00
Jonathan Ernst
d3ad0dba41 - replaced mysql_query() with query_appdb() 
- removed opendb()
- removed query_userdb()
- removed error handling from the code as it is done with query_appdb()
 2005-01-12 16:22:55 +00:00
Jonathan Ernst
bfd43bda12 - added an optional parameter to query_*() in order to show more 
informations about the error and to avoid to make the error handling in
the other scripts
- added query_bugzilladb to query bugzilla's db so we can get rid of the
last mysql_query in the code
- factorized duplicated code (query_error)
 2005-01-12 02:43:52 +00:00
Paul van Schayck
39870dc008 Add functions to compile a update or insert query 2004-12-29 18:42:34 +00:00
Jonathan Ernst
a81b132d83 - improved include/db.php 
- updated TODO regarding db queries
 2004-12-29 03:36:57 +00:00
Jonathan Ernst
d3d9e853d9 - replaced tons of tabs with spaces 
- replaced <? with <?php for compatibility sake (see TODO and CODING_STANDARD to know more)
- improved overall code lisibility
 2004-12-12 03:51:51 +00:00
Jeremy Newman
8f28ae10c4 Initial revision 2004-03-15 16:22:00 +00:00