[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-hackers-public] (no subject)
From: |
Sylvain Beucler |
Subject: |
Re: [Savannah-hackers-public] (no subject) |
Date: |
Sat, 3 May 2008 14:38:19 +0200 |
User-agent: |
Mutt/1.5.17+20080114 (2008-01-14) |
Hi,
This is better.
I have a lot of small purely technical comments :)
- I do like attached diff :)
- Your diff was reversed (changes from your version back to Savane,
instead of the changes from Savane to your version). The best way to
produce a diff is to download the source using git, modify the
source in it, and type 'git diff' without options, which shows
everything you changes since you downloaded the source. Use 'git
diff > yourfile.patch' to save it. The produced diff can be applied
automatically using 'patch -p1 < yourfile.patch'.
- Try to avoid introducing spaces or newlines (you can inspect the
diff and remove them before sending it), so those small differences
don't appear in the diff and distrub the reader.
- You modified a function that sends headers. But now the function
sends both the results headers and the exact results, so this is
confusing. Maybe search_exact() needs to be called from
frontend/php/search/index.php, rather than from
search_send_header().
- db_execute has a second argument, which is an array of values to
include in the query (it replaces "?"s) and properly escape (to
avoid SQL injections). You need to use it to properly escape
$keywords (check ./include/trackers_run/browse.php:505 for an
example with the SQL 'IN' keyword). This is necessary for security,
otherwise people may add malicious SQL code in $keywords.
> > Sure, but this pretty off-topic, don't you think? :)
>
> Now, I don't have to drop my e-mail hitch hikers, do I?
This shows that you don't control your mail. Be a real man and use
SMTP ;)
--
Sylvain