Home

Code review (search)

Coder found 1 projects, 2 files
Coder provides helpful hints without false positives, but offers no guarantee for creating good code. You are the final arbitrar. If in doubt, read the Drupal documentation (see review links below and api.drupal.org).
Use the Selection Form to select options for this code review, or change the Default Settings and use the Default tab above.
modules/search/search.module

search.module

  • severity: criticalclick to read moreLine 852: In SQL strings, Use db_query() placeholders in place of variables. This is a protential source of SQL injection attacks when the variable can come from user data. (Drupal Docs)
      $result = db_query_temporary("SELECT i.type, i.sid, SUM(i.score * t.count) AS relevance, COUNT(*) AS matches FROM {search_index} i INNER JOIN {search_total} t ON i.word = t.word $join1 WHERE $conditions GROUP BY i.type, i.sid HAVING COUNT(*) >= %d", $arguments, 'temp_search_sids');
    Explanation: Use %s and %d variable substitution. When inserting an array of values use $placeholders = implode(',', array_fill(0, count($args), "'%s'"));
  • severity: criticalLine 855: table names should be enclosed in {curly_brackets}
      $normalize = db_result(db_query('SELECT MAX(relevance) FROM temp_search_sids'));
  • severity: criticalLine 864: table names should be enclosed in {curly_brackets}
      $result = db_query_temporary("SELECT i.type, i.sid, $select2 FROM temp_search_sids i INNER JOIN {search_dataset} d ON i.sid = d.sid AND i.type = d.type $join2 WHERE $conditions $sort_parameters", $arguments, 'temp_search_results');
  • severity: criticalLine 865: table names should be enclosed in {curly_brackets}
      if (($count = db_result(db_query('SELECT COUNT(*) FROM temp_search_results'))) == 0) {
  • severity: criticalLine 871: table names should be enclosed in {curly_brackets}
      $result = pager_query("SELECT * FROM temp_search_results", 10, 0, $count_query);
  • severity: normalLine 1197: string concatenation should be formatted with a space separating the operators (dot .) and non-quote terms
      $text = (isset($newranges[0]) ? '' : '... '). implode(' ... ', $out) .' ...';