New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Better document unsafe inputs in the QueryBuilder. #11176

Merged
merged 1 commit into from Sep 14, 2017

Conversation

Projects
None yet
4 participants
@markstory
Member

markstory commented Sep 13, 2017

Better document which methods are not safe for untrusted data.

Refs #11148

Better document unsafe inputs in the QueryBuilder.
Better document which methods are not safe for untrusted data.

Refs #11148

@markstory markstory added the database label Sep 13, 2017

@markstory markstory added this to the 3.5.3 milestone Sep 13, 2017

@codecov-io

This comment has been minimized.

Show comment
Hide comment
@codecov-io

codecov-io Sep 13, 2017

Codecov Report

Merging #11176 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##             master   #11176   +/-   ##
=========================================
  Coverage     93.15%   93.15%           
  Complexity    12978    12978           
=========================================
  Files           437      437           
  Lines         33619    33619           
=========================================
  Hits          31317    31317           
  Misses         2302     2302
Impacted Files Coverage Δ Complexity Δ
src/Database/Query.php 95.4% <ø> (ø) 160 <0> (ø) ⬇️
src/Cache/Engine/FileEngine.php 89.07% <0%> (-1.1%) 73% <0%> (ø)
src/Cache/CacheEngine.php 93.61% <0%> (+4.25%) 19% <0%> (ø) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6829ddd...b2b45af. Read the comment docs.

codecov-io commented Sep 13, 2017

Codecov Report

Merging #11176 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##             master   #11176   +/-   ##
=========================================
  Coverage     93.15%   93.15%           
  Complexity    12978    12978           
=========================================
  Files           437      437           
  Lines         33619    33619           
=========================================
  Hits          31317    31317           
  Misses         2302     2302
Impacted Files Coverage Δ Complexity Δ
src/Database/Query.php 95.4% <ø> (ø) 160 <0> (ø) ⬇️
src/Cache/Engine/FileEngine.php 89.07% <0%> (-1.1%) 73% <0%> (ø)
src/Cache/CacheEngine.php 93.61% <0%> (+4.25%) 19% <0%> (ø) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6829ddd...b2b45af. Read the comment docs.

@@ -1076,6 +1082,9 @@ public function order($fields, $overwrite = false)
* This method allows you to set complex expressions
* as order conditions unlike order()
*
* Order fields are not suitable for use with user supplied data as they are

This comment has been minimized.

@saeideng

saeideng Sep 13, 2017

Member

plain text or text in note box(warning,..) for these notes?

@saeideng

saeideng Sep 13, 2017

Member

plain text or text in note box(warning,..) for these notes?

This comment has been minimized.

@lorenzo

lorenzo Sep 13, 2017

Member

Is it possible to make a box here?

@lorenzo

lorenzo Sep 13, 2017

Member

Is it possible to make a box here?

This comment has been minimized.

@markstory

markstory Sep 13, 2017

Member

I don't think so unless we start embedding HTML in docblocks.

@markstory

markstory Sep 13, 2017

Member

I don't think so unless we start embedding HTML in docblocks.

This comment has been minimized.

@saeideng

saeideng Sep 13, 2017

Member

oh, I forgot this repo is for core not docs ,i'm sorry :)

@saeideng

saeideng Sep 13, 2017

Member

oh, I forgot this repo is for core not docs ,i'm sorry :)

@markstory markstory merged commit 8262b4d into master Sep 14, 2017

6 checks passed

codecov/patch Coverage not affected when comparing 6829ddd...b2b45af
Details
codecov/project 93.15% remains the same compared to 6829ddd
Details
continuous-integration/appveyor/pr AppVeyor build succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details
stickler-ci No lint errors found.

@markstory markstory deleted the issue-11148 branch Sep 14, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment