| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
|---|---|---|---|---|---|---|---|---|---|
| 0000083 | Branch 0.2.1-FINAL | Feature Request | public | 2009-02-19 17:27 | 2016-11-23 11:04 | ||||
| Reporter | Quix0r | ||||||||
| Assigned To | Quix0r | ||||||||
| Priority | low | Severity | feature | Reproducibility | N/A | ||||
| Status | closed | Resolution | fixed | ||||||
| Platform | PHP5-Latest | OS | Linux | OS Version | 2.6 | ||||
| Product Version | 0.2.1-FINAL | ||||||||
| Target Version | 0.2.1-FINAL | Fixed in Version | 0.2.1-FINAL | ||||||
| Summary | 0000083: Verbesserungen an den SQL-Abfragen | ||||||||
| Description | Die SQL-Abfragen sollten wie folgt verbessert werden: - Alle Tabellennamen und -spalten in Backticks (` nicht ') einschliessen - Die Konstante _MYSQL_PREFIX von "._MYSQL_PREFIX." auf {?_MYSQL_PREFIX?} umstellen, damit PHP zur Parserzeit Resourcen sparen kann (weniger Konstanten verarbeitet). | ||||||||
| Tags | No tags attached. | ||||||||
| Attached Files |
| ||||||||
 Relationships [ Relation Graph ]
[ Dependency Graph ]
|
||||||
|
||||||
 Relationships |
| Notes |
|
|
Quix0r (administrator) 2009-02-19 19:29 |
Soweit sind mit dem naechsten Commit alle Tabellennamen in Back-Ticks und die Konstante _MYSQL_PREFIX ist in {! und !} eingebunden. |
|
Quix0r (administrator) 2010-06-28 04:36 |
{!FOO!} (Konstanten einbinden) wird nicht mehr unterstuetzt! |
|
Quix0r (administrator) 2012-06-06 14:02 |
Das sollte komplett erledigt sein. Bitte zum Einbinden der Daten SQL_QUERY_ESC() und eine Maske verwenden, nicht SQL_QUERY() und einfach mit einem Punkt oder Plus-Zeichen den Query zusammenbauen, da dies sehr unsicher (SQL-Injektionen) ist. |
|
Quix0r (administrator) 2016-11-23 11:04 |
Und zu damit. |
| Notes |
| Issue History |
|||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2009-02-19 17:27 | Quix0r | New Issue | |
| 2009-02-19 17:28 | Quix0r | Assigned To | => Quix0r |
| 2009-02-19 17:28 | Quix0r | Status | new => assigned |
| 2009-02-19 17:28 | Quix0r | Projection | none => tweak |
| 2009-02-19 17:28 | Quix0r | ETA | none => < 1 day |
| 2009-02-19 17:28 | Quix0r | Fixed in Version | => 0.2.1-FINAL |
| 2009-02-19 17:28 | Quix0r | Description Updated | |
| 2009-02-19 19:29 | Quix0r | Note Added: 0000210 | |
| 2009-02-19 22:44 |
|
Relationship added | child of 0000084 |
| 2009-03-02 16:32 | Quix0r | Sticky Issue | No => Yes |
| 2009-08-06 16:03 | Quix0r | Product Version | 0.2.1-FINAL => |
| 2009-08-06 16:03 | Quix0r | Fixed in Version | 0.2.1-FINAL => |
| 2009-10-11 01:25 | Quix0r | Relationship deleted | child of 0000084 |
| 2009-10-11 01:26 | Quix0r | Relationship added | parent of 0000084 |
| 2009-11-25 22:56 | Quix0r | Fixed in Version | => 0.2.1-FINAL |
| 2010-05-28 18:50 | Quix0r | Product Version | => 0.2.1-FINAL |
| 2010-06-08 03:45 | Quix0r | Fixed in Version | 0.2.1-FINAL => |
| 2010-06-28 04:36 | Quix0r | Note Added: 0000470 | |
| 2010-06-28 04:36 | Quix0r | Description Updated | View Revisions |
| 2012-06-06 14:02 | Quix0r | Note Added: 0000548 | |
| 2012-06-06 14:02 | Quix0r | Status | assigned => resolved |
| 2012-06-06 14:02 | Quix0r | Fixed in Version | => 0.2.1-FINAL |
| 2012-06-06 14:02 | Quix0r | Resolution | open => fixed |
| 2016-11-23 11:04 | Quix0r | Status | resolved => closed |
| 2016-11-23 11:04 | Quix0r | Note Added: 0000647 | |
| Issue History |