[Koha-bugs] [Bug 7977] Add a "Quote-of-the-day" feature to the OPAC homepage
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu May 10 21:50:40 CEST 2012
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7977
--- Comment #50 from Chris Nighswonger <cnighswonger at foundations.edu> ---
(In reply to comment #48)
> QA Comment for Bug 7977: Quote-of-the-day (QOTD) Feature for OPAC
>
> - backquotes exist in sql files (updatedatabase and kohastructure)
This is a non-issue since both of these files are DB specific and targeted for
MySQL. Backticks are not optional for MySQL since certain keywords used as
field/table names could cause problems. Its my opinion that those concerned
with porting to other DBs should construct files specific to those DB's until
such a time as we move to a DB agnostic interface. I think I mentioned this in
the commit message.
> - Debug javascript message is commited (console.log)
> - + var sEmptyTable = _('No quotes available. Please use the \"Add
> Quote\" button to add a quote.');
> Why do you escaped double quote ?
> - html comments are commited (+<!--
> <th>Actions</th>-->)
These are leftovers from development. I'll submit a followup patch to remove
them.
> - you use new font family (+ font-family: "Georgia","Palatino","Times New
> Roman",sans-serif;). Currently, these fonts are not used in Koha. Isn't it
> better to use already used fonts ?
This was unintentional, where is it located?
> - + my $like = " id LIKE \"%$filter%\" OR source LIKE \"%$filter%\"
> OR text LIKE \"%$filter%\" OR timestamp LIKE \"%$filter%\"";
> Why don't you use bind parameters to protect against SQL injection attacks ?
Good catch. I'll include this in the followup patch.
Thanks for the QA and the feedback!
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list