-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
nad(a)svn.wikimedia.org wrote:
Add SQLite database class
Cool! :D
Couple notes after a quick pass over it...
+ if ("$wgSQLiteDataDir" ==
'') $wgSQLiteDataDir =
dirname($_SERVER['DOCUMENT_ROOT']).'/data';
+ if (!is_dir($wgSQLiteDataDir)) mkdir($wgSQLiteDataDir,0700);
This default sounds a bit insecure, as the raw database files would be
exposed to the web unless PHP's running as a different user from the
static web server.
That means deleted data, user email-addresses, password hashes, etc
would be exposed to download.
+ /**
+ * Use MySQL's naming (accounts for prefix etc) but remove surrounding backticks
+ */
+ function tableName($name) {
+ $t = parent::tableName($name);
+ if (!empty($t)) $t = substr($t,1,-1);
I believe this will produce bad output for anything using an explicit
DB, eg `dbname`.`prefix_table`.
Dunno whether that'd actually work here anyway, though. :)
I'd say something like what the other 2 database classes use for
tableName should be what is used.
- -- brion vibber (brion @
wikimedia.org)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org
iEYEARECAAYFAkgiQRsACgkQwRnhpk1wk45EZQCg0OKYyarZJ7lTXgqn28W9/YHU
4ZQAniCaE+x+dNhh6E8kV+sIj2LsKv9u
=Wd1O
-----END PGP SIGNATURE-----
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l