do not generate invalid SQL when called with a not-so valid array

This commit is contained in:
Christian Weiske 2011-03-25 08:00:32 +01:00
parent e667feb0ca
commit d6e99db40d
2 changed files with 21 additions and 2 deletions

View file

@ -571,8 +571,10 @@ class SemanticScuttle_Service_Bookmark2Tag extends SemanticScuttle_DbService
} else if (is_array($user)) { } else if (is_array($user)) {
$query .= ' (1 = 0'; //tricks $query .= ' (1 = 0'; //tricks
foreach ($user as $u) { foreach ($user as $u) {
$query .= ' OR B.uId = ' . $this->db->sql_escape($u) if (is_numeric($u)) {
. ' AND B.bId = T.bId'; $query .= ' OR B.uId = ' . $this->db->sql_escape($u)
. ' AND B.bId = T.bId';
}
} }
$query .= ' )' . $privacy; $query .= ' )' . $privacy;
} else { } else {

View file

@ -426,6 +426,23 @@ class Bookmark2TagTest extends TestBase
/**
* This may happen when the method is called with a problematic user array.
* In that case we may not generate invalid SQL or so.
*
* @covers SemanticScuttle_Service_Bookmark2Tag::getPopularTags
*/
public function testGetPopularTagsUserArrayWithNull()
{
$user1 = $this->addUser();
$this->addTagBookmark($user1, array('one'));
$arTags = $this->b2ts->getPopularTags(array(null));
$this->assertEquals(0, count($arTags));
}
/** /**
* @covers SemanticScuttle_Service_Bookmark2Tag::getPopularTags * @covers SemanticScuttle_Service_Bookmark2Tag::getPopularTags
*/ */