Opened 4 years ago
Closed 3 years ago
#13638 closed Patch - Bug Fix (Duplicate)
mythweb notice/warning/deprecated patches
| Reported by: | jpasher-lazor | Owned by: | Stuart Auchterlonie |
|---|---|---|---|
| Priority: | minor | Milestone: | 32.0 |
| Component: | Plugin - MythWeb | Version: | Master Head |
| Severity: | medium | Keywords: | |
| Cc: | Ticket locked: | no |
Description
Attached is the first round of patches I first referenced on the forums (https://forum.mythtv.org/viewtopic.php?f=2&t=3865). The intention is to clear up all of the PHP notices/warnings to make compatibility changes for future PHP versions easier to find. Right now, mythweb runs with an error_reporting() level that hides some potential flaws, along with things that may change from notices/deprecation warnings to errors in future PHP versions. I've only done patches for the default theme to give people an idea of what these changes entail. Obviously with this many changes, maintaining backwards compatibility with the supported -fixes branches can be a bit tricky, so I wanted to gauge expectations on these changes.
I've also attached a few patches for the PHP bindings under the mythtv branch itself.
A notice about the "odd" looking patch in modules/music/mp3act_functions.php where I removed the $db->escape() wrapper. That method automatically adds quotes to the result, which means that when $pl['playlist_songs'] has more than one ID in its comma separated list, it becomes something like "... IN ('1234,4567')", which is wrong. Since I don't see an escape() function that doesn't add the single quotes and the column should only contain numbers or commas, we simply strip anything else to avoid SQL injection.
Attachments (2)
Change History (3)
Changed 4 years ago by
| Attachment: | bindings.patch added |
|---|
comment:1 Changed 3 years ago by
| Milestone: | needs_triage → 32.0 |
|---|---|
| Resolution: | → Duplicate |
| Status: | new → closed |
Moved to Github Issue 37 https://github.com/MythTV/mythweb/issues/37
mythtv PHP bindings patch