Last modified: 2014-06-23 16:06:58 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T52114, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 50114 - MySQL database updates do not enclose field names in back ticks(`) causing fields to be dropped with reserved words.
MySQL database updates do not enclose field names in back ticks(`) causing fi...
Status: UNCONFIRMED
Product: MediaWiki
Classification: Unclassified
Database (Other open bugs)
1.21.x
All All
: Low normal (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-06-24 16:39 UTC by Alexia E. Smith
Modified: 2014-06-23 16:06 UTC (History)
2 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Alexia E. Smith 2013-06-24 16:39:42 UTC 
If the group MySQL key word or other reserved key words are in the values array to update a row it either is silently ignored by MySQL or causes a database error.  This is due to the makeList() function not enclosing field names in back ticks(`).

$this->DB->update(
	'example_table',
	array('group' => 1),
	array('example_id' => 100),
	__METHOD__
);

Generated SQL: "UPDATE example_table SET group = 1 WHERE example_id = 100;"

Solution: Field names need to be enclosed in back ticks.

Suggested code change: Use the provided addIdentifierQuotes() function on field names in the makeList() function.
Comment 1 Sam Reed (reedy) 2013-06-25 15:58:37 UTC 
Certainly in MediaWiki core, I don't believe this is much of a problem. I have seen issues with the Bugzilla extension to this extent..
Comment 2 Alexia E. Smith 2013-06-25 16:50:40 UTC 
Yeah, I have not seen this issue occur in the Mediawiki core with any queries.  I solved the issue temporarily on our wikis by putting in a drop in replacement database driver that does back ticks all field names by default.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links