Posted by hswong3i on August 12, 2007 at 5:11am
| Project: | Drupal core |
| Version: | 6.x-dev |
| Component: | database system |
| Category: | bug report |
| Priority: | critical |
| Assigned: | hswong3i |
| Status: | closed (fixed) |
Issue Summary
minor update about query format. P.S. we need to use db_query() correctly for cross database concern :)
| Attachment | Size | Status | Test result | Operations |
|---|---|---|---|---|
| drupal-6.x-dev-menu.module-0.1.diff | 3.62 KB | Ignored: Check issue status. | None | None |
Comments
#1
since both Oracle/DB2/MSSQL will preform A LOT OF reserved word rewrite handling to query BODY, this patch can greatly improve the ability of cross database compatibility. This is because all user input values are escaped, and will not capture by rewrite handling.
#2
minor update about %s, thanks for dmitrig01 :)
#3
#4
I see the general push to move literal stuff out of queries could help database compatibility, although fail to see in this case, what character might be infected by any DB escaping. Anyway, committed just to be in-line with this process.
#5
Gábor wrote : "I see the general push to move literal stuff out of queries could help database compatibility"
Actually this is not documented anywhere AFAIK, at least it is not documented in the module update handbook page (http://drupal.org/update/modules). With all these SQL-compatibility patches going into core we will have core ready, but you will hardly find any contributed module that will not break your site immediately ;)
#6
We'v discussed this in the installer issue (which AFAIR is not yet committed). This change in policy should definitely be documented.
#7
hmmm, this code may need to be cleaned up a little in addition - it assumes the 'navigation' menu- but that was written when we didn't allow the link to move outside of that.
#8