src/hg/hgTracks/makeItemsTrack.c 080a160c7b9595d516c9c70e83689a09b60839d0

080a160c7b9595d516c9c70e83689a09b60839d0
galt
  Mon Jun 3 12:16:53 2013 -0700
fix SQL Injection
diff --git src/hg/hgTracks/makeItemsTrack.c src/hg/hgTracks/makeItemsTrack.c
index faeb5b2..93badf4 100644
--- src/hg/hgTracks/makeItemsTrack.c
+++ src/hg/hgTracks/makeItemsTrack.c
@@ -35,57 +35,55 @@
 AllocVar(item);
 item->bin = binFromRange(chromStart, chromEnd);
 item->chrom = cloneString(chrom);
 item->chromStart = item->thickStart = chromStart;
 item->chromEnd = item->thickEnd = chromEnd;
 item->name = cloneString("");
 item->score = 1000;
 item->strand[0] = '.';
 item->description = cloneString("");
 
 /* Add item to database. */
 struct track *track = hashMustFindVal(trackHash, trackName);
 struct customTrack *ct = track->customPt;
 char *tableName = ct->dbTableName;
 struct sqlConnection *conn = hAllocConn(CUSTOM_TRASH);
-makeItemsItemSaveToDbEscaped(conn, item, tableName, 0);
+makeItemsItemSaveToDb(conn, item, tableName, 0);
 hFreeConn(&conn);
 
 freez(&dupeCommand);
 }
 
 static int makeItemsExtraHeight(struct track *track)
 /* Return extra height of track. */
 {
 return tl.fontHeight+2;
 }
 
 static void updateTextField(char *trackName, struct sqlConnection *conn,
 	char *tableName, char *fieldName, int id)
 /* Update text valued field with new val. */
 {
 char varName[128];
 char sql[256];
 safef(varName, sizeof(varName), "%s_%s", trackName, fieldName);
 char *newVal = cartOptionalString(cart, varName);
 if (newVal != NULL)
     {
-    char *escapedVal = sqlEscapeString(newVal);
-    safef(sql, sizeof(sql), "update %s set %s='%s' where id=%d",
-	    tableName, fieldName, escapedVal, id);
+    sqlSafef(sql, sizeof(sql), "update %s set %s='%s' where id=%d",
+	    tableName, fieldName, newVal, id);
     sqlUpdate(conn, sql);
-    freez(&escapedVal);
     cartRemove(cart, varName);	/* We don't need it any more. */
     }
 }
 
 static void makeItemsEditOrDelete(char *trackName, struct sqlConnection *conn, char *tableName)
 /* Troll through cart variables looking for things that indicate user edited item
  * or deleted it in hgc,  and carry out edits. See hgc/makeItemsClick.c. */
 {
 char varName[128];
 char sql[256];
 safef(varName, sizeof(varName), "%s_%s", trackName, "id");
 char *idString = cartOptionalString(cart, varName);
 if (idString != NULL)
     {
     int id = sqlUnsigned(idString);
@@ -93,31 +91,31 @@
     cartRemove(cart, varName);		// Remove so only do edits once.
 
     /* Handle cancel. */
     safef(varName, sizeof(varName), "%s_%s", trackName, "cancel");
     if (cartVarExists(cart, varName))
         {
 	cartRemove(cart, varName);	// Only want to do cancels once
 	return;
 	}
 
     /* Handle delete. */
     safef(varName, sizeof(varName), "%s_%s", trackName, "delete");
     if (cartVarExists(cart, varName))
         {
 	cartRemove(cart, varName);	// Especially only want to do deletes once!
-	safef(sql, sizeof(sql), "delete from %s where id=%d", tableName, id);
+	sqlSafef(sql, sizeof(sql), "delete from %s where id=%d", tableName, id);
 	sqlUpdate(conn, sql);
 	return;
 	}
 
     /* Handle edits. */
     updateTextField(trackName, conn, tableName, "name", id);
     updateTextField(trackName, conn, tableName, "description", id);
     }
 }
 
 void makeItemsLoadItems(struct track *track)
 /* Load up items in track already.  Also make up a pseudo-item that is
  * where you drag to create an item. */
 {
 struct bed *bedList = NULL;