summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Weiske <cweiske@cweiske.de>2011-03-25 08:00:32 +0100
committerChristian Weiske <cweiske@cweiske.de>2011-03-25 08:00:32 +0100
commitd6e99db40dc88de1782099b30941075ebc8dfa97 (patch)
treeda9234cc3edf8bcb812cc451902afbf7794f5576
parente667feb0ca9ff30a063149a2ce20b3398585dd4f (diff)
downloadsemanticscuttle-d6e99db40dc88de1782099b30941075ebc8dfa97.tar.gz
semanticscuttle-d6e99db40dc88de1782099b30941075ebc8dfa97.tar.bz2
do not generate invalid SQL when called with a not-so valid array
-rw-r--r--src/SemanticScuttle/Service/Bookmark2Tag.php6
-rw-r--r--tests/Bookmark2TagTest.php17
2 files changed, 21 insertions, 2 deletions
diff --git a/src/SemanticScuttle/Service/Bookmark2Tag.php b/src/SemanticScuttle/Service/Bookmark2Tag.php
index 1dc0ffe..a10cb61 100644
--- a/src/SemanticScuttle/Service/Bookmark2Tag.php
+++ b/src/SemanticScuttle/Service/Bookmark2Tag.php
@@ -571,8 +571,10 @@ class SemanticScuttle_Service_Bookmark2Tag extends SemanticScuttle_DbService
} else if (is_array($user)) {
$query .= ' (1 = 0'; //tricks
foreach ($user as $u) {
- $query .= ' OR B.uId = ' . $this->db->sql_escape($u)
- . ' AND B.bId = T.bId';
+ if (is_numeric($u)) {
+ $query .= ' OR B.uId = ' . $this->db->sql_escape($u)
+ . ' AND B.bId = T.bId';
+ }
}
$query .= ' )' . $privacy;
} else {
diff --git a/tests/Bookmark2TagTest.php b/tests/Bookmark2TagTest.php
index ffd83c3..fff4222 100644
--- a/tests/Bookmark2TagTest.php
+++ b/tests/Bookmark2TagTest.php
@@ -427,6 +427,23 @@ class Bookmark2TagTest extends TestBase
/**
+ * This may happen when the method is called with a problematic user array.
+ * In that case we may not generate invalid SQL or so.
+ *
+ * @covers SemanticScuttle_Service_Bookmark2Tag::getPopularTags
+ */
+ public function testGetPopularTagsUserArrayWithNull()
+ {
+ $user1 = $this->addUser();
+ $this->addTagBookmark($user1, array('one'));
+
+ $arTags = $this->b2ts->getPopularTags(array(null));
+ $this->assertEquals(0, count($arTags));
+ }
+
+
+
+ /**
* @covers SemanticScuttle_Service_Bookmark2Tag::getPopularTags
*/
public function testGetPopularTagsPublicOnlyNoUser()