Download & Extend
Voting API » Issues

calling votingapi_select_single_result_value with no criteria makes it easy to shoot self in foot

Posted by greggles on September 29, 2009 at 12:02pm
Project:Voting API
Version:6.x-2.x-dev
Component:Code
Category:task
Priority:normal
Assigned:Unassigned
Status:closed (fixed)

Issue Summary

If you call that with no criteria then votingAPI will graciously return all the rows in the table to you and use PHP to select the top one.

I'm not sure exactly how, but we should ideally make that not happen :)

Login or register to post comments

Comments

#1

Posted by greggles on September 29, 2009 at 1:53pm
Status:active» needs review

_votingapi_select allows a $limit to be specified.

My suggestion is that we use the $limit parameter of votingapi_select_results which gets passed along to _votingapi_select so that votingapi_select_single_result_value will only select a single value.

AttachmentSize
591044_votingapi_single_result_really_single.patch 889 bytes

#2

Posted by greggles on August 27, 2010 at 3:24pm

I just ran into this again. The patch still applies cleanly to 6.x-2.x.

#3

Posted by eaton on October 9, 2010 at 2:24am
Status:needs review» fixed

I've applied this to the D7 branch and will backport to D6. Thanks!

#4

Posted by greggles on October 9, 2010 at 4:23pm
Status:fixed» patch (to be ported)

Awesome, thanks!

For my own tracking I'd like to keep this in an open state until it's in the 6.x branch.

#5

Posted by eaton on October 10, 2010 at 1:09am
Status:patch (to be ported)» closed (fixed)

Committed to the 6.x branch -- I still need to do some testing to ensure none of the backported code causes problems. Once I'm comfortable with that I'll roll a new 6.x release. Thanks again!