[Koha-bugs] [Bug 7977] Add a "Quote-of-the-day" feature to the OPAC homepage

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Thu May 10 21:50:40 CEST 2012


http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7977

--- Comment #50 from Chris Nighswonger <cnighswonger at foundations.edu> ---
(In reply to comment #48)
> QA Comment for Bug 7977: Quote-of-the-day (QOTD) Feature for OPAC
> 
> - backquotes exist in sql files (updatedatabase and kohastructure)

This is a non-issue since both of these files are DB specific and targeted for
MySQL. Backticks are not optional for MySQL since certain keywords used as
field/table names could cause problems. Its my opinion that those concerned
with porting to other DBs should construct files specific to those DB's until
such a time as we move to a DB agnostic interface. I think I mentioned this in
the commit message.

> - Debug javascript message is commited (console.log)
> - +    var sEmptyTable = _('No quotes available. Please use the \"Add
> Quote\" button to add a quote.');
> Why do you escaped double quote ?
> - html comments are commited (+<!--                       
> <th>Actions</th>-->)

These are leftovers from development. I'll submit a followup patch to remove
them.

> - you use new font family (+    font-family: "Georgia","Palatino","Times New
> Roman",sans-serif;). Currently, these fonts are not used in Koha. Isn't it
> better to use already used fonts ?

This was unintentional, where is it located?

> - +        my $like = " id LIKE \"%$filter%\" OR source LIKE \"%$filter%\"
> OR text LIKE \"%$filter%\" OR timestamp LIKE \"%$filter%\"";
> Why don't you use bind parameters to protect against SQL injection attacks ?

Good catch. I'll include this in the followup patch.

Thanks for the QA and the feedback!

-- 
You are receiving this mail because:
You are watching all bug changes.


More information about the Koha-bugs mailing list