Changeset View
Changeset View
Standalone View
Standalone View
src/xsprintf/qsprintf.php
| Show First 20 Lines • Show All 173 Lines • ▼ Show 20 Lines | case 'L': // List of.. | ||||
| break; | break; | ||||
| case 'C': // ...columns. | case 'C': // ...columns. | ||||
| foreach ($value as $k => $v) { | foreach ($value as $k => $v) { | ||||
| $value[$k] = $escaper->escapeColumnName($v); | $value[$k] = $escaper->escapeColumnName($v); | ||||
| } | } | ||||
| $value = implode(', ', $value); | $value = implode(', ', $value); | ||||
| break; | break; | ||||
| case 'Q': | case 'Q': | ||||
| // TODO: Here, and in "%LO", "%LA", and "%LJ", we should eventually | |||||
Lint: TODO Comment: This comment has a TODO. | |||||
| // stop accepting strings. | |||||
| foreach ($value as $k => $v) { | foreach ($value as $k => $v) { | ||||
| if (is_string($v)) { | |||||
| continue; | |||||
| } | |||||
| $value[$k] = $v->getUnmaskedString(); | $value[$k] = $v->getUnmaskedString(); | ||||
| } | } | ||||
| $value = implode(', ', $value); | $value = implode(', ', $value); | ||||
| break; | break; | ||||
| case 'O': | case 'O': | ||||
| foreach ($value as $k => $v) { | foreach ($value as $k => $v) { | ||||
| if (is_string($v)) { | |||||
| continue; | |||||
| } | |||||
| $value[$k] = $v->getUnmaskedString(); | $value[$k] = $v->getUnmaskedString(); | ||||
| } | } | ||||
| $value = '(('.implode(') OR (', $value).'))'; | $value = '(('.implode(') OR (', $value).'))'; | ||||
| break; | break; | ||||
| case 'A': | case 'A': | ||||
| foreach ($value as $k => $v) { | foreach ($value as $k => $v) { | ||||
| if (is_string($v)) { | |||||
| continue; | |||||
| } | |||||
| $value[$k] = $v->getUnmaskedString(); | $value[$k] = $v->getUnmaskedString(); | ||||
| } | } | ||||
| $value = '(('.implode(') AND (', $value).'))'; | $value = '(('.implode(') AND (', $value).'))'; | ||||
| break; | break; | ||||
| case 'J': | case 'J': | ||||
| foreach ($value as $k => $v) { | foreach ($value as $k => $v) { | ||||
| if (is_string($v)) { | |||||
| continue; | |||||
| } | |||||
| $value[$k] = $v->getUnmaskedString(); | $value[$k] = $v->getUnmaskedString(); | ||||
| } | } | ||||
| $value = implode(' ', $value); | $value = implode(' ', $value); | ||||
| break; | break; | ||||
| default: | default: | ||||
| throw new XsprintfUnknownConversionException("%L{$next}"); | throw new XsprintfUnknownConversionException("%L{$next}"); | ||||
| } | } | ||||
| break; | break; | ||||
| ▲ Show 20 Lines • Show All 134 Lines • ▼ Show 20 Lines | |||||
| } | } | ||||
| function qsprintf_check_scalar_type($value, $type, $query) { | function qsprintf_check_scalar_type($value, $type, $query) { | ||||
| switch ($type) { | switch ($type) { | ||||
| case 'LQ': | case 'LQ': | ||||
| case 'LA': | case 'LA': | ||||
| case 'LO': | case 'LO': | ||||
| case 'LJ': | case 'LJ': | ||||
| // TODO: See T13217. Remove this eventually. | |||||
Lint: TODO Comment This comment has a TODO. Lint: TODO Comment: This comment has a TODO. | |||||
| if (is_string($value)) { | |||||
| phlog( | |||||
| pht( | |||||
| 'UNSAFE: Raw string ("%s") passed to query ("%s") subclause '. | |||||
| 'for "%%%s" conversion. Subclause conversions should be passed '. | |||||
| 'a list of PhutilQueryString objects.', | |||||
| $value, | |||||
| $query, | |||||
| $type)); | |||||
| break; | |||||
| } | |||||
| if (!($value instanceof PhutilQueryString)) { | if (!($value instanceof PhutilQueryString)) { | ||||
| throw new AphrontParameterQueryException( | throw new AphrontParameterQueryException( | ||||
| $query, | $query, | ||||
| pht( | pht( | ||||
| 'Expected a list of PhutilQueryString objects for %%%s '. | 'Expected a list of PhutilQueryString objects for %%%s '. | ||||
| 'conversion.', | 'conversion.', | ||||
| $type)); | $type)); | ||||
| } | } | ||||
| ▲ Show 20 Lines • Show All 81 Lines • Show Last 20 Lines | |||||
This comment has a TODO.