-
- Downloads
- Patch #9478 by JonBob: allow printf-style arguments in pager_query. Currently pager_query() is the black sheep of the database query family, because it does not allow for printf-style arguments to be inserted in the query. This is a problem because it introduces developer confusion when moving from an unpaged query to a paged one, and it encourages substitution of variables directly into the query, which can bypass our check_query() security feature. This patch adds this ability to pager_query(). The change is backwards-compatible, but a couple calls to the function in core have been changed to use the new capability.
Showing
- MAINTAINERS.txt 9 additions, 5 deletionsMAINTAINERS.txt
- includes/pager.inc 12 additions, 8 deletionsincludes/pager.inc
- modules/blog.module 1 addition, 1 deletionmodules/blog.module
- modules/blog/blog.module 1 addition, 1 deletionmodules/blog/blog.module
- modules/profile.module 1 addition, 1 deletionmodules/profile.module
- modules/profile/profile.module 1 addition, 1 deletionmodules/profile/profile.module
- modules/tracker.module 1 addition, 3 deletionsmodules/tracker.module
- modules/tracker/tracker.module 1 addition, 3 deletionsmodules/tracker/tracker.module
Loading
Please register or sign in to comment