sharpetronics/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-11-03 00:05:22 -05:00
Code Issues Projects Releases Wiki Activity

Try to make the SQL queries cleaner and more secure

Browse Source
This commit is contained in:
Thomas Boerger 2016-03-27 22:54:31 +02:00
parent ac53bb593d
commit 79a1bfd963
1 changed files with 2 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
models/issue.go
View File

@ -5,7 +5,6 @@
package models package models
import ( import (
"bytes"
"errors" "errors"
"fmt" "fmt"
"io" "io"
@ -513,7 +512,7 @@ func Issues(opts *IssuesOptions) ([]*Issue, error) {
if len(opts.RepoIDs) == 0 { if len(opts.RepoIDs) == 0 {
return make([]*Issue, 0), nil return make([]*Issue, 0), nil
} }
sess.Where("issue.repo_id IN ("+strings.Join(base.Int64sToStrings(opts.RepoIDs), ",")+")").And("issue.is_closed=?", opts.IsClosed) sess.In("issue.repo_id", base.Int64sToStrings(opts.RepoIDs)).And("issue.is_closed=?", opts.IsClosed)
} else { } else {
sess.Where("issue.is_closed=?", opts.IsClosed) sess.Where("issue.is_closed=?", opts.IsClosed)
} }
@ -684,18 +683,8 @@ func GetIssueUserPairsByRepoIds(rids []int64, isClosed bool, page int) ([]*Issue
return []*IssueUser{}, nil return []*IssueUser{}, nil
} }
buf := bytes.NewBufferString("")
for _, rid := range rids {
buf.WriteString("repo_id=")
buf.WriteString(com.ToStr(rid))
buf.WriteString(" OR ")
}
cond := strings.TrimSuffix(buf.String(), " OR ")
ius := make([]*IssueUser, 0, 10) ius := make([]*IssueUser, 0, 10)
sess := x.Limit(20, (page-1)*20).Where("is_closed=?", isClosed) sess := x.Limit(20, (page-1)*20).Where("is_closed=?", isClosed).In("repo_id", rids)
if len(cond) > 0 {
sess.And(cond)
}
err := sess.Find(&ius) err := sess.Find(&ius)
return ius, err return ius, err
} }