-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sanitize user names on sql-sanitize. #6057
base: 13.x
Are you sure you want to change the base?
Conversation
Thanks! Ideally we add test coverage for this. We can probably add on tgo an existing test. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, hope it's ok I put down some thoughts.
|
||
// Updates usernames to the pattern user_%uid. | ||
$query | ||
->condition($uid_column, 0, '>') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That condition's already added further up.
->condition($uid_column, 0, '>') |
// Updates usernames to the pattern user_%uid. | ||
$query | ||
->condition($uid_column, 0, '>') | ||
->expression($name_column, "CONCAT('user_', $uid_column)"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking at the email code, it appears we'd need a different format for different DB drivers I think?
[$name_table, $name_column] = $this->getFieldTableDetails('user', 'name'); | ||
[$uid_table, $uid_column] = $this->getFieldTableDetails('user', 'uid'); | ||
assert($uid_table === $name_table); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FWIW to my mind this clashes a little with the existing style where the table and column names have been hardcoded. Not sure if that means it's better to stick with the current style or update the others personally (:
If we do keep it, I think we need to catch any exceptions, we don't want to explode the sanitize command as a whole.
At SWIS we use this patch for 100% of our projects since |
Fixes #4609