aliens/SemanticScuttle
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

do not generate invalid SQL when called with a not-so valid array

Browse source
This commit is contained in:
Christian Weiske 2011-03-25 08:00:32 +01:00
parent e667feb0ca
commit d6e99db40d
2 changed files with 21 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/SemanticScuttle/Service/Bookmark2Tag.php
View file

@ -571,9 +571,11 @@ class SemanticScuttle_Service_Bookmark2Tag extends SemanticScuttle_DbService
} else if (is_array($user)) { } else if (is_array($user)) {
$query .= ' (1 = 0'; //tricks $query .= ' (1 = 0'; //tricks
foreach ($user as $u) { foreach ($user as $u) {
if (is_numeric($u)) {
$query .= ' OR B.uId = ' . $this->db->sql_escape($u) $query .= ' OR B.uId = ' . $this->db->sql_escape($u)
. ' AND B.bId = T.bId'; . ' AND B.bId = T.bId';
} }
}
$query .= ' )' . $privacy; $query .= ' )' . $privacy;
} else { } else {
$query .= ' B.uId = ' . $this->db->sql_escape($user) $query .= ' B.uId = ' . $this->db->sql_escape($user)

17
tests/Bookmark2TagTest.php
View file

@ -426,6 +426,23 @@ class Bookmark2TagTest extends TestBase
/**
* This may happen when the method is called with a problematic user array.
* In that case we may not generate invalid SQL or so.
*
* @covers SemanticScuttle_Service_Bookmark2Tag::getPopularTags
*/
public function testGetPopularTagsUserArrayWithNull()
{
$user1 = $this->addUser();
$this->addTagBookmark($user1, array('one'));
$arTags = $this->b2ts->getPopularTags(array(null));
$this->assertEquals(0, count($arTags));
}
/** /**
* @covers SemanticScuttle_Service_Bookmark2Tag::getPopularTags * @covers SemanticScuttle_Service_Bookmark2Tag::getPopularTags
*/ */