On Sep 24, 2004, at 8:00 AM, Magnus Manske wrote:
Completely ignoring the progress on the according meta
page, I went
ahead and created a database feature for the wiki.
Magnus, *please* don't forget to escape strings before putting them in
HTML output or SQL commands.
Also, please remember to use $wgRequest rather than $_REQUEST and
$_POST directly; this is meant to:
a) provide some limited basic validation
b) provide for default values if the item is not set
c) perform some character conversion when necessary
d) validate and normalize UTF-8 text input
e) allow for wrapping requests in a way that can be tested or
sub-requested easily without messing with on fifty separate globals
Additionally there's no need to specify MyISAM as the table type if
there's not a fulltext index. Better to use the default (which may not
be MyISAM).
-- brion vibber (brion @
pobox.com)