[aur-dev] [PATCH 2/4] test return value from db_query before assuming it is valid

Lukas Fleischer archlinux at cryptocrack.de
Wed May 11 20:09:58 EDT 2011


On Wed, May 11, 2011 at 04:17:12PM -0700, elij wrote:
> make the sql query form consistent in usage by cleaning up
> instances where db_query's result was not inspected before
> attempting to fetch row data from the handle
> ---
>  web/html/addvote.php          |   16 +++++++++-
>  web/html/tu.php               |   17 +++++++++--
>  web/lib/acctfuncs.inc         |   59 ++++++++++++++++++++++++----------------
>  web/lib/aur.inc               |    8 ++++-
>  web/lib/pkgfuncs.inc          |   43 +++++++++++++++++++++---------
>  web/template/actions_form.php |   52 ++++++++++++++++++++----------------
>  web/template/tu_list.php      |    8 +++++-
>  7 files changed, 135 insertions(+), 68 deletions(-)
> 

Looks quite ok now. Which method did you use to spot these
inconsistencies? Skimming through the source code it seems that there
are some more query results that should be validated, like the "SELECT"
one in "web/html/pkgsubmit.php".


More information about the aur-dev mailing list