080a160c7b9595d516c9c70e83689a09b60839d0 galt Mon Jun 3 12:16:53 2013 -0700 fix SQL Injection diff --git src/hg/hgc/hgc.c src/hg/hgc/hgc.c index 427e5e7..974a85a 100644 --- src/hg/hgc/hgc.c +++ src/hg/hgc/hgc.c @@ -574,31 +574,31 @@ /* Clip start/end coordinates to fit in chromosome. */ { static int chromSize = -1; if (chromSize < 0) chromSize = hChromSize(database, seqName); if (*pStart < 0) *pStart = 0; if (*pEnd > chromSize) *pEnd = chromSize; return *pStart < *pEnd; } struct genbankCds getCds(struct sqlConnection *conn, char *acc) /* obtain and parse the CDS, errAbort if not found or invalid */ { char query[256]; -safef(query, sizeof(query), "select cds.name from gbCdnaInfo,cds where (acc=\"%s\") and (cds.id=cds)", +sqlSafef(query, sizeof(query), "select cds.name from gbCdnaInfo,cds where (acc=\"%s\") and (cds.id=cds)", acc); char *cdsStr = sqlQuickString(conn, query); if (cdsStr == NULL) errAbort("no CDS found for %s", acc); struct genbankCds cds; if (!genbankCdsParse(cdsStr, &cds)) errAbort("can't parse CDS for %s: %s", acc, cdsStr); return cds; } void printCappedSequence(int start, int end, int extra) /* Print DNA from start to end including extra at either end. * Capitalize bits from start to end. */ @@ -1062,31 +1062,31 @@ } void genericSampleClick(struct sqlConnection *conn, struct trackDb *tdb, char *item, int start, int smpSize) /* Handle click in generic sample (wiggle) track. */ { char table[64]; boolean hasBin; struct sample *smp; char query[512]; struct sqlResult *sr; char **row; boolean firstTime = TRUE; hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -sprintf(query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, item, seqName, start); /*errAbort( "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, item, seqName, start);*/ sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); smp = sampleLoad(row+hasBin); samplePrintPos(smp, smpSize); @@ -1125,37 +1125,37 @@ * it contains the 100K top-scorers in the entire track, and filterCt * is the threshold for how many are candidates for display. */ { struct sqlResult *sr = NULL; char **row = NULL; struct bed *bedList = NULL, *bed = NULL; char table[64]; boolean hasBin = FALSE; char query[512]; if (filterTable) { /* Track display only shows top-scoring N elements -- restrict * the list to these. Get them from the filter table */ hasBin = hOffsetPastBin(database, hDefaultChrom(database), filterTable); - safef(query, sizeof(query), "select * from %s order by score desc limit %d", + sqlSafef(query, sizeof(query), "select * from %s order by score desc limit %d", filterTable, filterCt); } else { hFindSplitTable(database, seqName, tdb->table, table, &hasBin); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and chromEnd > %d and " "chromStart < %d order by score desc", table, seqName, winStart, winEnd); } sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { bed = bedLoadN(row+hasBin, 5); if (!filterTable || ( sameString(bed->chrom, seqName) && bed->chromStart < winEnd && bed->chromEnd > winStart)) { slAddHead(&bedList, bed); } @@ -1242,31 +1242,31 @@ if (title==NULL) // Must have title continue; *title = '\0'; title++; if ((table = strchr(words[ix],'.')) == NULL) table = tdb->table; else { *table++ = '\0'; // assigns before advance if ((words[ix] = strchr(table,'.')) != NULL) { *words[ix] = '\0'; column = ++words[ix]; // advance before assigns } } - safef(query,sizeof(query),"select chrom,chromStart,chromEnd from %s.%s where %s=\"%s\";", + sqlSafef(query,sizeof(query),"select chrom,chromStart,chromEnd from %s.%s where %s=\"%s\";", db,table,column,name); struct sqlResult *sr = sqlGetResult(conn, query); if (sr == NULL) continue; char **row = sqlNextRow(sr); if (row == NULL) continue; char *chrom = *row++; int beg = atoi(*row++); int end = atoi(*row); if (!gotOne) { gotOne = TRUE; printf("<P>The item \"%s\" has been located in other genomes:\n<UL>\n",name); } @@ -1284,73 +1284,72 @@ printf("<P>Currently the item \"%s\" has not been located in another genome.\n",name); } void mafPrettyOut(FILE *f, struct mafAli *maf, int lineSize, boolean onlyDiff, int blockNo); void doAtom( struct trackDb *tdb, char *item) { char table[64]; boolean hasBin; //struct bed *bed; char query[512]; struct sqlResult *sr; char **row; //boolean firstTime = TRUE; -//char *escapedName = sqlEscapeString(item); int start = cartInt(cart, "o"); //struct sqlConnection *conn = hAllocConn(database); char *user = cfgOption("db.user"); char *password = cfgOption("db.password"); struct sqlConnection *sc; struct atom ret; genericHeader(tdb, item); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); #if 0 -sprintf(query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, escapedName, seqName, start); +sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, escapedName, seqName, start); sr = sqlGetResult(conn, query); printf("<B>This is the item you clicked on:</B><BR>\n"); while ((row = sqlNextRow(sr)) != NULL) { if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); bed = bedLoadN(row+hasBin, 4); bedPrintPos(bed, 4, tdb); } sqlFreeResult(&sr); -sprintf(query, "select * from %s where name = '%s'", table, escapedName); +sqlSafef(query, sizeof query, "select * from %s where name = '%s'", table, escapedName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { bed = bedLoadN(row+hasBin, 4); if (bed->chromStart != start) { htmlHorizontalLine(); firstTime = FALSE; printf("<B>Another instances on %s:</B><BR>\n",database); bedPrintPos(bed, 4, tdb); } } sqlFreeResult(&sr); #endif sc = sqlConnectRemote("localhost", user, password, "hgFixed"); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where name = '%s'", table, item); sr = sqlGetResult(sc, query); printf("<B>Atom %s instances ('*' marks item you clicked on)</B><BR>\n",item); printf("<PRE>\n"); //printf("Ins#\tSpecies\t\tChrom\tStart\tEnd\tStrand\n"); printf( " # %-10s %-5s %12s %12s %10s %s %-10s %-10s\n", "species","chrom", "start", "end", "length", "strand","fivePrime","threePrime"); while ((row = sqlNextRow(sr)) != NULL) { atomStaticLoad(row, &ret); //atomOutput(&ret, stdout, '\t', '\n'); linkToOtherBrowser(ret.species, ret.chrom, ret.start, ret.end); if (sameString(ret.chrom, seqName) && (start == ret.start) && sameString(ret.species, database)) printf("* "); @@ -1569,44 +1568,43 @@ return count; } void genericBedClick(struct sqlConnection *conn, struct trackDb *tdb, char *item, int start, int bedSize) /* Handle click in generic BED track. */ { char table[64]; boolean hasBin; struct bed *bed; char query[512]; struct sqlResult *sr; char **row; boolean firstTime = TRUE; -char *escapedName = sqlEscapeString(item); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); if (bedSize <= 3) - sprintf(query, "select * from %s where chrom = '%s' and chromStart = %d", table, seqName, start); + sqlSafef(query, sizeof query, "select * from %s where chrom = '%s' and chromStart = %d", table, seqName, start); else { struct hTableInfo *hti = hFindTableInfoWithConn(conn, seqName, tdb->table); if (hti && *hti->nameField && differentString("name", hti->nameField)) - sprintf(query, "select * from %s where %s = '%s' and chrom = '%s' and chromStart = %d", - table, hti->nameField, escapedName, seqName, start); + sqlSafef(query, sizeof query, "select * from %s where %s = '%s' and chrom = '%s' and chromStart = %d", + table, hti->nameField, item, seqName, start); else - sprintf(query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", - table, escapedName, seqName, start); + sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", + table, item, seqName, start); } sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); bed = bedLoadN(row+hasBin, bedSize); if ((tdb->type != NULL) && sameString(tdb->type, "interaction")) { interactionPrintPos( bed, bedSize, tdb); } else bedPrintPos(bed, bedSize, tdb); @@ -1735,33 +1733,33 @@ void pseudoGeneClick(struct sqlConnection *conn, struct trackDb *tdb, char *item, int start, int bedSize) /* Handle click in track. */ { char table[64]; boolean hasBin; struct bed *bed; char query[512]; struct sqlResult *sr; char **row; boolean firstTime = TRUE; hFindSplitTable(database, seqName, tdb->table, table, &hasBin); if (bedSize <= 3) - sprintf(query, "select * from %s where chrom = '%s' and chromStart = %d", table, seqName, start); + sqlSafef(query, sizeof query, "select * from %s where chrom = '%s' and chromStart = %d", table, seqName, start); else - sprintf(query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", + sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, item, seqName, start); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); bed = bedLoadN(row+hasBin, bedSize); bedPrintPos(bed, bedSize, tdb); } } void axtOneGeneOut(char *otherDb, struct axt *axtList, int lineSize, FILE *f, struct genePred *gp, char *nibFile) @@ -2461,31 +2459,31 @@ void showGenePos(char *name, struct trackDb *tdb) /* Show gene prediction position and other info. */ { char *rootTable = tdb->table; char query[512]; struct sqlConnection *conn = hAllocConn(database); struct genePred *gpList = NULL, *gp = NULL; boolean hasBin; char table[64]; struct sqlResult *sr = NULL; char **row = NULL; char *classTable = trackDbSetting(tdb, GENEPRED_CLASS_TBL); hFindSplitTable(database, seqName, rootTable, table, &hasBin); -safef(query, sizeof(query), "name = \"%s\"", name); +sqlSafefFrag(query, sizeof(query), "name = \"%s\"", name); gpList = genePredReaderLoadQuery(conn, table, query); for (gp = gpList; gp != NULL; gp = gp->next) { printPos(gp->chrom, gp->txStart, gp->txEnd, gp->strand, FALSE, NULL); if(sameString(tdb->type,"genePred") && startsWith("ENCODE Gencode",tdb->longLabel) && startsWith("ENST",name)) { char *ensemblIdUrl = trackDbSetting(tdb, "ensemblIdUrl"); printf("<b>Ensembl Transcript Id: </b>"); if (ensemblIdUrl != NULL) printf("<a href=\"%s%s\" target=\"_blank\">%s</a><br>", ensemblIdUrl,name,name); else printf("%s<br>",name); @@ -2494,124 +2492,124 @@ { /* in Ensembl gene info downloaded from ftp site, sometimes the name2 field is populated with "noXref" because there is no alternate name. Replace this with "none" */ printf("<b>Gene Symbol:"); if (sameString(gp->name2, "noXref")) printf("</b> none<br>\n"); else printf("</b> %s<br>\n",gp->name2); } char *ensemblSource = NULL; if (sameString("ensGene", table)) { if (hTableExists(database, "ensemblSource")) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select source from ensemblSource where name='%s'", name); ensemblSource = sqlQuickString(conn, query); } } if ((gp->exonFrames != NULL) && (!genbankIsRefSeqNonCodingMRnaAcc(gp->name))) { if (ensemblSource && differentString("protein_coding",ensemblSource)) { printf("<b>CDS Start: </b> none (non-coding)<BR>\n"); printf("<b>CDS End: </b> none (non-coding)<BR>\n"); } else { printf("<b>CDS Start: </b>"); printCdsStatus((gp->strand[0] == '+') ? gp->cdsStartStat : gp->cdsEndStat); printf("<b>CDS End: </b>"); printCdsStatus((gp->strand[0] == '+') ? gp->cdsEndStat : gp->cdsStartStat); } } /* if a gene class table exists, get gene class and print */ if (classTable != NULL) { if (hTableExists(database, classTable)) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select class from %s where name = \"%s\"", classTable, name); sr = sqlGetResult(conn, query); /* print class */ if ((row = sqlNextRow(sr)) != NULL) printf("<b>Prediction Class:</b> %s<br>\n", row[0]); sqlFreeResult(&sr); if (sqlFieldIndex(conn, classTable, "level") > 0 ) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select level from %s where name = \"%s\"", classTable, name); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) printf("<b>Level: </b> %s<br>\n", row[0]); sqlFreeResult(&sr); } if (sqlFieldIndex(conn, classTable, "transcriptType") > 0 ) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select transcriptType from %s where name = \"%s\"", classTable, name); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) printf("<b>Transcript type: </b> %s<br>\n", row[0]); sqlFreeResult(&sr); } if (sqlFieldIndex(conn, classTable, "geneDesc") > 0 ) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select geneDesc from %s where name = \"%s\"", classTable, name); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) if (differentString("NULL",row[0])) printf("<b>Gene Description :</b> %s<br>\n", row[0]); sqlFreeResult(&sr); } if (sqlFieldIndex(conn, classTable, "type") > 0 ) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select type from %s where name = \"%s\"", classTable, name); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) if (differentString("NULL",row[0])) printf("<b>Gene Type :</b> %s<br>\n", row[0]); } } } if (gp->next != NULL) printf("<br>"); } genePredFreeList(&gpList); sqlFreeResult(&sr); hFreeConn(&conn); } void showGenePosMouse(char *name, struct trackDb *tdb, struct sqlConnection *connMm) /* Show gene prediction position and other info. */ { char query[512]; char *rootTable = tdb->table; struct sqlResult *sr; char **row; struct genePred *gp = NULL; boolean hasBin; int posCount = 0; char table[64] ; hFindSplitTable(database, seqName, rootTable, table, &hasBin); -sprintf(query, "select * from %s where name = '%s'", table, name); +sqlSafef(query, sizeof query, "select * from %s where name = '%s'", table, name); sr = sqlGetResult(connMm, query); while ((row = sqlNextRow(sr)) != NULL) { if (posCount > 0) printf("<BR>\n"); ++posCount; gp = genePredLoad(row + hasBin); printPos(gp->chrom, gp->txStart, gp->txEnd, gp->strand, FALSE, NULL); genePredFree(&gp); } sqlFreeResult(&sr); } void linkToPal(char *track, char *chrom, int start, int end, char *geneName) /* Make anchor tag to open pal window */ @@ -2641,31 +2639,31 @@ /* Show parts of gene common to everything. If pepTable is not null, * it's the old table name, but will check gbSeq first. */ { char *geneTable = tdb->table; boolean foundPep = FALSE; showGenePos(geneName, tdb); if (startsWith("ENCODE Gencode",tdb->longLabel)) { char *yaleTable = trackDbSetting(tdb, "yalePseudoAssoc"); if ((yaleTable != NULL) && (hTableExists(database, yaleTable))) { struct sqlConnection *conn = hAllocConn(database); char query[512]; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from %s where transcript = '%s'", yaleTable, geneName); char buffer[512]; struct sqlResult *sr = sqlGetResult(conn, query); char *yaleUrl = trackDbSetting(tdb, "yaleUrl"); char **row; while ((row = sqlNextRow(sr)) != NULL) { struct yaleGencodeAssoc *ya = yaleGencodeAssocLoad(row); safef(buffer, sizeof buffer, "%s/%s",yaleUrl,ya->yaleId); printf("<B>Yale pseudogene:</B> <a href=\"%s\" target=\"_blank\">%s</a><br>\n", buffer, ya->yaleId); } sqlFreeResult(&sr); hFreeConn(&conn); } @@ -2808,31 +2806,31 @@ /* Show parts of gene common to everything */ { geneShowPosAndLinksMouse(geneName, geneName, tdb, pepTable, connMm, "htcTranslatedProtein", "htcGeneMrna", "htcGeneInGenome", "Predicted mRNA"); } void genericGenePredClick(struct sqlConnection *conn, struct trackDb *tdb, char *item, int start, char *pepTable, char *mrnaTable) /* Handle click in generic genePred track. */ { char *oldToNew = trackDbSetting(tdb, "oldToNew"); if (oldToNew != NULL && sqlTableExists(conn, oldToNew)) { char query[512]; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from %s where oldId = '%s' and oldChrom='%s' and oldStart=%d", oldToNew, item, seqName, start); struct sqlResult *sr = sqlGetResult(conn, query); char **row; while ((row = sqlNextRow(sr)) != NULL) { struct kg1ToKg2 *x = kg1ToKg2Load(row); printf("<B>Old ID:</B> %s<BR>\n", x->oldId); printf("<B>New ID:</B> %s<BR>\n", naForEmpty(x->newId)); printf("<B>Old/New Mapping:</B> %s<BR>\n", x->status); if (x->note[0] != 0) printf("<B>Notes:</B> %s<BR>\n", x->note); printf("<BR>\n"); } sqlFreeResult(&sr); @@ -3016,31 +3014,31 @@ } struct chain *chainDbLoad(struct sqlConnection *conn, char *db, char *track, char *chrom, int id) /* Load chain. */ { char table[64]; char query[256]; struct sqlResult *sr; char **row; int rowOffset; struct chain *chain; if (!hFindSplitTable(db, seqName, track, table, &rowOffset)) errAbort("No %s track in database %s for %s", track, db, seqName); -snprintf(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where id = %d", table, id); sr = sqlGetResult(conn, query); row = sqlNextRow(sr); if (row == NULL) errAbort("Can't find %d in %s", id, table); chain = chainHeadLoad(row + rowOffset); sqlFreeResult(&sr); chainDbAddBlocks(chain, track, conn); return chain; } void linkToOtherBrowserExtra(char *otherDb, char *chrom, int start, int end, char *extra) /* Make anchor tag to open another browser window. */ { printf("<A TARGET=\"_blank\" HREF=\"%s?db=%s&%s&position=%s%%3A%d-%d\">", @@ -3186,31 +3184,31 @@ subSetScore); else printf("<BR>\n"); printf("<BR>Fields above refer to entire chain or gap, not just the part inside the window.<BR>\n"); boolean normScoreAvailable = chainDbNormScoreAvailable(tdb); if (normScoreAvailable) { boolean hasBin; char tableName[HDB_MAX_TABLE_STRING]; hFindSplitTable(database, chain->tName, tdb->table, tableName, &hasBin); char query[256]; struct sqlResult *sr; char **row; - safef(query, ArraySize(query), + sqlSafef(query, ArraySize(query), "select normScore from %s where id = '%s'", tableName, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) printf("<B>Normalized Score:</B> %1.0f (bases matched: %d)<BR>\n", atof(row[0]), (int) (chain->score/atof(row[0]))); sqlFreeResult(&sr); } printf("<BR>\n"); chainWinSize = min(winEnd-winStart, chain->tEnd - chain->tStart); /* Show alignment if the database exists and */ /* if there is a chromInfo table for that database and the sequence */ /* file exists. This means that alignments can be shown on the archive */ /* server (or in other cases) if there is a database with a chromInfo table, */ @@ -3242,50 +3240,50 @@ */ chainFree(&chain); } char *trackTypeInfo(char *track) /* Return type info on track. You can freeMem result when done. */ { struct slName *trackDbs = hTrackDbList(), *oneTrackDb; struct sqlConnection *conn = hAllocConn(database); char buf[512]; char query[256]; for (oneTrackDb = trackDbs; oneTrackDb != NULL; oneTrackDb = oneTrackDb->next) { if (sqlTableExists(conn, oneTrackDb->name)) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select type from %s where tableName = '%s'", oneTrackDb->name, track); if (sqlQuickQuery(conn, query, buf, sizeof(buf)) != NULL) break; } } if (oneTrackDb == NULL) errAbort("%s isn't in the trackDb from the hg.conf", track); slNameFreeList(&trackDbs); hFreeConn(&conn); return cloneString(buf); } void findNib(char *db, char *chrom, char nibFile[512]) /* Find nib file corresponding to chromosome in given database. */ { struct sqlConnection *conn = sqlConnect(db); char query[256]; -snprintf(query, sizeof(query), +sqlSafef(query, sizeof(query), "select fileName from chromInfo where chrom = '%s'", chrom); if (sqlQuickQuery(conn, query, nibFile, 512) == NULL) errAbort("Sequence %s isn't in database %s", chrom, db); sqlDisconnect(&conn); } struct dnaSeq *loadGenomePart(char *db, char *chrom, int start, int end) /* Load genomic dna from given database and position. */ { char nibFile[512]; findNib(db, chrom, nibFile); return hFetchSeq(nibFile, chrom, start, end); } @@ -3324,31 +3322,31 @@ char **row; struct netAlign *net; char *org = hOrganism(database); char *otherOrg = hOrganism(otherDb); char *otherOrgBrowser = otherOrg; int tSize, qSize; int netWinSize; struct chain *chain; if (otherOrg == NULL) { /* use first word in short track label */ otherOrg = firstWordInLine(cloneString(tdb->shortLabel)); } hFindSplitTable(database, seqName, tdb->table, table, &rowOffset); -snprintf(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where tName = '%s' and tStart <= %d and tEnd > %d " "and level = %s", table, seqName, start, start, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Couldn't find %s:%d in %s", seqName, start, table); net = netAlignLoad(row+rowOffset); sqlFreeResult(&sr); tSize = net->tEnd - net->tStart; qSize = net->qEnd - net->qStart; if (net->chainId != 0) { netWinSize = min(winEnd-winStart, net->tEnd - net->tStart); @@ -3453,44 +3451,44 @@ char query[512]; struct sqlResult *sr; char **row; struct tfbsConsSites *tfbsConsSites; struct tfbsConsSites *tfbsConsSitesList = NULL; struct tfbsConsFactors *tfbsConsFactor; struct tfbsConsFactors *tfbsConsFactorList = NULL; boolean firstTime = TRUE; char *mappedId = NULL; dupe = cloneString(tdb->type); genericHeader(tdb, item); wordCount = chopLine(dupe, words); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -sprintf(query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, item, seqName, start); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { tfbsConsSites = tfbsConsSitesLoad(row+hasBin); slAddHead(&tfbsConsSitesList, tfbsConsSites); } sqlFreeResult(&sr); slReverse(&tfbsConsSitesList); hFindSplitTable(database, seqName, "tfbsConsFactors", table, &hasBin); -sprintf(query, "select * from %s where name = '%s' ", table, item); +sqlSafef(query, sizeof query, "select * from %s where name = '%s' ", table, item); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { tfbsConsFactor = tfbsConsFactorsLoad(row+hasBin); slAddHead(&tfbsConsFactorList, tfbsConsFactor); } sqlFreeResult(&sr); slReverse(&tfbsConsFactorList); if (tfbsConsFactorList) mappedId = cloneString(tfbsConsFactorList->ac); printf("<B style='font-size:large;'>Transcription Factor Binding Site information:</B><BR><BR><BR>"); for(tfbsConsSites=tfbsConsSitesList ; tfbsConsSites != NULL ; tfbsConsSites = tfbsConsSites->next) @@ -3549,45 +3547,45 @@ boolean hasBin; char query[512]; struct sqlResult *sr; char **row; struct tfbsCons *tfbs; struct tfbsCons *tfbsConsList = NULL; struct tfbsConsMap tfbsConsMap; boolean firstTime = TRUE; char *mappedId = NULL; dupe = cloneString(tdb->type); genericHeader(tdb, item); wordCount = chopLine(dupe, words); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -sprintf(query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, item, seqName, start); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { tfbs = tfbsConsLoad(row+hasBin); slAddHead(&tfbsConsList, tfbs); } sqlFreeResult(&sr); slReverse(&tfbsConsList); if (hTableExists(database, "tfbsConsMap")) { - sprintf(query, "select * from tfbsConsMap where id = '%s'", tfbsConsList->name); + sqlSafef(query, sizeof query, "select * from tfbsConsMap where id = '%s'", tfbsConsList->name); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { tfbsConsMapStaticLoad(row, &tfbsConsMap); mappedId = cloneString(tfbsConsMap.ac); } } sqlFreeResult(&sr); printf("<B style='font-size:large;'>Transcription Factor Binding Site information:</B><BR><BR><BR>"); for(tfbs=tfbsConsList ; tfbs != NULL ; tfbs = tfbs->next) { if (!sameString(tfbs->species, "N")) printFactors = TRUE; @@ -3645,31 +3643,31 @@ boolean hasBin; struct bed *bed; char query[512]; struct sqlResult *sr; char **row; boolean firstTime = TRUE; /* itemForUrl = item; */ dupe = cloneString(tdb->type); genericHeader(tdb, item); wordCount = chopLine(dupe, words); printCustomUrl(tdb, item, FALSE); /* printCustomUrl(tdb, itemForUrl, item == itemForUrl); */ hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -sprintf(query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, item, seqName, start); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); bed = bedLoadN(row+hasBin, 6); printf("<B>Item:</B> %s<BR>\n", bed->name); printf("<B>Probability:</B> %g<BR>\n", bed->score / 1000.0); printf("<B>Strand:</B> %s<BR>\n", bed->strand); printPos(bed->chrom, bed->chromStart, bed->chromEnd, NULL, TRUE, bed->name); } @@ -3682,34 +3680,34 @@ /* Handle click in BED 5+ track: BED 5 with 0-1000 score (for useScore * shading in hgTracks) plus real score for display in details page. */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char table[64]; boolean hasBin; struct bed5FloatScore *b5; struct dyString *query = newDyString(512); char **row; boolean firstTime = TRUE; int start = cartInt(cart, "o"); int bedSize = 5; hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -dyStringPrintf(query, "select * from %s where chrom = '%s' and ", +sqlDyStringPrintf(query, "select * from %s where chrom = '%s' and ", table, seqName); hAddBinToQuery(winStart, winEnd, query); -dyStringPrintf(query, "name = '%s' and chromStart = %d", item, start); +sqlDyStringPrintf(query, "name = '%s' and chromStart = %d", item, start); sr = sqlGetResult(conn, query->string); while ((row = sqlNextRow(sr)) != NULL) { if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); b5 = bed5FloatScoreLoad(row+hasBin); bedPrintPos((struct bed *)b5, 4, tdb); printf("<B>Score:</B> %f<BR>\n", b5->floatScore); if (sameString(tdb->type, "bed5FloatScoreWithFdr")) { if (row[7] != NULL) printf("<B>False Discovery Rate (FDR):</B> %s%%<BR>\n", row[7]); } @@ -3725,60 +3723,60 @@ /* Handle click in BED 4+ track that's like BED 6 but with floating pt score */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char table[64]; boolean hasBin; struct bed6FloatScore *b6; struct dyString *query = newDyString(512); char **row; boolean firstTime = TRUE; int start = cartInt(cart, "o"); genericHeader(tdb, item); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -dyStringPrintf(query, "select * from %s where chrom = '%s' and ", +sqlDyStringPrintf(query, "select * from %s where chrom = '%s' and ", table, seqName); hAddBinToQuery(winStart, winEnd, query); -dyStringPrintf(query, "name = '%s' and chromStart = %d", item, start); +sqlDyStringPrintf(query, "name = '%s' and chromStart = %d", item, start); sr = sqlGetResult(conn, query->string); while ((row = sqlNextRow(sr)) != NULL) { if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); b6 = bed6FloatScoreLoad(row+hasBin); bedPrintPos((struct bed *)b6, 4, tdb); printf("<B>Score:</B> %f<BR>\n", b6->score); printf("<B>Strand:</B> %s<BR>\n", b6->strand); } sqlFreeResult(&sr); hFreeConn(&conn); /* printTrackHtml is done in genericClickHandlerPlus. */ } void doColoredExon(struct trackDb *tdb, char *item) /* Print information for coloredExon type tracks. */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char query[256]; char **row; genericHeader(tdb, item); -safef(query, sizeof(query), "select chrom,chromStart,chromEnd,name,score,strand from %s where name='%s'", tdb->table, item); +sqlSafef(query, sizeof(query), "select chrom,chromStart,chromEnd,name,score,strand from %s where name='%s'", tdb->table, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { struct bed *itemBed = bedLoad6(row); bedPrintPos(itemBed, 6, tdb); bedFree(&itemBed); } else { hPrintf("Could not find info for %s<BR>\n", item); } sqlFreeResult(&sr); printTrackHtml(tdb); hFreeConn(&conn); } @@ -4545,31 +4543,31 @@ int qStart; struct psl *psl; int start, end; struct sqlResult *sr; struct sqlConnection *conn = hAllocConn(database); struct dnaSeq *tSeq; char query[256], **row; char fullTable[64]; boolean hasBin; char *buffer, *str; int i, j; char *ptr; start = cartInt(cart, "o"); hFindSplitTable(database, seqName, table, fullTable, &hasBin); -sprintf(query, "select * from %s where qName = '%s' and tName = '%s' and tStart=%d", +sqlSafef(query, sizeof query, "select * from %s where qName = '%s' and tName = '%s' and tStart=%d", fullTable, readName, seqName, start); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Couldn't find alignment for %s at %d", readName, start); psl = pslLoad(row+hasBin); sqlFreeResult(&sr); hFreeConn(&conn); printf("<PRE><TT>"); end = psl->tEnd; if (psl->strand[1] == '+') end = psl->tStarts[psl->blockCount - 1] + psl->blockSizes[psl->blockCount - 1] *3; if ((ptr = strchr(readName, '.')) != NULL) *ptr++ = 0; printf(">%s-%s\n", readName,database); @@ -4994,31 +4992,31 @@ { struct hTableInfo *hti = ctToHti(ct); struct bedFilter *bf; struct bed *bedList2, *ctBedList = NULL; AllocVar(bf); if (ct->dbTrack) { struct bed *bed; int fieldCount = ct->fieldCount; char query[512]; int rowOffset; char **row; struct sqlConnection *conn = hAllocConn(CUSTOM_TRASH); struct sqlResult *sr = NULL; - safef(query, sizeof(query), "select * from %s", ct->dbTableName); + sqlSafef(query, sizeof(query), "select * from %s", ct->dbTableName); sr = hRangeQuery(conn, ct->dbTableName, seqName, winStart, winEnd, NULL, &rowOffset); while ((row = sqlNextRow(sr)) != NULL) { bed = bedLoadN(row+rowOffset, fieldCount); if (bf == NULL || bedFilterOne(bf, bed)) { struct bed *copy = cloneBed(bed); slAddHead(&ctBedList, copy); } } sqlFreeResult(&sr); hFreeConn(&conn); } else @@ -5214,67 +5212,67 @@ s += len+4; } if ((s = skipLeadingSpaces(s)) != NULL && s[0] != 0) { int len = strlen(s); appendAuthor(dy, s, len); } } /* --- !!! Riken code is under development Fan. 4/16/02 */ void printRikenInfo(char *acc, struct sqlConnection *conn ) /* Print Riken annotation info */ { struct sqlResult *sr; char **row; -char qry[512]; +char query[512]; char *seqid, *accession, *comment; char *qualifier, *anntext, *datasrc, *srckey, *href, *evidence; accession = acc; -snprintf(qry, sizeof(qry), +sqlSafef(query, sizeof(query), "select seqid from rikenaltid where altid='%s';", accession); -sr = sqlMustGetResult(conn, qry); +sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { seqid=cloneString(row[0]); - snprintf(qry, sizeof(qry), + sqlSafef(query, sizeof(query), "select Qualifier, Anntext, Datasrc, Srckey, Href, Evidence " "from rikenann where seqid='%s';", seqid); sqlFreeResult(&sr); - sr = sqlMustGetResult(conn, qry); + sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); while (row !=NULL) { qualifier = row[0]; anntext = row[1]; datasrc = row[2]; srckey = row[3]; href = row[4]; evidence = row[5]; row = sqlNextRow(sr); } - snprintf(qry, sizeof(qry), + sqlSafef(query, sizeof(query), "select comment from rikenseq where id='%s';", seqid); sqlFreeResult(&sr); - sr = sqlMustGetResult(conn, qry); + sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { comment = row[0]; printf("<B>Riken/comment:</B> %s<BR>\n",comment); } } } void printGeneCards(char *geneName) /* Print out a link to GeneCards (Human only). */ { if (startsWith("hg", database) && isNotEmpty(geneName)) { @@ -5282,60 +5280,60 @@ "<A HREF = \"http://www.genecards.org/cgi-bin/cardsearch.pl?" "search=%s\" TARGET=_blank>%s</A><BR>\n", geneName, geneName); } } int getImageId(struct sqlConnection *conn, char *acc) /* get the image id for a clone, or 0 if none */ { int imageId = 0; if (sqlTableExists(conn, "imageClone")) { struct sqlResult *sr; char **row; char query[128]; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select imageId from imageClone where acc = '%s'", acc); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) imageId = sqlUnsigned(row[0]); sqlFreeResult(&sr); } return imageId; } void htcDisplayMrna(char *acc) /* Display mRNA available from genback or seq table.. */ { struct dnaSeq *seq = hGenBankGetMrna(database, acc, NULL); if (seq == NULL) errAbort("mRNA sequence %s not found", acc); cartHtmlStart("mRNA sequence"); printf("<PRE><TT>"); faWriteNext(stdout, seq->name, seq->dna, seq->size); printf("</TT></PRE>"); dnaSeqFree(&seq); } static int getEstTranscriptionDir(struct sqlConnection *conn, struct psl *psl) /* get the direction of transcription for an EST; return splice support count */ { char query[256], estOrient[64]; -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select intronOrientation from %s.estOrientInfo where chrom = '%s' and chromStart = %d and name = '%s'", database, psl->tName, psl->tStart, psl->qName); if (sqlQuickQuery(conn, query, estOrient, sizeof(estOrient)) != NULL) return sqlSigned(estOrient) * ((psl->strand[0] == '+') ? 1 : -1); else return 0; } static struct gbWarn *checkGbWarn(struct sqlConnection *conn, char *acc) /* check if there is a gbWarn entry for this accession, return NULL if none */ { struct gbWarn *gbWarn = NULL; if (hTableExists(database, "gbWarn")) gbWarn = sqlQueryObjs(conn, (sqlLoadFunc)gbWarnLoad, sqlQuerySingle, "SELECT * FROM gbWarn WHERE acc = \"%s\"", acc); @@ -5393,50 +5391,50 @@ struct gbWarn *gbWarn = checkGbWarn(conn, acc); /* This sort of query and having to keep things in sync between * the first clause of the select, the from clause, the where * clause, and the results in the row ... is really tedious. * One of my main motivations for going to a more object * based rather than pure relational approach in general, * and writing 'autoSql' to help support this. However * the pure relational approach wins for pure search speed, * and these RNA fields are searched. So it looks like * the code below stays. Be really careful when you modify * it. * * Uses the gbSeq table if available, otherwise use seq for older databases. */ -dyStringAppend(dy, +sqlDyStringAppend(dy, "select gbCdnaInfo.type,gbCdnaInfo.direction," "source.name,organism.name,library.name,mrnaClone.name," "sex.name,tissue.name,development.name,cell.name,cds.name," "description.name,author.name,geneName.name,productName.name,"); if (haveGbSeq) dyStringAppend(dy, "gbSeq.size,gbCdnaInfo.moddate,gbSeq.gbExtFile,gbSeq.file_offset,gbSeq.file_size "); else dyStringAppend(dy, "seq.size,seq.gb_date,seq.extFile,seq.file_offset,seq.file_size "); /* If the gbCdnaInfo table has a "version" column then will show it */ if (hasVersion) { dyStringAppend(dy, ", gbCdnaInfo.version "); } -dyStringPrintf(dy, +sqlDyStringPrintf(dy, " from gbCdnaInfo,%s,source,organism,library,mrnaClone,sex,tissue," "development,cell,cds,description,author,geneName,productName " " where gbCdnaInfo.acc = '%s' and gbCdnaInfo.id = %s.id ", seqTbl, acc, seqTbl); dyStringAppend(dy, "and gbCdnaInfo.source = source.id and gbCdnaInfo.organism = organism.id " "and gbCdnaInfo.library = library.id and gbCdnaInfo.mrnaClone = mrnaClone.id " "and gbCdnaInfo.sex = sex.id and gbCdnaInfo.tissue = tissue.id " "and gbCdnaInfo.development = development.id and gbCdnaInfo.cell = cell.id " "and gbCdnaInfo.cds = cds.id and gbCdnaInfo.description = description.id " "and gbCdnaInfo.author = author.id and gbCdnaInfo.geneName = geneName.id " "and gbCdnaInfo.productName = productName.id"); sr = sqlMustGetResult(conn, dy->string); row = sqlNextRow(sr); @@ -5495,31 +5493,31 @@ else printf("unknown (can't guess from GenBank description)<BR>"); } else printf("<B>CDS:</B> %s<BR>\n", cds); printf("<B>Date:</B> %s<BR>\n", date); if (hasVersion) { printf("<B>Version:</B> %s<BR>\n", version); } /* print RGD EST Report link if it is Rat genome and it has a link to RGD */ if (sameWord(organism, "Rat")) { if (hTableExists(database, "rgdEstLink")) { - snprintf(query, sizeof(query), + sqlSafef(query, sizeof(query), "select id from %s.rgdEstLink where name = '%s';", database, acc); if (sqlQuickQuery(conn2, query, rgdEstId, sizeof(rgdEstId)) != NULL) { tdbRgdEst = hashFindVal(trackHash, "rgdEst"); printf("<B>RGD EST Report: "); printf("<A HREF=\"%s%s\" target=_blank>", tdbRgdEst->url, rgdEstId); printf("RGD:%s</B></A><BR>\n", rgdEstId); } } } if (isEst && hTableExists(database, "estOrientInfo") && (psl != NULL)) { int estOrient = getEstTranscriptionDir(conn2, psl); if (estOrient != 0) printf("<B>EST transcribed from %c strand </B>(supported by %d splice sites).<BR>\n", @@ -5630,55 +5628,55 @@ } } } struct psl *getAlignments(struct sqlConnection *conn, char *table, char *acc) /* get the list of alignments for the specified acc */ { struct sqlResult *sr = NULL; char **row; struct psl *psl, *pslList = NULL; boolean hasBin; char splitTable[64]; char query[256]; if (!hFindSplitTable(database, seqName, table, splitTable, &hasBin)) errAbort("can't find table %s or %s_%s", table, seqName, table); -safef(query, sizeof(query), "select * from %s where qName = '%s'", splitTable, acc); +sqlSafef(query, sizeof(query), "select * from %s where qName = '%s'", splitTable, acc); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { psl = pslLoad(row+hasBin); slAddHead(&pslList, psl); } sqlFreeResult(&sr); slReverse(&pslList); return pslList; } struct psl *loadPslRangeT(char *table, char *qName, char *tName, int tStart, int tEnd) /* Load a list of psls given qName tName tStart tEnd */ { struct sqlResult *sr = NULL; char **row; struct psl *psl = NULL, *pslList = NULL; boolean hasBin; char splitTable[64]; char query[256]; struct sqlConnection *conn = hAllocConn(database); hFindSplitTable(database, seqName, table, splitTable, &hasBin); -safef(query, sizeof(query), "select * from %s where qName = '%s' and tName = '%s' and tEnd > %d and tStart < %d", splitTable, qName, tName, tStart, tEnd); +sqlSafef(query, sizeof(query), "select * from %s where qName = '%s' and tName = '%s' and tEnd > %d and tStart < %d", splitTable, qName, tName, tStart, tEnd); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { psl = pslLoad(row+hasBin); slAddHead(&pslList, psl); } sqlFreeResult(&sr); slReverse(&pslList); hFreeConn(&conn); return pslList; } void doHgRna(struct trackDb *tdb, char *acc) /* Click on an individual RNA. */ { @@ -5814,31 +5812,31 @@ struct sqlConnection *conn = hAllocConn(database); struct sqlConnection *conn2 = hAllocConn(database); if (itemForUrl == NULL) itemForUrl = item; dupe = cloneString(tdb->type); genericHeader(tdb, item); wordCount = chopLine(dupe, words); printCustomUrl(tdb, itemForUrl, item == itemForUrl); /* If this is the affyZebrafish track, check for human ortholog information */ if (sameString("affyZebrafish", tdb->table)) { if (orthoTable != NULL && hTableExists(database, orthoTable)) { - safef(query, sizeof(query), "select geneSymbol, description from %s where name = '%s' ", orthoTable, item); + sqlSafef(query, sizeof(query), "select geneSymbol, description from %s where name = '%s' ", orthoTable, item); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { printf("<P><HR ALIGN=\"CENTER\"></P>\n<TABLE>\n"); printf("<TR><TH ALIGN=left><H2>Human %s Ortholog:</H2></TH><TD>%s</TD></TR>\n", otherDb, row[0]); printf("<TR><TH ALIGN=left>Ortholog Description:</TH><TD>%s</TD></TR>\n",row[1]); printf("</TABLE>\n"); } } } if (wordCount > 0) { type = words[0]; @@ -5867,31 +5865,31 @@ int wordCount; int start = cartInt(cart, "o"); struct sqlConnection *conn = hAllocConn(database); struct sqlConnection *conn1 = hAllocConn(database); boolean rhMapInfoExists = sqlTableExists(conn, "rhMapZfishInfo"); dupe = cloneString(tdb->type); wordCount = chopLine(dupe, words); genericHeader(tdb, itemName); /* Print out RH map information if available */ if (rhMapInfoExists) { - sprintf(query, "SELECT * FROM rhMapZfishInfo WHERE name = '%s'", itemName); + sqlSafef(query, sizeof query, "SELECT * FROM rhMapZfishInfo WHERE name = '%s'", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { rhInfo = rhMapZfishInfoLoad(row); if (rhInfo != NULL) { printf("<H2>Information on %s </H2>\n", itemName); if (!sameString(rhInfo->zfinId, "")) { printf("<H3>"); printCustomUrl(tdb, rhInfo->zfinId, TRUE); printf("</H3>\n"); } printf("<P><HR ALIGN=\"CENTER\"></P>\n<TABLE>\n"); @@ -5925,31 +5923,31 @@ printTrackHtml(tdb); freez(&dupe); hFreeConn(&conn); hFreeConn(&conn1); } void doRikenRna(struct trackDb *tdb, char *item) /* Put up Riken RNA stuff. */ { char query[512]; struct sqlResult *sr; char **row; struct sqlConnection *conn = sqlConnect("mgsc"); genericHeader(tdb, item); -sprintf(query, "select * from rikenMrna where qName = '%s'", item); +sqlSafef(query, sizeof query, "select * from rikenMrna where qName = '%s'", item); sr = sqlGetResult(conn, query); printf("<PRE><TT>\n"); printf("#match\tmisMatches\trepMatches\tnCount\tqNumInsert\tqBaseInsert\ttNumInsert\tBaseInsert\tstrand\tqName\tqSize\tqStart\tqEnd\ttName\ttSize\ttStart\ttEnd\tblockCount\tblockSizes\tqStarts\ttStarts\n"); while ((row = sqlNextRow(sr)) != NULL) { struct psl *psl = pslLoad(row+1); pslTabOut(psl, stdout); } printf("</TT></PRE>\n"); sqlDisconnect(&conn); printTrackHtml(tdb); } void doYaleTars(struct trackDb *tdb, char *item, char *itemForUrl) @@ -5971,31 +5969,31 @@ if (startsWith("TAR", item)) { /* Remove TAR prefix from item */ item2 = strchr(item, 'R'); item2++; itemForUrl = item2; } else itemForUrl = item; } dupe = cloneString(tdb->type); genericHeader(tdb, item); wordCount = chopLine(dupe, words); printCustomUrl(tdb, itemForUrl, item == itemForUrl); -safef(query, sizeof(query), "select tName, tEnd, strand from %s where qName='%s' and tStart=%d;", tdb->table, item, start); +sqlSafef(query, sizeof(query), "select tName, tEnd, strand from %s where qName='%s' and tStart=%d;", tdb->table, item, start); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); /* load PSL into struct */ if (row != NULL) { chrom = cloneString(row[0]); end = sqlUnsigned(row[1]); strand = cloneString(row[2]); } printPos(chrom, start, end, strand, TRUE, item); if (wordCount > 0) { type = words[0]; @@ -6032,31 +6030,31 @@ printf("<B>Size in %s:</B> %d<BR>\n", niceName, tpsl->tEnd - tpsl->tStart); if (tpsl->strand[0] == '-') printf(" " "<EM>Warning: the match is on the reverse strand of %s</EM><BR>\n", niceName); struct psl *itemPsl = NULL, *otherPsls = NULL, *gpsl; int itemStart = cartInt(cart, "o"); int itemEnd = cartInt(cart, "t"); int rowOffset = hOffsetPastBin(database, seqName, target->pslTable); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[2048]; -safef(query, sizeof(query), "select * from %s where qName = '%s'", +sqlSafef(query, sizeof(query), "select * from %s where qName = '%s'", target->pslTable, acc); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { gpsl = pslLoad(row+rowOffset); struct psl *pslTrimmed = pslTrimToQueryRange(gpsl, tpsl->tStart, tpsl->tEnd); if (sameString(gpsl->tName, seqName) && ((gpsl->tStart == itemStart && gpsl->tEnd == itemEnd) || (pslTrimmed->tStart == itemStart && pslTrimmed->tEnd == itemEnd))) itemPsl = pslTrimmed; else slAddHead(&otherPsls, pslTrimmed); pslFree(&gpsl); } @@ -6283,100 +6281,100 @@ char **row3; struct agpFrag frag; struct contigAcc contigAcc; int start = cartInt(cart, "o"); boolean hasBin; char splitTable[64]; char *chp; char *accession1, *accession2, *spanner, *evaluation, *variation, *varEvidence, *contact, *remark, *comment; char *secondAcc, *secondAccVer; char *tmpString; int first; cartWebStart(cart, database, "%s", fragName); hFindSplitTable(database, seqName, tdb->table, splitTable, &hasBin); -sprintf(query, "select * from %s where frag = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from %s where frag = '%s' and chromStart = %d", splitTable, fragName, start); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); agpFragStaticLoad(row+hasBin, &frag); printf("<B>Clone Fragment ID:</B> %s<BR>\n", frag.frag); printf("<B>Clone Fragment Type:</B> %s<BR>\n", frag.type); printf("<B>Clone Bases:</B> %d-%d<BR>\n", frag.fragStart+1, frag.fragEnd); if (hTableExists(database, "contigAcc")) { - sprintf(query2, "select * from contigAcc where contig = '%s'", frag.frag); + sqlSafef(query2, sizeof query2, "select * from contigAcc where contig = '%s'", frag.frag); if ((sr2 = sqlGetResult(conn2, query2))) { row = sqlNextRow(sr2); if (row) { contigAccStaticLoad(row, &contigAcc); printf("<B>Genbank Accession: <A HREF="); printEntrezNucleotideUrl(stdout, contigAcc.acc); printf(" TARGET=_BLANK>%s</A></B><BR>\n", contigAcc.acc); } sqlFreeResult(&sr2); } } printPos(frag.chrom, frag.chromStart, frag.chromEnd, frag.strand, FALSE, NULL); if (hTableExists(database, "certificate")) { first = 1; again: tmpString = cloneString(frag.frag); chp = strstr(tmpString, "."); if (chp != NULL) *chp = '\0'; if (first) { - sprintf(query2,"select * from certificate where accession1='%s';", tmpString); + sqlSafef(query2, sizeof query2, "select * from certificate where accession1='%s';", tmpString); } else { - sprintf(query2,"select * from certificate where accession2='%s';", tmpString); + sqlSafef(query2, sizeof query2, "select * from certificate where accession2='%s';", tmpString); } sr2 = sqlMustGetResult(conn2, query2); row2 = sqlNextRow(sr2); while (row2 != NULL) { printf("<HR>"); accession1 = row2[0]; accession2 = row2[1]; spanner = row2[2]; evaluation = row2[3]; variation = row2[4]; varEvidence = row2[5]; contact = row2[6]; remark = row2[7]; comment = row2[8]; if (first) { secondAcc = accession2; } else { secondAcc = accession1; } - sprintf(query3, "select frag from %s where frag like '%s.%c';", + sqlSafef(query3, sizeof query3, "select frag from %s where frag like '%s.%c';", splitTable, secondAcc, '%'); sr3 = sqlMustGetResult(conn3, query3); row3 = sqlNextRow(sr3); if (row3 != NULL) { secondAccVer = row3[0]; } else { secondAccVer = secondAcc; } printf("<H3>Non-standard Join Certificate: </H3>\n"); printf("The join between %s and %s is not standard due to a ", frag.frag, secondAccVer); @@ -6416,35 +6414,35 @@ void doHgGap(struct trackDb *tdb, char *gapType) /* Print a teeny bit of info about a gap. */ { struct sqlConnection *conn = hAllocConn(database); char query[256]; struct sqlResult *sr; char **row; struct agpGap gap; int start = cartInt(cart, "o"); boolean hasBin; char splitTable[64]; cartWebStart(cart, database, "Gap in Sequence"); hFindSplitTable(database, seqName, tdb->table, splitTable, &hasBin); if (sameString(tdb->table, splitTable)) - safef(query, sizeof(query), "select * from %s where chrom = '%s' and " + sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart = %d", splitTable, seqName, start); else - safef(query, sizeof(query), "select * from %s where chromStart = %d", + sqlSafef(query, sizeof(query), "select * from %s where chromStart = %d", splitTable, start); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row == NULL) errAbort("Couldn't find gap at %s:%d", seqName, start); agpGapStaticLoad(row+hasBin, &gap); printf("<B>Gap Type:</B> %s<BR>\n", gap.type); printf("<B>Bridged:</B> %s<BR>\n", gap.bridge); printPos(gap.chrom, gap.chromStart, gap.chromEnd, NULL, FALSE, NULL); printTrackHtml(tdb); sqlFreeResult(&sr); hFreeConn(&conn); } @@ -6459,91 +6457,91 @@ char **row; if (!hFindSplitTable(database, seqName, table, fullTable, &hasBin)) errAbort("Table %s doesn't exist in database", table); *retSr = sqlGetResult(conn, query); if ((row = sqlNextRow(*retSr)) == NULL) errAbort("No match to query '%s'", query); *retRow = row + hasBin; } void doHgContig(struct trackDb *tdb, char *ctgName) /* Click on a contig. */ { struct sqlConnection *conn = hAllocConn(database); struct sqlConnection *conn2 = hAllocConn(database); -char query[256], query2[256]; +char query[256], query2[256], ctgUrl[256]; struct sqlResult *sr, *sr2; char **row; struct ctgPos *ctg; struct ctgPos2 *ctg2 = NULL; int cloneCount; struct contigAcc contigAcc; char * ncbiTerm = cgiEncode(ctgName); -safef(query, sizeof(query), "%s%s", NUCCORE_SEARCH, ncbiTerm); +safef(ctgUrl, sizeof(ctgUrl), "%s%s", NUCCORE_SEARCH, ncbiTerm); genericHeader(tdb, ctgName); char *url = tdb->url; if (sameWord(database,"oryCun2")) printf("<B>Name:</B> %s<BR>\n", ctgName); else if (isNotEmpty(url)) { if (sameWord(url, "none")) printf("<B>Name:</B> %s<BR>\n", ctgName); else printCustomUrl(tdb, ctgName, TRUE); } else printf("<B>Name:</B> <A HREF=\"%s\" TARGET=_blank>%s</A><BR>\n", - query, ctgName); + ctgUrl, ctgName); freeMem(ncbiTerm); -safef(query, sizeof(query), "select * from %s where contig = '%s'", +sqlSafef(query, sizeof(query), "select * from %s where contig = '%s'", tdb->table, ctgName); selectOneRow(conn, tdb->table, query, &sr, &row); if (sameString("ctgPos2", tdb->table)) { ctg2 = ctgPos2Load(row); printf("<B>Type:</B> %s<BR>\n", ctg2->type); ctg = (struct ctgPos*)ctg2; } else ctg = ctgPosLoad(row); sqlFreeResult(&sr); if (hTableExists(database, "contigAcc")) { - sprintf(query2, "select * from contigAcc where contig = '%s'", ctgName); + sqlSafef(query2, sizeof query2, "select * from contigAcc where contig = '%s'", ctgName); if ((sr2 = sqlGetResult(conn2, query2))) { row = sqlNextRow(sr2); if (row) { contigAccStaticLoad(row, &contigAcc); printf("<B>Genbank Accession: <A HREF="); printEntrezNucleotideUrl(stdout, contigAcc.acc); printf(" TARGET=_BLANK>%s</A></B><BR>\n", contigAcc.acc); } sqlFreeResult(&sr2); } } if (hTableExists(database, "clonePos")) { - sprintf(query, "select count(*) from clonePos" + sqlSafef(query, sizeof query, "select count(*) from clonePos" " where chrom = '%s' and chromEnd >= %d and chromStart <= %d", ctg->chrom, ctg->chromStart, ctg->chromEnd); cloneCount = sqlQuickNum(conn, query); printf("<B>Total Clones:</B> %d<BR>\n", cloneCount); } printPos(ctg->chrom, ctg->chromStart, ctg->chromEnd, NULL, TRUE, ctg->contig); printTrackHtml(tdb); hFreeConn(&conn); hFreeConn(&conn2); } char *cloneStageName(char *stage) /* Expand P/D/F. */ { @@ -6559,36 +6557,36 @@ return "unknown"; } } void doHgCover(struct trackDb *tdb, char *cloneName) /* Respond to click on clone. */ { struct sqlConnection *conn = hAllocConn(database); char query[256]; struct sqlResult *sr; char **row; struct clonePos *clone; int fragCount; cartWebStart(cart, database, "%s", cloneName); -sprintf(query, "select * from %s where name = '%s'", tdb->table, cloneName); +sqlSafef(query, sizeof query, "select * from %s where name = '%s'", tdb->table, cloneName); selectOneRow(conn, tdb->table, query, &sr, &row); clone = clonePosLoad(row); sqlFreeResult(&sr); -sprintf(query, +sqlSafef(query, sizeof query, "select count(*) from %s_gl where end >= %d and start <= %d and frag like '%s%%'", clone->chrom, clone->chromStart, clone->chromEnd, clone->name); fragCount = sqlQuickNum(conn, query); printf("<H2>Information on <A HREF=\""); printEntrezNucleotideUrl(stdout, cloneName); printf("\" TARGET=_blank>%s</A></H2>\n", cloneName); printf("<B>GenBank: <A HREF=\""); printEntrezNucleotideUrl(stdout, cloneName); printf("\" TARGET=_blank>%s</A></B> <BR>\n", cloneName); printf("<B>Status:</B> %s<BR>\n", cloneStageName(clone->stage)); printf("<B>Fragments:</B> %d<BR>\n", fragCount); printf("<B>Size:</B> %d bases<BR>\n", clone->seqSize); printf("<B>Chromosome:</B> %s<BR>\n", skipChr(clone->chrom)); printf("<BR>\n"); @@ -6606,54 +6604,54 @@ } void doBactigPos(struct trackDb *tdb, char *bactigName) /* Click on a bactig. */ { struct bactigPos *bactig; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; char goldTable[16]; char ctgStartStr[16]; int ctgStart; genericHeader(tdb, bactigName); -sprintf(query, "select * from %s where name = '%s'", tdb->table, bactigName); +sqlSafef(query, sizeof query, "select * from %s where name = '%s'", tdb->table, bactigName); selectOneRow(conn, tdb->table, query, &sr, &row); bactig = bactigPosLoad(row); sqlFreeResult(&sr); printf("<B>Name:</B> %s<BR>\n", bactigName); snprintf(goldTable, sizeof(goldTable), "%s_gold", seqName); puts("<B>First contig:</B>"); if (hTableExists(database, goldTable)) { - snprintf(query, sizeof(query), + sqlSafef(query, sizeof(query), "select chromStart from %s where frag = \"%s\"", goldTable, bactig->startContig); ctgStart = sqlQuickNum(conn, query); snprintf(ctgStartStr, sizeof(ctgStartStr), "%d", ctgStart); hgcAnchor("gold", bactig->startContig, ctgStartStr); } printf("%s</A><BR>\n", bactig->startContig); puts("<B>Last contig:</B>"); if (hTableExists(database, goldTable)) { - snprintf(query, sizeof(query), + sqlSafef(query, sizeof(query), "select chromStart from %s where frag = \"%s\"", goldTable, bactig->endContig); ctgStart = sqlQuickNum(conn, query); snprintf(ctgStartStr, sizeof(ctgStartStr), "%d", ctgStart); hgcAnchor("gold", bactig->endContig, ctgStartStr); } printf("%s</A><BR>\n", bactig->endContig); printPos(bactig->chrom, bactig->chromStart, bactig->chromEnd, NULL, FALSE,NULL); printTrackHtml(tdb); hFreeConn(&conn); } @@ -6904,67 +6902,67 @@ chopSuffix(accChopped); /* Print start of HTML. */ writeFramesetType(); puts("<HTML>"); aliTable = cartString(cart, "aliTable"); printf("<HEAD>\n<TITLE>%s vs Genomic [%s]</TITLE>\n</HEAD>\n\n", accChopped, aliTable); /* Get some environment vars. */ start = cartInt(cart, "o"); /* Get cds start and stop, if available */ conn = hAllocConn(database); if (sqlTableExists(conn, "gbCdnaInfo")) { - sprintf(query, "select cds from gbCdnaInfo where acc = '%s'", accChopped); + sqlSafef(query, sizeof query, "select cds from gbCdnaInfo where acc = '%s'", accChopped); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { - sprintf(query, "select name from cds where id = '%d'", atoi(row[0])); + sqlSafef(query, sizeof query, "select name from cds where id = '%d'", atoi(row[0])); sqlFreeResult(&sr); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) genbankParseCds(row[0], &cdsStart, &cdsEnd); } sqlFreeResult(&sr); } /* Look up alignments in database */ hFindSplitTable(database, seqName, aliTable, table, &hasBin); -sprintf(query, "select * from %s where qName = '%s' and tName=\"%s\" and tStart=%d", +sqlSafef(query, sizeof query, "select * from %s where qName = '%s' and tName=\"%s\" and tStart=%d", table, acc, seqName, start); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Couldn't find alignment for %s at %d", acc, start); psl = pslLoad(row+hasBin); sqlFreeResult(&sr); /* get bz rna snapshot for blastz alignments */ if (sameString("mrnaBlastz", aliTable) || sameString("pseudoMrna", aliTable)) { struct sqlConnection *conn = hAllocConn(database); unsigned retId = 0; sprintf(accTmp,"bz-%s",acc); if (hRnaSeqAndIdx(accTmp, &rnaSeq, &retId, conn) == -1) rnaSeq = hRnaSeq(database, acc); hFreeConn(&conn); } else if (sameString("HInvGeneMrna", aliTable)) { /* get RNA accession for the gene id in the alignment */ - sprintf(query, "select mrnaAcc from HInv where geneId='%s'", acc); + sqlSafef(query, sizeof query, "select mrnaAcc from HInv where geneId='%s'", acc); rnaSeq = hRnaSeq(database, sqlQuickString(conn, query)); } else rnaSeq = hRnaSeq(database, acc); if (startsWith("xeno", aliTable)) showSomeAlignment(psl, rnaSeq, gftDnaX, 0, rnaSeq->size, NULL, cdsStart, cdsEnd); else showSomeAlignment(psl, rnaSeq, gftDna, 0, rnaSeq->size, NULL, cdsStart, cdsEnd); hFreeConn(&conn); } void htcCdnaAliInWindow(char *acc) /* Show part of alignment in browser window for accession. */ { @@ -6985,36 +6983,36 @@ /* Get some environment vars. */ aliTable = cartString(cart, "aliTable"); start = cartInt(cart, "o"); /* Print start of HTML. */ writeFramesetType(); puts("<HTML>"); printf("<HEAD>\n<TITLE>%s vs Genomic [%s]</TITLE>\n</HEAD>\n\n", accChopped, aliTable); /* Get cds start and stop, if available */ conn = hAllocConn(database); if (sqlTableExists(conn, "gbCdnaInfo")) { - safef(query, sizeof(query), "select cds from gbCdnaInfo where acc = '%s'", + sqlSafef(query, sizeof(query), "select cds from gbCdnaInfo where acc = '%s'", accChopped); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { - safef(query, sizeof(query), "select name from cds where id = '%d'", + sqlSafef(query, sizeof(query), "select name from cds where id = '%d'", atoi(row[0])); sqlFreeResult(&sr); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) genbankParseCds(row[0], &cdsStart, &cdsEnd); } sqlFreeResult(&sr); } if (startsWith("user", aliTable)) { char *pslName, *faName, *qName; struct lineFile *lf; bioSeq *oSeqList = NULL, *oSeq = NULL; struct psl *psl; @@ -7052,58 +7050,58 @@ oSeqList = faReadAllSeq(faName, !isProt); for (oSeq = oSeqList; oSeq != NULL; oSeq = oSeq->next) { if (sameString(oSeq->name, qName)) break; } if (oSeq == NULL) errAbort("%s is in %s but not in %s. Internal error.", qName, pslName, faName); wholePsl = psl; rnaSeq = oSeq; } else { /* Look up alignments in database */ hFindSplitTable(database, seqName, aliTable, table, &hasBin); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from %s where qName = '%s' and tName=\"%s\" and tStart=%d", table, acc, seqName, start); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Couldn't find alignment for %s at %d", acc, start); wholePsl = pslLoad(row+hasBin); sqlFreeResult(&sr); if (startsWith("ucscRetroAli", aliTable) || startsWith("retroMrnaAli", aliTable) || sameString("pseudoMrna", aliTable) || startsWith("altSeqLiftOverPsl", aliTable)) { rnaSeq = NULL; char *trackName = hGetTrackForTable(database, aliTable); struct trackDb *tdb = hashMustFindVal(trackHash, trackName); char *spec = trackDbRequiredSetting(tdb, BASE_COLOR_USE_SEQUENCE); char *specCopy = cloneString(spec); // value is: extFile seqTbl extFileTbl char *words[3]; int nwords = chopByWhite(specCopy, words, ArraySize(words)); if ((nwords != ArraySize(words)) || !sameString(words[0], "extFile")) errAbort("invalid %s track setting: %s", BASE_COLOR_USE_SEQUENCE, spec); rnaSeq = hDnaSeqGet(database, acc, words[1], words[2]); } else if (sameString("HInvGeneMrna", aliTable)) { /* get RNA accession for the gene id in the alignment */ - safef(query, sizeof(query), "select mrnaAcc from HInv where geneId='%s'", + sqlSafef(query, sizeof(query), "select mrnaAcc from HInv where geneId='%s'", acc); rnaSeq = hRnaSeq(database, sqlQuickString(conn, query)); } else rnaSeq = hRnaSeq(database, acc); } /* Get partial psl for part of alignment in browser window: */ if (wholePsl->tStart >= winStart && wholePsl->tEnd <= winEnd) partPsl = wholePsl; else partPsl = pslTrimToTargetRange(wholePsl, winStart, winEnd); if (startsWith("xeno", aliTable)) errAbort("htcCdnaAliInWindow does not support translated alignments."); else @@ -7279,59 +7277,59 @@ char fullTable[64]; boolean hasBin; char buffer[256]; int addp = 0; char *pred = NULL; /* Print start of HTML. */ writeFramesetType(); puts("<HTML>"); printf("<HEAD>\n<TITLE>Protein Sequence vs Genomic</TITLE>\n</HEAD>\n\n"); addp = cartUsualInt(cart, "addp",0); pred = cartUsualString(cart, "pred",NULL); start = cartInt(cart, "o"); hFindSplitTable(database, seqName, table, fullTable, &hasBin); -sprintf(query, "select * from %s where qName = '%s' and tName = '%s' and tStart=%d", +sqlSafef(query, sizeof query, "select * from %s where qName = '%s' and tName = '%s' and tStart=%d", fullTable, readName, seqName, start); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Couldn't find alignment for %s at %d", readName, start); psl = pslLoad(row+hasBin); sqlFreeResult(&sr); if ((addp == 1) || (pred != NULL)) { char *ptr; sprintf(buffer, "%s",readName); if (!(sameString(pred, "ce3.blastWBPep01") || sameString(pred, "ce9.blastSGPep01") || sameString(pred, "ce6.blastSGPep01") || sameString(pred, "ce4.blastSGPep01")) && (ptr = strchr(buffer, '.')) != NULL) { *ptr = 0; psl->qName = cloneString(buffer); *ptr++ = 'p'; *ptr = 0; } if (addp == 1) seq = hPepSeq(database, buffer); else { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select seq from %s where name = '%s'", pred, psl->qName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) seq = newDnaSeq(cloneString(row[0]), strlen(row[0]), psl->qName); else errAbort("Cannot find sequence for '%s' in %s",psl->qName, pred); sqlFreeResult(&sr); } } else seq = hPepSeq(database, readName); hFreeConn(&conn); showSomeAlignment(psl, seq, qt, 0, seq->size, NULL, 0, 0); } @@ -7342,31 +7340,31 @@ int start; struct sqlResult *sr; struct sqlConnection *conn = hAllocConn(database); struct dnaSeq *seq; char query[256], **row; char fullTable[64]; boolean hasBin; /* Print start of HTML. */ writeFramesetType(); puts("<HTML>"); printf("<HEAD>\n<TITLE>Sequence %s</TITLE>\n</HEAD>\n\n", readName); start = cartInt(cart, "o"); hFindSplitTable(database, seqName, table, fullTable, &hasBin); -sprintf(query, "select * from %s where qName = '%s' and tName = '%s' and tStart=%d", +sqlSafef(query, sizeof query, "select * from %s where qName = '%s' and tName = '%s' and tStart=%d", fullTable, readName, seqName, start); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Couldn't find alignment for %s at %d", readName, start); psl = pslLoad(row+hasBin); sqlFreeResult(&sr); hFreeConn(&conn); seq = hExtSeq(database, readName); showSomeAlignment(psl, seq, gftDnaX, 0, seq->size, NULL, 0, 0); } void writeMatches(FILE *f, char *a, char *b, int count) /* Write a | where a and b agree, a ' ' elsewhere. */ { int i; @@ -7379,31 +7377,31 @@ } } void fetchAndShowWaba(char *table, char *name) /* Fetch and display waba alignment. */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int start = cartInt(cart, "o"); struct wabAli *wa = NULL; int qOffset; char strand = '+'; -sprintf(query, "select * from %s where query = '%s' and chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from %s where query = '%s' and chrom = '%s' and chromStart = %d", table, name, seqName, start); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Sorry, couldn't find alignment of %s at %d of %s in database", name, start, seqName); wa = wabAliLoad(row); printf("<PRE><TT>"); qOffset = wa->qStart; if (wa->strand[0] == '-') { strand = '-'; qOffset = wa->qEnd; } xenShowAli(wa->qSym, wa->tSym, wa->hSym, wa->symCount, stdout, qOffset, wa->chromStart, strand, '+', 60); @@ -7438,31 +7436,31 @@ int offset = cartInt(cart, "o"); cartWebStart(cart, database, "Repeat"); if (offset >= 0) { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; struct rmskOut *ro; char query[256]; char table[64]; boolean hasBin; int start = cartInt(cart, "o"); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); - sprintf(query, "select * from %s where repName = '%s' and genoName = '%s' and genoStart = %d", + sqlSafef(query, sizeof query, "select * from %s where repName = '%s' and genoName = '%s' and genoStart = %d", table, repeat, seqName, start); sr = sqlGetResult(conn, query); if (sameString(tdb->table,"rmskNew")) printf("<H3>CENSOR Information</H3>\n"); else printf("<H3>RepeatMasker Information</H3>\n"); while ((row = sqlNextRow(sr)) != NULL) { ro = rmskOutLoad(row+hasBin); printf("<B>Name:</B> %s<BR>\n", ro->repName); printf("<B>Family:</B> %s<BR>\n", ro->repFamily); printf("<B>Class:</B> %s<BR>\n", ro->repClass); printf("<B>SW Score:</B> %d<BR>\n", ro->swScore); printf("<B>Divergence:</B> %3.1f%%<BR>\n", 0.1 * ro->milliDiv); printf("<B>Deletions:</B> %3.1f%%<BR>\n", 0.1 * ro->milliDel); @@ -7493,31 +7491,31 @@ } void doHgIsochore(struct trackDb *tdb, char *item) /* do click on isochore track. */ { cartWebStart(cart, database, "Isochore Info"); printf("<H2>Isochore Information</H2>\n"); if (cgiVarExists("o")) { struct isochores *iso; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int start = cartInt(cart, "o"); - sprintf(query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", + sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", tdb->table, item, seqName, start); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { iso = isochoresLoad(row); printf("<B>Type:</B> %s<BR>\n", iso->name); printf("<B>GC Content:</B> %3.1f%%<BR>\n", 0.1*iso->gcPpt); printf("<B>Chromosome:</B> %s<BR>\n", skipChr(iso->chrom)); printf("<B>Begin in chromosome:</B> %d<BR>\n", iso->chromStart); printf("<B>End in chromosome:</B> %d<BR>\n", iso->chromEnd); printf("<B>Size:</B> %d<BR>\n", iso->chromEnd - iso->chromStart); printf("<BR>\n"); isochoresFree(&iso); } hFreeConn(&conn); @@ -7527,31 +7525,31 @@ void doSimpleRepeat(struct trackDb *tdb, char *item) /* Print info on simple repeat. */ { cartWebStart(cart, database, "Simple Repeat Info"); printf("<H2>Simple Tandem Repeat Information</H2>\n"); if (cgiVarExists("o")) { struct simpleRepeat *rep; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int start = cartInt(cart, "o"); int rowOffset = hOffsetPastBin(database, seqName, tdb->table); - sprintf(query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", + sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", tdb->table, item, seqName, start); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { rep = simpleRepeatLoad(row+rowOffset); printf("<B>Period:</B> %d<BR>\n", rep->period); printf("<B>Copies:</B> %4.1f<BR>\n", rep->copyNum); printf("<B>Consensus size:</B> %d<BR>\n", rep->consensusSize); printf("<B>Match Percentage:</B> %d%%<BR>\n", rep->perMatch); printf("<B>Insert/Delete Percentage:</B> %d%%<BR>\n", rep->perIndel); printf("<B>Score:</B> %d<BR>\n", rep->score); printf("<B>Entropy:</B> %4.3f<BR>\n", rep->entropy); printf("<B>Sequence:</B> %s<BR>\n", rep->sequence); printPos(seqName, rep->chromStart, rep->chromEnd, NULL, TRUE, rep->name); @@ -7570,31 +7568,31 @@ void hgSoftPromoter(char *track, char *item) /* Print info on Softberry promoter. */ { cartWebStart(cart, database, "Softberry TSSW Promoter"); printf("<H2>Softberry TSSW Promoter Prediction %s</H2>", item); if (cgiVarExists("o")) { struct softPromoter *pro; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int start = cartInt(cart, "o"); int rowOffset = hOffsetPastBin(database, seqName, track); - sprintf(query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", + sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", track, item, seqName, start); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { pro = softPromoterLoad(row+rowOffset); bedPrintPos((struct bed *)pro, 3, NULL); printf("<B>Short Name:</B> %s<BR>\n", pro->name); printf("<B>Full Name:</B> %s<BR>\n", pro->origName); printf("<B>Type:</B> %s<BR>\n", pro->type); printf("<B>Score:</B> %f<BR>\n", pro->origScore); printf("<B>Block Info:</B> %s<BR>\n", pro->blockString); printf("<BR>\n"); htmlHorizontalLine(); printCappedSequence(pro->chromStart, pro->chromEnd, 100); softPromoterFree(&pro); @@ -7631,31 +7629,31 @@ { char *table = tdb->table; boolean isExt = hHasField(database, table, "obsExp"); cartWebStart(cart, database, "CpG Island Info"); printf("<H2>CpG Island Info</H2>\n"); if (cgiVarExists("o")) { struct cpgIsland *island; struct cpgIslandExt *islandExt = NULL; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int start = cartInt(cart, "o"); int rowOffset = hOffsetPastBin(database, seqName, table); - sprintf(query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", + sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, item, seqName, start); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { if (isExt) { islandExt = cpgIslandExtLoad(row+rowOffset); island = (struct cpgIsland *)islandExt; } else island = cpgIslandLoad(row+rowOffset); if (! startsWith("CpG: ", island->name)) printf("<B>Name:</B> %s<BR>\n", island->name); bedPrintPos((struct bed *)island, 3, tdb); printf("<B>Size:</B> %d<BR>\n", island->chromEnd - island->chromStart); @@ -7687,58 +7685,58 @@ struct sqlResult *sr; struct sqlConnection *conn = hAllocConn(database); char query[256], **row; int start; char *pslTable = cgiUsualString("pslTable", "illuminaProbesAlign"); char *seqTable = cgiUsualString("seqTable", "illuminaProbesSeq"); char *probeName = item; char *probeString; int rowOffset = hOffsetPastBin(database, seqName, pslTable); /* Print start of HTML. */ writeFramesetType(); puts("<HTML>"); printf("<HEAD>\n<TITLE>Sequence %s</TITLE>\n</HEAD>\n\n", probeName); start = cartInt(cart, "o"); /* get psl */ -safef(query, sizeof(query), "select * from %s where qName = '%s' and tName = '%s' and tStart=%d", +sqlSafef(query, sizeof(query), "select * from %s where qName = '%s' and tName = '%s' and tStart=%d", pslTable, probeName, seqName, start); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Couldn't find alignment for %s at %d", probeName, start); psl = pslLoad(row+rowOffset); sqlFreeResult(&sr); -safef(query, sizeof(query), "select seq from %s where id = '%s'", seqTable, probeName); +sqlSafef(query, sizeof(query), "select seq from %s where id = '%s'", seqTable, probeName); probeString = sqlNeedQuickString(conn, query); seq = newDnaSeq(probeString, strlen(probeString), probeName); hFreeConn(&conn); showSomeAlignment(psl, seq, gftDna, 0, seq->size, probeName, 0, 0); pslFree(&psl); freeDnaSeq(&seq); freeMem(probeString); } void doIlluminaProbes(struct trackDb *tdb, char *item) /* The details page of the Illumina Probes track. */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; int rowOffset = hOffsetPastBin(database, seqName, tdb->table); char query[256]; int start = cartInt(cart, "o"); genericHeader(tdb, item); -safef(query, sizeof(query), "select * from %s where name = '%s' and chromStart = '%d'", tdb->table, item, start); +sqlSafef(query, sizeof(query), "select * from %s where name = '%s' and chromStart = '%d'", tdb->table, item, start); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { struct bed *bed = bedLoad12(row+rowOffset); printf("<B>Probe ID:</B> %s<BR>\n", bed->name); printf("<B>Position:</B> " "<A HREF=\"%s&db=%s&position=%s%%3A%d-%d\">", hgTracksPathAndSettings(), database, bed->chrom, bed->chromStart+1, bed->chromEnd); printf("%s:%d-%d</A><BR>\n", bed->chrom, bed->chromStart+1, bed->chromEnd); printf("<B>Alignment Score:</B> %d<BR>\n", bed->score); if ((bed->itemRgb == 1) || (bed->itemRgb == 2)) /* The "show alignment" link. */ { char other[256]; char *pslTable = trackDbRequiredSetting(tdb, "pslTable"); @@ -7751,31 +7749,31 @@ } sqlFreeResult(&sr); hFreeConn(&conn); printTrackHtml(tdb); } void doSwitchDbTss(struct trackDb *tdb, char *item) /* Print SwitchDB TSS details. */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; int rowOffset = hOffsetPastBin(database, seqName, tdb->table); char query[256]; genericHeader(tdb, item); -safef(query, sizeof(query), "select * from %s where name = '%s'", tdb->table, item); +sqlSafef(query, sizeof(query), "select * from %s where name = '%s'", tdb->table, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { struct switchDbTss tss; switchDbTssStaticLoad(row+rowOffset, &tss); printPosOnChrom(tss.chrom, tss.chromStart, tss.chromEnd, tss.strand, FALSE, item); printf("<B>Gene Model:</B> %s<BR>\n", tss.gmName); printf("<B>Gene Model Position:</B> " "<A HREF=\"%s&db=%s&position=%s%%3A%d-%d\">", hgTracksPathAndSettings(), database, tss.chrom, tss.gmChromStart+1, tss.gmChromEnd); printf("%s:%d-%d</A><BR>\n", tss.chrom, tss.gmChromStart+1, tss.gmChromEnd); printf("<B>TSS Confidence Score:</B> %.1f<BR>\n", tss.confScore); printf("<B>Pseudogene TSS: </B>%s<BR>\n", (tss.isPseudo == 1) ? "Yes" : "No"); } else @@ -7841,31 +7839,31 @@ if (!startsWith("ctg", s)) return FALSE; e = strchr(name, '-'); if (e == NULL) return FALSE; return TRUE; } char *hugoToGenieName(char *hugoName, char *table) /* Covert from hugo to genie name. */ { struct sqlConnection *conn = hAllocConn(database); char query[256]; static char buf[256], *name; -sprintf(query, "select transId from %s where name = '%s'", table, hugoName); +sqlSafef(query, sizeof query, "select transId from %s where name = '%s'", table, hugoName); name = sqlQuickQuery(conn, query, buf, sizeof(buf)); hFreeConn(&conn); if (name == NULL) errAbort("Database inconsistency: couldn't find gene name %s in knownInfo", hugoName); return name; } void displayProteinPrediction(char *pepName, char *pepSeq) /* display a protein prediction. */ { printf("<PRE><TT>"); printf(">%s length=%d\n", pepName,(int)strlen(pepSeq)); printLines(stdout, pepSeq, 50); printf("</TT></PRE>"); @@ -7887,31 +7885,31 @@ displayProteinPrediction(pepName, seq->dna); dnaSeqFree(&seq); } } void htcTranslatedPredMRna(struct trackDb *tdb, char *geneName) /* Translate virtual mRNA defined by genePred to protein and display it. */ { struct sqlConnection *conn = hAllocConn(database); struct genePred *gp = NULL; char where[256]; char protName[256]; char *prot = NULL; cartHtmlStart("Protein Translation from Genome"); -safef(where, sizeof(where), "name = \"%s\"", geneName); +sqlSafefFrag(where, sizeof(where), "name = \"%s\"", geneName); gp = genePredReaderLoadQuery(conn, tdb->table, where); hFreeConn(&conn); if (gp == NULL) errAbort("%s not found in %s when translating to protein", geneName, tdb->table); else if (gp->cdsStart == gp->cdsEnd) errAbort("No CDS defined: no protein translation for %s", geneName); prot = getPredMRnaProtSeq(gp); safef(protName, sizeof(protName), "%s_prot", geneName); displayProteinPrediction(protName, prot); freez(&prot); genePredFree(&gp); } @@ -8051,31 +8049,31 @@ void htcGeneMrna(char *geneName) /* Display cDNA predicted from genome */ { char *table = cartString(cart, "o"); char query[512]; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; struct genePred *gp; struct dnaSeq *seq; int cdsStart, cdsEnd; int rowOffset = hOffsetPastBin(database, seqName, table); cartHtmlStart("Predicted mRNA from Genome"); -safef(query, sizeof(query), "select * from %s where name = \"%s\"", table, geneName); +sqlSafef(query, sizeof(query), "select * from %s where name = \"%s\"", table, geneName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { gp = genePredLoad(row+rowOffset); seq = getCdnaSeq(gp); getCdsInMrna(gp, &cdsStart, &cdsEnd); toUpperN(seq->dna + cdsStart, cdsEnd - cdsStart); if (gp->strand[0] == '-') { reverseComplement(seq->dna, seq->size); } printf("<PRE><TT>"); printf(">%s\n", geneName); faWriteNext(stdout, NULL, seq->dna, seq->size); printf("</TT></PRE>"); @@ -8358,42 +8356,42 @@ warn("Organism %s not found!", organism); fflush(stdout); return; } /* print URL that links to Ensembl transcript details */ if (archive != NULL) safef(ensUrl, sizeof(ensUrl), "http://%s.archive.ensembl.org/%s", archive, genomeStrEnsembl); else safef(ensUrl, sizeof(ensUrl), "http://www.ensembl.org/%s", genomeStrEnsembl); char query[512]; char *geneName = NULL; if (hTableExists(database, "ensemblToGeneName")) { - safef(query, sizeof(query), "select value from ensemblToGeneName where name='%s'", itemName); + sqlSafef(query, sizeof(query), "select value from ensemblToGeneName where name='%s'", itemName); geneName = sqlQuickString(conn, query); } char *ensemblSource = NULL; if (hTableExists(database, "ensemblSource")) { - safef(query, sizeof(query), "select source from ensemblSource where name='%s'", itemName); + sqlSafef(query, sizeof(query), "select source from ensemblSource where name='%s'", itemName); ensemblSource = sqlQuickString(conn, query); } boolean nonCoding = FALSE; -safef(query, sizeof(query), "name = \"%s\"", itemName); +sqlSafefFrag(query, sizeof(query), "name = \"%s\"", itemName); struct genePred *gpList = genePredReaderLoadQuery(conn, "ensGene", query); if (gpList && gpList->name2) { if (gpList->cdsStart == gpList->cdsEnd) nonCoding = TRUE; printf("<B>Ensembl Gene Link: </B>"); if (sameString(gpList->name2, "noXref")) printf("none<BR>\n"); else printf("<A HREF=\"%s/geneview?gene=%s\" " "target=_blank>%s</A><BR>", ensUrl, gpList->name2, gpList->name2); } genePredFreeList(&gpList); printf("<B>Ensembl Transcript: </B>"); @@ -8580,31 +8578,31 @@ /* print URL that links to Ensembl or Vega transcript details */ if (isEnsembl) { if (archive != NULL) safef(dbUrl, sizeof(dbUrl), "http://%s.archive.ensembl.org/%s", archive, genomeStrEnsembl); else safef(dbUrl, sizeof(dbUrl), "http://www.ensembl.org/%s", genomeStrEnsembl); } else if (isVega) safef(dbUrl, sizeof(dbUrl), "http://vega.sanger.ac.uk/%s", genomeStrEnsembl); boolean nonCoding = FALSE; char query[512]; -safef(query, sizeof(query), "name = \"%s\"", itemName); +sqlSafefFrag(query, sizeof(query), "name = \"%s\"", itemName); struct genePred *gpList = genePredReaderLoadQuery(conn, tdb->table, query); if (gpList && (gpList->cdsStart == gpList->cdsEnd)) nonCoding = TRUE; genePredFreeList(&gpList); /* get gene and protein IDs */ if ((isEnsembl && hasEnsGtp) || (isVega && hasVegaGtp)) { /* shortItemName removes version number but sometimes the ensGtp */ /* table has a transcript with version number so exact match not used */ safef(cond_str, sizeof(cond_str), "transcript like '%s%%'", shortItemName); geneID=sqlGetField(database, gtpTable,"gene",cond_str); safef(cond_str2, sizeof(cond_str2), "transcript like '%s%%'", shortItemName); proteinID=sqlGetField(database, gtpTable,"protein",cond_str2); } @@ -8639,31 +8637,31 @@ struct sqlConnection *conn = hAllocConn(database); char condStr[256]; char versionString[256]; char dateReference[256]; char headerTitle[512]; /* see if hgFixed.trackVersion exists */ boolean trackVersionExists = hTableExists("hgFixed", "trackVersion"); /* assume nothing found */ versionString[0] = 0; dateReference[0] = 0; if (trackVersionExists) { char query[256]; - safef(query, sizeof(query), "select version,dateReference from hgFixed.trackVersion where db = '%s' AND name = 'ensGene' order by updateTime DESC limit 1", database); + sqlSafef(query, sizeof(query), "select version,dateReference from hgFixed.trackVersion where db = '%s' AND name = 'ensGene' order by updateTime DESC limit 1", database); struct sqlResult *sr = sqlGetResult(conn, query); char **row; /* in case of NULL result from the table */ versionString[0] = 0; while ((row = sqlNextRow(sr)) != NULL) { safef(versionString, sizeof(versionString), "Ensembl %s", row[0]); safef(dateReference, sizeof(dateReference), "%s", row[1]); } sqlFreeResult(&sr); } @@ -8685,55 +8683,55 @@ if (differentWord("current", dateReference)) archive = cloneString(dateReference); } } printEnsemblCustomUrl(tdb, itemForUrl, item == itemForUrl, archive); sprintf(condStr, "name='%s'", item); /* if this is a non-coding gene track, then print the biotype and the external ID */ if (sameWord(tdb->table, "ensGeneNonCoding")) { struct sqlConnection *conn2 = hAllocConn(database); char query[256]; struct sqlResult *sr = NULL; char **row; - safef(query, sizeof(query), "select biotype, extGeneId from %s where %s", + sqlSafef(query, sizeof(query), "select biotype, extGeneId from %s where %s", tdb->table, condStr); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { printf("<B>Gene Type:</B> %s<BR>\n", row[0]); printf("<B>External Gene ID:</B> %s<BR>\n", row[1]); } sqlFreeResult(&sr); hFreeConn(&conn2); } else { /* print CCDS if this is not a non-coding gene */ printCcdsForSrcDb(conn, item); printf("<BR>\n"); } if (hTableExists(database, "ensInfo")) { struct sqlResult *sr; char query[256], **row; struct ensInfo *info = NULL; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from ensInfo where name = '%s'", item); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { info = ensInfoLoad(row); /* no need to print otherId field, this is the same as name 2 in the ensGene table and it is printed by showGenePos() */ /* convert the status to lower case */ tolowers(info->status); printf("<B>Ensembl Gene Type:</B> %s %s<BR>\n", info->status, info->class); printf("<B>Ensembl Gene:</B> %s<BR>\n", info->geneId); printf("<B>Ensembl Gene Description:</B> %s<BR>\n", info->geneDesc); ensInfoFree(&info); } @@ -8767,31 +8765,31 @@ /* Print Superfamily URL. */ { char *url = tdb->url; if (url != NULL && url[0] != 0) { char supfamURL[1024]; char *genomeStr; struct sqlConnection *conn = hAllocConn(database); char query[256]; struct sqlResult *sr; char **row; printf("The corresponding protein %s has the following Superfamily domain(s):", itemName); printf("<UL>\n"); - sprintf(query, + sqlSafef(query, sizeof query, "select description from sfDescription where proteinID='%s';", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); while (row != NULL) { printf("<li>%s", row[0]); row = sqlNextRow(sr); } sqlFreeResult(&sr); hFreeConn(&conn); printf("</UL>"); if (sameWord(organism, "human")) @@ -8831,53 +8829,53 @@ struct sqlConnection *conn = hAllocConn(database); char query[256]; struct sqlResult *sr; char **row; char *chrom, *chromStart, *chromEnd; char *transcript; if (itemForUrl == NULL) itemForUrl = item; genericHeader(tdb, item); printSuperfamilyCustomUrl(tdb, itemForUrl, item == itemForUrl); if (hTableExists(database, "ensGeneXref")) { - sprintf(query, "translation_name='%s'", item); + sqlSafef(query, sizeof query, "translation_name='%s'", item); transcript = sqlGetField(database, "ensGeneXref", "transcript_name", query); - sprintf(query, + sqlSafef(query, sizeof query, "select chrom, chromStart, chromEnd from superfamily where name='%s';", transcript); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { chrom = row[0]; chromStart = row[1]; chromEnd = row[2]; printf("<HR>"); printPosOnChrom(chrom, atoi(chromStart), atoi(chromEnd), NULL, TRUE, transcript); } sqlFreeResult(&sr); } if (hTableExists(database, "ensemblXref3")) { - sprintf(query, "protein='%s'", item); + sqlSafef(query, sizeof query, "protein='%s'", item); transcript = sqlGetField(database, "ensemblXref3", "transcript", query); - sprintf(query, + sqlSafef(query, sizeof query, "select chrom, chromStart, chromEnd from superfamily where name='%s';", transcript); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { chrom = row[0]; chromStart = row[1]; chromEnd = row[2]; printf("<HR>"); printPosOnChrom(chrom, atoi(chromStart), atoi(chromEnd), NULL, TRUE, transcript); } sqlFreeResult(&sr); } printTrackHtml(tdb); } @@ -8892,65 +8890,65 @@ char *chrom, *chromStart, *chromEnd; char *chp; char *omimId, *avSubFdId; char *avDescStartPos, *avDescLen; char *omimTitle = cloneString(""); char *geneSymbol = NULL; int iAvDescStartPos = 0; int iAvDescLen = 0; struct lineFile *lf; char *line; int lineSize; cartWebStart(cart, database, "%s (%s)", tdb->longLabel, avName); -safef(query, sizeof(query), "select * from omimAv where name = '%s'", avName); +sqlSafef(query, sizeof(query), "select * from omimAv where name = '%s'", avName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Couldn't find %s in omimAv table - database inconsistency.", avName); else { chrom = cloneString(row[1]); chromStart = cloneString(row[2]); chromEnd = cloneString(row[3]); } sqlFreeResult(&sr); omimId = strdup(avName); chp = strstr(omimId, "."); *chp = '\0'; chp++; avSubFdId = chp; -safef(query, sizeof(query), "select title, geneSymbol from hgFixed.omimTitle where omimId = %s", omimId); +sqlSafef(query, sizeof(query), "select title, geneSymbol from hgFixed.omimTitle where omimId = %s", omimId); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { omimTitle = cloneString(row[0]); geneSymbol = cloneString(row[1]); } sqlFreeResult(&sr); printf("<H4>OMIM <A HREF=\""); printEntrezOMIMUrl(stdout, atoi(omimId)); printf("\" TARGET=_blank>%s</A>: %s; %s</H4>\n", omimId, omimTitle, geneSymbol); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select startPos, length from omimSubField where omimId='%s' and subFieldId='%s' and fieldType='AV'", omimId, avSubFdId); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Couldn't find %s in omimSubField table - database inconsistency.", avName); else { avDescStartPos = cloneString(row[0]); avDescLen = cloneString(row[1]); iAvDescStartPos = atoi(avDescStartPos); iAvDescLen = atoi(avDescLen); } sqlFreeResult(&sr); lf = lineFileOpen("/gbdb/hg17/omim/omim.txt", TRUE); @@ -8980,61 +8978,61 @@ struct sqlConnection *conn = hAllocConn(database); char query[256]; struct sqlResult *sr; char **row; char *otherDb = trackDbSetting(tdb, "otherDb"); char *qtlOrg; if (sameString(tdb->table, "rgdQtl")) qtlOrg = organism; else if (isNotEmpty(otherDb)) qtlOrg = hOrganism(otherDb); else qtlOrg = ""; genericHeader(tdb, item); printf("<B>%s QTL %s: ", qtlOrg, item); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select description from %sLink where name='%s';", tdb->table, item); sr = sqlMustGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) printf("%s", row[0]); sqlFreeResult(&sr); printf("</B><BR>\n"); if (isNotEmpty(tdb->url)) { boolean gotId = FALSE; - safef(query, sizeof(query), "select id from %sLink where name='%s';", + sqlSafef(query, sizeof(query), "select id from %sLink where name='%s';", tdb->table, item); sr = sqlMustGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { char *qtlId = row[0]; printf(gotId ? ", \n\t" : "<B>RGD QTL Report:</B> "); printf("<B><A HREF=\"%s%s\" target=_blank>", tdb->url, qtlId); printf("RGD:%s</A></B>", qtlId); gotId = TRUE; } if (gotId) printf("\n<BR>\n"); sqlFreeResult(&sr); } int start=cartInt(cart, "o"), end=cartInt(cart, "t"); struct bed *selectedPos=NULL, *otherPosList=NULL, *bed=NULL; -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select chrom, chromStart, chromEnd from %s where name='%s' " "order by (chromEnd-chromStart);", tdb->table, item); sr = sqlMustGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { bed = bedLoad3(row); if (selectedPos == NULL && sameString(bed->chrom, seqName) && bed->chromStart == start && bed->chromEnd == end) selectedPos = bed; else slAddHead(&otherPosList, bed); } sqlFreeResult(&sr); if (selectedPos) @@ -9073,88 +9071,88 @@ if (url != NULL && url[0] != 0) { showCompleteGadList = FALSE; if (cgiOptionalString("showAllRef") != NULL) { if (sameWord(cgiOptionalString("showAllRef"), "Y") || sameWord(cgiOptionalString("showAllRef"), "y") ) { showCompleteGadList = TRUE; } } currentCgiUrl = cgiUrlString(); printf("<H3>Gene %s: ", itemName); - safef(query, sizeof(query), "select geneName from gadAll where geneSymbol='%s';", itemName); + sqlSafef(query, sizeof(query), "select geneName from gadAll where geneSymbol='%s';", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL)printf("%s", row[0]); printf("</H3>"); sqlFreeResult(&sr); printf("<B>Genetic Association Database: "); printf("<A HREF=\"%s'%s'\" target=_blank>", url, itemName); printf("%s</B></A>\n", itemName); printf("<BR><B>CDC HuGE Published Literature: "); printf("<A HREF=\"%s%s%s\" target=_blank>", "http://www.hugenavigator.net/HuGENavigator/searchSummary.do?firstQuery=", itemName, "&publitSearchType=now&whichContinue=firststart&check=n&dbType=publit&Mysubmit=go"); printf("%s</B></A>\n", itemName); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select distinct g.omimId, o.title from gadAll g, hgFixed.omimTitle o where g.geneSymbol='%s' and g.omimId <>'.' and g.omimId=o.omimId", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) printf("<BR><B>OMIM: </B>"); while (row != NULL) { printf("<A HREF=\"%s%s\" target=_blank>", "http://www.ncbi.nlm.nih.gov/omim/", row[0]); printf("%s</B></A> %s\n", row[0], row[1]); row = sqlNextRow(sr); } sqlFreeResult(&sr); /* List disease classes associated with the gene */ - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select distinct diseaseClass from gadAll where geneSymbol='%s' and association = 'Y' order by diseaseClass", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { diseaseClass = row[0]; printf("<BR><B>Disease Class: </B>"); printf("%s", diseaseClass); row = sqlNextRow(sr); } while (row != NULL) { diseaseClass = row[0]; printf(", %s", diseaseClass); row = sqlNextRow(sr); } sqlFreeResult(&sr); /* List diseases associated with the gene */ - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select distinct broadPhen from gadAll where geneSymbol='%s' and association = 'Y' order by broadPhen;", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { upperDisease = replaceChars(row[0], "'", "''"); touppers(upperDisease); printf("<BR><B>Positive Disease Associations: </B>"); printf("<A HREF=\"%s", "http://geneticassociationdb.nih.gov/cgi-bin/tableview.cgi?table=allview&cond=upper(DISEASE)%20like%20'%25"); printf("%s", cgiEncode(upperDisease)); @@ -9166,31 +9164,31 @@ } while (row != NULL) { upperDisease = replaceChars(row[0], "'", "''"); touppers(upperDisease); printf(", <A HREF=\"%s%s%s%s%s\" target=_blank>", "http://geneticassociationdb.nih.gov/cgi-bin/tableview.cgi?table=allview&cond=upper(DISEASE)%20like%20'%25", cgiEncode(upperDisease), "%25'%20AND%20upper(GENE)%20%20like%20'%25", itemName, "%25'"); printf("%s</B></A>\n", row[0]); row = sqlNextRow(sr); } sqlFreeResult(&sr); refPrinted = 0; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select broadPhen,reference,title,journal, pubMed, conclusion from gadAll where geneSymbol='%s' and association = 'Y' and title != '' order by broadPhen", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) printf("<BR><BR><B>Related Studies: </B><OL>"); while (row != NULL) { printf("<LI><B>%s </B>", row[0]); printf("<br>%s, %s, %s.\n", row[1], row[2], row[3]); if (!sameWord(row[4], "")) { printf(" [PubMed "); printf("<A HREF=\""); @@ -9202,31 +9200,31 @@ printf("</LI>\n"); refPrinted++; if ((!showCompleteGadList) && (refPrinted >= 5)) break; row = sqlNextRow(sr); } sqlFreeResult(&sr); printf("</OL>"); if ((!showCompleteGadList) && (row != NULL)) { printf("<B>   more ... </B>"); printf("<A HREF=\"%s?showAllRef=Y&%s\">click here to view the complete list</A> ", hgcName(), currentCgiUrl->string); } - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select chrom, chromStart, chromEnd from gad where name='%s';", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { chrom = row[0]; chromStart = row[1]; chromEnd = row[2]; printf("<HR>"); printPosOnChrom(chrom, atoi(chromStart), atoi(chromEnd), NULL, FALSE, itemName); } sqlFreeResult(&sr); hFreeConn(&conn); } } @@ -9254,31 +9252,31 @@ char *chp; char indent1[40] = {" "}; char indent2[40] = {""}; char *source, *cosmic_mutation_id, *gene_name, *accession_number; char *mut_description, *mut_syntax_cds, *mut_syntax_aa; char *chromosome, *grch37_start, *grch37_stop, *mut_nt; char *mut_aa, *tumour_site, *mutated_samples, *examined_samples, *mut_freq; char *url = tdb->url; char *chrom, *chromStart, *chromEnd; chrom = cartOptionalString(cart, "c"); chromStart = cartOptionalString(cart, "o"); chromEnd = cartOptionalString(cart, "t"); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select %s,%s from cosmicRaw where cosmic_mutation_id='%s'", "source,cosmic_mutation_id,gene_name,accession_number,mut_description,mut_syntax_cds,mut_syntax_aa", "chromosome,grch37_start,grch37_stop,mut_nt,mut_aa,tumour_site,mutated_samples,examined_samples,mut_freq", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { int ii; boolean multipleTumorSites; char *indentString; ii=0; @@ -9312,96 +9310,96 @@ printf("<B>COSMIC ID:</B> <A HREF=\"%s%s\" TARGET=_BLANK>%s</A> (details at COSMIC site)", url, chp, chp); // Embed URL to COSMIC site per COSMICT request. // printf("<BR><B>Source:</B> "); // printf("<A HREF=\"http://cancer.sanger.ac.uk/cancergenome/projects/cosmic/\" TARGET=_BLANK>%s</A>\n", source); printf("<BR><B>Gene Name:</B> %s\n", gene_name); printf("<BR><B>Accession Number:</B> %s\n", accession_number); printf("<BR><B>Genomic Position:</B> chr%s:%s-%s", chromosome, grch37_start, grch37_stop); printf("<BR><B>Mutation Description:</B> %s\n", mut_description); printf("<BR><B>Mutation Syntax CDS:</B> %s\n", mut_syntax_cds); printf("<BR><B>Mutation Syntax AA:</B> %s\n", mut_syntax_aa); printf("<BR><B>Mutation NT:</B> %s\n", mut_nt); printf("<BR><B>Mutation AA:</B> %s\n", mut_aa); - safef(query2, sizeof(query2), + sqlSafef(query2, sizeof(query2), "select count(tumour_site) from cosmicRaw where cosmic_mutation_id='%s'", itemName); sr2 = sqlMustGetResult(conn2, query2); row2 = sqlNextRow(sr2); if ((atoi(row2[0])) > 1) { multipleTumorSites = TRUE; indentString = indent1; } else { multipleTumorSites = FALSE; indentString = indent2; } sqlFreeResult(&sr2); - safef(query2, sizeof(query2), + sqlSafef(query2, sizeof(query2), "select %s from cosmicRaw where cosmic_mutation_id='%s' order by tumour_site", "tumour_site,mutated_samples,examined_samples,mut_freq ", itemName); sr2 = sqlMustGetResult(conn2, query2); row2 = sqlNextRow(sr2); while (row2 != NULL) { int ii; ii=0; tumour_site = row2[ii];ii++; mutated_samples = row2[ii];ii++; examined_samples = row2[ii];ii++; mut_freq = row2[ii];ii++; if (multipleTumorSites) printf("<BR>"); printf("<BR><B>%sTumor Site:</B> %s\n", indentString, tumour_site); printf("<BR><B>%sMutated Samples:</B> %s\n", indentString, mutated_samples); printf("<BR><B>%sExamined Samples:</B> %s\n", indentString, examined_samples); printf("<BR><B>%sMutation Frequency:</B> %s\n", indentString, mut_freq); row2 = sqlNextRow(sr2); } sqlFreeResult(&sr2); - safef(query2, sizeof(query2), + sqlSafef(query2, sizeof(query2), "select sum(mutated_samples) from cosmicRaw where cosmic_mutation_id='%s'", itemName); sr2 = sqlMustGetResult(conn2, query2); row2 = sqlNextRow(sr2); if (row2 != NULL) { printf("<BR><BR><B>Total Mutated Samples:</B> %s\n", row2[0]); //printf("<br>%s ", row2[0]); } sqlFreeResult(&sr2); - safef(query2, sizeof(query2), + sqlSafef(query2, sizeof(query2), "select sum(examined_samples) from cosmicRaw where cosmic_mutation_id='%s'", itemName); sr2 = sqlMustGetResult(conn2, query2); row2 = sqlNextRow(sr2); if (row2 != NULL) { printf("<BR><B>Total Examined Samples:</B> %s\n", row2[0]); } sqlFreeResult(&sr2); - safef(query2, sizeof(query2), + sqlSafef(query2, sizeof(query2), "select sum(mutated_samples)*100/sum(examined_samples) from cosmicRaw where cosmic_mutation_id='%s'", itemName); sr2 = sqlMustGetResult(conn2, query2); row2 = sqlNextRow(sr2); if (row2 != NULL) { char *chp; chp = strstr(row2[0], "."); if ((chp != NULL) && (strlen(chp) > 3)) { chp++; chp++; chp++; chp++; *chp = '\0'; @@ -9435,68 +9433,68 @@ char query[256]; struct sqlResult *sr; char **row; struct sqlConnection *conn2 = hAllocConn(database); char query2[256]; struct sqlResult *sr2; char **row2; char *strand={"+"}; int start = cartInt(cart, "o"); int end = cartInt(cart, "t"); char *chrom = cartString(cart, "c"); printf("<H3>Patient %s </H3>", itemName); /* print phenotypes */ -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select distinct phenotype from decipherRaw where id ='%s' order by phenotype", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if ((row != NULL) && strlen(row[0]) >= 1) { printf("<B>Phenotype: </B><UL>"); while (row != NULL) { printf("<LI>"); printf("%s\n", row[0]); row = sqlNextRow(sr); } printf("</UL>"); } sqlFreeResult(&sr); /* link to Ensembl DECIPHER Patient View page */ printf("<B>Patient View: </B>\n"); printf("More details on patient %s at ", itemName); printf("<A HREF=\"%s%s\" target=_blank>", "https://decipher.sanger.ac.uk/patient/", itemName); printf("DECIPHER</A>.<BR><BR>"); /* print position info */ printPosOnChrom(chrom, start, end, strand, TRUE, itemName); /* print UCSC Genes in the reported region */ -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select distinct t.name from knownCanonToDecipher t, kgXref x where value ='%s' and x.kgId=t.name order by geneSymbol", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { printf("<BR><B>UCSC Canonical Gene(s) in this genomic region: </B><UL>"); while (row != NULL) { - safef(query2, sizeof(query2), + sqlSafef(query2, sizeof(query2), "select geneSymbol, kgId, description from kgXref where kgId ='%s'", row[0]); sr2 = sqlMustGetResult(conn2, query2); row2 = sqlNextRow(sr2); if (row2 != NULL) { printf("<LI>"); printf("<A HREF=\"%s%s\" target=_blank>","./hgGene\?hgg_chrom=none&hgg_gene=", row2[1]); printf("%s (%s)</A> ", row2[0], row2[1]); printf(" %s", row2[2]); } sqlFreeResult(&sr2); row = sqlNextRow(sr); } sqlFreeResult(&sr); printf("</UL>"); @@ -9505,31 +9503,31 @@ hFreeConn(&conn2); } void doDecipher(struct trackDb *tdb, char *item, char *itemForUrl) /* Put up DECIPHER track info. */ { genericHeader(tdb, item); printDecipherDetails(tdb, item, FALSE); printTrackHtml(tdb); } char *gbCdnaGetDescription(struct sqlConnection *conn, char *acc) /* return mrna description, or NULL if not available. freeMem result */ { char query[128]; -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select description.name from gbCdnaInfo,description where (acc = '%s') and (gbCdnaInfo.description = description.id)", acc); char *desc = sqlQuickString(conn, query); if ((desc == NULL) || sameString(desc, "n/a") || (strlen(desc) == 0)) freez(&desc); return desc; } void printOmimGeneDetails(struct trackDb *tdb, char *itemName, boolean encode) /* Print details of an OMIM Gene entry. */ { struct sqlConnection *conn = hAllocConn(database); struct sqlConnection *conn2 = hAllocConn(database); char query[256]; struct sqlResult *sr; char **row; @@ -9537,158 +9535,158 @@ char *kgId= NULL; char *title1 = NULL; char *title2 = NULL; char *geneSymbols = NULL; char *chrom, *chromStart, *chromEnd; char *kgDescription = NULL; char *refSeq; chrom = cartOptionalString(cart, "c"); chromStart = cartOptionalString(cart, "o"); chromEnd = cartOptionalString(cart, "t"); if (url != NULL && url[0] != 0) { /* check if the entry is in morbidmap, if so remember the assoicated gene symbols */ - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select geneSymbols from omimMorbidMap where omimId=%s;", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { geneSymbols = cloneString(row[0]); } sqlFreeResult(&sr); /* get corresponding KG ID */ - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select k.transcript from knownCanonical k where k.chrom='%s' and k.chromStart=%s and k.chromEnd=%s", chrom, chromStart, chromEnd); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { kgId = cloneString(row[0]); } sqlFreeResult(&sr); /* use geneSymbols from omimMorbidMap if available */ if (geneSymbols!= NULL) { printf("<B>OMIM gene or syndrome:</B> %s", geneSymbols); printf("<BR>\n"); /* display disorder for genes in morbidmap */ - safef(query, sizeof(query), "select description from omimMorbidMap where omimId=%s;", + sqlSafef(query, sizeof(query), "select description from omimMorbidMap where omimId=%s;", itemName); sr = sqlMustGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { printf("<B>Disorder:</B> %s", row[0]); printf("<BR>\n"); } sqlFreeResult(&sr); } else { /* display gene symbol(s) from omimGenemap */ - safef(query, sizeof(query), "select geneSymbol from omimGeneMap where omimId=%s;", itemName); + sqlSafef(query, sizeof(query), "select geneSymbol from omimGeneMap where omimId=%s;", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { printf("<B>OMIM Gene Symbol:</B> %s", row[0]); printf("<BR>\n"); sqlFreeResult(&sr); } else { /* get gene symbol from kgXref if the entry is not in morbidmap and omim genemap */ - safef(query, sizeof(query), "select geneSymbol from kgXref where kgId='%s';", kgId); + sqlSafef(query, sizeof(query), "select geneSymbol from kgXref where kgId='%s';", kgId); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { printf("<B>UCSC Gene Symbol:</B> %s", row[0]); printf("<BR>\n"); } sqlFreeResult(&sr); } } printf("<B>OMIM Database "); printf("<A HREF=\"%s%s\" target=_blank>", url, itemName); printf("%s</A></B>", itemName); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select title1, title2 from omimGeneMap where omimId=%s;", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { if (row[0] != NULL) { title1 = cloneString(row[0]); printf(": %s", title1); } if (row[1] != NULL) { title2 = cloneString(row[1]); printf(" %s ", title2); } } sqlFreeResult(&sr); printf("<BR>\n"); if (kgId != NULL) { printf("<B>UCSC Canonical Gene "); printf("<A HREF=\"%s%s&hgg_chrom=none\" target=_blank>", "../cgi-bin/hgGene?hgg_gene=", kgId); printf("%s</A></B>: ", kgId); - safef(query, sizeof(query), "select refseq from kgXref where kgId='%s';", kgId); + sqlSafef(query, sizeof(query), "select refseq from kgXref where kgId='%s';", kgId); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { refSeq = strdup(row[0]); kgDescription = gbCdnaGetDescription(conn2, refSeq); } sqlFreeResult(&sr); hFreeConn(&conn2); if (kgDescription == NULL) { - safef(query, sizeof(query), "select description from kgXref where kgId='%s';", kgId); + sqlSafef(query, sizeof(query), "select description from kgXref where kgId='%s';", kgId); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { printf("%s", row[0]); } sqlFreeResult(&sr); } else { printf("%s", kgDescription); } printf("<BR>\n"); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select i.transcript from knownIsoforms i, knownCanonical c where c.transcript='%s' and i.clusterId=c.clusterId and i.transcript <>'%s'", kgId, kgId); sr = sqlMustGetResult(conn, query); if (sr != NULL) { int printedCnt; printedCnt = 0; while ((row = sqlNextRow(sr)) != NULL) { if (printedCnt < 1) printf("<B>Other UCSC Gene(s) in the same cluster: </B>"); else printf(", "); printf("<A HREF=\"%s%s&hgg_chrom=none\" target=_blank>", "../cgi-bin/hgGene?hgg_gene=", row[0]); @@ -9717,81 +9715,81 @@ char *url = tdb->url; char *title1 = NULL; char *title2 = NULL; char *geneSymbol = NULL; char *chrom, *chromStart, *chromEnd; chrom = cartOptionalString(cart, "c"); chromStart = cartOptionalString(cart, "o"); chromEnd = cartOptionalString(cart, "t"); if (url != NULL && url[0] != 0) { printf("<B>OMIM: "); printf("<A HREF=\"%s%s\" target=_blank>", url, itemName); printf("%s</A></B>", itemName); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select title1, title2 from omimGeneMap where omimId=%s;", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { if (row[0] != NULL) { title1 = cloneString(row[0]); printf(" %s", title1); } if (row[1] != NULL) { title2 = cloneString(row[1]); printf(" %s ", title2); } } else { printf("<BR>"); } sqlFreeResult(&sr); // disable NCBI link until they work it out with OMIM /* printf("<BR>\n"); printf("<B>OMIM page at NCBI: "); printf("<A HREF=\"%s%s\" target=_blank>", ncbiOmimUrl, itemName); printf("%s</A></B>", itemName); */ - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select geneSymbol from omimGeneMap where omimId=%s;", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { geneSymbol = cloneString(row[0]); } sqlFreeResult(&sr); if (geneSymbol!= NULL) { boolean disorderShown; char *phenotypeClass, *phenotypeId, *disorder; printf("<BR><B>Gene symbol(s):</B> %s", geneSymbol); printf("<BR>\n"); /* display disorder(s) */ - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select description, %s, phenotypeId from omimPhenotype where omimId=%s order by description", omimPhenotypeClassColName, itemName); sr = sqlMustGetResult(conn, query); disorderShown = FALSE; while ((row = sqlNextRow(sr)) != NULL) { if (!disorderShown) { printf("<B>Disorder(s):</B><UL>\n"); disorderShown = TRUE; } disorder = row[0]; phenotypeClass = row[1]; phenotypeId = row[2]; printf("<LI>%s", disorder); @@ -9807,91 +9805,91 @@ } else { // show phenotype class if available, even phenotypeId is not available if (!sameWord(phenotypeClass, "-1")) printf(" (%s)", phenotypeClass); } } printf("<BR>\n"); } if (disorderShown) printf("</UL>\n"); sqlFreeResult(&sr); } // show RefSeq Gene link(s) - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select distinct locusLinkId from refLink l, omim2gene g, refGene r where l.omimId=%s and g.geneId=l.locusLinkId and g.entryType='gene' and chrom='%s' and txStart = %s and txEnd= %s", itemName, chrom, chromStart, chromEnd); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { char *geneId; geneId = strdup(row[0]); sqlFreeResult(&sr); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select distinct l.mrnaAcc from refLink l where locusLinkId = '%s' order by mrnaAcc asc", geneId); sr = sqlMustGetResult(conn, query); if (sr != NULL) { int printedCnt; printedCnt = 0; while ((row = sqlNextRow(sr)) != NULL) { if (printedCnt < 1) printf("<B>RefSeq Gene(s): </B>"); else printf(", "); printf("<A HREF=\"%s%s&o=%s&t=%s\">", "../cgi-bin/hgc?g=refGene&i=", row[0], chromStart, chromEnd); printf("%s</A></B>", row[0]); printedCnt++; } if (printedCnt >= 1) printf("<BR>\n"); } sqlFreeResult(&sr); } // show Related UCSC Gene links - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select distinct kgId from kgXref x, refLink l, omim2gene g where x.refseq = mrnaAcc and l.omimId=%s and g.omimId=l.omimId and g.entryType='gene'", itemName); sr = sqlMustGetResult(conn, query); if (sr != NULL) { int printedCnt; printedCnt = 0; while ((row = sqlNextRow(sr)) != NULL) { if (printedCnt < 1) printf("<B>Related UCSC Gene(s): </B>"); else printf(", "); printf("<A HREF=\"%s%s&hgg_chrom=none\">", "../cgi-bin/hgGene?hgg_gene=", row[0]); printf("%s</A></B>", row[0]); printedCnt++; } if (printedCnt >= 1) printf("<BR>\n"); } sqlFreeResult(&sr); // show GeneReviews link(s) - if (sqlTablesExist(conn, "geneReviewsRefGene")) + if (sqlTableExists(conn, "geneReviewsRefGene")) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select distinct r.name2 from refLink l, omim2gene g, refGene r where l.omimId=%s and g.geneId=l.locusLinkId and g.entryType='gene' and chrom='%s' and txStart = %s and txEnd= %s", itemName, chrom, chromStart, chromEnd); sr = sqlMustGetResult(conn, query); if (sr != NULL) { while ((row = sqlNextRow(sr)) != NULL) { prGRShortRefGene(row[0]); } } sqlFreeResult(&sr); } } @@ -9916,186 +9914,186 @@ char *kgDescription = NULL; char *refSeq; char *omimId; chrom = cartOptionalString(cart, "c"); chromStart = cartOptionalString(cart, "o"); chromEnd = cartOptionalString(cart, "t"); omimId = itemName; if (url != NULL && url[0] != 0) { printf("<B>OMIM: "); printf("<A HREF=\"%s%s\" target=_blank>", url, itemName); printf("%s</A></B>", itemName); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select title1, title2 from omimGeneMap where omimId=%s;", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { if (row[0] != NULL) { title1 = cloneString(row[0]); printf(": %s", title1); } if (row[1] != NULL) { title2 = cloneString(row[1]); printf(" %s ", title2); } } sqlFreeResult(&sr); printf("<BR>"); // disable NCBI link until they work it out with OMIM /* printf("<B>OMIM page at NCBI: "); printf("<A HREF=\"%s%s\" target=_blank>", ncbiOmimUrl, itemName); printf("%s</A></B><BR>", itemName); */ printf("<B>Location: </B>"); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select location from omimGeneMap where omimId=%s;", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { if (row[0] != NULL) { char *locStr; locStr= cloneString(row[0]); printf("%s\n", locStr); } } sqlFreeResult(&sr); printf("<BR>\n"); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select geneSymbol from omimGeneMap where omimId=%s;", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { geneSymbol = cloneString(row[0]); } sqlFreeResult(&sr); - safef(query, sizeof(query),"select omimId from omimPhenotype where omimId=%s\n", omimId); + sqlSafef(query, sizeof(query),"select omimId from omimPhenotype where omimId=%s\n", omimId); if (sqlQuickNum(conn, query) > 0) { char *phenotypeClass, *phenotypeId, *disorder; printf("<B>Gene symbol(s):</B> %s", geneSymbol); printf("<BR>\n"); /* display disorder for genes in morbidmap */ - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select description, %s, phenotypeId from omimPhenotype where omimId=%s order by description", omimPhenotypeClassColName, itemName); sr = sqlMustGetResult(conn, query); printf("<B>Disorder(s):</B><UL>\n"); while ((row = sqlNextRow(sr)) != NULL) { disorder = row[0]; phenotypeClass = row[1]; phenotypeId = row[2]; printf("<LI>%s", disorder); if (phenotypeId != NULL) { if (!sameWord(phenotypeId, "-1")) { printf(" (phenotype <A HREF=\"%s%s\" target=_blank>", url, phenotypeId); printf("%s</A></B>)", phenotypeId); } if (!sameWord(phenotypeClass, "-1")) { printf(" (%s)", phenotypeClass); } } printf("<BR>\n"); } printf("</UL>\n"); sqlFreeResult(&sr); } else { /* display gene symbol(s) from omimGenemap */ - safef(query, sizeof(query), "select geneSymbol from omimGeneMap where omimId=%s;", itemName); + sqlSafef(query, sizeof(query), "select geneSymbol from omimGeneMap where omimId=%s;", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { printf("<B>OMIM Gene Symbol:</B> %s", row[0]); printf("<BR>\n"); sqlFreeResult(&sr); } else { /* get gene symbol from kgXref if the entry is not in morbidmap and omim genemap */ - safef(query, sizeof(query), "select geneSymbol from kgXref where kgId='%s';", kgId); + sqlSafef(query, sizeof(query), "select geneSymbol from kgXref where kgId='%s';", kgId); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { printf("<B>UCSC Gene Symbol:</B> %s", row[0]); printf("<BR>\n"); } sqlFreeResult(&sr); } } if (kgId != NULL) { printf("<B>UCSC Canonical Gene "); printf("<A HREF=\"%s%s&hgg_chrom=none\" target=_blank>", "../cgi-bin/hgGene?hgg_gene=", kgId); printf("%s</A></B>: ", kgId); - safef(query, sizeof(query), "select refseq from kgXref where kgId='%s';", kgId); + sqlSafef(query, sizeof(query), "select refseq from kgXref where kgId='%s';", kgId); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { refSeq = strdup(row[0]); kgDescription = gbCdnaGetDescription(conn2, refSeq); } sqlFreeResult(&sr); hFreeConn(&conn2); if (kgDescription == NULL) { - safef(query, sizeof(query), "select description from kgXref where kgId='%s';", kgId); + sqlSafef(query, sizeof(query), "select description from kgXref where kgId='%s';", kgId); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { printf("%s", row[0]); } sqlFreeResult(&sr); } else { printf("%s", kgDescription); } printf("<BR>\n"); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select i.transcript from knownIsoforms i, knownCanonical c where c.transcript='%s' and i.clusterId=c.clusterId and i.transcript <>'%s'", kgId, kgId); sr = sqlMustGetResult(conn, query); if (sr != NULL) { int printedCnt; printedCnt = 0; while ((row = sqlNextRow(sr)) != NULL) { if (printedCnt < 1) printf("<B>Other UCSC Gene(s) in the same cluster: </B>"); else printf(", "); printf("<A HREF=\"%s%s&hgg_chrom=none\" target=_blank>", "../cgi-bin/hgGene?hgg_gene=", row[0]); @@ -10148,31 +10146,31 @@ chp = strstr(avId, "-"); if (chp != NULL) *chp = '\0'; safef(avString, sizeof(avString), "%s", itemName); chp = strstr(itemName, "."); *chp = '\0'; omimId = strdup(itemName); chp = avString; chp = strstr(avString, "."); *chp = '#'; if (url != NULL && url[0] != 0) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select title1, title2, format(seqNo/10000,4), v.description" " from omimGeneMap m, omimAv v" " where m.omimId=%s and m.omimId=v.omimId and v.avId='%s';", itemName, avId); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { seqId = strdup(row[2]); if (row[0] != NULL) { title1 = cloneString(row[0]); } if (row[1] != NULL) { @@ -10189,54 +10187,54 @@ printf("<BR><B>OMIM: "); printf("<A HREF=\"%s%s\" target=_blank>", url, itemName); printf("%s</A></B>", itemName); if (title1 != NULL) printf(": %s", title1); if (title2 != NULL) printf(" %s ", title2); // disable NCBI link until they work it out with OMIM /* printf("<BR>\n"); printf("<B>OMIM page at NCBI: "); printf("<A HREF=\"%s%s\" target=_blank>", ncbiOmimUrl, itemName); printf("%s</A></B><BR>", itemName); */ - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select replStr from omimAvRepl where avId=%s;", avId); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { if (row[0] != NULL) { char *replStr; char *chp; replStr= cloneString(row[0]); // just take the first AA replacement if there are multiple chp = strstr(replStr, ","); if (chp != NULL) *chp = '\0'; printf("<BR><B>Amino Acid Replacement:</B> %s\n", replStr); } } sqlFreeResult(&sr); dbSnpId = cloneString("-"); printf("<BR>\n"); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select dbSnpId from omimAvRepl where avId='%s'", avId); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { dbSnpId = cloneString(row[0]); } sqlFreeResult(&sr); if (!sameWord(dbSnpId, "-")) { printf("<B>dbSNP:</B> \n"); if (sameWord(database, "hg18")) { @@ -10282,44 +10280,44 @@ void printRgdSslpCustomUrl(struct trackDb *tdb, char *itemName, boolean encode) /* Print RGD QTL URL. */ { char *url = tdb->url; char *sslpId; char *chrom, *chromStart, *chromEnd; if (url != NULL && url[0] != 0) { struct sqlConnection *conn = hAllocConn(database); char query[256]; struct sqlResult *sr; char **row; - safef(query, sizeof(query), "select id from rgdSslpLink where name='%s';", itemName); + sqlSafef(query, sizeof(query), "select id from rgdSslpLink where name='%s';", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { sslpId = row[0]; printf("<H2>Rat SSLP: %s</H2>", itemName); printf("<B>RGD SSLP Report: "); printf("<A HREF=\"%s%s\" target=_blank>", url, sslpId); printf("RGD:%s</B></A>\n", sslpId); } sqlFreeResult(&sr); - sprintf(query, "select chrom, chromStart, chromEnd from rgdSslp where name='%s';", itemName); + sqlSafef(query, sizeof query, "select chrom, chromStart, chromEnd from rgdSslp where name='%s';", itemName); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { chrom = row[0]; chromStart = row[1]; chromEnd = row[2]; printf("<HR>"); printPosOnChrom(chrom, atoi(chromStart), atoi(chromEnd), NULL, FALSE, itemName); } sqlFreeResult(&sr); hFreeConn(&conn); } } @@ -10427,58 +10425,58 @@ struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; char *sqlRnaName = rnaName; struct refLink *rl; char *rgdId; int start = cartInt(cart, "o"); /* Make sure to escape single quotes for DB parseability */ if (strchr(rnaName, '\'')) sqlRnaName = replaceChars(rnaName, "'", "''"); cartWebStart(cart, database, "%s", tdb->longLabel); -safef(query, sizeof(query), "select * from refLink where mrnaAcc = '%s'", sqlRnaName); +sqlSafef(query, sizeof(query), "select * from refLink where mrnaAcc = '%s'", sqlRnaName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Couldn't find %s in refLink table - this accession may no longer be available.", rnaName); rl = refLinkLoad(row); sqlFreeResult(&sr); printf("<H2>Gene %s</H2>\n", rl->name); -safef(query, sizeof(query), "select id from rgdGeneLink where refSeq = '%s'", sqlRnaName); +sqlSafef(query, sizeof(query), "select id from rgdGeneLink where refSeq = '%s'", sqlRnaName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Couldn't find %s in rgdGeneLink table - database inconsistency.", rnaName); rgdId = cloneString(row[0]); sqlFreeResult(&sr); printf("<B>RGD Gene Report: </B> <A HREF=\""); printf("%s%s", tdb->url, rgdId); printf("\" TARGET=_blank>RGD:%s</A><BR>", rgdId); printf("<B>NCBI RefSeq: </B> <A HREF=\""); printEntrezNucleotideUrl(stdout, rl->mrnaAcc); printf("\" TARGET=_blank>%s</A>", rl->mrnaAcc); /* If refSeqStatus is available, report it: */ if (hTableExists(database, "refSeqStatus")) { - safef(query, sizeof(query), "select status from refSeqStatus where mrnaAcc = '%s'", + sqlSafef(query, sizeof(query), "select status from refSeqStatus where mrnaAcc = '%s'", sqlRnaName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { printf(" Status: <B>%s</B>", row[0]); } sqlFreeResult(&sr); } puts("<BR>"); if (rl->omimId != 0) { printf("<B>OMIM:</B> <A HREF=\""); printEntrezOMIMUrl(stdout, rl->omimId); printf("\" TARGET=_blank>%d</A><BR>\n", rl->omimId); @@ -10529,99 +10527,99 @@ sqlRnaName = replaceChars(rgdGeneId, "'", "''"); cartWebStart(cart, database, "%s", tdb->longLabel); chp = strstr(rgdGeneId, ":"); if (chp != NULL) { chp++; rgdId = strdup(chp); } else { errAbort("Couldn't find %s.", rgdGeneId); } -safef(query, sizeof(query), "select GeneID, Name, note from rgdGeneXref where rgdGeneId = '%s'", rgdGeneId); +sqlSafef(query, sizeof(query), "select GeneID, Name, note from rgdGeneXref where rgdGeneId = '%s'", rgdGeneId); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Couldn't find %s in rgdGeneXref table - database inconsistency.", rgdGeneId); GeneID = cloneString(row[0]); Name = cloneString(row[1]); note = cloneString(row[2]); sqlFreeResult(&sr); printf("<H2>Gene %s</H2>\n", Name); printf("<B>RGD Gene Report: </B> <A HREF=\""); printf("%s%s", tdb->url, rgdId); printf("\" TARGET=_blank>RGD:%s</A>", rgdId); printf("<BR><B>GeneID: </B> %s ", GeneID); printf("<BR><B>Gene Name: </B> %s ", Name); printf("<BR><B>Note: </B> %s ", note); -safef(query, sizeof(query), "select extAC from rgdGeneXref2 where rgdGeneId = '%s' and extDB='IMAGE'", rgdGeneId); +sqlSafef(query, sizeof(query), "select extAC from rgdGeneXref2 where rgdGeneId = '%s' and extDB='IMAGE'", rgdGeneId); sr = sqlGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { char *image; image = cloneString(row[0]); printf("<BR><B>IMAGE Clone: </B>"); printf("<A HREF=\""); printf("%s%s", "http://www.imageconsortium.org/IQ/bin/singleCloneQuery?clone_id=", image); printf("\" TARGET=_blank> %s</A>", image); row = sqlNextRow(sr); while (row != NULL) { image = cloneString(row[0]); printf(", <A HREF=\""); printf("%s%s", "http://www.imageconsortium.org/IQ/bin/singleCloneQuery?clone_id=", image); printf("\" TARGET=_blank>%s</A>", image); row = sqlNextRow(sr); } } sqlFreeResult(&sr); -safef(query, sizeof(query), "select extAC from rgdGeneXref2 where rgdGeneId = '%s' and extDB='MGC'", rgdGeneId); +sqlSafef(query, sizeof(query), "select extAC from rgdGeneXref2 where rgdGeneId = '%s' and extDB='MGC'", rgdGeneId); sr = sqlGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { char *mgc; mgc = cloneString(row[0]); printf("<BR><B>MGC: </B>"); printf("<A HREF=\""); printf("%s%s", "http://mgc.nci.nih.gov/Genes/CloneList?ORG=Rn&LIST=", mgc); printf("\" TARGET=_blank> %s</A>", mgc); row = sqlNextRow(sr); while (row != NULL) { mgc = cloneString(row[0]); printf(", <A HREF=\""); printf("%s%s", "http://mgc.nci.nih.gov/Genes/CloneList?ORG=Rn&LIST=", mgc); printf("\" TARGET=_blank>%s</A>", mgc); row = sqlNextRow(sr); } } sqlFreeResult(&sr); htmlHorizontalLine(); printf("<H3>RGD Pathway(s)</H3>\n"); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select p.rgdPathwayId, p.name from rgdGenePathway g, rgdPathway p where g.rgdGeneId = '%s' and g.rgdPathwayId=p.rgdPathwayId", rgdGeneId); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Couldn't find %s in rgdGenePathway table - database inconsistency.", rgdGeneId); printf("<UL>"); while (row != NULL) { rgdPathwayId = cloneString(row[0]); rgdPathwayName = cloneString(row[1]); printf("<LI><B>%s</B><BR>", rgdPathwayName); row = sqlNextRow(sr); } sqlFreeResult(&sr); printf("</UL>"); printf("<A HREF=\""); @@ -10641,54 +10639,54 @@ { {"Unknown", "completeness unknown"}, {"Complete5End", "5' complete"}, {"Complete3End", "3' complete"}, {"FullLength", "full length"}, {"IncompleteBothEnds", "5' and 3' incomplete"}, {"Incomplete5End", "5' incomplete"}, {"Incomplete3End", "3' incomplete"}, {"Partial", "partial"}, {NULL, NULL} }; if (sqlTableExists(conn, "refSeqSummary")) { char query[256], buf[64], *cmpl; int i; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select completeness from refSeqSummary where mrnaAcc = '%s'", acc); cmpl = sqlQuickQuery(conn, query, buf, sizeof(buf)); if (cmpl != NULL) { for (i = 0; cmplMap[i][0] != NULL; i++) { if (sameString(cmpl, cmplMap[i][0])) return cmplMap[i][1]; } } } return NULL; } char *getRefSeqSummary(struct sqlConnection *conn, char *acc) /* RefSeq summary or NULL if not available; free result */ { char * summary = NULL; if (sqlTableExists(conn, "refSeqSummary")) { char query[256]; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select summary from refSeqSummary where mrnaAcc = '%s'", acc); summary = sqlQuickString(conn, query); } return summary; } char *geneExtraImage(char *geneFileBase) /* check if there is a geneExtra image for the specified gene, if so return * the relative URL in a static buffer, or NULL if it doesn't exist */ { static char *imgExt[] = {"png", "gif", "jpg", NULL}; static char path[256]; int i; for (i = 0; imgExt[i] != NULL; i++) @@ -10725,42 +10723,42 @@ { FILE *fh = mustOpen(textPath, "r"); printf("<td valign=\"center\">"); copyOpenFile(fh, stdout); fclose(fh); } } int gbCdnaGetVersion(struct sqlConnection *conn, char *acc) /* return mrna/est version, or 0 if not available */ { int ver = 0; if (hHasField(database, "gbCdnaInfo", "version")) { char query[128]; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select version from gbCdnaInfo where acc = '%s'", acc); ver = sqlQuickNum(conn, query); } return ver; } static void prRefGeneXenoInfo(struct sqlConnection *conn, struct refLink *rl) /* print xeno refseq info, including linking to the browser, if any */ { char query[256]; -safef(query, sizeof(query), "select organism.name from gbCdnaInfo,organism " +sqlSafef(query, sizeof(query), "select organism.name from gbCdnaInfo,organism " "where (gbCdnaInfo.acc = '%s') and (organism.id = gbCdnaInfo.organism)", rl->mrnaAcc); char *org = sqlQuickString(conn, query); if (org == NULL) org = cloneString("unknown"); printf("<B>Organism:</B> %s<BR>", org); char *xenoDb = hDbForSciName(org); if ((xenoDb != NULL) && hDbIsActive(xenoDb) && hTableExists(xenoDb, "refSeqAli")) { printf("<B>UCSC browser: </B> \n"); linkToOtherBrowserSearch(xenoDb, rl->mrnaAcc); printf("%s on %s (%s)</B> \n", rl->mrnaAcc, hOrganism(xenoDb), xenoDb); printf("</A><BR>"); } freeMem(org); @@ -10784,31 +10782,31 @@ else printf("<H2>Non-%s RefSeq Gene %s</H2>\n", organism, rl->name); } else printf("<H2>RefSeq Gene %s</H2>\n", rl->name); printf("<B>RefSeq:</B> <A HREF=\""); printEntrezNucleotideUrl(stdout, rl->mrnaAcc); if (ver > 0) printf("\" TARGET=_blank>%s.%d</A>", rl->mrnaAcc, ver); else printf("\" TARGET=_blank>%s</A>", rl->mrnaAcc); /* If refSeqStatus is available, report it: */ if (hTableExists(database, "refSeqStatus")) { - safef(query, sizeof(query), "select status from refSeqStatus where mrnaAcc = '%s'", + sqlSafef(query, sizeof(query), "select status from refSeqStatus where mrnaAcc = '%s'", sqlRnaName); char *stat = sqlQuickString(conn, query); if (stat != NULL) printf(" <B>Status: </B>%s", stat); } puts("<BR>"); char *desc = gbCdnaGetDescription(conn, rl->mrnaAcc); if (desc != NULL) { printf("<B>Description:</B> "); htmlTextOut(desc); printf("<BR>\n"); } if (isXeno) @@ -10825,31 +10823,31 @@ { printf("<B>OMIM:</B> <A HREF=\""); printEntrezOMIMUrl(stdout, rl->omimId); printf("\" TARGET=_blank>%d</A><BR>\n", rl->omimId); } if (rl->locusLinkId != 0) { printf("<B>Entrez Gene:</B> "); printf("<A HREF=\"http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?db=gene&cmd=Retrieve&dopt=Graphics&list_uids=%d\" TARGET=_blank>", rl->locusLinkId); printf("%d</A><BR>\n", rl->locusLinkId); if ( (strstr(database, "mm") != NULL) && hTableExists(database, "MGIid")) { char *mgiID; - safef(query, sizeof(query), "select MGIid from MGIid where LLid = '%d';", + sqlSafef(query, sizeof(query), "select MGIid from MGIid where LLid = '%d';", rl->locusLinkId); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { printf("<B>Mouse Genome Informatics:</B> "); mgiID = cloneString(row[0]); printf("<A HREF=\"http://www.informatics.jax.org/searches/accession_report.cgi?id=%s\" TARGET=_BLANK>%s</A><BR>\n",mgiID, mgiID); } else { /* per Carol Bult from Jackson Lab 4/12/02, JAX do not always agree * with Locuslink on seq to gene association. * Thus, not finding a MGIid even if a LocusLink ID @@ -10886,31 +10884,31 @@ medlineProductLinkedLine("PubMed on Product", rl->product); } printf("\n"); printGeneCards(rl->name); } if (hTableExists(database, "jaxOrtholog")) { struct jaxOrtholog jo; char * sqlRlName = rl->name; /* Make sure to escape single quotes for DB parseability */ if (strchr(rl->name, '\'')) { sqlRlName = replaceChars(rl->name, "'", "''"); } - safef(query, sizeof(query), "select * from jaxOrtholog where humanSymbol='%s'", sqlRlName); + sqlSafef(query, sizeof(query), "select * from jaxOrtholog where humanSymbol='%s'", sqlRlName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { jaxOrthologStaticLoad(row, &jo); printf("<B>MGI Mouse Ortholog:</B> "); printf("<A HREF=\"http://www.informatics.jax.org/searches/accession_report.cgi?id=%s\" target=_BLANK>", jo.mgiId); printf("%s</A><BR>\n", jo.mouseSymbol); } sqlFreeResult(&sr); } if (startsWith("hg", database)) { printf("\n"); printf("<B>AceView:</B> "); printf("<A HREF = \"http://www.ncbi.nlm.nih.gov/IEB/Research/Acembly/av.cgi?db=human&l=%s\" TARGET=_blank>", @@ -10962,31 +10960,31 @@ { printf("<B>OMIM:</B> <A HREF=\""); printEntrezOMIMUrl(stdout, rl->omimId); printf("\" TARGET=_blank>%d</A><BR>\n", rl->omimId); } if (rl->locusLinkId != 0) { printf("<B>Entrez Gene:</B> "); printf("<A HREF=\"http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?db=gene&cmd=Retrieve&dopt=Graphics&list_uids=%d\" TARGET=_blank>", rl->locusLinkId); printf("%d</A><BR>\n", rl->locusLinkId); if ( (strstr(database, "mm") != NULL) && hTableExists(database, "MGIid")) { char *mgiID; - safef(query, sizeof(query), "select MGIid from MGIid where LLid = '%d';", + sqlSafef(query, sizeof(query), "select MGIid from MGIid where LLid = '%d';", rl->locusLinkId); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { printf("<B>Mouse Genome Informatics:</B> "); mgiID = cloneString(row[0]); printf("<A HREF=\"http://www.informatics.jax.org/searches/accession_report.cgi?id=%s\" TARGET=_BLANK>%s</A><BR>\n",mgiID, mgiID); } else { /* per Carol Bult from Jackson Lab 4/12/02, JAX do not always agree * with Locuslink on seq to gene association. * Thus, not finding a MGIid even if a LocusLink ID @@ -11009,31 +11007,31 @@ char *summary = NULL; struct refLink rlR; struct refLink *rl; int start = cartInt(cart, "o"); int left = cartInt(cart, "l"); int right = cartInt(cart, "r"); char *chrom = cartString(cart, "c"); /* Make sure to escape single quotes for DB parseability */ if (strchr(rnaName, '\'')) { sqlRnaName = replaceChars(rnaName, "'", "''"); } /* get refLink entry */ if (strstr(rnaName, "NM_") != NULL) { - safef(query, sizeof(query), "select * from refLink where mrnaAcc = '%s'", sqlRnaName); + sqlSafef(query, sizeof(query), "select * from refLink where mrnaAcc = '%s'", sqlRnaName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Couldn't find %s in refLink table - this accession may no longer be available.", rnaName); rl = refLinkLoad(row); sqlFreeResult(&sr); } else { rlR.name = strdup(kgId); rlR.mrnaAcc = strdup(kgId); rlR.locusLinkId = 0; rl = &rlR; } @@ -11100,31 +11098,31 @@ char *sqlRnaName = rnaName; char *summary = NULL; boolean isXeno = sameString(tdb->table, "xenoRefGene"); struct refLink *rl; int start = cartInt(cart, "o"); int left = cartInt(cart, "l"); int right = cartInt(cart, "r"); char *chrom = cartString(cart, "c"); /* Make sure to escape single quotes for DB parseability */ if (strchr(rnaName, '\'')) { sqlRnaName = replaceChars(rnaName, "'", "''"); } /* get refLink entry */ -safef(query, sizeof(query), "select * from refLink where mrnaAcc = '%s'", sqlRnaName); +sqlSafef(query, sizeof(query), "select * from refLink where mrnaAcc = '%s'", sqlRnaName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) == NULL) errAbort("Couldn't find %s in refLink table - this accession may no longer be available.", rnaName); rl = refLinkLoad(row); sqlFreeResult(&sr); /* print the first section with info */ if (isXeno) cartWebStart(cart, database, "Non-%s RefSeq Gene", organism); else cartWebStart(cart, database, "RefSeq Gene"); printf("<table border=0>\n<tr>\n"); prRefGeneInfo(conn, rnaName, sqlRnaName, rl, isXeno); addGeneExtra(rl->name); /* adds columns if extra info is available */ @@ -11162,49 +11160,49 @@ palInfo->rnaName = rnaName; } geneShowPosAndLinksPal(rl->mrnaAcc, rl->protAcc, tdb, "refPep", "htcTranslatedProtein", "htcRefMrna", "htcGeneInGenome", "mRNA Sequence",palInfo); printTrackHtml(tdb); hFreeConn(&conn); } char *kgIdToSpId(struct sqlConnection *conn, char* kgId) /* get the swissprot id for a known genes id; resulting string should be * freed */ { char query[64]; -safef(query, sizeof(query), "select spID from kgXref where kgID='%s'", kgId); +sqlSafef(query, sizeof(query), "select spID from kgXref where kgID='%s'", kgId); return sqlNeedQuickString(conn, query); } void doHInvGenes(struct trackDb *tdb, char *item) /* Process click on H-Invitational genes track. */ { struct sqlConnection *conn = hAllocConn(database); char query[256]; struct sqlResult *sr; char **row; int start = cartInt(cart, "o"); struct psl *pslList = NULL; struct HInv *hinv; /* Print non-sequence info. */ genericHeader(tdb, item); -safef(query, sizeof(query), "select * from HInv where geneId = '%s'", item); +sqlSafef(query, sizeof(query), "select * from HInv where geneId = '%s'", item); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { hinv = HInvLoad(row); if (hinv != NULL) { printf("<B> Gene ID: </B> <A HREF=\"http://www.jbirc.jbic.or.jp/hinv/soup/pub_Detail.pl?acc_id=%s\" TARGET=_blank> %s <BR></A>", hinv->mrnaAcc, hinv->geneId ); printf("<B> Cluster ID: </B> <A HREF=\"http://www.jbirc.jbic.or.jp/hinv/soup/pub_Locus.pl?locus_id=%s\" TARGET=_blank> %s <BR></A>", hinv->clusterId, hinv->clusterId ); printf("<B> cDNA Accession: </B> <A HREF=\"http://getentry.ddbj.nig.ac.jp/cgi-bin/get_entry.pl?%s\" TARGET=_blank> %s <BR></A>", hinv->mrnaAcc, hinv->mrnaAcc ); } } htmlHorizontalLine(); @@ -11281,31 +11279,31 @@ /* printf("%s.t2k.undertaker-align.pdb\">%s</A><BR>\n", itemName,itemName); */ printf("%s\">%s</A><BR>\n", predFN,itemName); gotPDBFile = 1; } } if (!gotPDBFile) { printf("No high confidence level structure prediction available for this sequence."); printf("<BR>\n"); } printf("<B>3D Structure of Close Homologs:</B> "); homologCount = 0; strcpy(goodSCOPdomain, "dummy"); conn2= hAllocConn(database); -safef(query2, sizeof(query2), +sqlSafef(query2, sizeof(query2), "select homologID,eValue,SCOPdomain,chain from sc1.protHomolog where proteinID='%s' and evalue <= 0.01;", itemName); sr2 = sqlMustGetResult(conn2, query2); row2 = sqlNextRow(sr2); if (row2 != NULL) { while (row2 != NULL) { homologID = row2[0]; sscanf(row2[1], "%e", &eValue); SCOPdomain = row2[2]; chp = SCOPdomain+strlen(SCOPdomain)-1; while (*chp != '.') chp--; *chp = '\0'; chain = row2[3]; @@ -11348,91 +11346,93 @@ } void showHomologies(char *geneName, char *table) /* Show homology info. */ { struct sqlConnection *conn = hAllocConn(database); char query[256]; struct sqlResult *sr; char **row; boolean isFirst = TRUE, gotAny = FALSE; char *gi; struct softberryHom hom; if (sqlTableExists(conn, table)) { - safef(query, sizeof(query), "select * from %s where name = '%s'", table, geneName); + sqlSafef(query, sizeof(query), "select * from %s where name = '%s'", table, geneName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { softberryHomStaticLoad(row, &hom); if ((gi = getGi(hom.giString)) == NULL) continue; if (isFirst) { htmlHorizontalLine(); printf("<H3>Protein Homologies:</H3>\n"); isFirst = FALSE; gotAny = TRUE; } printf("<A HREF=\""); - safef(query, sizeof(query), "%s", gi); - printEntrezProteinUrl(stdout, query); + char temp[256]; + safef(temp, sizeof(temp), "%s", gi); + printEntrezProteinUrl(stdout, temp); printf("\" TARGET=_blank>%s</A> %s<BR>", hom.giString, hom.description); } } if (gotAny) htmlHorizontalLine(); hFreeConn(&conn); } void showPseudoHomologies(char *geneName, char *table) /* Show homology info. */ { struct sqlConnection *conn = hAllocConn(database); char query[256]; struct sqlResult *sr; char **row; boolean isFirst = TRUE, gotAny = FALSE; struct borkPseudoHom hom; char *parts[10]; int partCount; char *clone; if (sqlTableExists(conn, table)) { - safef(query, sizeof(query), "select * from %s where name = '%s'", table, geneName); + sqlSafef(query, sizeof(query), "select * from %s where name = '%s'", table, geneName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { borkPseudoHomStaticLoad(row, &hom); /* if ((gi = getGi(hom.giString)) == NULL) * continue; */ if (isFirst) { htmlHorizontalLine(); printf("<H3>Aligning Protein :</H3>\n"); isFirst = FALSE; gotAny = TRUE; } clone = cloneStringZ(hom.protRef,80); partCount = chopString(hom.protRef, "_", parts, ArraySize(parts)); if (partCount > 1) { printf("<A HREF="); - safef(query, sizeof(query), "%s", parts[1]); - printSwissProtProteinUrl(stdout, query); + char temp[256]; + safef(temp, sizeof(temp), "%s", parts[1]); + printSwissProtProteinUrl(stdout, temp); printf(" TARGET=_blank>Jump to SwissProt %s </A> " ,geneName); } printf(" %s <BR><BR>Alignment Information:<BR><BR>%s<BR>", clone, hom.description); } } if (gotAny) htmlHorizontalLine(); hFreeConn(&conn); } void pseudoPrintPosHeader(struct bed *bed) /* print header of pseudogene record */ { printf("<p>"); printf("<B>%s PseudoGene:</B> %s:%d-%d %d bp<BR>\n", hOrganism(database), bed->chrom, bed->chromStart, bed->chromEnd, bed->chromEnd-bed->chromStart); @@ -11496,31 +11496,31 @@ printf("<A TARGET=\"_blank\" "); printf("HREF=\"../cgi-bin/hgGene?%s&%s=%s&%s=%s&%s=%s&%s=%d&%s=%d\" ", cartSidUrlString(cart), "db", database, "hgg_gene", pg->kgName, "hgg_chrom", pg->gChrom, "hgg_start", pg->kStart, "hgg_end", pg->kEnd); printf(">%s</A> ",pg->kgName); linkToOtherBrowserExtra(database, pg->gChrom, pg->kStart, pg->kEnd, "knownGene=pack"); printf("%s:%d-%d \n", pg->gChrom, pg->kStart, pg->kEnd); printf("</A></LI>"); if (hTableExists(database, "knownGene")) { char *description; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select proteinId from knownGene where name = '%s'", pg->kgName); description = sqlQuickString(conn, query); if (description != NULL) { printf("<LI><B>SwissProt ID: </B> " ); printf("<A TARGET=\"_blank\" HREF="); printSwissProtProteinUrl(stdout, description); printf(">%s</A>",description); freez(&description); printf("</LI>" ); } } } else { @@ -11534,31 +11534,31 @@ { printf("<LI><B>%s Gene:</B> %s \n", mgcDbName(), pg->mgc); linkToOtherBrowserExtra(database, pg->gChrom, pg->mStart, pg->mEnd, "mgcGenes=pack"); printf("%s:%d-%d \n", pg->gChrom, pg->mStart, pg->mEnd); printf("</A></LI>"); } printf("</ul>"); /* display pfam domains */ printf("<p>"); pdb = hPdbFromGdb(database); safef(pfamDesc, 128, "%s.pfamDesc", pdb); if (hTableExists(database, "knownToPfam") && hTableExists(database, pfamDesc)) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select description from knownToPfam kp, %s p where pfamAC = value and kp.name = '%s'", pfamDesc, pg->kgName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { char *description = row[0]; if (description == NULL) description = cloneString("n/a"); printf("<B>Pfam Domain:</B> %s <p>", description); } sqlFreeResult(&sr); } if (hTableExists(database, "all_mrna")) { @@ -11588,41 +11588,41 @@ // hgcAnchorJalview(pg->name, faTn.forCgi); // printf("JalView alignment of parent gene to retroGene</a>\n"); // } #endif /* NOT_USED */ if (pslList != NULL) { printAlignments(pslList, pslList->tStart, "htcCdnaAli", "all_mrna", \ pg->name); htmlHorizontalLine(); safef(chainTable_chrom,sizeof(chainTable_chrom), "%s_chainSelf",\ pg->chrom); if (hTableExists(database, chainTable_chrom) ) { /* lookup chain */ - dyStringPrintf(dy, + sqlDyStringPrintf(dy, "select id, score, qStart, qEnd, qStrand, qSize from %s_%s where ", pg->chrom, chainTable); hAddBinToQuery(pg->chromStart, pg->chromEnd, dy); if (sameString(pg->gStrand,pg->strand)) - dyStringPrintf(dy, + sqlDyStringPrintf(dy, "tEnd > %d and tStart < %d and qName = '%s' and qEnd > %d and qStart < %d and qStrand = '+' ", pg->chromStart, pg->chromEnd, pg->gChrom, pg->gStart, pg->gEnd); else { - dyStringPrintf(dy,"tEnd > %d and tStart < %d and qName = '%s' and qEnd > %d " + sqlDyStringPrintf(dy,"tEnd > %d and tStart < %d and qName = '%s' and qEnd > %d " "and qStart < %d and qStrand = '-'", pg->chromStart, pg->chromEnd, pg->gChrom, hChromSize(database, pg->gChrom)-(pg->gEnd), hChromSize(database, pg->gChrom)-(pg->gStart)); } dyStringAppend(dy, " order by qStart"); sr = sqlGetResult(conn, dy->string); while ((row = sqlNextRow(sr)) != NULL) { int chainId, score; unsigned int qStart, qEnd, qSize; char qStrand; if (first == 0) { printf("<H4>Gene/PseudoGene Alignment (multiple records are a result of breaks in the human Self Chaining)</H4>\n"); @@ -11694,31 +11694,31 @@ } if (hTableExists(database, alignTable) ) { pslList = loadPslRangeT(alignTable, acc, chrom, winStart, winEnd); } else errAbort("Table %s not found.\n",alignTable); slSort(&pslList, pslCmpScoreDesc); /* print header */ genericHeader(tdb, acc); /* Print non-sequence info. */ cartWebStart(cart, database, "%s", acc); -safef(where, sizeof(where), "name = '%s'", acc); +sqlSafefFrag(where, sizeof(where), "name = '%s'", acc); sr = hRangeQuery(conn, tableName, chrom, start, end, where, &rowOffset); while ((row = sqlNextRow(sr)) != NULL) { pg = pseudoGeneLinkLoad(row+rowOffset); if (pg != NULL) { pseudoPrintPos(pslList, pg, alignTable, start, acc); } } printTrackHtml(tdb); sqlFreeResult(&sr); hFreeConn(&conn); } @@ -11745,72 +11745,73 @@ void doEncodePseudoPred(struct trackDb *tdb, char *geneName) { char query[256], *headerItem, *name2 = NULL; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; int start = cartInt(cart, "o"); headerItem = cloneString(geneName); genericHeader(tdb, headerItem); printCustomUrl(tdb, geneName, FALSE); if ((sameString(tdb->table, "encodePseudogeneConsensus")) || (sameString(tdb->table, "encodePseudogeneYale"))) { - safef(query, sizeof(query), "select name2 from %s where name = '%s'", tdb->table, geneName); + sqlSafef(query, sizeof(query), "select name2 from %s where name = '%s'", tdb->table, geneName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { name2 = cloneString(row[0]); } printOtherCustomUrl(tdb, name2, "url2", TRUE); } genericGenePredClick(conn, tdb, geneName, start, NULL, NULL); printTrackHtml(tdb); hFreeConn(&conn); } void showOrthology(char *geneName, char *table, struct sqlConnection *connMm) /* Show mouse Orthlogous info. */ { char query[256]; struct sqlResult *sr; char **row; boolean isFirst = TRUE, gotAny = FALSE; char *gi; struct softberryHom hom; if (sqlTableExists(connMm, table)) { - safef(query, sizeof(query), "select * from %s where name = '%s'", table, geneName); + sqlSafef(query, sizeof(query), "select * from %s where name = '%s'", table, geneName); sr = sqlGetResult(connMm, query); while ((row = sqlNextRow(sr)) != NULL) { softberryHomStaticLoad(row, &hom); if ((gi = getGi(hom.giString)) == NULL) continue; if (isFirst) { htmlHorizontalLine(); printf("<H3>Protein Homologies:</H3>\n"); isFirst = FALSE; gotAny = TRUE; } printf("<A HREF=\""); - safef(query, sizeof(query), "%s[gi]", gi); + char temp[256]; + safef(temp, sizeof(temp), "%s[gi]", gi); printEntrezProteinUrl(stdout, query); printf("\" TARGET=_blank>%s</A> %s<BR>", hom.giString, hom.description); } } if (gotAny) htmlHorizontalLine(); sqlFreeResult(&sr); } void doMouseOrtho(struct trackDb *tdb, char *geneName) /* Handle click on MouseOrtho gene track. */ { struct sqlConnection *connMm = sqlConnect(mousedb); genericHeader(tdb, geneName); showOrthology(geneName, "softberryHom",connMm); @@ -11819,31 +11820,31 @@ printTrackHtml(tdb); sqlDisconnect(&connMm); } void showSangerExtra(char *geneName, char *extraTable) /* Show info from sanger22extra table if it exists. */ { if (hTableExists(database, extraTable)) { struct sanger22extra se; char query[256]; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; - safef(query, sizeof(query), "select * from %s where name = '%s'", extraTable, geneName); + sqlSafef(query, sizeof(query), "select * from %s where name = '%s'", extraTable, geneName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { sanger22extraStaticLoad(row, &se); printf("<B>Name:</B> %s<BR>\n", se.name); if (!sameString(se.name, se.locus)) printf("<B>Locus:</B> %s<BR>\n", se.locus); printf("<B>Description:</B> %s<BR>\n", se.description); printf("<B>Gene type:</B> %s<BR>\n", se.geneType); if (se.cdsType[0] != 0 && !sameString(se.geneType, se.cdsType)) printf("<B>CDS type:</B> %s<BR>\n", se.cdsType); } sqlFreeResult(&sr); hFreeConn(&conn); } @@ -11865,31 +11866,31 @@ struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char *dupe, *words[16]; char **row; int wordCount; int rowOffset; int start = cartInt(cart, "o"); int end = cartInt(cart, "t"); genericHeader(tdb,trnaName); dupe = cloneString(tdb->type); wordCount = chopLine(dupe, words); rowOffset = hOffsetPastBin(database, seqName, tdb->table); -safef(query, ArraySize(query), +sqlSafef(query, ArraySize(query), "select * from %s where name = '%s' and chromStart=%d and chromEnd=%d", tdb->table, trnaName, start, end); sr = sqlGetResult(conn, query); /* use TABLE to align image with other info side by side */ printf("<TABLE>"); while ((row = sqlNextRow(sr)) != NULL) { char imgFileName[512]; char encodedName[255]; char *chp1, *chp2; int i, len; printf("<TR>"); printf("<TD valign=top>"); @@ -11968,61 +11969,61 @@ } void doVegaGeneZfish(struct trackDb *tdb, char *name) /* Handle click on Vega gene track for zebrafish. */ { struct vegaInfoZfish *vif = NULL; char query[256]; struct sqlResult *sr; char **row; genericHeader(tdb, name); if (hTableExists(database, "vegaInfoZfish")) { struct sqlConnection *conn = hAllocConn(database); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from vegaInfoZfish where transcriptId = '%s'", name); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { AllocVar(vif); vegaInfoZfishStaticLoad(row, vif); } sqlFreeResult(&sr); hFreeConn(&conn); } printCustomUrl(tdb, name, TRUE); if (vif != NULL) { /* change confidence to lower case and display with method for gene type */ tolowers(vif->confidence); printf("<B>VEGA Gene Type:</B> %s %s<BR>\n", vif->confidence, vif->method); printf("<B>VEGA Gene Name:</B> %s<BR>\n", vif->sangerName); if (differentString(vif->geneDesc, "NULL")) printf("<B>VEGA Gene Description:</B> %s<BR>\n", vif->geneDesc); printf("<B>VEGA Gene Id:</B> %s<BR>\n", vif->geneId); printf("<B>VEGA Transcript Id:</B> %s<BR>\n", name); printf("<B>ZFIN Id:</B> "); printf("<A HREF=\"http://zfin.org/cgi-bin/webdriver?MIval=aa-markerview.apg&OID=%s\" TARGET=_blank>%s</A><BR>\n", vif->zfinId, vif->zfinId); printf("<B>Official ZFIN Gene Symbol:</B> %s<BR>\n", vif->zfinSymbol); /* get information for the cloneId from */ printf("<B>Clone Id:</B> \n"); struct sqlConnection *conn2 = hAllocConn(database); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select cloneId from vegaToCloneId where transcriptId = '%s'", name); sr = sqlGetResult(conn2, query); if ((row = sqlNextRow(sr)) != NULL) printf("%s", row[0]); while ((row = sqlNextRow(sr)) != NULL) { printf(" ,%s ", row[0]); } printf("<BR>\n"); sqlFreeResult(&sr); hFreeConn(&conn2); } geneShowCommon(name, tdb, "vegaPep"); printTrackHtml(tdb); } @@ -12033,31 +12034,31 @@ struct vegaInfo *vi = NULL; char versionString[256]; char dateReference[256]; char headerTitle[512]; /* see if hgFixed.trackVersion exists */ boolean trackVersionExists = hTableExists("hgFixed", "trackVersion"); /* assume nothing found */ versionString[0] = 0; dateReference[0] = 0; if (trackVersionExists) { char query[256]; struct sqlConnection *conn = hAllocConn(database); - safef(query, sizeof(query), "select version,dateReference from hgFixed.trackVersion where db = '%s' AND name = 'vegaGene' order by updateTime DESC limit 1", database); + sqlSafef(query, sizeof(query), "select version,dateReference from hgFixed.trackVersion where db = '%s' AND name = 'vegaGene' order by updateTime DESC limit 1", database); struct sqlResult *sr = sqlGetResult(conn, query); char **row; /* in case of NULL result from the table */ versionString[0] = 0; while ((row = sqlNextRow(sr)) != NULL) { safef(versionString, sizeof(versionString), "Vega %s", row[0]); safef(dateReference, sizeof(dateReference), "%s", row[1]); } sqlFreeResult(&sr); hFreeConn(&conn); } @@ -12067,31 +12068,31 @@ if (versionString[0]) safef(headerTitle, sizeof(headerTitle), "%s - %s", item, versionString); else safef(headerTitle, sizeof(headerTitle), "%s", item); genericHeader(tdb, headerTitle); if (hTableExists(database, "vegaInfo")) { char query[256]; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from vegaInfo where transcriptId = '%s'", item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { AllocVar(vi); vegaInfoStaticLoad(row, vi); } sqlFreeResult(&sr); hFreeConn(&conn); } /* No archive for Vega */ char *archive = NULL; printEnsemblOrVegaCustomUrl(tdb, itemForUrl, item == itemForUrl, archive); if (vi != NULL) @@ -12118,40 +12119,40 @@ char infoTable[128]; char pepTable[128]; char query[512]; if (ptr != NULL) *ptr = 0; safef(infoTable, sizeof(infoTable), "%sInfo", geneTable); genericHeader(tdb, geneName); if (hTableExists(database, infoTable)) { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from %s where bdgpName = \"%s\";", infoTable, truncName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { bgi = bdgpGeneInfoLoad(row); if (hTableExists(database, "flyBaseSwissProt")) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from flyBaseSwissProt where flyBaseId = \"%s\"", bgi->flyBaseId); sqlFreeResult(&sr); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) fbsp = flyBaseSwissProtLoad(row); } } sqlFreeResult(&sr); hFreeConn(&conn); } if (bgi != NULL) { if (!sameString(bgi->symbol, geneName)) { @@ -12179,31 +12180,31 @@ { struct sqlConnection *goConn = sqlMayConnect("go"); char *goTerm = NULL; char *words[10]; char buf[512]; int wordCount = chopCommas(bgi->go, words); int i; puts("<B>Gene Ontology terms from BDGP:</B> <BR>"); for (i=0; i < wordCount && words[i][0] != 0; i++) { if (i > 0 && sameWord(words[i], words[i-1])) continue; goTerm = ""; if (goConn != NULL) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select name from term where acc = 'GO:%s';", words[i]); goTerm = sqlQuickQuery(goConn, query, buf, sizeof(buf)); if (goTerm == NULL) goTerm = ""; } printf(" GO:%s: %s<BR>\n", words[i], goTerm); } sqlDisconnect(&goConn); } if (bgi->cytorange != NULL && bgi->cytorange[0] != 0) { printf("<B>Cytorange:</B> %s<BR>", bgi->cytorange); } @@ -12256,31 +12257,31 @@ { struct bed *bed = NULL; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char **row = NULL; char query[256]; char table[64]; boolean hasBin = FALSE; int n = atoi(tdb->type + 4); int start = cgiInt("o"); if (n < 3) n = 3; if (n > maxN) n = maxN; hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and chromStart = %d " "and name = '%s'", table, seqName, start, name); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { bed = bedLoadN(row+hasBin, n); bedPrintPos(bed, n, tdb); } sqlFreeResult(&sr); hFreeConn(&conn); return bed; } void printFBLinkLine(char *label, char *id) @@ -12294,39 +12295,39 @@ } } void showFlyBase2004Xref(char *xrefTable, char *geneName) /* Show FlyBase gene info provided as of late 2004 * (D. mel. v4.0 / D. pseud. 1.0). Assumes xrefTable exists * and matches flyBase2004Xref.sql! */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; struct flyBase2004Xref *xref = NULL; struct flyBaseSwissProt *fbsp = NULL; char query[512]; -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where name = \"%s\";", xrefTable, geneName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { xref = flyBase2004XrefLoad(row); if (hTableExists(database, "flyBaseSwissProt") && isNotEmpty(xref->fbgn)) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from flyBaseSwissProt where flyBaseId = \"%s\"", xref->fbgn); sqlFreeResult(&sr); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) fbsp = flyBaseSwissProtLoad(row); } } sqlFreeResult(&sr); hFreeConn(&conn); if (xref != NULL) { if (isNotEmpty(xref->symbol) && !sameString(xref->symbol, geneName)) { printf("<B>Gene symbol:</B> %s<BR>\n", xref->symbol); @@ -12413,60 +12414,60 @@ struct bgiGeneInfo *bgi = NULL; char *geneTable = tdb->table; char infoTable[128]; char pepTable[128]; char query[512]; safef(infoTable, sizeof(infoTable), "%sInfo", geneTable); genericHeader(tdb, geneName); if (hTableExists(database, infoTable)) { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from %s where name = \"%s\";", infoTable, geneName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) bgi = bgiGeneInfoLoad(row); sqlFreeResult(&sr); hFreeConn(&conn); } printCustomUrl(tdb, geneName, FALSE); showGenePos(geneName, tdb); if (bgi != NULL) { printf("<B>Annotation source:</B> %s<BR>\n", bgi->source); if (bgi->go != NULL && bgi->go[0] != 0 && !sameString(bgi->go, "None")) { struct sqlConnection *goConn = sqlMayConnect("go"); char *goTerm = NULL; char *words[16]; char buf[512]; int wordCount = chopCommas(bgi->go, words); int i; puts("<B>Gene Ontology terms from BGI:</B> <BR>"); for (i=0; i < wordCount && words[i][0] != 0; i++) { if (i > 0 && sameWord(words[i], words[i-1])) continue; goTerm = ""; if (goConn != NULL) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select name from term where acc = 'GO:%s';", words[i]); goTerm = sqlQuickQuery(goConn, query, buf, sizeof(buf)); if (goTerm == NULL) goTerm = ""; } printf(" GO:%s: %s<BR>\n", words[i], goTerm); } sqlDisconnect(&goConn); } if (bgi->ipr != NULL && bgi->ipr[0] != 0 && !sameString(bgi->ipr, "None")) { char *words[16]; int wordCount = chopByChar(bgi->ipr, ';', words, ArraySize(words)); @@ -12476,43 +12477,43 @@ { printf(" %s<BR>\n", words[i]); } } if (hTableExists(database, "bgiGeneSnp") && hTableExists(database, "bgiSnp")) { struct sqlConnection *conn = hAllocConn(database); struct sqlConnection *conn2 = hAllocConn(database); struct sqlResult *sr; struct sqlResult *sr2; struct bgiSnp snp; struct bgiGeneSnp gs; char **row; int rowOffset = hOffsetPastBin(database, seqName, "bgiSnp"); boolean init = FALSE; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from bgiGeneSnp where geneName = '%s'", geneName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { if (! init) { printf("<B>BGI SNPs associated with gene %s:</B> <BR>\n", geneName); init = TRUE; } bgiGeneSnpStaticLoad(row, &gs); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from bgiSnp where name = '%s'", gs.snpName); sr2 = sqlGetResult(conn2, query); if ((row = sqlNextRow(sr2)) != NULL) { bgiSnpStaticLoad(row+rowOffset, &snp); printf(" <A HREF=%s&g=bgiSnp&i=%s&db=%s&c=%s&o=%d&t=%d>%s</A>: %s", hgcPathAndSettings(), gs.snpName, database, seqName, snp.chromStart, snp.chromEnd, gs.snpName, gs.geneAssoc); if (gs.effect[0] != 0) printf(", %s", gs.effect); if (gs.phase[0] != 0) printf(", phase %c", gs.phase[0]); if (gs.siftComment[0] != 0) printf(", SIFT comment: %s", gs.siftComment); @@ -12554,58 +12555,58 @@ void doBGISnp(struct trackDb *tdb, char *itemName) /* Put up info on a Beijing Genomics Institute SNP. */ { char *table = tdb->table; struct bgiSnp snp; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset = hOffsetPastBin(database, seqName, table); genericHeader(tdb, itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where name = '%s'", table, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { bgiSnpStaticLoad(row+rowOffset, &snp); bedPrintPos((struct bed *)&snp, 3, tdb); printf("<B>SNP Type:</B> %s<BR>\n", (snp.snpType[0] == 'S') ? "Substitution" : (snp.snpType[0] == 'I') ? "Insertion" : "Deletion"); printf("<B>SNP Sequence:</B> %s<BR>\n", snp.snpSeq); printf("<B>SNP in Broiler?:</B> %s<BR>\n", snp.inBroiler); printf("<B>SNP in Layer?:</B> %s<BR>\n", snp.inLayer); printf("<B>SNP in Silkie?:</B> %s<BR>\n", snp.inSilkie); if (hTableExists(database, "bgiGeneSnp") && hTableExists(database, "bgiGene")) { struct genePred *bg; struct sqlConnection *conn2 = hAllocConn(database); struct sqlConnection *conn3 = hAllocConn(database); struct sqlResult *sr2, *sr3; struct bgiGeneSnp gs; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from bgiGeneSnp where snpName = '%s'", snp.name); sr2 = sqlGetResult(conn2, query); while ((row = sqlNextRow(sr2)) != NULL) { bgiGeneSnpStaticLoad(row, &gs); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from bgiGene where name = '%s'", gs.geneName); sr3 = sqlGetResult(conn3, query); while ((row = sqlNextRow(sr3)) != NULL) { bg = genePredLoad(row); printf("<B>Associated gene:</B> <A HREF=%s&g=bgiGene&i=%s&c=%s&db=%s&o=%d&t=%d&l=%d&r=%d>%s</A>: %s", hgcPathAndSettings(), gs.geneName, seqName, database, bg->txStart, bg->txEnd, bg->txStart, bg->txEnd, gs.geneName, gs.geneAssoc); if (gs.effect[0] != 0) printf(" %s", gs.effect); if (gs.phase[0] != 0) printf(" phase %c", gs.phase[0]); if (gs.siftComment[0] != 0) printf(", SIFT comment: %s", gs.siftComment); @@ -12655,31 +12656,31 @@ char query[512]; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char oChrom[64]; int oStart; cartWebStart(cart, database, "Genomic Duplications"); printf("<H2>Genomic Duplication Region</H2>\n"); if (cgiVarExists("o")) { int start = cartInt(cart, "o"); int rowOffset = hOffsetPastBin(database, seqName, tdb->table); parseChromPointPos(dupName, oChrom, &oStart); - sprintf(query, "select * from %s where chrom = '%s' and chromStart = %d " + sqlSafef(query, sizeof query, "select * from %s where chrom = '%s' and chromStart = %d " "and otherChrom = '%s' and otherStart = %d", tdb->table, seqName, start, oChrom, oStart); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr))) { genomicDupsStaticLoad(row+rowOffset, &dup); printf("<B>Region Position:</B> <A HREF=\"%s&db=%s&position=%s%%3A%d-%d\">", hgTracksPathAndSettings(), database, dup.chrom, dup.chromStart, dup.chromEnd); printf("%s:%d-%d</A><BR>\n", dup.chrom, dup.chromStart, dup.chromEnd); printf("<B>Other Position:</B> <A HREF=\"%s&db=%s&position=%s%%3A%d-%d\" TARGET=_blank>", hgTracksName(), database, dup.otherChrom, dup.otherStart, dup.otherEnd); printf("%s:%d-%d</A><BR>\n", dup.otherChrom, dup.otherStart, dup.otherEnd); printf("<B>Relative orientation:</B> %s<BR>\n", dup.strand); @@ -12736,58 +12737,58 @@ printf("Link to "); printf("<A HREF=\"http://www.ncbi.nlm.nih.gov/Traces/trace.cgi?val=%s\" TARGET=_blank>", tiNum); printf("NCBI Trace Repository for %s\n</A><BR>\n", itemName); } printf("Get "); printf("<A HREF=\"%s&g=htcExtSeq&c=%s&l=%d&r=%d&i=%s\">", hgcPathAndSettings(), seqName, winStart, winEnd, itemName); printf("Mouse DNA</A><BR>\n"); /* Print info about mate pair. */ if (tiNum != NULL && sqlTableExists(conn, "mouseTraceInfo")) { char buf[256]; char *templateId; boolean gotMate = FALSE; - sprintf(query, "select templateId from mouseTraceInfo where ti = '%s'", itemName); + sqlSafef(query, sizeof query, "select templateId from mouseTraceInfo where ti = '%s'", itemName); templateId = sqlQuickQuery(conn, query, buf, sizeof(buf)); if (templateId != NULL) { - sprintf(query, "select ti from mouseTraceInfo where templateId = '%s'", templateId); + sqlSafef(query, sizeof query, "select ti from mouseTraceInfo where templateId = '%s'", templateId); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { char *ti = row[0]; if (!sameString(ti, itemName)) { printf("Get "); printf("<A HREF=\"%s&g=htcExtSeq&c=%s&l=%d&r=%d&i=%s\">", hgcPathAndSettings(), seqName, winStart, winEnd, ti); printf("DNA for read on other end of plasmid</A><BR>\n"); gotMate = TRUE; } } sqlFreeResult(&sr); } if (!gotMate) printf("No read from other end of plasmid in database.<BR>\n"); } /* Get alignment info and print. */ printf("<H2>Alignments</H2>\n"); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -sprintf(query, "select * from %s where qName = '%s'", table, itemName); +sqlSafef(query, sizeof query, "select * from %s where qName = '%s'", table, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { psl = pslLoad(row+hasBin); slAddHead(&pslList, psl); } sqlFreeResult(&sr); slReverse(&pslList); printAlignments(pslList, start, "htcBlatXeno", tdb->table, itemName); printTrackHtml(tdb); } boolean parseRange(char *range, char **retSeq, int *retStart, int *retEnd) /* Parse seq:start-end into components. */ { @@ -12815,37 +12816,37 @@ errAbort("Malformed range %s", range); } struct psl *loadPslAt(char *track, char *qName, int qStart, int qEnd, char *tName, int tStart, int tEnd) /* Load a specific psl */ { struct dyString *dy = newDyString(1024); struct sqlConnection *conn = hAllocConn(database); char table[64]; boolean hasBin; struct sqlResult *sr; char **row; struct psl *psl; hFindSplitTable(database, tName, track, table, &hasBin); -dyStringPrintf(dy, "select * from %s ", table); -dyStringPrintf(dy, "where qStart = %d ", qStart); -dyStringPrintf(dy, "and qEnd = %d ", qEnd); -dyStringPrintf(dy, "and qName = '%s' ", qName); -dyStringPrintf(dy, "and tStart = %d ", tStart); -dyStringPrintf(dy, "and tEnd = %d ", tEnd); -dyStringPrintf(dy, "and tName = '%s'", tName); +sqlDyStringPrintf(dy, "select * from %s ", table); +sqlDyStringPrintf(dy, "where qStart = %d ", qStart); +sqlDyStringPrintf(dy, "and qEnd = %d ", qEnd); +sqlDyStringPrintf(dy, "and qName = '%s' ", qName); +sqlDyStringPrintf(dy, "and tStart = %d ", tStart); +sqlDyStringPrintf(dy, "and tEnd = %d ", tEnd); +sqlDyStringPrintf(dy, "and tName = '%s'", tName); sr = sqlGetResult(conn, dy->string); row = sqlNextRow(sr); if (row == NULL) errAbort("Couldn't loadPslAt %s:%d-%d", tName, tStart, tEnd); psl = pslLoad(row + hasBin); sqlFreeResult(&sr); freeDyString(&dy); hFreeConn(&conn); return psl; } struct psl *loadPslFromRangePair(char *track, char *rangePair) /* Load a specific psl given 'qName:qStart-qEnd tName:tStart-tEnd' in rangePair. */ { char *qRange, *tRange; @@ -13065,31 +13066,31 @@ struct chain *getChainFromRange(char *chainTable, char *chrom, int chromStart, int chromEnd) /* get a list of chains for a range */ { char chainTable_chrom[256]; struct dyString *dy = newDyString(128); struct chain *chainList = NULL; struct sqlConnection *conn = hAllocConn(database); safef(chainTable_chrom, 256, "%s_%s",chrom, chainTable); if (hTableExists(database, chainTable_chrom) ) { /* lookup chain if not stored */ char **row; struct sqlResult *sr = NULL; - dyStringPrintf(dy, "select id, score, qStart, qEnd, qStrand, qSize from %s where ", + sqlDyStringPrintf(dy, "select id, score, qStart, qEnd, qStrand, qSize from %s where ", chainTable_chrom); hAddBinToQuery(chromStart, chromEnd, dy); dyStringPrintf(dy, "tEnd > %d and tStart < %d ", chromStart,chromEnd); dyStringAppend(dy, " order by qStart"); sr = sqlGetResult(conn, dy->string); while ((row = sqlNextRow(sr)) != NULL) { int chainId = 0, score; unsigned int qStart, qEnd, qSize; struct chain *chain = NULL; char qStrand; chainId = sqlUnsigned(row[0]); score = sqlUnsigned(row[1]); qStart = sqlUnsigned(row[2]); @@ -13142,61 +13143,61 @@ char tNibDir[512]; char path[512]; boolean hasBin; struct sqlConnection *conn = hAllocConn(database); struct sqlConnection *conn2; struct hash *qChromHash = hashNew(0); struct cnFill *fill; struct chain *chain; struct dnaSeq *tChrom = NULL; cartWebStart(cart, database, "Alignment of %s in %s to pseudogene in %s", name, hOrganism(db2), hOrganism(database)); conn2 = hAllocConn(db2); /* get nibFile for pseudoGene */ -sprintf(query, "select fileName from chromInfo where chrom = '%s'", chrom); +sqlSafef(query, sizeof query, "select fileName from chromInfo where chrom = '%s'", chrom); if (sqlQuickQuery(conn, query, nibFile, sizeof(nibFile)) == NULL) errAbort("Sequence %s isn't in chromInfo", chrom); /* get nibFile for Gene in other species */ -sprintf(query, "select fileName from chromInfo where chrom = '%s'" ,qChrom); +sqlSafef(query, sizeof query, "select fileName from chromInfo where chrom = '%s'" ,qChrom); if (sqlQuickQuery(conn2, query, qNibFile, sizeof(qNibFile)) == NULL) errAbort("Sequence chr1 isn't in chromInfo"); /* get gp */ if (!hFindSplitTable(db2, qChrom, track, table, &hasBin)) errAbort("htcPseudoGene: table %s not found.\n",track); else if (sameString(track, "mrna")) { struct psl *psl = NULL ; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from %s where qName = '%s' and tName = '%s' and tStart = %d ", table, name, qChrom, qStart ); sr = sqlGetResult(conn2, query); if ((row = sqlNextRow(sr)) != NULL) { psl = pslLoad(row+hasBin); if (psl != NULL) gp = genePredFromPsl(psl, psl->tStart, psl->tEnd, 10); } sqlFreeResult(&sr); } else if (table != NULL) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from %s where name = '%s' and chrom = '%s' ", table, name, qChrom ); sr = sqlGetResult(conn2, query); if ((row = sqlNextRow(sr)) != NULL) gp = genePredLoad(row + hasBin); sqlFreeResult(&sr); } if (gp == NULL) errAbort("htcPseudoGene: Could not locate gene prediction (db=%s, table=%s, name=%s, in range %s:%d-%d) %s", db2, table, name, qChrom, qStart+1, qEnd, query); /* extract nib directory from nibfile */ if (strrchr(nibFile,'/') != NULL) strncpy(tNibDir, nibFile, strlen(nibFile)-strlen(strrchr(nibFile,'/'))); @@ -13337,33 +13338,33 @@ cartWebStart(cart, database, "%s", itemName); printPosOnChrom(chrom,start,end,NULL,FALSE,NULL); printf("<H1>Information on %s Sequence %s</H1>", otherGenome, itemName); printf("Get "); printf("<A HREF=\"%s&g=htcExtSeq&c=%s&l=%d&r=%d&i=%s\">", hgcPathAndSettings(), seqName, winStart, winEnd, itemName); printf("%s DNA</A><BR>\n", otherGenome); /* Get alignment info and print. */ printf("<H2>Alignments</H2>\n"); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); /* if this is a non-split table then query with tName */ if (startsWith(tdb->table, table)) - safef(query, sizeof(query), "select * from %s where qName = '%s' and tName = '%s'", table, itemName,seqName); + sqlSafef(query, sizeof(query), "select * from %s where qName = '%s' and tName = '%s'", table, itemName,seqName); else - safef(query, sizeof(query), "select * from %s where qName = '%s'", table, itemName); + sqlSafef(query, sizeof(query), "select * from %s where qName = '%s'", table, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { psl = pslLoad(row+hasBin); slAddHead(&pslList, psl); } sqlFreeResult(&sr); slReverse(&pslList); printAlignments(pslList, start, "htcBlatXeno", tdb->table, itemName); printTrackHtml(tdb); } void doTSS(struct trackDb *tdb, char *itemName) /* Handle click on DBTSS track. */ { @@ -13373,60 +13374,60 @@ char **row = NULL; int start = cartInt(cart, "o"); struct psl *pslList = NULL, *psl = NULL; boolean hasBin = TRUE; char *table = "refFullAli"; /* Table with the pertinent PSL data */ cartWebStart(cart, database, "%s", itemName); printf("<H1>Information on DBTSS Sequence %s</H1>", itemName); printf("Get "); printf("<A HREF=\"%s&g=htcExtSeq&c=%s&l=%d&r=%d&i=%s\">", hgcPathAndSettings(), seqName, winStart, winEnd, itemName); printf("Sequence</A><BR>\n"); /* Get alignment info and print. */ printf("<H2>Alignments</H2>\n"); -sprintf(query, "select * from %s where qName = '%s'", table, itemName); +sqlSafef(query, sizeof query, "select * from %s where qName = '%s'", table, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { psl = pslLoad(row + hasBin); slAddHead(&pslList, psl); } sqlFreeResult(&sr); slReverse(&pslList); printAlignments(pslList, start, "htcCdnaAli", tdb->table, itemName); printTrackHtml(tdb); } void doEst3(char *itemName) /* Handle click on EST 3' end track. */ { struct est3 el; int start = cartInt(cart, "o"); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset; cartWebStart(cart, database, "EST 3' Ends"); printf("<H2>EST 3' Ends</H2>\n"); rowOffset = hOffsetPastBin(database, seqName, "est3"); -sprintf(query, "select * from est3 where chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from est3 where chrom = '%s' and chromStart = %d", seqName, start); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { est3StaticLoad(row+rowOffset, &el); printf("<B>EST 3' End Count:</B> %d<BR>\n", el.estCount); bedPrintPos((struct bed *)&el, 3, NULL); printf("<B>strand:</B> %s<BR>\n", el.strand); htmlHorizontalLine(); } puts("<P>This track shows where clusters of EST 3' ends hit the " "genome. In many cases these represent the 3' ends of genes. " "This data was kindly provided by Lukas Wagner and Greg Schuler " "at NCBI. Additional filtering was applied by Jim Kent.</P>"); @@ -13436,31 +13437,31 @@ void doEncodeRna(struct trackDb *tdb, char *itemName) /* Handle click on encodeRna track. */ { struct encodeRna rna; int start = cartInt(cart, "o"); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset; struct slName *nameList, *sl; genericHeader(tdb, itemName); rowOffset = hOffsetPastBin(database, seqName, tdb->table); -sprintf(query, "select * from %s where chrom = '%s' and chromStart = %d and name = '%s'", +sqlSafef(query, sizeof query, "select * from %s where chrom = '%s' and chromStart = %d and name = '%s'", tdb->table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { encodeRnaStaticLoad(row + rowOffset, &rna); printf("<B>name:</B> %s<BR>\n", rna.name); bedPrintPos((struct bed *)&rna, 3, tdb); printf("<B>strand:</B> %s<BR>\n", rna.strand); printf("<B>type:</B> %s<BR>\n", rna.type); printf("<B>score:</B> %2.1f<BR><BR>\n", rna.fullScore); printf("<B>is pseudo-gene:</B> %s<BR>\n", (rna.isPsuedo ? "yes" : "no")); printf("<B>is Repeatmasked:</B> %s<BR>\n", (rna.isRmasked ? "yes" : "no")); printf("<B>is Transcribed:</B> %s<BR>\n", (rna.isTranscribed ? "yes" : "no")); printf("<B>is an evoFold prediction:</B> %s<BR>\n", (rna.isPrediction ? "yes" : "no")); printf("<B>program predicted with:</B> %s<BR>\n", rna.source); @@ -13479,31 +13480,31 @@ void doRnaGene(struct trackDb *tdb, char *itemName) /* Handle click on RNA Genes track. */ { struct rnaGene rna; int start = cartInt(cart, "o"); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset; genericHeader(tdb, itemName); rowOffset = hOffsetPastBin(database, seqName, tdb->table); -sprintf(query, "select * from %s where chrom = '%s' and chromStart = %d and name = '%s'", +sqlSafef(query, sizeof query, "select * from %s where chrom = '%s' and chromStart = %d and name = '%s'", tdb->table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { rnaGeneStaticLoad(row + rowOffset, &rna); printf("<B>name:</B> %s<BR>\n", rna.name); printf("<B>type:</B> %s<BR>\n", rna.type); printf("<B>score:</B> %2.1f<BR>\n", rna.fullScore); printf("<B>is pseudo-gene:</B> %s<BR>\n", (rna.isPsuedo ? "yes" : "no")); printf("<B>program predicted with:</B> %s<BR>\n", rna.source); printf("<B>strand:</B> %s<BR>\n", rna.strand); bedPrintPos((struct bed *)&rna, 3, tdb); htmlHorizontalLine(); } printTrackHtml(tdb); @@ -13533,72 +13534,72 @@ int i; struct psl *pslList = NULL, *psl; int pslStart; char *sqlMarker = marker; boolean hasBin; /* Make sure to escpae single quotes for DB parseability */ if (strchr(marker, '\'')) sqlMarker = replaceChars(marker, "'", "''"); /* Print out non-sequence info */ sprintf(title, "STS Marker %s", marker); cartWebStart(cart, database, "%s", title); /* Find the instance of the object in the bed table */ -sprintf(query, "SELECT * FROM %s WHERE name = '%s' " +sqlSafef(query, sizeof query, "SELECT * FROM %s WHERE name = '%s' " "AND chrom = '%s' AND chromStart = %d " "AND chromEnd = %d", table, sqlMarker, seqName, start, end); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); hasBin = hOffsetPastBin(database, seqName, table); if (row != NULL) { if (stsMapExists) stsMapStaticLoad(row+hasBin, &stsRow); else /* Load and convert from original bed format */ { struct stsMarker oldStsRow; stsMarkerStaticLoad(row+hasBin, &oldStsRow); stsMapFromStsMarker(&oldStsRow, &stsRow); } if (stsInfo2Exists) { /* Find the instance of the object in the stsInfo2 table */ sqlFreeResult(&sr); - sprintf(query, "SELECT * FROM stsInfo2 WHERE identNo = '%d'", stsRow.identNo); + sqlSafef(query, sizeof query, "SELECT * FROM stsInfo2 WHERE identNo = '%d'", stsRow.identNo); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { int i; char **cl; cl = (char **)needMem(52*sizeof(char *)); for (i = 0; i < 52; ++i) cl[i] = cloneString(row[i]); info2Row = stsInfo2Load(row); infoRow = stsInfoLoad(cl); freeMem(cl); } } else if (stsInfoExists) { /* Find the instance of the object in the stsInfo table */ sqlFreeResult(&sr); - sprintf(query, "SELECT * FROM stsInfo WHERE identNo = '%d'", stsRow.identNo); + sqlSafef(query, sizeof query, "SELECT * FROM stsInfo WHERE identNo = '%d'", stsRow.identNo); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) infoRow = stsInfoLoad(row); } if (((stsInfo2Exists) || (stsInfoExists)) && (row != NULL)) { printf("<TABLE>\n"); printf("<TR><TH ALIGN=left>Chromosome:</TH><TD>%s</TD></TR>\n", seqName); printf("<TR><TH ALIGN=left>Start:</TH><TD>%d</TD></TR>\n",start+1); printf("<TR><TH ALIGN=left>End:</TH><TD>%d</TD></TR>\n",end); printBand(seqName, start, end, TRUE); printf("</TABLE>\n"); htmlHorizontalLine(); @@ -13712,57 +13713,57 @@ if (!sameString(infoRow->gm99g3Name,"")) printf("<TH ALIGN=left>GM99 G3:</TH><TD WIDTH=150>%s</TD><TD WIDTH=150>%s</TD><TD WIDTH=150>%.2f (%.2f)</TD></TR>\n", infoRow->gm99g3Name, infoRow->gm99g3Chr, infoRow->gm99g3Pos, infoRow->gm99g3LOD); if (!sameString(infoRow->wirhName,"")) printf("<TH ALIGN=left>WI RH:</TH><TD WIDTH=150>%s</TD><TD WIDTH=150>%s</TD><TD WIDTH=150>%.2f (%.2f)</TD></TR>\n", infoRow->wirhName, infoRow->wirhChr, infoRow->wirhPos, infoRow->wirhLOD); if (!sameString(infoRow->tngName,"")) printf("<TH ALIGN=left>Stanford TNG:</TH><TD WIDTH=150>%s</TD><TD WIDTH=150>%s</TD><TD WIDTH=150>%.2f</TD></TR>\n", infoRow->tngName, infoRow->tngChr, infoRow->tngPos); printf("</TABLE><P>\n"); } /* Print out alignment information - full sequence */ webNewSection("Genomic Alignments:"); - sprintf(query, "SELECT * FROM all_sts_seq WHERE qName = '%d'", + sqlSafef(query, sizeof query, "SELECT * FROM all_sts_seq WHERE qName = '%d'", infoRow->identNo); sr1 = sqlGetResult(conn1, query); hasBin = hOffsetPastBin(database, seqName, "all_sts_seq"); i = 0; pslStart = 0; while ((row = sqlNextRow(sr1)) != NULL) { psl = pslLoad(row+hasBin); if ((sameString(psl->tName, seqName)) && (abs(psl->tStart - start) < 1000)) pslStart = psl->tStart; slAddHead(&pslList, psl); i++; } slReverse(&pslList); if (i > 0) { printf("<H3>Full sequence:</H3>\n"); sprintf(stsid,"%d",infoRow->identNo); printAlignments(pslList, pslStart, "htcCdnaAli", "all_sts_seq", stsid); sqlFreeResult(&sr1); htmlHorizontalLine(); } slFreeList(&pslList); /* Print out alignment information - primers */ sprintf(stsid,"dbSTS_%d",infoRow->dbSTSid); - sprintf(query, "SELECT * FROM all_sts_primer WHERE qName = '%s'", + sqlSafef(query, sizeof query, "SELECT * FROM all_sts_primer WHERE qName = '%s'", stsid); hasBin = hOffsetPastBin(database, seqName, "all_sts_primer"); sr1 = sqlGetResult(conn1, query); i = 0; pslStart = 0; while ((row = sqlNextRow(sr1)) != NULL) { psl = pslLoad(row+hasBin); if ((sameString(psl->tName, seqName)) && (abs(psl->tStart - start) < 1000)) pslStart = psl->tStart; slAddHead(&pslList, psl); i++; } slReverse(&pslList); if (i > 0) @@ -13798,31 +13799,31 @@ printf("<TR><TH ALIGN=left>Whitehead RH:</TH><TD>chr%s</TD><TD>%.2f</TD></TR>\n", stsRow.wiRhChrom, stsRow.wiRhPos); if (!sameString(stsRow.shgcTngChrom, "0")) printf("<TR><TH ALIGN=left>Stanford TNG:</TH><TD>chr%s</TD><TD>%.2f</TD></TR>\n", stsRow.shgcTngChrom, stsRow.shgcTngPos); if (!sameString(stsRow.fishChrom, "0")) printf("<TR><TH ALIGN=left>FISH:</TH><TD>%s.%s - %s.%s</TD></TR>\n", stsRow.fishChrom, stsRow.beginBand, stsRow.fishChrom, stsRow.endBand); printf("</TABLE>\n"); htmlHorizontalLine(); if (stsRow.score == 1000) printf("<H3>This is the only location found for %s</H3>\n",marker); else { sqlFreeResult(&sr); printf("<H4>Other locations found for %s in the genome:</H4>\n", marker); printf("<TABLE>\n"); - sprintf(query, "SELECT * FROM %s WHERE name = '%s' " + sqlSafef(query, sizeof query, "SELECT * FROM %s WHERE name = '%s' " "AND (chrom != '%s' OR chromStart != %d OR chromEnd != %d)", table, marker, seqName, start, end); sr = sqlGetResult(conn,query); hasBin = hOffsetPastBin(database, seqName, table); while ((row = sqlNextRow(sr)) != NULL) { if (stsMapExists) stsMapStaticLoad(row+hasBin, &stsRow); else /* Load and convert from original bed format */ { struct stsMarker oldStsRow; stsMarkerStaticLoad(row+hasBin, &oldStsRow); stsMapFromStsMarker(&oldStsRow, &stsRow); } @@ -13854,42 +13855,42 @@ int start = cartInt(cart, "o"); int end = cartInt(cart, "t"); int hgsid = cartSessionId(cart); struct stsMapMouse stsRow; struct stsInfoMouse *infoRow; char stsid[20]; int i; struct psl *pslList = NULL, *psl; int pslStart; /* Print out non-sequence info */ sprintf(title, "STS Marker %s", marker); cartWebStart(cart, database, "%s", title); /* Find the instance of the object in the bed table */ -sprintf(query, "SELECT * FROM %s WHERE name = '%s' " +sqlSafef(query, sizeof query, "SELECT * FROM %s WHERE name = '%s' " "AND chrom = '%s' AND chromStart = %d " "AND chromEnd = %d", table, marker, seqName, start, end); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { stsMapMouseStaticLoad(row, &stsRow); /* Find the instance of the object in the stsInfo table */ sqlFreeResult(&sr); - sprintf(query, "SELECT * FROM stsInfoMouse WHERE identNo = '%d'", stsRow.identNo); + sqlSafef(query, sizeof query, "SELECT * FROM stsInfoMouse WHERE identNo = '%d'", stsRow.identNo); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { infoRow = stsInfoMouseLoad(row); printf("<TABLE>\n"); printf("<TR><TH ALIGN=left>Chromosome:</TH><TD>%s</TD></TR>\n", seqName); printf("<TR><TH ALIGN=left>Start:</TH><TD>%d</TD></TR>\n",start+1); printf("<TR><TH ALIGN=left>End:</TH><TD>%d</TD></TR>\n",end); printf("</TABLE>\n"); htmlHorizontalLine(); printf("<TABLE>\n"); printf("<TR><TH ALIGN=left>MGI Marker ID:</TH><TD><B>MGI:</B>"); printf("<A HREF = \"http://www.informatics.jax.org/searches/accession_report.cgi?id=MGI:%d\" TARGET=_blank>%d</A></TD></TR>\n", infoRow->MGIMarkerID, infoRow->MGIMarkerID); printf("<TR><TH ALIGN=left>MGI Probe ID:</TH><TD><B>MGI:</B>"); @@ -13902,31 +13903,31 @@ printf("<TR><TH ALIGN=left>Right Primer:</TH><TD>%s</TD></TR>\n",infoRow->primer2); printf("<TR><TH ALIGN=left>Distance:</TH><TD>%s bps</TD></TR>\n",infoRow->distance); printf("</TABLE>\n"); htmlHorizontalLine(); /* Print out information from genetic maps for this marker */ printf("<H3>Genetic Map Position</H3>\n"); printf("<TABLE>\n"); printf("<TH> </TH><TH ALIGN=left WIDTH=150>Name</TH><TH ALIGN=left WIDTH=150>Chromosome</TH><TH ALIGN=left WIDTH=150>Position</TH></TR>\n"); printf("<TH ALIGN=left> </TH><TD WIDTH=150>%s</TD><TD WIDTH=150>%s</TD><TD WIDTH=150>%.2f</TD></TR>\n", infoRow->stsMarkerName, infoRow->Chr, infoRow->geneticPos); printf("</TABLE><P>\n"); /* Print out alignment information - full sequence */ webNewSection("Genomic Alignments:"); sprintf(stsid,"%d",infoRow->MGIPrimerID); - sprintf(query, "SELECT * FROM all_sts_primer" + sqlSafef(query, sizeof query, "SELECT * FROM all_sts_primer" " WHERE qName = '%s' AND tStart = '%d' AND tEnd = '%d'",stsid, start, end); sr1 = sqlGetResult(conn1, query); i = 0; pslStart = 0; while ((row = sqlNextRow(sr1)) != NULL) { psl = pslLoad(row); if ((sameString(psl->tName, seqName)) && (abs(psl->tStart - start) < 1000)) pslStart = psl->tStart; slAddHead(&pslList, psl); i++; } slReverse(&pslList); if (i > 0) { @@ -13934,31 +13935,31 @@ printAlignments(pslList, pslStart, "htcCdnaAli", "all_sts_primer", stsid); sqlFreeResult(&sr1); } slFreeList(&pslList); stsInfoMouseFree(&infoRow); } htmlHorizontalLine(); if (stsRow.score == 1000) printf("<H3>This is the only location found for %s</H3>\n",marker); else { sqlFreeResult(&sr); printf("<H4>Other locations found for %s in the genome:</H4>\n", marker); printf("<TABLE>\n"); - sprintf(query, "SELECT * FROM %s WHERE name = '%s' " + sqlSafef(query, sizeof query, "SELECT * FROM %s WHERE name = '%s' " "AND (chrom != '%s' OR chromStart != %d OR chromEnd != %d)", table, marker, seqName, start, end); sr = sqlGetResult(conn,query); while ((row = sqlNextRow(sr)) != NULL) { stsMapMouseStaticLoad(row, &stsRow); printf("<TR><TD>%s:</TD><TD><A HREF = \"../cgi-bin/hgc?hgsid=%d&o=%u&t=%d&g=stsMapMouse&i=%s&c=%s\" target=_blank>%d</A></TD></TR>\n", stsRow.chrom, hgsid, stsRow.chromStart,stsRow.chromEnd, stsRow.name, stsRow.chrom,(stsRow.chromStart+stsRow.chromEnd)>>1); } printf("</TABLE>\n"); } } webNewSection("Notes:"); printTrackHtml(tdb); sqlFreeResult(&sr); @@ -13987,42 +13988,42 @@ char stsid[20]; char stsPrimer[40]; char stsClone[45]; int i; struct psl *pslList = NULL, *psl; int pslStart; char sChar='%'; /* Print out non-sequence info */ sprintf(title, "STS Marker %s\n", marker); /* sprintf(title, "STS Marker <A HREF=\"http://www.informatics.jax.org/searches/marker_report.cgi?string\%%3AmousemarkerID=%s\" TARGET=_BLANK>%s</A>\n", marker, marker); */ cartWebStart(cart, database, "%s", title); /* Find the instance of the object in the bed table */ -sprintf(query, "SELECT * FROM %s WHERE name = '%s' " +sqlSafef(query, sizeof query, "SELECT * FROM %s WHERE name = '%s' " "AND chrom = '%s' AND chromStart = %d " "AND chromEnd = %d", table, marker, seqName, start, end); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { stsMapMouseNewStaticLoad(row, &stsRow); /* Find the instance of the object in the stsInfo table */ sqlFreeResult(&sr); - sprintf(query, "SELECT * FROM stsInfoMouseNew WHERE identNo = '%d'", stsRow.identNo); + sqlSafef(query, sizeof query, "SELECT * FROM stsInfoMouseNew WHERE identNo = '%d'", stsRow.identNo); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { infoRow = stsInfoMouseNewLoad(row); printf("<TABLE>\n"); printf("<TR><TH ALIGN=left>Chromosome:</TH><TD>%s</TD></TR>\n", seqName); printf("<TR><TH ALIGN=left>Start:</TH><TD>%d</TD></TR>\n",start+1); printf("<TR><TH ALIGN=left>End:</TH><TD>%d</TD></TR>\n",end); printf("</TABLE>\n"); htmlHorizontalLine(); printf("<TABLE>\n"); printf("<TR><TH ALIGN=left>UCSC STS Marker ID:</TH><TD>%d</TD></TR>\n", infoRow->identNo); if (infoRow->UiStsId != 0) printf("<TR><TH ALIGN=left>UniSts Marker ID:</TH><TD>" @@ -14062,56 +14063,56 @@ if (strcmp(infoRow->rhName, "")) { printf("<TR><TH> </TH><TH ALIGN=left WIDTH=150>Name</TH><TH ALIGN=left WIDTH=150>Chromosome</TH><TH ALIGN=left WIDTH=150>Position</TH><TH ALIGN=left WIDTH=150>Score</TH?</TR>\n"); printf("<TR><TH ALIGN=left> </TH><TD WIDTH=150>%s</TD><TD WIDTH=150>%s</TD><TD WIDTH=150>%.2f</TD><TD WIDTH=150>%.2f</TD></TR>\n", infoRow->rhName, infoRow->rhChr, infoRow->rhGeneticPos, infoRow->RHLOD); } printf("</TABLE><P>\n"); /* Print out alignment information - full sequence */ webNewSection("Genomic Alignments:"); sprintf(stsid,"%d",infoRow->identNo); sprintf(stsPrimer, "%d_%s", infoRow->identNo, infoRow->name); sprintf(stsClone, "%d_%s_clone", infoRow->identNo, infoRow->name); /* find sts in primer alignment info */ - sprintf(query, "SELECT * FROM all_sts_primer WHERE qName = '%s' AND tStart = '%d' " + sqlSafef(query, sizeof query, "SELECT * FROM all_sts_primer WHERE qName = '%s' AND tStart = '%d' " "AND tEnd = '%d'",stsPrimer, start, end); sr1 = sqlGetResult(conn1, query); i = 0; pslStart = 0; while ((row = sqlNextRow(sr1)) != NULL ) { psl = pslLoad(row); fflush(stdout); if ((sameString(psl->tName, seqName)) && (abs(psl->tStart - start) < 1000)) pslStart = psl->tStart; slAddHead(&pslList, psl); i++; } slReverse(&pslList); if (i > 0) { printf("<H3>Primers:</H3>\n"); printAlignments(pslList, pslStart, "htcCdnaAli", "all_sts_primer", stsPrimer); sqlFreeResult(&sr1); } slFreeList(&pslList); stsInfoMouseNewFree(&infoRow); /* Find sts in clone sequece alignment info */ - sprintf(query1, "SELECT * FROM all_sts_primer WHERE qName = '%s' AND tStart = '%d' AND tEnd = '%d'",stsClone, start, end); + sqlSafef(query1, sizeof query1, "SELECT * FROM all_sts_primer WHERE qName = '%s' AND tStart = '%d' AND tEnd = '%d'",stsClone, start, end); sr2 = sqlGetResult(conn1, query1); i = 0; pslStart = 0; while ((row = sqlNextRow(sr2)) != NULL ) { psl = pslLoad(row); fflush(stdout); if ((sameString(psl->tName, seqName)) && (abs(psl->tStart - start) < 1000)) pslStart = psl->tStart; slAddHead(&pslList, psl); i++; } slReverse(&pslList); if (i > 0) { @@ -14120,31 +14121,31 @@ sqlFreeResult(&sr1); } slFreeList(&pslList); stsInfoMouseNewFree(&infoRow); } htmlHorizontalLine(); if (stsRow.score == 1000) printf("<H3>This is the only location found for %s</H3>\n",marker); else { sqlFreeResult(&sr); printf("<H4>Other locations found for %s in the genome:</H4>\n", marker); printf("<TABLE>\n"); - sprintf(query, "SELECT * FROM %s WHERE name = '%s' " + sqlSafef(query, sizeof query, "SELECT * FROM %s WHERE name = '%s' " "AND (chrom != '%s' OR chromStart != %d OR chromEnd != %d)", table, marker, seqName, start, end); sr = sqlGetResult(conn,query); while ((row = sqlNextRow(sr)) != NULL) { stsMapMouseNewStaticLoad(row, &stsRow); printf("<TR><TD>%s:</TD><TD><A HREF = \"../cgi-bin/hgc?hgsid=%d&o=%u&t=%d&" "g=stsMapMouseNew&i=%s&c=%s\" target=_blank>%d</A></TD></TR>\n", stsRow.chrom, hgsid, stsRow.chromStart,stsRow.chromEnd, stsRow.name, stsRow.chrom,(stsRow.chromStart+stsRow.chromEnd)>>1); } printf("</TABLE>\n"); } } webNewSection("Notes:"); @@ -14172,39 +14173,39 @@ struct stsMapRat stsRow; struct stsInfoRat *infoRow; char stsid[20]; char stsPrimer[40]; char stsClone[45]; int i; struct psl *pslList = NULL, *psl; int pslStart; boolean hasBin = FALSE; /* Print out non-sequence info */ sprintf(title, "STS Marker %s", marker); cartWebStart(cart, database, "%s", title); /* Find the instance of the object in the bed table */ -safef(query, sizeof(query), "name = '%s'", marker); +sqlSafefFrag(query, sizeof(query), "name = '%s'", marker); sr = hRangeQuery(conn, table, seqName, start, end, query, &hasBin); row = sqlNextRow(sr); if (row != NULL) { stsMapRatStaticLoad(row+hasBin, &stsRow); /* Find the instance of the object in the stsInfo table */ sqlFreeResult(&sr); - sprintf(query, "SELECT * FROM stsInfoRat WHERE identNo = '%d'", stsRow.identNo); + sqlSafef(query, sizeof query, "SELECT * FROM stsInfoRat WHERE identNo = '%d'", stsRow.identNo); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { infoRow = stsInfoRatLoad(row); printf("<TABLE>\n"); printf("<TR><TH ALIGN=left>Chromosome:</TH><TD>%s</TD></TR>\n", seqName); printf("<TR><TH ALIGN=left>Start:</TH><TD>%d</TD></TR>\n",start+1); printf("<TR><TH ALIGN=left>End:</TH><TD>%d</TD></TR>\n",end); printf("</TABLE>\n"); htmlHorizontalLine(); printf("<TABLE>\n"); printf("<TR><TH ALIGN=left>UCSC STS Marker ID:</TH><TD>%d</TD></TR>\n", infoRow->identNo); if (infoRow->UiStsId != 0) printf("<TR><TH ALIGN=left>UniSts Marker ID:</TH><TD>" @@ -14243,31 +14244,31 @@ if(strcmp(infoRow->rhName, "")) { printf("<TR><TH> </TH><TH ALIGN=left WIDTH=150>Name</TH><TH ALIGN=left WIDTH=150>Chromosome</TH><TH ALIGN=left WIDTH=150>Position</TH><TH ALIGN=left WIDTH=150>Score</TH?</TR>\n"); printf("<TR><TH ALIGN=left> </TH><TD WIDTH=150>%s</TD><TD WIDTH=150>%s</TD><TD WIDTH=150>%.2f</TD><TD WIDTH=150>%.2f</TD></TR>\n", infoRow->rhName, infoRow->rhChr, infoRow->rhGeneticPos, infoRow->RHLOD); } printf("</TABLE><P>\n"); /* Print out alignment information - full sequence */ webNewSection("Genomic Alignments:"); sprintf(stsid,"%d",infoRow->identNo); sprintf(stsPrimer, "%d_%s", infoRow->identNo, infoRow->name); sprintf(stsClone, "%d_%s_clone", infoRow->identNo, infoRow->name); /* find sts in primer alignment info */ - safef(query, sizeof(query), "qName = '%s'", stsPrimer); + sqlSafefFrag(query, sizeof(query), "qName = '%s'", stsPrimer); sr1 = hRangeQuery(conn1, "all_sts_primer", seqName, start, end, query, &hasBin); i = 0; pslStart = 0; while ((row = sqlNextRow(sr1)) != NULL ) { psl = pslLoad(row+hasBin); fflush(stdout); if ((sameString(psl->tName, seqName)) && (abs(psl->tStart - start) < 1000)) pslStart = psl->tStart; slAddHead(&pslList, psl); i++; } slReverse(&pslList); if (i > 0) @@ -14302,31 +14303,31 @@ sqlFreeResult(&sr1); } slFreeList(&pslList); stsInfoRatFree(&infoRow); } htmlHorizontalLine(); if (stsRow.score == 1000) printf("<H3>This is the only location found for %s</H3>\n",marker); else { sqlFreeResult(&sr); printf("<H4>Other locations found for %s in the genome:</H4>\n", marker); printf("<TABLE>\n"); - safef(query, sizeof(query), "name = '%s'", marker); + sqlSafefFrag(query, sizeof(query), "name = '%s'", marker); sr = hRangeQuery(conn, table, seqName, start, end, query, &hasBin); while ((row = sqlNextRow(sr)) != NULL) { stsMapRatStaticLoad(row+hasBin, &stsRow); printf("<TR><TD>%s:</TD><TD><A HREF = \"../cgi-bin/hgc?hgsid=%d&o=%u&t=%d&g=stsMapRat&i=%s&c=%s\" target=_blank>%d</A></TD></TR>\n", stsRow.chrom, hgsid, stsRow.chromStart,stsRow.chromEnd, stsRow.name, stsRow.chrom,(stsRow.chromStart+stsRow.chromEnd)>>1); } printf("</TABLE>\n"); } } webNewSection("Notes:"); printTrackHtml(tdb); sqlFreeResult(&sr); hFreeConn(&conn); hFreeConn(&conn1); @@ -14337,31 +14338,31 @@ { char query[256]; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char **row; int start = cartInt(cart, "o"); int end = cartInt(cart, "t"); struct fishClones *fc; int i; /* Print out non-sequence info */ cartWebStart(cart, database, "%s", clone); /* Find the instance of the object in the bed table */ -sprintf(query, "SELECT * FROM fishClones WHERE name = '%s' " +sqlSafef(query, sizeof query, "SELECT * FROM fishClones WHERE name = '%s' " "AND chrom = '%s' AND chromStart = %d " "AND chromEnd = %d", clone, seqName, start, end); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { fc = fishClonesLoad(row); /* Print out general sequence positional information */ printf("<H2><A HREF="); printCloneDbUrl(stdout, clone); printf(" TARGET=_BLANK>%s</A></H2>\n", clone); htmlHorizontalLine(); printf("<TABLE>\n"); printf("<TR><TH ALIGN=left>Chromosome:</TH><TD>%s</TD></TR>\n", seqName); @@ -14438,31 +14439,31 @@ void doRecombRate(struct trackDb *tdb) /* Handle click on the Recombination Rate track */ { char query[256]; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char **row; int start = cartInt(cart, "o"); int end = cartInt(cart, "t"); struct recombRate *rr; /* Print out non-sequence info */ cartWebStart(cart, database, "Recombination Rates"); /* Find the instance of the object in the bed table */ -sprintf(query, "SELECT * FROM recombRate WHERE " +sqlSafef(query, sizeof query, "SELECT * FROM recombRate WHERE " "chrom = '%s' AND chromStart = %d " "AND chromEnd = %d", seqName, start, end); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { rr = recombRateLoad(row); /* Print out general sequence positional information */ printf("<TABLE>\n"); printf("<TR><TH ALIGN=left>Chromosome:</TH><TD>%s</TD></TR>\n", seqName); printf("<TR><TH ALIGN=left>Start:</TH><TD>%d</TD></TR>\n",start+1); printf("<TR><TH ALIGN=left>End:</TH><TD>%d</TD></TR>\n",end); printBand(seqName, start, end, TRUE); printf("<TR><TH ALIGN=left>deCODE Sex-Averaged Rate:</TH><TD>%3.1f cM/Mb</TD></TR>\n", rr->decodeAvg); @@ -14487,31 +14488,31 @@ /* Handle click on the rat Recombination Rate track */ { char query[256]; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char **row; int start = cartInt(cart, "o"); int end = cartInt(cart, "t"); struct recombRateRat *rr; /* Print out non-sequence info */ cartWebStart(cart, database, "Recombination Rates"); /* Find the instance of the object in the bed table */ -sprintf(query, "SELECT * FROM recombRateRat WHERE " +sqlSafef(query, sizeof query, "SELECT * FROM recombRateRat WHERE " "chrom = '%s' AND chromStart = %d " "AND chromEnd = %d", seqName, start, end); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { rr = recombRateRatLoad(row); /* Print out general sequence positional information */ printf("<TABLE>\n"); printf("<TR><TH ALIGN=left>Chromosome:</TH><TD>%s</TD></TR>\n", seqName); printf("<TR><TH ALIGN=left>Start:</TH><TD>%d</TD></TR>\n",start+1); printf("<TR><TH ALIGN=left>End:</TH><TD>%d</TD></TR>\n",end); printBand(seqName, start, end, TRUE); printf("<TR><TH ALIGN=left>SHRSPxBN Sex-Averaged Rate:</TH><TD>%3.1f cM/Mb</TD></TR>\n", rr->shrspAvg); @@ -14528,31 +14529,31 @@ void doRecombRateMouse(struct trackDb *tdb) /* Handle click on the mouse Recombination Rate track */ { char query[256]; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char **row; int start = cartInt(cart, "o"); int end = cartInt(cart, "t"); struct recombRateMouse *rr; /* Print out non-sequence info */ cartWebStart(cart, database, "Recombination Rates"); /* Find the instance of the object in the bed table */ -sprintf(query, "SELECT * FROM recombRateMouse WHERE " +sqlSafef(query, sizeof query, "SELECT * FROM recombRateMouse WHERE " "chrom = '%s' AND chromStart = %d " "AND chromEnd = %d", seqName, start, end); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { rr = recombRateMouseLoad(row); /* Print out general sequence positional information */ printf("<TABLE>\n"); printf("<TR><TH ALIGN=left>Chromosome:</TH><TD>%s</TD></TR>\n", seqName); printf("<TR><TH ALIGN=left>Start:</TH><TD>%d</TD></TR>\n",start+1); printf("<TR><TH ALIGN=left>End:</TH><TD>%d</TD></TR>\n",end); printBand(seqName, start, end, TRUE); printf("<TR><TH ALIGN=left>WI Genetic Map Sex-Averaged Rate:</TH><TD>%3.1f cM/Mb</TD></TR>\n", rr->wiAvg); @@ -14570,31 +14571,31 @@ /* Handle click on the GenMapDb clones track */ { char query[256]; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char **row; int start = cartInt(cart, "o"); int end = cartInt(cart, "t"); struct genMapDb *upc; int size; /* Print out non-sequence info */ cartWebStart(cart, database, "GenMapDB BAC Clones"); /* Find the instance of the object in the bed table */ -sprintf(query, "SELECT * FROM genMapDb WHERE name = '%s' " +sqlSafef(query, sizeof query, "SELECT * FROM genMapDb WHERE name = '%s' " "AND chrom = '%s' AND chromStart = %d " "AND chromEnd = %d", clone, seqName, start, end); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { upc = genMapDbLoad(row); /* Print out general sequence positional information */ printf("<H2><A HREF="); printGenMapDbUrl(stdout, clone); printf(" TARGET=_BLANK>%s</A></H2>\n", clone); htmlHorizontalLine(); printf("<TABLE>\n"); printf("<TR><TH ALIGN=left>Chromosome:</TH><TD>%s</TD></TR>\n", seqName); @@ -14649,31 +14650,31 @@ void doMouseOrthoDetail(struct trackDb *tdb, char *itemName) /* Handle click on mouse synteny track. */ { struct mouseSyn el; int start = cartInt(cart, "o"); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset; cartWebStart(cart, database, "Mouse Synteny"); printf("<H2>Mouse Synteny</H2>\n"); -sprintf(query, "select * from %s where chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from %s where chrom = '%s' and chromStart = %d", tdb->table, seqName, start); rowOffset = hOffsetPastBin(database, seqName, tdb->table); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { htmlHorizontalLine(); mouseSynStaticLoad(row+rowOffset, &el); printf("<B>mouse chromosome:</B> %s<BR>\n", el.name+6); printf("<B>human chromosome:</B> %s<BR>\n", skipChr(el.chrom)); printf("<B>human starting base:</B> %d<BR>\n", el.chromStart); printf("<B>human ending base:</B> %d<BR>\n", el.chromEnd); printf("<B>size:</B> %d<BR>\n", el.chromEnd - el.chromStart); } sqlFreeResult(&sr); hFreeConn(&conn); @@ -14682,31 +14683,31 @@ void doMouseSyn(struct trackDb *tdb, char *itemName) /* Handle click on mouse synteny track. */ { struct mouseSyn el; int start = cartInt(cart, "o"); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset; cartWebStart(cart, database, "Mouse Synteny"); printf("<H2>Mouse Synteny</H2>\n"); -sprintf(query, "select * from %s where chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from %s where chrom = '%s' and chromStart = %d", tdb->table, seqName, start); rowOffset = hOffsetPastBin(database, seqName, tdb->table); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { htmlHorizontalLine(); mouseSynStaticLoad(row+rowOffset, &el); printf("<B>mouse chromosome:</B> %s<BR>\n", el.name+6); printf("<B>human chromosome:</B> %s<BR>\n", skipChr(el.chrom)); printf("<B>human starting base:</B> %d<BR>\n", el.chromStart); printf("<B>human ending base:</B> %d<BR>\n", el.chromEnd); printf("<B>size:</B> %d<BR>\n", el.chromEnd - el.chromStart); } sqlFreeResult(&sr); hFreeConn(&conn); @@ -14715,31 +14716,31 @@ void doMouseSynWhd(struct trackDb *tdb, char *itemName) /* Handle click on Whitehead mouse synteny track. */ { struct mouseSynWhd el; int start = cartInt(cart, "o"); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset; cartWebStart(cart, database, "Mouse Synteny (Whitehead)"); printf("<H2>Mouse Synteny (Whitehead)</H2>\n"); -sprintf(query, "select * from %s where chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from %s where chrom = '%s' and chromStart = %d", tdb->table, seqName, start); rowOffset = hOffsetPastBin(database, seqName, tdb->table); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { htmlHorizontalLine(); mouseSynWhdStaticLoad(row+rowOffset, &el); printf("<B>mouse chromosome:</B> %s<BR>\n", el.name); printf("<B>mouse starting base:</B> %d<BR>\n", el.mouseStart+1); printf("<B>mouse ending base:</B> %d<BR>\n", el.mouseEnd); printf("<B>human chromosome:</B> %s<BR>\n", skipChr(el.chrom)); printf("<B>human starting base:</B> %d<BR>\n", el.chromStart+1); printf("<B>human ending base:</B> %d<BR>\n", el.chromEnd); printf("<B>strand:</B> %s<BR>\n", el.strand); printf("<B>segment label:</B> %s<BR>\n", el.segLabel); @@ -14756,31 +14757,31 @@ { struct ensPhusionBlast el; int start = cartInt(cart, "o"); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char *org = hOrganism(database); char *tbl = cgiUsualString("table", cgiString("g")); char *elname, *ptr, *xenoDb, *xenoOrg, *xenoChrom; char query[256]; int rowOffset; cartWebStart(cart, database, "%s", tdb->longLabel); printf("<H2>%s</H2>\n", tdb->longLabel); -sprintf(query, "select * from %s where chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from %s where chrom = '%s' and chromStart = %d", tdb->table, seqName, start); rowOffset = hOffsetPastBin(database, seqName, tdb->table); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { htmlHorizontalLine(); ensPhusionBlastStaticLoad(row+rowOffset, &el); elname = cloneString(el.name); if ((ptr = strchr(elname, '.')) != NULL) { *ptr = 0; xenoChrom = ptr+1; xenoDb = elname; xenoOrg = hOrganism(xenoDb); } @@ -14834,39 +14835,39 @@ char *validateOrGetRsId(char *name, struct sqlConnection *conn) /* If necessary, get the rsId from the affy120K or affy10K table, given the affyId. rsId is more common, affy120K is next, affy10K least. * returns "valid" if name is already a valid rsId, new rsId if it is found in the affy tables, or 0 if no valid rsId is found */ { char *rsId = cloneString(name); struct affy120KDetails *a120K = NULL; struct affy10KDetails *a10K = NULL; char query[512]; if (strncmp(rsId,"rs",2)) /* is not a valid rsId, so it must be an affyId */ { - safef(query, sizeof(query), /* more likely to be affy120K, so check first */ + sqlSafef(query, sizeof(query), /* more likely to be affy120K, so check first */ "select * from affy120KDetails where affyId = '%s'", name); a120K = affy120KDetailsLoadByQuery(conn, query); if (a120K != NULL) /* found affy120K record */ rsId = cloneString(a120K->rsId); affy120KDetailsFree(&a120K); if (strncmp(rsId,"rs",2)) /* not a valid affy120K snp, might be affy10K */ { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from affy10KDetails where affyId = '%s'", name); a10K = affy10KDetailsLoadByQuery(conn, query); if (a10K != NULL) /* found affy10K record */ rsId = cloneString(a10K->rsId); affy10KDetailsFree(&a10K); if (strncmp(rsId,"rs",2)) /* not valid affy10K snp */ return 0; } /* not all affy snps have valid rsIds, so return if it is invalid */ if (strncmp(rsId,"rs",2) || strlen(rsId)<4 || sameString(rsId,"rs0")) /* not a valid rsId */ return 0; } else rsId = cloneString("valid"); return rsId; @@ -14879,36 +14880,36 @@ 0 if no valid rsId is found */ { struct sqlConnection *hgFixed = sqlConnect("hgFixed"); char *rsId = validateOrGetRsId(name, hgFixed); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[512]; struct dbSnpRs *snp = NULL; char *dbOrg = cloneStringZ(database,2); toUpperN(dbOrg,1); /* capitalize first letter */ if (rsId) /* a valid rsId exists */ { if (sameString(rsId, "valid")) - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * " "from dbSnpRs%s " "where rsId = '%s'", dbOrg, name); else - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * " "from dbSnpRs%s " "where rsId = '%s'", dbOrg, rsId); snp = dbSnpRsLoadByQuery(hgFixed, query); if (snp != NULL) { printf("<BR>\n"); if(snp->avHetSE>0) { printf("<B><A HREF=\"http://www.ncbi.nlm.nih.gov/SNP/Hetfreq.html\" target=\"_blank\">"); printf("Average Heterozygosity</A>:</B> %f<BR>\n",snp->avHet); printf("<B><A HREF=\"http://www.ncbi.nlm.nih.gov/SNP/Hetfreq.html\" target=\"_blank\">"); printf("Standard Error of Avg. Het.</A>: </B> %f<BR>\n", snp->avHetSE); } else @@ -14930,58 +14931,58 @@ snp->valid); // printf("<B>Validation Status:</B> <span style='font-family:Courier;'>%s<BR></span>\n", // snp->valid); printf("<B>Allele1: </B> <span style='font-family:Courier;'>%s<BR></span>\n", snp->allele1); printf("<B>Allele2: </B> <span style='font-family:Courier;'>%s<BR>\n", snp->allele2); printf("<B>Sequence in Assembly</B>: %s<BR>\n", snp->assembly); printf("<B>Alternate Sequence</B>: %s<BR></span>\n", snp->alternate); } dbSnpRsFree(&snp); } sqlDisconnect(&hgFixed); if (sameString(dbOrg,"Hg")) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select source, type from snpMap where name = '%s'", name); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { printf("<B><A HREF=\"#source\">Variant Source</A></B>: %s<BR>\n",row[0]); printf("<B><A HREF=\"#type\">Variant Type</A></B>: %s\n",row[1]); } sqlFreeResult(&sr); hFreeConn(&conn); } return rsId; } void doSnpEntrezGeneLink(struct trackDb *tdb, char *name) /* print link to EntrezGene for this SNP */ { char *table = tdb->table; if (hTableExists(database, "knownGene") && hTableExists(database, "refLink") && hTableExists(database, "mrnaRefseq") && hTableExists(database, table)) { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[512]; int rowOffset; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select distinct " " rl.locusLinkID, " " rl.name " "from knownGene kg, " " refLink rl, " " %s snp, " " mrnaRefseq mrs " "where snp.chrom = kg.chrom " " and kg.name = mrs.mrna " " and mrs.refSeq = rl.mrnaAcc " " and kg.txStart < snp.chromStart " " and kg.txEnd > snp.chromEnd " " and snp.name = '%s'", table, name); rowOffset = hOffsetPastBin(database, seqName, table); sr = sqlGetResult(conn, query); @@ -15000,31 +15001,31 @@ /* Put up info on a SNP. */ { char *snpTable = tdb->table; struct snp snp; struct snpMap snpMap; int start = cartInt(cart, "o"); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset; char *printId; cartWebStart(cart, database, "Simple Nucleotide Polymorphism (SNP)"); printf("<H2>Simple Nucleotide Polymorphism (SNP) %s</H2>\n", itemName); -sprintf(query, +sqlSafef(query, sizeof query, "select * " "from %s " "where chrom = '%s' " " and chromStart = %d " " and name = '%s'", snpTable, seqName, start, itemName); rowOffset = hOffsetPastBin(database, seqName, snpTable); sr = sqlGetResult(conn, query); if (sameString(snpTable,"snpMap")) while ((row = sqlNextRow(sr)) != NULL) { snpMapStaticLoad(row+rowOffset, &snpMap); bedPrintPos((struct bed *)&snpMap, 3, tdb); } else @@ -15078,46 +15079,46 @@ tokens=cloneString(exceptionList); lf=lineFileOnString("snpExceptions", TRUE, tokens); tkz=tokenizerOnLineFile(lf); while ((id=tokenizerNext(tkz))!=NULL) { if (firstException) { printf("<BR><B style='color:%s;'>Note(s):</B><BR>\n",noteColor); firstException=FALSE; } if (sameString(id,",")) /* is there a tokenizer that doesn't return separators? */ continue; if (sameString(id,"18")||sameString(id,"19")||sameString(id,"20")) multiplePositions=TRUE; br=cloneString("<BR>"); - safef(query, sizeof(query), "select * from snpExceptions where exceptionId = %s", id); + sqlSafef(query, sizeof(query), "select * from snpExceptions where exceptionId = %s", id); sr = sqlGetResult(conn, query); /* exceptionId is a primary key; at most 1 record returned */ while ((row = sqlNextRow(sr))!=NULL) { snpExceptionsStaticLoad(row, &se); printf(" <B style='color:%s;'>%s</B><BR>\n", noteColor,se.description); } } printf("%s\n",br); if (multiplePositions) { struct snp snp; printf("<B style='color:#7f0000;'>Other Positions</B>:<BR><BR>"); - safef(query, sizeof(query), "select * from snp where name='%s'", itemName); + sqlSafef(query, sizeof(query), "select * from snp where name='%s'", itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr))!=NULL) { snpStaticLoad(row+rowOffset, &snp); if (differentString(chrom,snp.chrom) || chromStart!=snp.chromStart) { bedPrintPos((struct bed *)&snp, 3, tdb); printf("<BR>\n"); } } } } void printSnpInfo(struct snp snp) /* print info on a snp */ @@ -15151,31 +15152,31 @@ if (hTableExists(database, snpSeqSetting)) safecpy(snpSeqTable, sizeof(snpSeqTable), snpSeqSetting); else return -1; } else { safef(snpSeqTable, sizeof(snpSeqTable), "%sSeq", tdb->table); if (!hTableExists(database, snpSeqTable)) { safecpy(snpSeqTable, sizeof(snpSeqTable), "snpSeq"); if (!hTableExists(database, snpSeqTable)) return -1; } } -safef(query, sizeof(query), "select file_offset from %s where acc='%s'", +sqlSafef(query, sizeof(query), "select file_offset from %s where acc='%s'", snpSeqTable, snp->name); sr = sqlGetResult(conn, query); row = sqlNextRow(sr); if (row == NULL) return -1; offset = sqlLongLong(row[0]); sqlFreeResult(&sr); hFreeConn(&conn); return offset; } char *getSnpSeqFile(struct trackDb *tdb) /* find location of snp.fa and test existence. */ { @@ -15521,31 +15522,31 @@ char *snpTable = tdb->table; struct snp snp; int start = cartInt(cart, "o"); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset=hOffsetPastBin(database, seqName, snpTable); int firstOne=1; char *exception=0; char *chrom=""; int chromStart=0; cartWebStart(cart, database, "Simple Nucleotide Polymorphism (SNP)"); printf("<H2>Simple Nucleotide Polymorphism (SNP) %s</H2>\n", itemName); -safef(query, sizeof(query), "select * from %s where chrom='%s' and " +sqlSafef(query, sizeof(query), "select * from %s where chrom='%s' and " "chromStart=%d and name='%s'", snpTable, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr))!=NULL) { snpStaticLoad(row+rowOffset, &snp); if (firstOne) { exception=cloneString(snp.exception); chrom = cloneString(snp.chrom); chromStart = snp.chromStart; bedPrintPos((struct bed *)&snp, 3, tdb); printf("<BR>\n"); firstOne=0; } printSnpInfo(snp); @@ -15557,31 +15558,31 @@ doSnpEntrezGeneLink(tdb, itemName); } if (hTableExists(database, "snpExceptions") && differentString(exception,"0")) writeSnpException(exception, itemName, rowOffset, chrom, chromStart, tdb); printTrackHtml(tdb); sqlFreeResult(&sr); hFreeConn(&conn); } void doAffy120KDetails(struct trackDb *tdb, char *name) /* print additional SNP details */ { struct sqlConnection *conn = sqlConnect("hgFixed"); char query[1024]; struct affy120KDetails *snp = NULL; -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select affyId, rsId, baseA, baseB, sequenceA, sequenceB, " " enzyme, minFreq, hetzyg, avHetSE, " " NA04477, NA04479, NA04846, NA11036, NA11038, NA13056, " " NA17011, NA17012, NA17013, NA17014, NA17015, NA17016, " " NA17101, NA17102, NA17103, NA17104, NA17105, NA17106, " " NA17201, NA17202, NA17203, NA17204, NA17205, NA17206, " " NA17207, NA17208, NA17210, NA17211, NA17212, NA17213, " " PD01, PD02, PD03, PD04, PD05, PD06, PD07, PD08, " " PD09, PD10, PD11, PD12, PD13, PD14, PD15, PD16, " " PD17, PD18, PD19, PD20, PD21, PD22, PD23, PD24 " "from affy120KDetails " "where affyId = %s", name); snp = affy120KDetailsLoadByQuery(conn, query); if (snp!=NULL) { @@ -15669,92 +15670,92 @@ void doCnpLocke(struct trackDb *tdb, char *itemName) { char *table = tdb->table; struct cnpLocke thisItem; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset = hOffsetPastBin(database, seqName, table); int start = cartInt(cart, "o"); genericHeader(tdb, itemName); printf("<B>NCBI Clone Registry: </B><A href="); printCloneDbUrl(stdout, itemName); printf(" target=_blank>%s</A><BR>\n", itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { cnpLockeStaticLoad(row+rowOffset, &thisItem); bedPrintPos((struct bed *)&thisItem, 3, tdb); printf("<BR><B>Variation Type</B>: %s\n",thisItem.variationType); } printTrackHtml(tdb); sqlFreeResult(&sr); hFreeConn(&conn); } void doCnpIafrate(struct trackDb *tdb, char *itemName) { char *table = tdb->table; struct cnpIafrate cnpIafrate; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset = hOffsetPastBin(database, seqName, table); int start = cartInt(cart, "o"); genericHeader(tdb, itemName); printf("<B>NCBI Clone Registry: </B><A href="); printCloneDbUrl(stdout, itemName); printf(" target=_blank>%s</A><BR>\n", itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { cnpIafrateStaticLoad(row+rowOffset, &cnpIafrate); bedPrintPos((struct bed *)&cnpIafrate, 3, tdb); printf("<BR><B>Variation Type</B>: %s\n",cnpIafrate.variationType); printf("<BR><B>Score</B>: %g\n",cnpIafrate.score); } printTrackHtml(tdb); sqlFreeResult(&sr); hFreeConn(&conn); } void doCnpIafrate2(struct trackDb *tdb, char *itemName) { char *table = tdb->table; struct cnpIafrate2 thisItem; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset = hOffsetPastBin(database, seqName, table); int start = cartInt(cart, "o"); genericHeader(tdb, itemName); printf("<B>NCBI Clone Registry: </B><A href="); printCloneDbUrl(stdout, itemName); printf(" target=_blank>%s</A><BR>\n", itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { cnpIafrate2StaticLoad(row+rowOffset, &thisItem); bedPrintPos((struct bed *)&thisItem, 3, tdb); printf("<BR><B>Cohort Type</B>: %s\n",thisItem.cohortType); if (strstr(thisItem.cohortType, "Control")) { printf("<BR><B>Control Gain Count</B>: %d\n",thisItem.normalGain); printf("<BR><B>Control Loss Count</B>: %d\n",thisItem.normalLoss); } if (strstr(thisItem.cohortType, "Patient")) { @@ -15767,115 +15768,115 @@ hFreeConn(&conn); } void doDelHinds2(struct trackDb *tdb, char *itemName) { char *table = tdb->table; struct delHinds2 thisItem; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset = hOffsetPastBin(database, seqName, table); int start = cartInt(cart, "o"); genericHeader(tdb, itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { delHinds2StaticLoad(row+rowOffset, &thisItem); bedPrintPos((struct bed *)&thisItem, 3, tdb); printf("<BR><B>Frequency</B>: %3.2f%%\n",thisItem.frequency); } printTrackHtml(tdb); sqlFreeResult(&sr); hFreeConn(&conn); } void doDelConrad2(struct trackDb *tdb, char *itemName) { char *table = tdb->table; struct delConrad2 thisItem; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset = hOffsetPastBin(database, seqName, table); int start = cartInt(cart, "o"); genericHeader(tdb, itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { delConrad2StaticLoad(row+rowOffset, &thisItem); bedPrintPos((struct bed *)&thisItem, 3, tdb); printf("<BR><B>HapMap individual</B>: %s\n",thisItem.offspring); printf("<BR><B>HapMap population</B>: %s\n",thisItem.population); } printTrackHtml(tdb); sqlFreeResult(&sr); hFreeConn(&conn); } void doCnpSebat(struct trackDb *tdb, char *itemName) { char *table = tdb->table; struct cnpSebat cnpSebat; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset = hOffsetPastBin(database, seqName, table); int start = cartInt(cart, "o"); genericHeader(tdb, itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { cnpSebatStaticLoad(row+rowOffset, &cnpSebat); bedPrintPos((struct bed *)&cnpSebat, 3, tdb); printf("<BR><B>Number of probes</B>: %d\n",cnpSebat.probes); printf("<BR><B>Number of individuals</B>: %d\n",cnpSebat.individuals); } printTrackHtml(tdb); sqlFreeResult(&sr); hFreeConn(&conn); } void doCnpSebat2(struct trackDb *tdb, char *itemName) { char *table = tdb->table; struct cnpSebat2 cnpSebat2; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset = hOffsetPastBin(database, seqName, table); int start = cartInt(cart, "o"); genericHeader(tdb, itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { cnpSebat2StaticLoad(row+rowOffset, &cnpSebat2); bedPrintPos((struct bed *)&cnpSebat2, 3, tdb); printf("<BR><B>Number of probes</B>: %d\n",cnpSebat2.probes); } printTrackHtml(tdb); sqlFreeResult(&sr); hFreeConn(&conn); } @@ -15892,37 +15893,37 @@ printf("<B>LTR Percent: </B> %.1f %%<BR>\n", cnpSharp.LTRpercent*100); printf("<B>DNA Percent: </B> %.1f %%<BR>\n", cnpSharp.DNApercent*100); printf("<B>Disease Percent: </B> %.1f %%<BR>\n", cnpSharp.diseaseSpotsPercent*100); } void printCnpSharpSampleData(char *itemName) { struct sqlConnection *hgFixed1 = sqlConnect("hgFixed"); struct sqlConnection *hgFixed2 = sqlConnect("hgFixed"); char query[256], query2[1024]; char **row; struct sqlResult *sr1, *sr2; float sample, cutoff; printf("<BR>\n"); -safef(query, sizeof(query), "select distinct substring(sample,1,5) from cnpSharpCutoff order by sample"); +sqlSafef(query, sizeof(query), "select distinct substring(sample,1,5) from cnpSharpCutoff order by sample"); sr1 = sqlGetResult(hgFixed1, query); while ((row = sqlNextRow(sr1)) != NULL) { char *pop=row[0]; printf("<table border=\"1\" cellpadding=\"0\" ><tr>"); - safef(query2, sizeof(query2), + sqlSafef(query2, sizeof(query2), "select s1.sample, s1.gender, s1.value, c1.value, s2.value, c2.value " "from cnpSharpSample s1, cnpSharpSample s2, cnpSharpCutoff c1, cnpSharpCutoff c2 " "where s1.sample=s2.sample and s1.sample=c1.sample and s1.sample=c2.sample " " and s1.batch=1 and s2.batch=2 and c1.batch=1 and c2.batch=2 and s1.bac='%s' " " and s1.bac=s2.bac and s1.sample like '%s%%' order by s1.sample", itemName, pop); sr2 = sqlGetResult(hgFixed2, query2); while ((row = sqlNextRow(sr2)) != NULL) { if (sameString(row[1],"M")) printf("<TD width=160 bgcolor=\"#99FF99\">"); else printf("<TD width=160 bgcolor=\"#FFCCFF\">"); printf("%s</TD>\n",row[0]); } printf("</TR><TR>\n"); sqlFreeResult(&sr2); sr2 = sqlGetResult(hgFixed2, query2); @@ -15983,31 +15984,31 @@ char *itemCopy = cloneString(itemName); variantSignal = lastChar(itemName); if (variantSignal == '*') stripChar(itemCopy, '*'); if (variantSignal == '?') stripChar(itemCopy, '?'); if (variantSignal == '#') stripChar(itemCopy, '#'); genericHeader(tdb, itemCopy); printf("<B>NCBI Clone Registry: </B><A href="); printCloneDbUrl(stdout, itemCopy); printf(" target=_blank>%s</A><BR>\n", itemCopy); if (variantSignal == '*' || variantSignal == '?' || variantSignal == '#') printf("<B>Note this BAC was found to be variant. See references.</B><BR>\n"); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { cnpSharpStaticLoad(row+rowOffset, &cnpSharp); bedPrintPos((struct bed *)&cnpSharp, 3, tdb); printCnpSharpDetails(cnpSharp); } sqlFreeResult(&sr); hFreeConn(&conn); // printCnpSharpSampleData(itemName); printTrackHtml(tdb); } @@ -16015,62 +16016,62 @@ void doCnpSharp2(struct trackDb *tdb, char *itemName) { char *table = tdb->table; struct cnpSharp2 cnpSharp2; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset = hOffsetPastBin(database, seqName, table); int start = cartInt(cart, "o"); genericHeader(tdb, itemName); printf("<B>NCBI Clone Registry: </B><A href="); printCloneDbUrl(stdout, itemName); printf(" target=_blank>%s</A><BR>\n", itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { cnpSharp2StaticLoad(row+rowOffset, &cnpSharp2); bedPrintPos((struct bed *)&cnpSharp2, 3, tdb); printf("<B>Name: </B> %s <BR>\n", cnpSharp2.name); printf("<B>Variation type: </B> %s <BR>\n", cnpSharp2.variationType); } sqlFreeResult(&sr); hFreeConn(&conn); // printCnpSharpSampleData(itemName); printTrackHtml(tdb); } void doDgv(struct trackDb *tdb, char *id) /* Details for Database of Genomic Variants (updated superset of cnp*). */ { struct dgv dgv; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[512]; int rowOffset = hOffsetPastBin(database, seqName, tdb->table); int start = cartInt(cart, "o"); int end = cartInt(cart, "t"); genericHeader(tdb, id); printCustomUrl(tdb, id, FALSE); -safef(query, sizeof(query), "select * from %s where name = '%s' " +sqlSafef(query, sizeof(query), "select * from %s where name = '%s' " "and chrom = '%s' and chromStart = %d and chromEnd = %d", tdb->table, id, seqName, start, end); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { dgvStaticLoad(row+rowOffset, &dgv); if (dgv.chromStart != dgv.thickStart || (dgv.chromEnd != dgv.thickEnd && dgv.thickEnd != dgv.chromStart)) { printf("<B>Variant Position:</B> " "<A HREF=\"%s&db=%s&position=%s%%3A%d-%d\">%s:%d-%d</A><BR>\n", hgTracksPathAndSettings(), database, dgv.chrom, dgv.thickStart+1, dgv.thickEnd, dgv.chrom, dgv.thickStart+1, dgv.thickEnd); printBand(dgv.chrom, dgv.thickStart, dgv.thickEnd, FALSE); @@ -16110,57 +16111,57 @@ void doAffy120K(struct trackDb *tdb, char *itemName) /* Put up info on an Affymetrix SNP. */ { char *table = tdb->table; struct snp snp; int start = cartInt(cart, "o"); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset; cartWebStart(cart, database, "Single Nucleotide Polymorphism (SNP)"); printf("<H2>Single Nucleotide Polymorphism (SNP) %s</H2>\n", itemName); -sprintf(query, "select * " +sqlSafef(query, sizeof query, "select * " "from affy120K " "where chrom = '%s' " " and chromStart = %d " " and name = '%s'", seqName, start, itemName); rowOffset = hOffsetPastBin(database, seqName, table); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { snpStaticLoad(row+rowOffset, &snp); bedPrintPos((struct bed *)&snp, 3, tdb); } doAffy120KDetails(tdb, itemName); printTrackHtml(tdb); sqlFreeResult(&sr); hFreeConn(&conn); } void doAffy10KDetails(struct trackDb *tdb, char *name) /* print additional SNP details */ { struct sqlConnection *conn = sqlConnect("hgFixed"); char query[1024]; struct affy10KDetails *snp=NULL; -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select affyId, rsId, tscId, baseA, baseB, " "sequenceA, sequenceB, enzyme " /** minFreq, hetzyg, and avHetSE are waiting for additional data from Affy **/ /* " , minFreq, hetzyg, avHetSE "*/ "from affy10KDetails " "where affyId = '%s'", name); snp = affy10KDetailsLoadByQuery(conn, query); if (snp!=NULL) { printf("<BR>\n"); printf("<B>Sample Prep Enzyme: </B> <I>XbaI</I><BR>\n"); /** minFreq, hetzyg, and avHetSE are waiting for additional data from Affy **/ /* printf("<B>Minimum Allele Frequency:</B> %.3f<BR>\n",snp->minFreq);*/ /* printf("<B>Heterozygosity: </B> %.3f<BR>\n",snp->hetzyg);*/ /* printf("<B>Average Heterozygosity: </B> %.3f<BR>\n",snp->avHetSE);*/ @@ -16196,60 +16197,60 @@ void doAffy10K(struct trackDb *tdb, char *itemName) /* Put up info on an Affymetrix SNP. */ { char *table = tdb->table; struct snp snp; int start = cartInt(cart, "o"); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset; cartWebStart(cart, database, "Single Nucleotide Polymorphism (SNP)"); printf("<H2>Single Nucleotide Polymorphism (SNP) %s</H2>\n", itemName); -sprintf(query, "select * " +sqlSafef(query, sizeof query, "select * " "from affy10K " "where chrom = '%s' " " and chromStart = %d " " and name = '%s'", seqName, start, itemName); rowOffset = hOffsetPastBin(database, seqName, table); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { snpStaticLoad(row+rowOffset, &snp); bedPrintPos((struct bed *)&snp, 3, tdb); } doAffy10KDetails(tdb, itemName); printTrackHtml(tdb); sqlFreeResult(&sr); hFreeConn(&conn); } void printSnpOrthoSummary(struct trackDb *tdb, char *rsId, char *observed) /* helper function for printSnp125Info */ { char *orthoTable = snp125OrthoTable(tdb, NULL); if (isNotEmpty(orthoTable) && hTableExists(database, orthoTable)) { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[512]; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select chimpAllele from %s where name='%s'", orthoTable, rsId); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) printf("<B>Summary: </B>%s>%s (chimp allele displayed first, " "then '>', then human alleles)<br>\n", row[0], observed); sqlFreeResult(&sr); hFreeConn(&conn); } } #define FOURBLANKCELLS "<TD></TD><TD></TD><TD></TD><TD></TD>" void printSnpAlleleRows(struct snp125 *snp, int version) /* Print the UCSC ref allele (and dbSNP if it differs), as row(s) of a * 6-column table. */ @@ -16316,38 +16317,38 @@ void printSnpOrthoRows(struct trackDb *tdb, struct snp125 *snp) /* If a chimp+macaque ortho table was specified, print out the orthos * (if any), as rows of a 6-column table. */ { int speciesCount = 0; char *orthoTable = snp125OrthoTable(tdb, &speciesCount); if (isNotEmpty(orthoTable) && hTableExists(database, orthoTable)) { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[1024]; if (speciesCount == 2) - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select chimpChrom, chimpStart, chimpEnd, chimpAllele, chimpStrand, " "macaqueChrom, macaqueStart, macaqueEnd, macaqueAllele, macaqueStrand " "from %s where chrom='%s' and bin=%d and chromStart=%d and name='%s'", orthoTable, seqName, binFromRange(snp->chromStart, snp->chromEnd), snp->chromStart, snp->name); else - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select chimpChrom, chimpStart, chimpEnd, chimpAllele, chimpStrand, " "orangChrom, orangStart, orangEnd, orangAllele, orangStrand, " "macaqueChrom, macaqueStart, macaqueEnd, macaqueAllele, macaqueStrand " "from %s where chrom='%s' and bin=%d and chromStart=%d and name='%s'", orthoTable, seqName, binFromRange(snp->chromStart, snp->chromEnd), snp->chromStart, snp->name); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { char *chimpChrom = row[0]; int chimpStart = sqlUnsigned(row[1]); int chimpEnd = sqlUnsigned(row[2]); char *chimpAllele = row[3]; char *chimpStrand = row[4]; char *chimpDb = trackDbSetting(tdb, "chimpDb"); @@ -16460,33 +16461,33 @@ } char *getSymbolForGeneName(char *geneTable, char *geneId) /* Given a gene track and gene accession, look up the symbol if we know where to look * and if we find it, return a string with both symbol and acc. */ { struct dyString *dy = dyStringNew(32); char buf[256]; char *sym = NULL; if (sameString(geneTable, "knownGene") || sameString(geneTable, "refGene")) { struct sqlConnection *conn = hAllocConn(database); char query[256]; query[0] = '\0'; if (sameString(geneTable, "knownGene")) - safef(query, sizeof(query), "select geneSymbol from kgXref where kgID = '%s'", geneId); + sqlSafef(query, sizeof(query), "select geneSymbol from kgXref where kgID = '%s'", geneId); else if (sameString(geneTable, "refGene")) - safef(query, sizeof(query), "select name from refLink where mrnaAcc = '%s'", geneId); + sqlSafef(query, sizeof(query), "select name from refLink where mrnaAcc = '%s'", geneId); sym = sqlQuickQuery(conn, query, buf, sizeof(buf)-1); hFreeConn(&conn); } if (sym != NULL) dyStringPrintf(dy, "%s (%s)", sym, geneId); else dyStringAppend(dy, geneId); return dyStringCannibalize(&dy); } #define firstTwoColumnsPctS "<TR><TD>%s </TD><TD>%s </TD><TD>" void getSnp125RefCodonAndSnpPos(struct snp125 *snp, struct genePred *gene, int exonIx, int *pSnpCodonPos, char refCodon[4], char *pRefAA) /* Given a single-base snp and a coding gene/exon containing it, determine the snp's position @@ -16694,49 +16695,49 @@ } } } void printSnp125NearGenes(struct sqlConnection *conn, struct snp125 *snp, char *geneTable, char *geneTrack) /* Search upstream and downstream of snp for neigh */ { struct sqlResult *sr; char query[512]; char **row; int snpStart = snp->chromStart, snpEnd = snp->chromEnd; int nearCount = 0; int maxDistance = 10000; /* query to the left: */ -safef(query, sizeof(query), "select name,txEnd,strand from %s " +sqlSafef(query, sizeof(query), "select name,txEnd,strand from %s " "where chrom = '%s' and txStart < %d and txEnd > %d", geneTable, snp->chrom, snpStart, snpStart - maxDistance); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { char *gene = row[0]; char *geneName = getSymbolForGeneName(geneTable, gene); int end = sqlUnsigned(row[1]); char *strand = row[2]; boolean isRc = strand[0] == '-'; printf(firstTwoColumnsPctS "%s (%d bases %sstream)</TD></TR>\n", geneTrack, geneName, snpMisoLinkFromFunc(isRc ? "near-gene-5" : "near-gene-3"), (snpStart - end + 1), (isRc ? "up" : "down")); nearCount++; } sqlFreeResult(&sr); /* query to the right: */ -safef(query, sizeof(query), "select name,txStart,strand from %s " +sqlSafef(query, sizeof(query), "select name,txStart,strand from %s " "where chrom = '%s' and txStart < %d and txEnd > %d", geneTable, snp->chrom, snpEnd + maxDistance, snpEnd); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { char *gene = row[0]; char *geneName = getSymbolForGeneName(geneTable, gene); int start = sqlUnsigned(row[1]); char *strand = row[2]; boolean isRc = strand[0] == '-'; printf(firstTwoColumnsPctS "%s (%d bases %sstream)</TD></TR>\n", geneTrack, geneName, snpMisoLinkFromFunc(isRc ? "near-gene-3" : "near-gene-5"), (start - snpEnd + 1), (isRc ? "down" : "up")); nearCount++; } @@ -16793,31 +16794,31 @@ struct slName *gt; boolean first = TRUE; for (gt = geneTracks; gt != NULL; gt = gt->next) if (sqlTableExists(conn, gt->name)) { if (first) { printf("<BR><B>UCSC's predicted function relative to selected gene tracks:</B>\n"); printf("<TABLE border=0 cellspacing=0 cellpadding=0>\n"); } struct genePred *geneList = getGPsWithFrames(conn, gt->name, snp->chrom, snp->chromStart, snp->chromEnd); struct genePred *gene; char query[256]; char buf[256]; - safef(query, sizeof(query), "select shortLabel from trackDb where tableName='%s'", + sqlSafef(query, sizeof(query), "select shortLabel from trackDb where tableName='%s'", gt->name); char *shortLabel = sqlQuickQuery(conn, query, buf, sizeof(buf)-1); if (shortLabel == NULL) shortLabel = gt->name; for (gene = geneList; gene != NULL; gene = gene->next) printSnp125FunctionInGene(snp, gt->name, shortLabel, gene); if (geneList == NULL) printSnp125NearGenes(conn, snp, gt->name, shortLabel); first = FALSE; } if (! first) printf("</TABLE>\n"); hFreeConn(&conn); } char *dbSnpFuncFromInt(unsigned char funcCode) @@ -16865,33 +16866,33 @@ for (tbl = tableList; tbl != NULL; tbl = tbl->next) { if (!sqlTableExists(conn, tbl->name)) continue; char setting[512]; safef(setting, sizeof(setting), "codingAnnoLabel_%s", tbl->name); char *label = trackDbSettingOrDefault(tdb, setting, NULL); if (label == NULL && endsWith(tbl->name, "DbSnp")) label = "dbSNP"; else label = tbl->name; boolean hasBin = hIsBinned(database, tbl->name); boolean hasCoords = (sqlFieldIndex(conn, tbl->name, "chrom") != -1); int rowOffset = hasBin + (hasCoords ? 3 : 0); dyStringClear(query); - dyStringPrintf(query, "select * from %s where name = '%s'", tbl->name, snp->name); + sqlDyStringPrintf(query, "select * from %s where name = '%s'", tbl->name, snp->name); if (hasCoords) - dyStringPrintf(query, " and chrom = '%s' and chromStart = %d", seqName, snp->chromStart); + sqlDyStringPrintf(query, " and chrom = '%s' and chromStart = %d", seqName, snp->chromStart); struct sqlResult *sr = sqlGetResult(conn, query->string); char **row; boolean first = TRUE; while ((row = sqlNextRow(sr)) != NULL) { if (first) { printf("<BR><B>Coding annotations by %s:</B><BR>\n", label); first = FALSE; } struct snp125CodingCoordless *anno = snp125CodingCoordlessLoad(row+rowOffset); int i; boolean gotRef = (anno->funcCodes[0] == 8); for (i = 0; i < anno->alleleCount; i++) { @@ -17072,59 +17073,59 @@ { char *exceptionsTableSetting = trackDbSetting(tdb, "snpExceptions"); char exceptionsTable[128]; if (exceptionsTableSetting) safecpy(exceptionsTable, sizeof(exceptionsTable), exceptionsTableSetting); else safef(exceptionsTable, sizeof(exceptionsTable), "%sExceptions", tdb->table); char *excDescTable = getExcDescTable(tdb); if (hTableExists(database, exceptionsTable) && hTableExists(database, excDescTable)) { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[1024]; int start = cartInt(cart, "o"); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select description, %s.exception from %s, %s " "where chrom = \"%s\" and chromStart = %d and name = \"%s\" " "and %s.exception = %s.exception", excDescTable, excDescTable, exceptionsTable, seqName, start, itemName, excDescTable, exceptionsTable); sr = sqlGetResult(conn, query); boolean gotExc = FALSE; while ((row = sqlNextRow(sr))!=NULL) gotExc |= writeOneSnpException(row[1], row[0], gotExc); sqlFreeResult(&sr); hFreeConn(&conn); } } static void writeSnpExceptionFromColumn(struct trackDb *tdb, struct snp132Ext *snp) /* Hash the contents of exception description table, and for each exception listed * in snp->exceptions, print out its description. */ { char *excDescTable = getExcDescTable(tdb); if (hTableExists(database, excDescTable)) { static struct hash *excDesc = NULL; if (excDesc == NULL) { excDesc = hashNew(0); struct sqlConnection *conn = hAllocConn(database); char query[512]; - safef(query, sizeof(query), "select exception,description from %s", excDescTable); + sqlSafef(query, sizeof(query), "select exception,description from %s", excDescTable); struct sqlResult *sr = sqlGetResult(conn, query); char **row; while ((row = sqlNextRow(sr))!=NULL) hashAdd(excDesc, row[0], cloneString(row[1])); sqlFreeResult(&sr); hFreeConn(&conn); } struct slName *excList = slNameListFromComma(snp->exceptions), *exc; boolean gotExc = FALSE; for (exc = excList; exc != NULL; exc = exc->next) { char *desc = hashFindVal(excDesc, exc->name); gotExc |= writeOneSnpException(exc->name, desc, gotExc); } } @@ -17156,31 +17157,31 @@ else snp->strand[0] = '?'; snp->strand[1] = '\0'; snp->observed = cloneString(snp125->observed); return snp; } void checkForHgdpGeo(struct sqlConnection *conn, struct trackDb *tdb, char *itemName, int start) { char *hgdpGeoTable = "hgdpGeo"; // make this a trackDb setting if (!hTableExists(database, hgdpGeoTable)) return; struct sqlResult *sr; char **row; char query[512]; -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", hgdpGeoTable, itemName, seqName, start); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { struct hgdpGeo geo; hgdpGeoStaticLoad(row+1, &geo); char title[1024]; safef(title, sizeof(title), "Human Genome Diversity Project SNP" "<IMG name=\"hgdpImgIcon\" height=40 width=55 class='bigBlue' src=\"%s\">", hgdpPngFilePath(itemName)); jsBeginCollapsibleSection(cart, tdb->track, "hgdpGeo", title, FALSE); printf("Note: These annotations are taken directly from the " "<A HREF=\"http://hgdp.uchicago.edu/\" TARGET=_BLANK>HGDP Selection Browser</A>, " "and may indicate the allele on the opposite strand from that given above.<BR>\n"); @@ -17191,74 +17192,74 @@ printf("</TD><TD valign=top>\n"); hgdpGeoImg(&geo); printf("</TD></TR></TABLE>\n"); jsEndCollapsibleSection(); } sqlFreeResult(&sr); } void checkForHapmap(struct sqlConnection *conn, struct trackDb *tdb, char *itemName) { boolean isPhaseIII = sameString(trackDbSettingOrDefault(tdb, "hapmapPhase", "II"), "III"); boolean gotHapMap = FALSE; char query[512]; if (!isPhaseIII && sqlTableExists(conn, "hapmapAllelesSummary")) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select count(*) from hapmapAllelesSummary where name = '%s'", itemName); if (sqlQuickNum(conn, query) > 0) gotHapMap = TRUE; } else { int i; for (i = 0; hapmapPhaseIIIPops[i] != NULL; i++) { char table[HDB_MAX_TABLE_STRING]; safef(table, sizeof(table), "hapmapSnps%s", hapmapPhaseIIIPops[i]); if (sqlTableExists(conn, table)) { - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select count(*) from %s where name = '%s'", table, itemName); if (sqlQuickNum(conn, query) > 0) { gotHapMap = TRUE; break; } } } } struct trackDb *hsTdb = hashFindVal(trackHash, "hapmapSnps"); if (gotHapMap && hsTdb != NULL) { printf("<TR><TD colspan=2><B><A HREF=\"%s", hgTracksPathAndSettings()); // If hapmapSnps is hidden, make it dense; if it's pack etc., leave it alone. if (sameString("hide", cartUsualString(cart, "hapmapSnps", trackDbSettingOrDefault(hsTdb, "visibility", "hide")))) printf("&hapmapSnps=dense"); printf("\"> HapMap SNP</A> </B></TD></TR>\n"); } } static void checkForGwasCatalog(struct sqlConnection *conn, struct trackDb *tdb, char *item) /* If item is in gwasCatalog, add link to make the track visible. */ { char *gcTable = "gwasCatalog"; if (sqlTableExists(conn, gcTable)) { char query[512]; - safef(query, sizeof(query), "select count(*) from %s where name = '%s'", gcTable, item); + sqlSafef(query, sizeof(query), "select count(*) from %s where name = '%s'", gcTable, item); if (sqlQuickNum(conn, query) > 0) { struct trackDb *gcTdb = hashFindVal(trackHash, gcTable); if (gcTdb != NULL) { printf("<TR><TD colspan=2>><B><A HREF=\"%s", hgTracksPathAndSettings()); // If gcTable is hidden, make it dense; otherwise, leave it alone. if (sameString("hide", cartUsualString(cart, gcTable, trackDbSettingOrDefault(gcTdb, "visibility", "hide")))) printf("&%s=dense", gcTable); printf("\">%s SNP</A> </B></TD></TR>\n", gcTdb->shortLabel); } } } @@ -17318,31 +17319,31 @@ * the information. */ { struct slName *pdbIds = lsSnpPdbChimeraGetSnpPdbs(conn, snpId); if (pdbIds != NULL) { printLsSnpMappings(conn, pdbIds, snpTrack, snpId); slFreeList(&pdbIds); } } void printOtherSnpMappings(char *table, char *name, int start, struct sqlConnection *conn, int rowOffset) /* If this SNP (from any bed4+ table) is not uniquely mapped, print the other mappings. */ { char query[512]; -safef(query, sizeof(query), "select * from %s where name='%s'", +sqlSafef(query, sizeof(query), "select * from %s where name='%s'", table, name); struct sqlResult *sr = sqlGetResult(conn, query); int snpCount = 0; char **row; while ((row = sqlNextRow(sr)) != NULL) { struct bed *snp = bedLoad3(row + rowOffset); if (snp->chromStart != start || differentString(snp->chrom, seqName)) { printf("<BR>\n"); if (snpCount == 0) printf("<B>This SNP maps to these additional locations:</B><BR><BR>\n"); snpCount++; bedPrintPos((struct bed *)snp, 3, tdb); } @@ -17353,31 +17354,31 @@ void doSnpWithVersion(struct trackDb *tdb, char *itemName, int version) /* Process SNP details. */ { char *table = tdb->table; struct snp132Ext *snp; struct snp *snpAlign = NULL; int start = cartInt(cart, "o"); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[512]; int rowOffset=hOffsetPastBin(database, seqName, table); genericHeader(tdb, NULL); printf("<H2>dbSNP build %d %s</H2>\n", version, itemName); -safef(query, sizeof(query), "select * from %s where chrom='%s' and " +sqlSafef(query, sizeof(query), "select * from %s where chrom='%s' and " "chromStart=%d and name='%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { if (version >= 132) snp = snp132ExtLoad(row+rowOffset); else snp = (struct snp132Ext *)snp125Load(row+rowOffset); printCustomUrl(tdb, itemName, FALSE); bedPrintPos((struct bed *)snp, 3, tdb); snpAlign = snp125ToSnp((struct snp125 *)snp); printf("<BR>\n"); printSnp125Info(tdb, snp, version); doSnpEntrezGeneLink(tdb, itemName); } @@ -17425,54 +17426,54 @@ genericClickHandler(tdb, item, buf); } void doJaxQTL(struct trackDb *tdb, char *item) /* Put up info on Quantitative Trait Locus from Jackson Lab. */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char query[512]; char **row; int start = cartInt(cart, "o"); boolean isBed4 = startsWith("bed 4", tdb->type); boolean hasBin = hIsBinned(database, tdb->table); genericHeader(tdb, item); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", tdb->table, item, seqName, start); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { char *itemForUrl=NULL, *name=NULL, *description=NULL, *marker=NULL; float cMscore = 0.0; struct bed *bed = bedLoadN(row+hasBin, 4); if (isBed4) { char *oDb = trackDbSetting(tdb, "otherDb"); char *oTable = trackDbSetting(tdb, "otherDbTable"); itemForUrl = name = bed->name; if (isNotEmpty(oDb) && isNotEmpty(oTable)) { struct sqlConnection *conn2 = hAllocConn(database); char buf[1024]; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select description from %s.%s where name = '%s'", oDb, oTable, name); description = cloneString(sqlQuickQuery(conn2, query, buf, sizeof(buf)-1)); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select mgiID from %s.%s where name = '%s'", oDb, oTable, name); itemForUrl = cloneString(sqlQuickQuery(conn2, query, buf, sizeof(buf)-1)); } } else { struct jaxQTL *jaxQTL = jaxQTLLoad(row); itemForUrl = jaxQTL->mgiID; name = jaxQTL->name; description = jaxQTL->description; cMscore = jaxQTL->cMscore; marker = jaxQTL->marker; } @@ -17544,31 +17545,31 @@ return rsID; } else { if (retAllele != NULL) *retAllele = NULL; return NULL; } } static char *getSnpAlleles(struct sqlConnection *conn, char *snpTable, char *snpName) /* Look up snpName's observed alleles in snpTable. Returns NULL if not found. */ { char query[512]; char buf[256]; // varchar(255) -safef(query, sizeof(query), "select observed from %s where name = '%s'", snpTable, snpName); +sqlSafef(query, sizeof(query), "select observed from %s where name = '%s'", snpTable, snpName); return cloneString(sqlQuickQuery(conn, query, buf, sizeof(buf)-1)); } static void gwasCatalogCheckSnpAlleles(struct trackDb *tdb, struct gwasCatalog *gc) /* Look up the SNP's observed alleles in the snp track and warn if they are * complementary (hence the risk allele is ambiguous because strand is often * not specified in journal articles). */ { char *snpTable = trackDbSetting(tdb, "snpTable"); if (isEmpty(snpTable)) return; struct sqlConnection *conn = hAllocConn(database); if (sqlTableExists(conn, snpTable) && isSnpAndAllele(gc->riskAllele)) { char *riskAllele = NULL, *strongSNP = splitSnpAndAllele(gc->riskAllele, &riskAllele); @@ -17590,33 +17591,33 @@ dbSnpAlleles = "<em>not found</em>"; printf("<B>dbSNP build %s observed alleles for mapped SNP %s:</B> %s<BR>\n", snpVersion, gc->name, dbSnpAlleles); } } hFreeConn(&conn); } void doGwasCatalog(struct trackDb *tdb, char *item) /* Show details from NHGRI's Genome-Wide Association Study catalog. */ { int itemStart = cartInt(cart, "o"), itemEnd = cartInt(cart, "t"); genericHeader(tdb, item); struct sqlConnection *conn = hAllocConn(database); struct dyString *dy = dyStringNew(512); -dyStringPrintf(dy, "select * from %s where chrom = '%s' and ", tdb->table, seqName); +sqlDyStringPrintf(dy, "select * from %s where chrom = '%s' and ", tdb->table, seqName); hAddBinToQuery(itemStart, itemEnd, dy); -dyStringPrintf(dy, "chromStart = %d and name = '%s'", itemStart, item); +sqlDyStringPrintf(dy, "chromStart = %d and name = '%s'", itemStart, item); struct sqlResult *sr = sqlGetResult(conn, dy->string); int rowOffset = hOffsetPastBin(database, seqName, tdb->table); boolean first = TRUE; char **row; while ((row = sqlNextRow(sr)) != NULL) { if (first) first = FALSE; else printf("<HR>\n"); struct gwasCatalog *gc = gwasCatalogLoad(row+rowOffset); printCustomUrl(tdb, item, FALSE); printPos(gc->chrom, gc->chromStart, gc->chromEnd, NULL, TRUE, gc->name); printf("<B>Reported region:</B> %s<BR>\n", gc->region); printf("<B>Publication:</B> %s <em>et al.</em> " @@ -17673,31 +17674,31 @@ /* Handle click in ncRna track. */ { struct ncRna *ncRna; char table[64]; boolean hasBin; struct bed *bed; char query[512]; struct sqlResult *sr; char **row; struct sqlConnection *conn = hAllocConn(database); int bedSize; genericHeader(tdb, item); bedSize = 8; hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -sprintf(query, "select * from %s where name = '%s'", table, item); +sqlSafef(query, sizeof query, "select * from %s where name = '%s'", table, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { ncRna = ncRnaLoad(row); printCustomUrl(tdb, item, TRUE); printf("<B>Type:</B> %s<BR>", ncRna->type); if (ncRna->extGeneId != NULL && !sameWord(ncRna->extGeneId, "")) { printf("<B>External Gene ID:</B> %s<BR>", ncRna->extGeneId); } bed = bedLoadN(row+hasBin, bedSize); ncRnaPrintPos(bed, bedSize); } sqlFreeResult(&sr); @@ -17708,31 +17709,31 @@ /* Handle click in wgRna track. */ { struct wgRna *wgRna; char table[64]; boolean hasBin; struct bed *bed; char query[512]; struct sqlResult *sr; char **row; struct sqlConnection *conn = hAllocConn(database); int bedSize; genericHeader(tdb, item); bedSize = 8; hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -sprintf(query, "select * from %s where name = '%s'", table, item); +sqlSafef(query, sizeof query, "select * from %s where name = '%s'", table, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { wgRna = wgRnaLoad(row); /* display appropriate RNA type and URL */ if (sameWord(wgRna->type, "HAcaBox")) { printCustomUrl(tdb, item, TRUE); printf("<B>RNA Type:</B> H/ACA Box snoRNA\n"); } if (sameWord(wgRna->type, "CDBox")) { printCustomUrl(tdb, item, TRUE); printf("<B>RNA Type:</B> CD Box snoRNA\n"); @@ -17754,31 +17755,31 @@ sqlFreeResult(&sr); printTrackHtml(tdb); } void doJaxQTL3(struct trackDb *tdb, char *item) /* Put up info on Quantitative Trait Locus from Jackson Lab. */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char query[256]; char **row; int start = cartInt(cart, "o"); struct jaxQTL3 *jaxQTL; genericHeader(tdb, item); -sprintf(query, "select * from jaxQTL3 where name = '%s' and chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from jaxQTL3 where name = '%s' and chrom = '%s' and chromStart = %d", item, seqName, start); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { jaxQTL = jaxQTL3Load(row); printf("<B>Jax/MGI Link: </B>"); printf("<a TARGET=\"_blank\" href=\"http://www.informatics.jax.org/searches/accession_report.cgi?id=%s\">%s</a><BR>\n", jaxQTL->mgiID, jaxQTL->mgiID); printf("<B>QTL:</B> %s<BR>\n", jaxQTL->name); printf("<B>Description:</B> %s <BR>\n", jaxQTL->description); if (!sameWord("", jaxQTL->flank1)) { printf("<B>Flank Marker 1: </B>"); printf("<a TARGET=\"_blank\" href=\"http://www.informatics.jax.org/javawi2/servlet/WIFetch?page=searchTool&query=%s", jaxQTL->flank1); @@ -17813,73 +17814,73 @@ void doJaxAllele(struct trackDb *tdb, char *item) /* Show gene prediction position and other info. */ { char query[512]; struct sqlConnection *conn = hAllocConn(database); struct sqlConnection *conn2 = hAllocConn(database); boolean hasBin; char aliasTable[256], phenoTable[256]; struct sqlResult *sr = NULL; char **row = NULL; boolean first = TRUE; genericHeader(tdb, item); safef(aliasTable, sizeof(aliasTable), "%sInfo", tdb->table); safef(phenoTable, sizeof(phenoTable), "jaxAllelePheno"); -safef(query, sizeof(query), "name = \"%s\"", item); +sqlSafefFrag(query, sizeof(query), "name = \"%s\"", item); sr = hRangeQuery(conn, tdb->table, seqName, winStart, winEnd, query, &hasBin); while ((row = sqlNextRow(sr)) != NULL) { struct bed *bed = bedLoadN(row+hasBin, 12); /* Watch out for case-insensitive matches (e.g. one allele is <sla>, * another is <Sla>): */ if (! sameString(bed->name, item)) continue; if (first) first = FALSE; else printf("<BR>"); printf("<B>MGI Representative Transcript:</B> "); htmTextOut(stdout, bed->name); puts("<BR>"); if (hTableExists(database, aliasTable)) { struct sqlResult *sr2 = NULL; char **row2 = NULL; char query2[1024]; - safef(query2, sizeof(query2), + sqlSafef(query2, sizeof(query2), "select mgiId,source,name from %s where name = '%s'", aliasTable, bed->name); sr2 = sqlGetResult(conn2, query2); while ((row2 = sqlNextRow(sr2)) != NULL) { /* Watch out for case-insensitive matches: */ if (! sameString(bed->name, row2[2])) continue; if (isNotEmpty(row2[0])) printCustomUrl(tdb, row2[0], TRUE); printf("<B>Allele Type:</B> %s<BR>\n", row2[1]); } sqlFreeResult(&sr2); } if (hTableExists(database, phenoTable)) { struct sqlResult *sr2 = NULL; char **row2 = NULL; char query2[1024]; struct slName *phenoList, *pheno; - safef(query2, sizeof(query2), + sqlSafef(query2, sizeof(query2), "select phenotypes,allele from %s where allele = '%s'", phenoTable, bed->name); sr2 = sqlGetResult(conn2, query2); while ((row2 = sqlNextRow(sr2)) != NULL) { /* Watch out for case-insensitive matches: */ if (! sameString(bed->name, row2[1])) continue; boolean firstP = TRUE; phenoList = slNameListFromComma(row2[0]); slNameSort(&phenoList); printf("<B>Associated Phenotype(s):</B> "); for (pheno = phenoList; pheno != NULL; pheno = pheno->next) { if (firstP) @@ -17913,49 +17914,49 @@ char aliasTable[256], phenoTable[256]; struct slName *phenoList = NULL, *pheno = NULL; boolean first = TRUE; int chromStart=0, chromEnd=0; char *selectedPheno = NULL; /* Parse out the selected phenotype passed in from hgTracks. */ if ((selectedPheno = strstr(item, " source=")) != NULL) { *selectedPheno = '\0'; selectedPheno += strlen(" source="); } genericHeader(tdb, item); safef(aliasTable, sizeof(aliasTable), "%sAlias", tdb->table); safef(phenoTable, sizeof(phenoTable), "jaxAllelePheno"); -safef(query, sizeof(query), "name = \"%s\"", item); +sqlSafefFrag(query, sizeof(query), "name = \"%s\"", item); sr = hRangeQuery(conn, tdb->table, seqName, winStart, winEnd, query, &hasBin); while ((row = sqlNextRow(sr)) != NULL) { struct bed *bed = bedLoadN(row+hasBin, 12); if (first) { first = FALSE; printf("<B>MGI Representative Transcript:</B> "); htmTextOut(stdout, bed->name); puts("<BR>"); if (hTableExists(database, aliasTable)) { struct sqlConnection *conn2 = hAllocConn(database); char query2[512]; char buf[512]; char *mgiId; - safef(query2, sizeof(query2), + sqlSafef(query2, sizeof(query2), "select alias from %s where name = '%s'", aliasTable, item); mgiId = sqlQuickQuery(conn2, query2, buf, sizeof(buf)); if (mgiId != NULL) printCustomUrl(tdb, mgiId, TRUE); hFreeConn(&conn2); } printPos(bed->chrom, bed->chromStart, bed->chromEnd, bed->strand, FALSE, NULL); chromStart = bed->chromStart; chromEnd = bed->chromEnd; bedFree(&bed); } pheno = slNameNew(row[hasBin+12]); slAddHead(&phenoList, pheno); } @@ -17972,50 +17973,50 @@ if (selectedPheno && sameString(pheno->name, selectedPheno)) printf("<B>%s</B>", pheno->name); else printf("%s", pheno->name); } puts("<BR>"); if (hTableExists(database, phenoTable) && selectedPheno) { struct trackDb *alleleTdb = hMaybeTrackInfo(conn, "jaxAllele"); struct sqlConnection *conn2 = hAllocConn(database); char query2[512]; char buf[512]; char alleleTable[256]; safef(alleleTable, sizeof(alleleTable), "jaxAlleleInfo"); boolean gotAllele = hTableExists(database, alleleTable); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select allele from %s where transcript = '%s' " "and phenotypes like '%%%s%%'", phenoTable, item, selectedPheno); first = TRUE; sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { char *mgiId = NULL; if (first) { first = FALSE; printf("<B>Allele(s) Associated with %s Phenotype:</B> ", selectedPheno); } else printf(", "); if (gotAllele) { - safef(query2, sizeof(query2), + sqlSafef(query2, sizeof(query2), "select mgiID from jaxAlleleInfo where name = '%s'", row[0]); mgiId = sqlQuickQuery(conn2, query2, buf, sizeof(buf)); } if (mgiId && alleleTdb && alleleTdb->url) { struct dyString *dy = dyStringSub(alleleTdb->url, "$$", mgiId); printf("<A HREF=\"%s\" TARGET=_BLANK>", dy->string); dyStringFree(&dy); } htmTextOut(stdout, row[0]); if (mgiId && alleleTdb && alleleTdb->url) printf("</A>"); } sqlFreeResult(&sr); @@ -18031,40 +18032,40 @@ /* Show gene prediction position and other info. */ { char query[512]; struct sqlConnection *conn = hAllocConn(database); struct sqlConnection *conn2 = hAllocConn(database); struct genePred *gpList = NULL, *gp = NULL; boolean hasBin; char table[128]; char aliasTable[256]; boolean gotAlias = FALSE; genericHeader(tdb, item); safef(aliasTable, sizeof(aliasTable), "%sAlias", tdb->table); gotAlias = hTableExists(database, aliasTable); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -safef(query, sizeof(query), "name = \"%s\"", item); +sqlSafefFrag(query, sizeof(query), "name = \"%s\"", item); gpList = genePredReaderLoadQuery(conn, table, query); for (gp = gpList; gp != NULL; gp = gp->next) { if (gotAlias) { char query2[1024]; char buf[512]; char *mgiId; - safef(query2, sizeof(query2), + sqlSafef(query2, sizeof(query2), "select alias from %s where name = '%s'", aliasTable, item); mgiId = sqlQuickQuery(conn2, query2, buf, sizeof(buf)); if (mgiId != NULL) printCustomUrl(tdb, mgiId, TRUE); } printPos(gp->chrom, gp->txStart, gp->txEnd, gp->strand, FALSE, NULL); if (gp->next != NULL) printf("<br>"); } printTrackHtml(tdb); genePredFreeList(&gpList); hFreeConn(&conn2); hFreeConn(&conn); } @@ -18108,31 +18109,31 @@ struct sqlConnection *conn = hAllocConn(database); char query[1024]; struct encodeErge *ee=NULL; int start = cartInt(cart, "o"); char *newLabel = tdb->longLabel + 7; /* removes 'ENCODE ' from label */ char *encodeName = getEncodeName(item); char *encodeId = getEncodeId(item); cartWebStart(cart, database, "ENCODE Region Data: %s", newLabel); printf("<H2>ENCODE Region <span style='text-decoration:underline;'>%s</span> Data for %s.</H2>\n", newLabel, encodeName); genericHeader(tdb, encodeName); genericBedClick(conn, tdb, item, start, 14); /* reserved field has changed to itemRgb in code 2004-11-22 - Hiram */ -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select chrom, chromStart, chromEnd, name, score, strand, " " thickStart, thickEnd, reserved, blockCount, blockSizes, " " chromStarts, Id, color " "from %s " "where name = '%s' and chromStart = %d " "order by Id ", tdb->table, item, start); for (ee = encodeErgeLoadByQuery(conn, query); ee!=NULL; ee=ee->next) { printf("<BR>\n"); if (ee->Id>0) { printf("<BR>Additional information for <A HREF=\"http://dberge.cse.psu.edu/"); printf("cgi-bin/dberge_query?mode=Submit+query&disp=brow+data&pid="); printf("%s\" TARGET=_blank>%s</A>\n is available from <A ", encodeId, encodeName); printf("HREF=\"http://globin.cse.psu.edu/dberge/testmenu.html\" "); @@ -18154,31 +18155,31 @@ char *dupe, *words[16]; int wordCount=0; char *encodeName = getEncodeName(item); char *encodeId = getEncodeId(item); int i; cartWebStart(cart, database, "ENCODE Region Data: %s", tdb->longLabel+7); printf("<H2>ENCODE Region <span style='text-decoration:underline;'>%s</span> Data for %s</H2>\n", tdb->longLabel+7, encodeName); genericHeader(tdb, item); dupe = cloneString(tdb->type); wordCount = chopLine(dupe, words); genericBedClick(conn, tdb, item, start, atoi(words[1])); /* reserved field has changed to itemRgb in code 2004-11-22 - Hiram */ -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select chrom, chromStart, chromEnd, name, score, strand, " " thickStart, thickEnd, reserved, blockCount, blockSizes, " " chromStarts, Id, color, allLines " "from %s " "where name = '%s' and chromStart = %d " "order by Id ", tdb->table, item, start); for (ee = encodeErgeHssCellLinesLoadByQuery(conn, query); ee!=NULL; ee=ee->next) { if (ee->Id>0) { printf("<BR><B>Cell lines:</B> "); dupe = cloneString(ee->allLines); wordCount = chopCommas(dupe, words); for (i=0; i<wordCount-1; i++) { @@ -18200,31 +18201,31 @@ void doEncodeIndels(struct trackDb *tdb, char *itemName) { char *table = tdb->table; struct encodeIndels encodeIndel; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset = hOffsetPastBin(database, seqName, table); int start = cartInt(cart, "o"); boolean firstTime = TRUE; genericHeader(tdb, itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { encodeIndelsStaticLoad(row+rowOffset, &encodeIndel); if (firstTime) { printf("<B>Variant and Reference Sequences: </B><BR>\n"); printf("<PRE><TT>%s<BR>\n", encodeIndel.variant); printf("%s</TT></PRE><BR>\n", encodeIndel.reference); bedPrintPos((struct bed *)&encodeIndel, 3, tdb); firstTime = FALSE; printf("-----------------------------------------------------<BR>\n"); } @@ -18241,31 +18242,31 @@ sqlFreeResult(&sr); hFreeConn(&conn); } void doGbProtAnn(struct trackDb *tdb, char *item) /* Show extra info for GenBank Protein Annotations track. */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char query[256]; char **row; int start = cartInt(cart, "o"); struct gbProtAnn *gbProtAnn; genericHeader(tdb, item); -sprintf(query, "select * from gbProtAnn where name = '%s' and chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from gbProtAnn where name = '%s' and chrom = '%s' and chromStart = %d", item, seqName, start); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { gbProtAnn = gbProtAnnLoad(row); printCustomUrl(tdb, item, TRUE); printf("<B>Product:</B> %s<BR>\n", gbProtAnn->product); if (gbProtAnn->note[0] != 0) printf("<B>Note:</B> %s <BR>\n", gbProtAnn->note); printf("<B>GenBank Protein: </B>"); printf("<A HREF=\"http://www.ncbi.nlm.nih.gov/entrez/viewer.fcgi?val=%s\"", gbProtAnn->proteinId); printf(" TARGET=_blank>%s</A><BR>\n", gbProtAnn->proteinId); htmlHorizontalLine(); @@ -18348,46 +18349,46 @@ sprintf(title, "Location of %s using cosmid end sequences", clone); lfLabel = "Early Replication Cosmid Ends"; table = track; } if (sameString("earlyRepBad", track)) { sprintf(title, "Location of %s using cosmid end sequences", clone); lfLabel = "Early Replication Cosmid Ends"; table = track; } /* Print out non-sequence info */ cartWebStart(cart, database, "%s", title); /* Find the instance of the object in the bed table */ -sprintf(query, "SELECT * FROM %s WHERE name = '%s' " +sqlSafef(query, sizeof query, "SELECT * FROM %s WHERE name = '%s' " "AND chrom = '%s' AND chromStart = %d " "AND chromEnd = %d", table, clone, seqName, start, end); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if (row != NULL) { lfs = lfsLoad(row+hasBin); if (sameString("bacEndPairs", track) || sameString("bacEndSingles", track)) { if (sameString("Zebrafish", organism) ) { /* query to bacCloneXRef table to get Genbank accession */ /* and internal Sanger name for clones */ - sprintf(query, "SELECT genbank, intName FROM bacCloneXRef WHERE name = '%s'", clone); + sqlSafef(query, sizeof query, "SELECT genbank, intName FROM bacCloneXRef WHERE name = '%s'", clone); srb = sqlMustGetResult(conn1, query); rowb = sqlNextRow(srb); if (rowb != NULL) { printf("<H2><A HREF="); printCloneDbUrl(stdout, clone); printf(" TARGET=_BLANK>%s</A></H2>\n", clone); if (rowb[0] != NULL) { printf("<H3>Genbank Accession: <A HREF="); printEntrezNucleotideUrl(stdout, rowb[0]); printf(" TARGET=_BLANK>%s</A></H3>\n", rowb[0]); } else printf("<H3>Genbank Accession: n/a"); @@ -18447,48 +18448,48 @@ { printf("<H4>This is the only location found for %s</H4>\n",clone); } else { //printOtherLFS(clone, table, start, end); } sprintf(title, "Genomic alignments of %s:", lfLabel); webNewSection(title); for (i = 0; i < lfs->lfCount; i++) { sqlFreeResult(&sr); hFindSplitTable(database, seqName, lfs->pslTable, pslTable, &hasBin); - sprintf(query, "SELECT * FROM %s WHERE qName = '%s'", + sqlSafef(query, sizeof query, "SELECT * FROM %s WHERE qName = '%s'", pslTable, lfs->lfNames[i]); sr = sqlMustGetResult(conn, query); while ((row1 = sqlNextRow(sr)) != NULL) { psl = pslLoad(row1+hasBin); slAddHead(&pslList, psl); } slReverse(&pslList); if ((!sameString("fosEndPairs", track)) && (!sameString("earlyRep", track)) && (!sameString("earlyRepBad", track))) { if (sameWord(organism, "Zebrafish") ) { /* query to bacEndAlias table to get Genbank accession */ - sprintf(query, "SELECT * FROM bacEndAlias WHERE alias = '%s' ", + sqlSafef(query, sizeof query, "SELECT * FROM bacEndAlias WHERE alias = '%s' ", lfs->lfNames[i]); sr2 = sqlMustGetResult(conn, query); row2 = sqlNextRow(sr2); if (row2 != NULL) { printf("<H3>%s\tAccession: <A HREF=", lfs->lfNames[i]); printEntrezNucleotideUrl(stdout, row2[2]); printf(" TARGET=_BLANK>%s</A></H3>\n", row2[2]); } else { printf("<B>%s</B>\n",lfs->lfNames[i]); } sqlFreeResult(&sr2); @@ -18533,33 +18534,33 @@ hFreeConn(&conn1); } void fillCghTable(int type, char *tissue, boolean bold) /* Get the requested records from the database and print out HTML table */ { char query[256]; char currName[64]; int rowOffset; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char **row; struct cgh *cghRow; if (tissue) - sprintf(query, "type = %d AND tissue = '%s' ORDER BY name, chromStart", type, tissue); + sqlSafef(query, sizeof query, "type = %d AND tissue = '%s' ORDER BY name, chromStart", type, tissue); else - sprintf(query, "type = %d ORDER BY name, chromStart", type); + sqlSafef(query, sizeof query, "type = %d ORDER BY name, chromStart", type); sr = hRangeQuery(conn, "cgh", seqName, winStart, winEnd, query, &rowOffset); while ((row = sqlNextRow(sr))) { cghRow = cghLoad(row); if (strcmp(currName,cghRow->name)) { if (bold) printf("</TR>\n<TR>\n<TH>%s</TH>\n",cghRow->name); else printf("</TR>\n<TR>\n<TD>%s</TD>\n",cghRow->name); strcpy(currName,cghRow->name); } if (bold) printf("<TH ALIGN=right>%.6f</TH>\n",cghRow->score); else @@ -18581,31 +18582,31 @@ char **row; int celeraVersion = 0; int i = 0; cartWebStart(cart, database, "%s", tdb->longLabel); if (sameString(database, "hg15")) celeraVersion = 3; else celeraVersion = 4; if (cgiVarExists("o")) { int start = cgiInt("o"); int rowOffset = hOffsetPastBin(database, seqName, tdb->table); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and chromStart = %d and name= '%s'", tdb->table, seqName, start, dupName); sr = sqlGetResult(conn, query); i = 0; while ((row = sqlNextRow(sr))) { if (i > 0) htmlHorizontalLine(); celeraDupPositiveStaticLoad(row+rowOffset, &dup); printf("<B>Duplication Name:</B> %s<BR>\n", dup.name); bedPrintPos((struct bed *)(&dup), 3, tdb); if (!sameString(dup.name, dup.fullName)) printf("<B>Full Descriptive Name:</B> %s<BR>\n", dup.fullName); if (dup.bpAlign > 0) { @@ -18683,31 +18684,31 @@ char oChrom[64]; int oStart; int dupId; int rowOffset; int start = cgiInt("o"); int end = cgiInt("t"); char *alignUrl = NULL; if (sameString("hg18", database)) alignUrl = "http://humanparalogy.gs.washington.edu/build36"; else if (sameString("hg17", database)) alignUrl = "http://humanparalogy.gs.washington.edu"; else if (sameString("hg15", database) || sameString("hg16", database)) alignUrl = "http://humanparalogy.gs.washington.edu/jab/der_oo33"; rowOffset = hOffsetPastBin(database, seqName, tdb->table); parseSuperDupsChromPointPos(dupName, oChrom, &oStart, &dupId); - dyStringPrintf(query, "select * from %s where chrom = '%s' and ", + sqlDyStringPrintf(query, "select * from %s where chrom = '%s' and ", tdb->table, seqName); if (rowOffset > 0) hAddBinToQuery(start, end, query); if (dupId >= 0) dyStringPrintf(query, "uid = %d and ", dupId); dyStringPrintf(query, "chromStart = %d and otherStart = %d", start, oStart); sr = sqlGetResult(conn, query->string); while ((row = sqlNextRow(sr))) { genomicSuperDupsStaticLoad(row+rowOffset, &dup); bedPrintPos((struct bed *)(&dup), 4, tdb); printf("<B>Other Position:</B> " "<A HREF=\"%s&db=%s&position=%s%%3A%d-%d\">" "%s:%d-%d</A> \n", @@ -18771,31 +18772,31 @@ /* Print out non-sequence info */ cartWebStart(cart, database, "%s", tissue); /* Print general range info */ printf("<H2>UCSF Comparative Genomic Hybridizations - %s</H2>\n", tissue); printf("<P><HR ALIGN=\"CENTER\"></P>\n<TABLE>\n"); printf("<TR><TH ALIGN=left>Chromosome:</TH><TD>%s</TD></TR>\n",seqName); printf("<TR><TH ALIGN=left>Start window:</TH><TD>%d</TD></TR>\n",winStart); printf("<TR><TH ALIGN=left>End window:</TH><TD>%d</TD></TR>\n",winEnd); printf("</TABLE>\n"); printf("<P><HR ALIGN=\"CENTER\"></P>\n"); /* Find the names of all of the clones in this range */ printf("<TABLE>\n"); printf("<TR><TH>Cell Line</TH>"); -sprintf(query, "SELECT spot from cgh where chrom = '%s' AND " +sqlSafef(query, sizeof query, "SELECT spot from cgh where chrom = '%s' AND " "chromStart <= '%d' AND chromEnd >= '%d' AND " "tissue = '%s' AND type = 3 GROUP BY spot ORDER BY chromStart", seqName, winEnd, winStart, tissue); sr = sqlMustGetResult(conn, query); while ((row = sqlNextRow(sr))) printf("<TH>Spot %s</TH>",row[0]); printf("</TR>\n"); sqlFreeResult(&sr); /* Find the relevant tissues type records in the range */ fillCghTable(3, tissue, FALSE); printf("<TR><TD> </TD></TR>\n"); /* Find the relevant tissue average records in the range */ fillCghTable(2, tissue, TRUE); @@ -18824,58 +18825,58 @@ /* Print out non-sequence info */ sprintf(title, "MCN Breakpoints - %s",name); cartWebStart(cart, database, "%s", title); /* Print general range info */ /*printf("<H2>MCN Breakpoints - %s</H2>\n", name); printf("<P><HR ALIGN=\"CENTER\"></P>");*/ printf("<TABLE>\n"); printf("<TR><TH ALIGN=left>Chromosome:</TH><TD>%s</TD></TR>\n",seqName); printf("<TR><TH ALIGN=left>Begin in Chromosome:</TH><TD>%d</TD></TR>\n",start); printf("<TR><TH ALIGN=left>End in Chromosome:</TH><TD>%d</TD></TR>\n",end); printBand(seqName, start, end, TRUE); printf("</TABLE>\n"); /* Find all of the breakpoints in this range for this name*/ -sprintf(query, "SELECT * FROM mcnBreakpoints WHERE chrom = '%s' AND " +sqlSafef(query, sizeof query, "SELECT * FROM mcnBreakpoints WHERE chrom = '%s' AND " "chromStart = %d and chromEnd = %d AND name = '%s'", seqName, start, end, name); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr))) { printf("<P><HR ALIGN=\"CENTER\"></P>\n"); mcnRecord = mcnBreakpointsLoad(row); printf("<TABLE>\n"); printf("<TR><TH ALIGN=left>Case ID:</TH><TD>%s</TD></TR>", mcnRecord->caseId); printf("<TR><TH ALIGN=left>Breakpoint ID:</TH><TD>%s</TD></TR>", mcnRecord->bpId); printf("<TR><TH ALIGN=left>Trait:</TH><TD>%s</TD><TD>%s</TD></TR>", mcnRecord->trId, mcnRecord->trTxt); printf("<TR><TH ALIGN=left>Trait Group:</TH><TD>%s</TD><TD>%s</TD></TR>", mcnRecord->tgId, mcnRecord->tgTxt); printf("</TR>\n</TABLE>\n"); } sqlFreeResult(&sr); hFreeConn(&conn); } void doProbeDetails(struct trackDb *tdb, char *item) { struct sqlConnection *conn = hAllocConn(database); struct dnaProbe *dp = NULL; -char buff[256]; +char query[256]; genericHeader(tdb, item); -snprintf(buff, sizeof(buff), "select * from dnaProbe where name='%s'", item); -dp = dnaProbeLoadByQuery(conn, buff); +sqlSafef(query, sizeof(query), "select * from dnaProbe where name='%s'", item); +dp = dnaProbeLoadByQuery(conn, query); if(dp != NULL) { printf("<h3>Probe details:</h3>\n"); printf("<b>Name:</b> %s <span style='font-size:x-small;'>" "[dbName genomeVersion strand coordinates]</span><br>\n",dp->name); printf("<b>Dna:</b> %s", dp->dna ); printf("[<a href=\"hgBlat?type=DNA&genome=hg8&sort=&query,score&output=hyperlink&userSeq=%s\">blat (blast like alignment)</a>]<br>", dp->dna); printf("<b>Size:</b> %d<br>", dp->size ); printf("<b>Chrom:</b> %s<br>", dp->chrom ); printf("<b>ChromStart:</b> %d<br>", dp->start+1 ); printf("<b>ChromEnd:</b> %d<br>", dp->end ); printf("<b>Strand:</b> %s<br>", dp->strand ); printf("<b>3' Dist:</b> %d<br>", dp->tpDist ); printf("<b>Tm:</b> %f <span style='font-size:x-small;'>" "[scores over 100 are allowed]</span><br>", dp->tm ); @@ -18884,36 +18885,36 @@ "[1 passes, 0 doesn't pass Affy heuristic]</span><br>", dp->affyHeur ); printf("<b>Sec Struct:</b> %f<br>", dp->secStruct); printf("<b>blatScore:</b> %d<br>", dp->blatScore ); printf("<b>Comparison:</b> %f<br>", dp->comparison); } /* printf("<h3>Genomic Details:</h3>\n"); * genericBedClick(conn, tdb, item, start, 1); */ printTrackHtml(tdb); hFreeConn(&conn); } void doChicken13kDetails(struct trackDb *tdb, char *item) { struct sqlConnection *conn = hAllocConn(database); struct chicken13kInfo *chick = NULL; -char buff[256]; +char query[256]; int start = cartInt(cart, "o"); genericHeader(tdb, item); -snprintf(buff, sizeof(buff), "select * from chicken13kInfo where id='%s'", item); -chick = chicken13kInfoLoadByQuery(conn, buff); +sqlSafef(query, sizeof(query), "select * from chicken13kInfo where id='%s'", item); +chick = chicken13kInfoLoadByQuery(conn, query); if (chick != NULL) { printf("<b>Probe name:</b> %s<br>\n", chick->id); printf("<b>Source:</b> %s<br>\n", chick->source); printf("<b>PCR Amplification code:</b> %s<br>\n", chick->pcr); printf("<b>Library:</b> %s<br>\n", chick->library); printf("<b>Source clone name:</b> %s<br>\n", chick->clone); printf("<b>Library:</b> %s<br>\n", chick->library); printf("<b>Genbank accession:</b> %s<br>\n", chick->gbkAcc); printf("<b>BLAT alignment:</b> %s<br>\n", chick->blat); printf("<b>Source annotation:</b> %s<br>\n", chick->sourceAnnot); printf("<b>TIGR assigned TC:</b> %s<br>\n", chick->tigrTc); printf("<b>TIGR TC annotation:</b> %s<br>\n", chick->tigrTcAnnot); printf("<b>BLAST determined annotation:</b> %s<br>\n", chick->blastAnnot); printf("<b>Comment:</b> %s<br>\n", chick->comment); @@ -18933,31 +18934,31 @@ boolean hasBin; struct bed *bed; char query[512]; struct sqlResult *sr; char **row; boolean firstTime = TRUE; int numSnpsReq = -1; if(tdb == NULL) errAbort("TrackDb entry null for perlegen, item=%s\n", item); dupe = cloneString(tdb->type); genericHeader(tdb, item); wordCount = chopLine(dupe, words); printCustomUrl(tdb, item, FALSE); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -sprintf(query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, item, seqName, start); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { char *name; /* set up for first time */ if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); bed = bedLoadN(row+hasBin, 12); /* chop leading digits off name which should be in x/yyyyyy format */ name = strstr(bed->name, "/"); @@ -19006,31 +19007,31 @@ char table[64]; boolean hasBin; struct bed *bed; char query[512]; struct sqlResult *sr; char **row; boolean firstTime = TRUE; if(tdb == NULL) errAbort("TrackDb entry null for haplotype, item=%s\n", item); dupe = cloneString(tdb->type); genericHeader(tdb, item); wordCount = chopLine(dupe, words); printCustomUrl(tdb, item, TRUE); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -sprintf(query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, item, seqName, start); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { /* set up for first time */ if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); bed = bedLoadN(row+hasBin, 12); /* finish off report ... */ printf("<B>Block:</B> %s<BR>\n", bed->name); printf("<B>Number of SNPs in block:</B> %d<BR>\n", bed->blockCount); @@ -19052,31 +19053,31 @@ boolean hasBin; struct bed *bed; char query[512]; struct sqlResult *sr; char **row; boolean firstTime = TRUE; int numSnpsReq = -1; if(tdb == NULL) errAbort("TrackDb entry null for mitoSnps, item=%s\n", item); dupe = cloneString(tdb->type); genericHeader(tdb, item); wordCount = chopLine(dupe, words); printCustomUrl(tdb, item, TRUE); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -sprintf(query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", +sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, item, seqName, start); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { char *name; /* set up for first time */ if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); bed = bedLoadN(row+hasBin, 12); /* chop leading digits off name which should be in xx/yyyyyy format */ name = strstr(bed->name, "/"); @@ -19125,31 +19126,31 @@ struct bed *bed = NULL; char query[512]; struct sqlResult *sr = NULL; char **row; boolean firstTime = TRUE; double ident = -1.0; struct ancientRref *ar = NULL; if(tdb == NULL) errAbort("TrackDb entry null for ancientR, item=%s\n", item); dupe = cloneString(tdb->type); genericHeader(tdb, item); wordCount = chopLine(dupe, words); printCustomUrl(tdb, item, TRUE); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -sprintf(query, "select * from %s where name = '%s' and chrom = '%s'", +sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s'", table, item, seqName ); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { char *name; /* set up for first time */ if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); bed = bedLoadN(row+hasBin, 12); name = bed->name; @@ -19161,31 +19162,31 @@ printf("<B>ID:</B> %s<BR>\n", name); printf("<B>Number of aligned blocks:</B> %d<BR>\n", bed->blockCount); if( ident == 50.0 ) printf("<B>Percent identity of aligned blocks:</B> <= %g%%<BR>\n", ident); else printf("<B>Percent identity of aligned blocks:</B> %g%%<BR>\n", ident); printf("<h4><i>Human Sequence</i></h4>"); printf("<B>Strand:</B> %s<BR>\n", bed->strand); bedPrintPos(bed, 3, tdb); } /* look in associated table 'ancientRref' to get human/mouse alignment*/ -sprintf(query, "select * from %sref where id = '%s'", table, item ); +sqlSafef(query, sizeof query, "select * from %sref where id = '%s'", table, item ); sr = sqlGetResult( conn, query ); while ((row = sqlNextRow(sr)) != NULL ) { ar = ancientRrefLoad(row); printf("<h4><i>Repeat</i></h4>"); printf("<B>Name:</B> %s<BR>\n", ar->name); printf("<B>Class:</B> %s<BR>\n", ar->class); printf("<B>Family:</B> %s<BR>\n", ar->family); /* print the aligned sequences in html on multiple rows */ htmlHorizontalLine(); printf("<i>human sequence on top, mouse on bottom</i><br><br>" ); htmlPrintJointAlignment( ar->hseq, ar->mseq, 80, bed->chromStart, bed->chromEnd, bed->strand ); @@ -19198,31 +19199,31 @@ void doGcDetails(struct trackDb *tdb, char *itemName) /* Show details for gc percent */ { int start = cartInt(cart, "o"); struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; struct gcPercent *gc; boolean hasBin; char table[64]; cartWebStart(cart, database, "Percentage GC in 20,000 Base Windows (GC)"); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -sprintf(query, "select * from %s where chrom = '%s' and chromStart = %d and name = '%s'", +sqlSafef(query, sizeof query, "select * from %s where chrom = '%s' and chromStart = %d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { gc = gcPercentLoad(row + hasBin); printPos(gc->chrom, gc->chromStart, gc->chromEnd, NULL, FALSE, NULL); printf("<B>GC Percentage:</B> %3.1f%%<BR>\n", ((float)gc->gcPpt)/10); gcPercentFree(&gc); } printTrackHtml(tdb); sqlFreeResult(&sr); hFreeConn(&conn); } @@ -19297,66 +19298,63 @@ printf("\n"); } printf("</table>\n"); freez(&header); } struct sageExp *loadSageExps(char *tableName, struct bed *bedist) /* load the sage experiment data. */ { struct sqlConnection *sc = NULL; /* struct sqlConnection *sc = sqlConnectRemote("localhost", user, password, "hgFixed"); */ char query[256]; struct sageExp *seList = NULL, *se=NULL; char **row; struct sqlResult *sr = NULL; -char *tmp= cloneString("select * from sageExp order by num"); if(hTableExists(database, tableName)) sc = hAllocConn(database); else sc = hAllocConn("hgFixed"); -sprintf(query,"%s",tmp); +sqlSafef(query, sizeof query,"select * from sageExp order by num"); sr = sqlGetResult(sc,query); while((row = sqlNextRow(sr)) != NULL) { se = sageExpLoad(row); slAddHead(&seList,se); } -freez(&tmp); sqlFreeResult(&sr); hFreeConn(&sc); slReverse(&seList); return seList; } struct sage *loadSageData(char *table, struct bed* bedList) -/* load the sage data by constructing a query based on the qNames of the bedList - */ +/* load the sage data by constructing a query based on the qNames of the bedList */ { struct sqlConnection *sc = NULL; struct dyString *query = newDyString(2048); struct sage *sgList = NULL, *sg=NULL; struct bed *bed=NULL; char **row; int count=0; struct sqlResult *sr = NULL; if(hTableExists(database, table)) sc = hAllocConn(database); else sc = hAllocConn("hgFixed"); -dyStringPrintf(query, "%s", "select * from sage where "); +sqlDyStringPrintf(query, "select * from sage where "); for(bed=bedList;bed!=NULL;bed=bed->next) { if (count++) { dyStringPrintf(query," or uni=%d ", atoi(bed->name + 3 )); } else { dyStringPrintf(query," uni=%d ", atoi(bed->name + 3)); } } sr = sqlGetResult(sc,query->string); while((row = sqlNextRow(sr)) != NULL) { sg = sageLoad(row); @@ -19487,35 +19485,35 @@ printf("</table>\n"); } struct bed *bedWScoreLoadByChrom(char *table, char *chrom, int start, int end) { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; struct bed *bedWS, *bedWSList = NULL; char **row; char query[256]; struct hTableInfo *hti = hFindTableInfo(database, seqName, table); if(hti == NULL) errAbort("Can't find table: (%s) %s", seqName, table); else if(hti && sameString(hti->startField, "tStart")) - snprintf(query, sizeof(query), + sqlSafef(query, sizeof(query), "select qName,tStart,tEnd from %s where tName='%s' and tStart < %u and tEnd > %u", table, seqName, winEnd, winStart); else if(hti && sameString(hti->startField, "chromStart")) - snprintf(query, sizeof(query), + sqlSafef(query, sizeof(query), "select name,chromStart,chromEnd from %s" " where chrom='%s' and chromStart < %u and chromEnd > %u", table, seqName, winEnd, winStart); else errAbort("%s doesn't have tStart or chromStart", table); sr = sqlGetResult(conn, query); while((row = sqlNextRow(sr)) != NULL) { AllocVar(bedWS); bedWS->name = cloneString(row[0]); bedWS->chromStart = sqlUnsigned(row[1]); bedWS->chromEnd = sqlUnsigned(row[2]); bedWS->chrom = cloneString(seqName); slAddHead(&bedWSList, bedWS); } @@ -19708,36 +19706,36 @@ void doAltGraphXDetails(struct trackDb *tdb, char *item) /* do details page for an altGraphX */ { int id = atoi(item); char query[256]; struct altGraphX *ag = NULL; struct altGraphX *orthoAg = NULL; char buff[128]; struct sqlConnection *conn = hAllocConn(database); char *image = NULL; /* Load the altGraphX record and start page. */ if (id != 0) { - snprintf(query, sizeof(query),"select * from %s where id=%d", tdb->table, id); + sqlSafef(query, sizeof(query),"select * from %s where id=%d", tdb->table, id); ag = altGraphXLoadByQuery(conn, query); } else { - snprintf(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from %s where tName like '%s' and tStart <= %d and tEnd >= %d", tdb->table, seqName, winEnd, winStart); ag = altGraphXLoadByQuery(conn, query); } if (ag == NULL) errAbort("hgc::doAltGraphXDetails() - couldn't find altGraphX with id=%d", id); genericHeader(tdb, ag->name); printPosOnChrom(ag->tName, ag->tStart, ag->tEnd, ag->strand, FALSE, NULL); /* Print a display of the Graph. */ printf("<b>Plots of Alt-Splicing:</b>"); printf("<center>\n"); if(sameString(tdb->table, "altGraphXPsb2004")) printf("Common Splicing<br>"); printf("Alt-Splicing drawn to scale.<br>"); @@ -19748,38 +19746,38 @@ if(differentString(tdb->table, "altGraphXPsb2004")) { struct altGraphX *copy = altGraphXClone(ag); altGraphXVertPosSort(copy); altGraphXEnlargeExons(copy); printf("<br>Alt-Splicing drawn with exons enlarged.<br>\n"); image = altGraphXMakeImage(tdb,copy); freez(&image); altGraphXFree(©); } else { struct sqlConnection *orthoConn = NULL; struct altGraphX *origAg = NULL; char *db2="mm3"; - safef(query, sizeof(query), "select * from altGraphX where name='%s'", ag->name); + sqlSafef(query, sizeof(query), "select * from altGraphX where name='%s'", ag->name); origAg = altGraphXLoadByQuery(conn, query); puts("<br><center>Human</center>\n"); altGraphXMakeImage(tdb,origAg); orthoConn = hAllocConn(db2); - safef(query, sizeof(query), "select orhtoAgName from orthoAgReport where agName='%s'", ag->name); + sqlSafef(query, sizeof(query), "select orhtoAgName from orthoAgReport where agName='%s'", ag->name); sqlQuickQuery(conn, query, buff, sizeof(buff)); - safef(query, sizeof(query), "select * from altGraphX where name='%s'", buff); + sqlSafef(query, sizeof(query), "select * from altGraphX where name='%s'", buff); orthoAg = altGraphXLoadByQuery(orthoConn, query); if(differentString(orthoAg->strand, origAg->strand)) { altGraphXReverseComplement(orthoAg); puts("<br>Mouse (opposite strand)\n"); } else puts("<br>Mouse\n"); printf("<a HREF=\"%s&db=%s&position=%s:%d-%d&mrna=squish&intronEst=squish&refGene=pack&altGraphX=full\"", hgTracksName(), "mm3", orthoAg->tName, orthoAg->tStart, orthoAg->tEnd); printf(" ALT=\"Zoom to browser coordinates of altGraphX\">"); printf("<span style='font-size:smaller;'>[%s.%s:%d-%d]</span></a><br><br>\n", "mm3", orthoAg->tName, orthoAg->tStart, orthoAg->tEnd); altGraphXMakeImage(tdb,orthoAg); @@ -19892,43 +19890,43 @@ char **pslRow; boolean firstTime = TRUE; struct psl *thisPsl; char str[256]; char thisItem[256]; char *cgiItem; char otherString[256] = ""; struct sqlResult *pslSr; struct sqlConnection *conn2 = hAllocConn(database); int thisStart, thisEnd; int left = cartIntExp( cart, "l" ); int right = cartIntExp( cart, "r" ); char *winOn = cartUsualString( cart, "win", "F" ); hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -sprintf(query, "select * from %s where name = '%s' and chrom = '%s'", +sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chrom = '%s'", table, item, seqName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); smp = sampleLoad(row+hasBin); sprintf( tempTableName, "%s_%s", smp->chrom, pslTableName ); hFindSplitTable(database, seqName, pslTableName, table, &hasBin); - sprintf(query, "select * from %s where tName = '%s' and tEnd >= %d and tStart <= %d" + sqlSafef(query, sizeof query, "select * from %s where tName = '%s' and tEnd >= %d and tStart <= %d" , table, smp->chrom, smp->chromStart+smp->samplePosition[0] , smp->chromStart+smp->samplePosition[smp->sampleCount-1] ); pslSr = sqlGetResult(conn2, query); if(!sameString(winOn,"T")) { while(( pslRow = sqlNextRow(pslSr)) != NULL ) { thisPsl = pslLoad( pslRow+hasBin ); firstAndLastPosition( &thisStart, &thisEnd, thisPsl ); snprintf(thisItem, 256, "%s:%d-%d %s:%d-%d", thisPsl->qName, thisPsl->qStart, thisPsl->qEnd, thisPsl->tName, thisPsl->tStart, thisPsl->tEnd ); cgiItem = cgiEncode(thisItem); longXenoPsl1Given(tdb, thisItem, otherOrg, "chromInfo", @@ -19983,47 +19981,47 @@ { char table[64]; boolean hasBin; struct sample *smp; char query[512]; char tempTableName[1024]; struct sqlResult *sr; char **row; boolean firstTime = TRUE; char filename[10000]; char pslTableName[128] = "blastzBestMouse"; int offset; int motifid; hFindSplitTable(database, seqName, tdb->table, table, &hasBin); -sprintf(query, "select * from %s where name = '%s'", +sqlSafef(query, sizeof query, "select * from %s where name = '%s'", table, item); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); smp = sampleLoad(row+hasBin); sscanf(smp->name,"footPrinter.%d.%d",&offset,&motifid); sprintf(filename,"../zoo_blanchem/new_raw2_offset%d.fa.main.html?motifID=%d",offset,motifid); sprintf( tempTableName, "%s_%s", smp->chrom, pslTableName ); hFindSplitTable(database, seqName, pslTableName, table, &hasBin); - sprintf(query, "select * from %s where tName = '%s' and tEnd >= %d and tStart <= %d" , + sqlSafef(query, sizeof query, "select * from %s where tName = '%s' and tEnd >= %d and tStart <= %d" , table, smp->chrom, smp->chromStart+smp->samplePosition[0], smp->chromStart+smp->samplePosition[smp->sampleCount-1] ); printf("Content-Type: text/html\n\n<HTML><BODY><SCRIPT>\n"); printf("location.replace('%s')\n",filename); printf("</SCRIPT> <NOSCRIPT> No JavaScript support. " "Click <b><a href=\"%s\">continue</a></b> for " "the requested GenBank report. </NOSCRIPT>\n", filename); } } void humMusClickHandler(struct trackDb *tdb, char *item, char *targetName, char *targetDb, char *targetTable, boolean printWindowFlag ) /* Put up sample track info. */ @@ -20155,36 +20153,34 @@ } else { if (ct->dbTrack) { char where[512]; int rowOffset; char **row; struct sqlConnection *conn = hAllocConn(CUSTOM_TRASH); struct sqlResult *sr = NULL; int rcCount = 0; int start = cartInt(cart, "o"); int end = cartInt(cart, "t"); if (ct->fieldCount < 4) - safef(where, sizeof(where), "chromStart = '%d'", start); + sqlSafefFrag(where, sizeof(where), "chromStart = '%d'", start); else { - char * safeName = sqlEscapeString(itemName); - safef(where, sizeof(where), "name = '%s'", safeName); - freeMem(safeName); + sqlSafefFrag(where, sizeof(where), "name = '%s'", itemName); } sr = hRangeQuery(conn, ct->dbTableName, seqName, start, end, where, &rowOffset); while ((row = sqlNextRow(sr)) != NULL) { bedFree(&bed); bed = bedLoadN(row+rowOffset, ct->fieldCount); ++rcCount; } sqlFreeResult(&sr); hFreeConn(&conn); } if (ct->fieldCount < 4) { if (! ct->dbTrack) @@ -20254,31 +20250,31 @@ buffer = needMem(strlen(itemName)+ 1); strcpy(buffer, itemName); acc = buffer; if (blastRef != NULL) { char *thisDb = cloneString(blastRef); char *table; if ((table = strchr(thisDb, '.')) != NULL) { *table++ = 0; if (hTableExists(thisDb, table)) { if (!isCe && (ptr = strchr(acc, '.'))) *ptr = 0; - safef(query, sizeof(query), "select geneId, extra1, refPos from %s where acc = '%s'", blastRef, acc); + sqlSafef(query, sizeof(query), "select geneId, extra1, refPos from %s where acc = '%s'", blastRef, acc); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { useName = row[0]; prot = row[1]; pos = row[2]; } } } } else if ((pos = strchr(acc, '.')) != NULL) { *pos++ = 0; if ((gene = strchr(pos, '.')) != NULL) { @@ -20425,89 +20421,89 @@ hFreeConn(&conn); } static void doSgdOther(struct trackDb *tdb, char *item) /* Display information about other Sacchromyces Genome Database * other (not-coding gene) info. */ { struct sqlConnection *conn = hAllocConn(database); struct dyString *dy = dyStringNew(1024); if (sqlTableExists(conn, "sgdOtherDescription")) { /* Print out description and type if available. */ struct sgdDescription sgd; struct sqlResult *sr; char query[256], **row; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from sgdOtherDescription where name = '%s'", item); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { sgdDescriptionStaticLoad(row, &sgd); dyStringPrintf(dy, "<B>Description:</B> %s<BR>\n", sgd.description); dyStringPrintf(dy, "<B>Type:</B> %s<BR>\n", sgd.type); } sqlFreeResult(&sr); } hFreeConn(&conn); genericClickHandlerPlus(tdb, item, NULL, dy->string); dyStringFree(&dy); } static void doSgdClone(struct trackDb *tdb, char *item) /* Display information about other Sacchromyces Genome Database * other (not-coding gene) info. */ { struct sqlConnection *conn = hAllocConn(database); struct dyString *dy = dyStringNew(1024); if (sqlTableExists(conn, "sgdClone")) { /* print out url with ATCC number */ struct sgdClone sgd; struct sqlResult *sr; char query[256], **row; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from sgdClone where name = '%s'", item); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { sgdCloneStaticLoad(row+1, &sgd); dyStringPrintf(dy, "<B>ATCC catalog number:</B><A HREF=\"http://www.atcc.org/ATCCAdvancedCatalogSearch/ProductDetails/tabid/452/Default.aspx?ATCCNum=%s&Template=uniqueClones\" TARGET=_blank>%s</A><BR>\n", sgd.atccName, sgd.atccName); } sqlFreeResult(&sr); } hFreeConn(&conn); genericClickHandlerPlus(tdb, item, NULL, dy->string); dyStringFree(&dy); } static void doSimpleDiff(struct trackDb *tdb, char *otherOrg) /* Print out simpleDiff info. */ { struct simpleNucDiff snd; struct sqlConnection *conn = hAllocConn(database); char fullTable[64]; char query[256], **row; struct sqlResult *sr; int rowOffset; int start = cartInt(cart, "o"); genericHeader(tdb, NULL); if (!hFindSplitTable(database, seqName, tdb->table, fullTable, &rowOffset)) errAbort("No %s table in database %s", tdb->table, database); -safef(query, sizeof(query), "select * from %s where chrom = '%s' and chromStart=%d", +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and chromStart=%d", fullTable, seqName, start); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { simpleNucDiffStaticLoad(row + rowOffset, &snd); printf("<B>%s sequence:</B> %s<BR>\n", hOrganism(database), snd.tSeq); printf("<B>%s sequence:</B> %s<BR>\n", otherOrg, snd.qSeq); bedPrintPos((struct bed*)&snd, 3, tdb); printf("<BR>\n"); } sqlFreeResult(&sr); hFreeConn(&conn); printTrackHtml(tdb); } @@ -20556,31 +20552,31 @@ static void doZdobnovSynt(struct trackDb *tdb, char *item) /* Gene homology-based synteny blocks from Zdobnov, Bork et al. */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char **row; char query[256]; int start = cartInt(cart, "o"); char fullTable[64]; boolean hasBin = FALSE; genericHeader(tdb, item); genericBedClick(conn, tdb, item, start, 4); hFindSplitTable(database, seqName, tdb->table, fullTable, &hasBin); -safef(query, sizeof(query), "select * from %s where name = '%s'", +sqlSafef(query, sizeof(query), "select * from %s where name = '%s'", fullTable, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { struct zdobnovSynt *zd = zdobnovSyntLoad(row + hasBin); int l = cgiInt("l"); int r = cgiInt("r"); int i = 0; puts("<B>Homologous gene names in window:</B>"); for (i=0; i < zd->blockCount; i++) { int bStart = zd->chromStarts[i] + zd->chromStart; int bEnd = bStart + zd->blockSizes[i]; if (bStart <= r && bEnd >= l) { @@ -20600,31 +20596,31 @@ static void doDeweySynt(struct trackDb *tdb, char *item) /* Gene homology-based synteny blocks from Dewey, Pachter. */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char **row; int start = cartInt(cart, "o"); char fullTable[64]; boolean hasBin = FALSE; struct bed *bed = NULL; char query[512]; genericHeader(tdb, item); hFindSplitTable(database, seqName, tdb->table, fullTable, &hasBin); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and chromStart = %d", fullTable, seqName, start); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { char *words[4]; int wordCount = 0; bed = bedLoad6(row+hasBin); bedPrintPos(bed, 4, tdb); printf("<B>Strand:</B> %s<BR>\n", bed->strand); wordCount = chopByChar(bed->name, '.', words, ArraySize(words)); if (wordCount == 3 && hDbExists(words[1])) { char *otherOrg = hOrganism(words[1]); printf("<A TARGET=\"_blank\" HREF=\"%s?db=%s&position=%s\">", @@ -20656,31 +20652,31 @@ char **row; char *scaffoldName; int scaffoldStart, scaffoldEnd; struct dyString *itemUrl = newDyString(128), *d; char *old = "_"; char *new = ""; char *pat = "fold"; int hasBin = 1; dupe = cloneString(tdb->type); wordCount = chopLine(dupe, words); /* get bed size */ num = 0; num = atoi(words[1]); /* get data for this item */ -sprintf(query, "select * from %s where name = '%s' and chromStart = %d", tdb->table, item, start); +sqlSafef(query, sizeof query, "select * from %s where name = '%s' and chromStart = %d", tdb->table, item, start); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) bed = bedLoadN(row+hasBin, num); genericHeader(tdb, item); /* convert chromosome co-ordinates to scaffold position and */ /* make into item for URL */ if (hScaffoldPos(database, bed->chrom, bed->chromStart, bed->chromEnd, &scaffoldName, &scaffoldStart, &scaffoldEnd) ) { scaffoldStart += 1; dyStringPrintf(itemUrl, "%s:%d-%d", scaffoldName, scaffoldStart, scaffoldEnd); /* remove underscore in scaffold name and change to "scafN" */ d = dyStringSub(itemUrl->string, old, new); itemUrl = dyStringSub(d->string, pat, new); printCustomUrl(tdb, itemUrl->string, TRUE); @@ -20705,31 +20701,31 @@ isalpha(stripped[len-1])) stripped[len-3] = 0; return(stripped); } static void doGencodeIntron(struct trackDb *tdb, char *item) /* Intron validation from ENCODE Gencode/Havana gene predictions */ { struct sqlConnection *conn = hAllocConn(database); int start = cartInt(cart, "o"); struct gencodeIntron *intron, *intronList = NULL; char query[256]; int rowOffset = hOffsetPastBin(database, seqName, tdb->table); genericHeader(tdb, item); -safef(query, sizeof query, +sqlSafef(query, sizeof query, "select * from %s where name='%s' and chrom='%s' and chromStart=%d", tdb->table, item, seqName, start); intronList = gencodeIntronLoadByQuery(conn, query, rowOffset); for (intron = intronList; intron != NULL; intron = intron->next) { printf("<B>Intron:</B> %s<BR>\n", intron->name); printf("<B>Status:</B> %s<BR>\n", intron->status); printf("<B>Gene:</B> %s<BR>\n", intron->geneId); printf("<B>Transcript:</B> %s<BR>\n", intron->transcript); printPos(intron->chrom, intron->chromStart, intron->chromEnd, intron->strand, TRUE, intron->name); } hFreeConn(&conn); printTrackHtml(tdb); } @@ -20766,90 +20762,90 @@ void doEncodeStanfordPromoters(struct trackDb *tdb, char *item) /* Print ENCODE Stanford Promoters data. */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char **row = NULL; int start = cartInt(cart, "o"); char fullTable[64]; boolean hasBin = FALSE; char query[1024]; cartWebStart(cart, database, "%s", tdb->longLabel); genericHeader(tdb, item); hFindSplitTable(database, seqName, tdb->table, fullTable, &hasBin); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and chromStart = %d and name = '%s'", fullTable, seqName, start, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { if (endsWith(tdb->table, "Average")) printESPAverageDetails(row+hasBin, tdb); else printESPDetails(row+hasBin, tdb); } sqlFreeResult(&sr); hFreeConn(&conn); printTrackHtml(tdb); } void doEncodeStanfordRtPcr(struct trackDb *tdb, char *item) /* Print ENCODE Stanford RTPCR data. */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char **row = NULL; int start = cartInt(cart, "o"); char fullTable[64]; boolean hasBin = FALSE; char query[1024]; cartWebStart(cart, database, "%s", tdb->longLabel); genericHeader(tdb, item); hFindSplitTable(database, seqName, tdb->table, fullTable, &hasBin); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and chromStart = %d and name = '%s'", fullTable, seqName, start, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { struct bed *bed = bedLoadN(row+hasBin, 5); bedPrintPos(bed, 5, tdb); printf("<B>Primer pair ID:</B> %s<BR>\n", row[hasBin+5]); printf("<B>Count:</B> %s<BR>\n", row[hasBin+6]); } sqlFreeResult(&sr); hFreeConn(&conn); printTrackHtml(tdb); } void doEncodeHapMapAlleleFreq(struct trackDb *tdb, char *itemName) { char *table = tdb->table; struct encodeHapMapAlleleFreq alleleFreq; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset = hOffsetPastBin(database, seqName, table); int start = cartInt(cart, "o"); genericHeader(tdb, itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { encodeHapMapAlleleFreqStaticLoad(row+rowOffset, &alleleFreq); printf("<B>Variant:</B> %s<BR>\n", alleleFreq.otherAllele); printf("<B>Reference:</B> %s<BR>\n", alleleFreq.refAllele); bedPrintPos((struct bed *)&alleleFreq, 3, tdb); printf("<B>Reference Allele Frequency:</B> %f <BR>\n", alleleFreq.refAlleleFreq); printf("<B>Other Allele Frequency:</B> %f <BR>\n", alleleFreq.otherAlleleFreq); printf("<B>Center:</B> %s <BR>\n", alleleFreq.center); printf("<B>Total count:</B> %d <BR>\n", alleleFreq.totalCount); printf("-----------------------------------------------------<BR>\n"); } @@ -20975,31 +20971,31 @@ void doHapmapSnpsSummaryTable(struct sqlConnection *conn, struct trackDb *tdb, char *itemName, boolean showOrtho) /* Use the hapmapAllelesSummary table (caller checks for existence) to display allele * frequencies for the 4 HapMap Phase II populations. */ { char *table = tdb->table; struct hapmapAllelesSummary *summaryItem; struct sqlResult *sr; char **row; char query[256]; int rowOffset = hOffsetPastBin(database, seqName, table); int start = cartInt(cart, "o"); float het = 0.0; -safef(query, sizeof(query), "select * from hapmapAllelesSummary where chrom = '%s' and " +sqlSafef(query, sizeof(query), "select * from hapmapAllelesSummary where chrom = '%s' and " "chromStart=%d and name = '%s'", seqName, start, itemName); sr = sqlGetResult(conn, query); row = sqlNextRow(sr); summaryItem = hapmapAllelesSummaryLoad(row+rowOffset); printf("<BR><B>Allele frequencies in each population (major allele highlighted):</B><BR>\n"); printf("<TABLE BORDER=1>\n"); if (differentString(summaryItem->allele2, "none")) { printf("<TR><TH>Population</TH> <TH>%s</TH> <TH>%s</TH></TR>\n", summaryItem->allele1, summaryItem->allele2); showOneHapmapRow("CEU", summaryItem->allele1, summaryItem->allele2, summaryItem->majorAlleleCEU, summaryItem->majorAlleleCountCEU, summaryItem->totalAlleleCountCEU); showOneHapmapRow("CHB", summaryItem->allele1, summaryItem->allele2, summaryItem->majorAlleleCHB, summaryItem->majorAlleleCountCHB, summaryItem->totalAlleleCountCHB); showOneHapmapRow("JPT", summaryItem->allele1, summaryItem->allele2, summaryItem->majorAlleleJPT, @@ -21059,31 +21055,31 @@ int majorCounts[HAP_PHASEIII_POPCOUNT], haploCounts[HAP_PHASEIII_POPCOUNT]; int totalA1Count = 0, totalA2Count = 0, totalHaploCount = 0; float sumHet = 0.0; int sumA1A1 = 0, sumA1A2 = 0, sumA2A2 = 0; int popCount = 0; char *allele1 = NULL, *allele2 = NULL; for (i=0; i < HAP_PHASEIII_POPCOUNT; i++) { char *popCode = hapmapPhaseIIIPops[i]; struct hapmapSnps *item = NULL; char table[HDB_MAX_TABLE_STRING]; safef(table, sizeof(table), "hapmapSnps%s", popCode); if (sqlTableExists(conn, table)) { char query[512]; - safef(query, sizeof(query), "select * from %s where name = '%s' and chrom = '%s'", + sqlSafef(query, sizeof(query), "select * from %s where name = '%s' and chrom = '%s'", table, itemName, seqName); struct sqlResult *sr = sqlGetResult(conn, query); char **row; if ((row = sqlNextRow(sr)) != NULL) { int rowOffset = hOffsetPastBin(database, seqName, table); item = hapmapSnpsLoad(row+rowOffset); } sqlFreeResult(&sr); } majorAlleles[i] = ""; majorCounts[i] = 0; haploCounts[i] = 0; if (item != NULL) { @@ -21132,31 +21128,31 @@ int i; for (i = 0; hapmapOrthoSpecies[i] != NULL; i++) { char table[HDB_MAX_TABLE_STRING]; safef(table, sizeof(table), "hapmapAlleles%s", hapmapOrthoSpecies[i]); if (sqlTableExists(conn, table)) { if (!showedHeader) { printf("<BR><B>Orthologous alleles from reference genome assemblies:</B><BR>\n"); printf("<TABLE BORDER=1>\n"); printf("<TR><TH>Species</TH> <TH>Allele</TH> <TH>Quality Score</TH></TR>\n"); showedHeader = TRUE; } char query[512]; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select orthoAllele, score, strand from %s where name = '%s' and chrom = '%s'", table, itemName, seqName); struct sqlResult *sr = sqlGetResult(conn, query); char **row; if ((row = sqlNextRow(sr)) != NULL) { char *allele = row[0]; char *qual = row[1]; char *strand = row[2]; if (sameString("-", strand)) reverseComplement(allele, strlen(allele)); printf("<TR><TD>%s</TD><TD>%s</TD><TD>%s</TD></TR>", hapmapOrthoSpecies[i], allele, qual); } else @@ -21188,31 +21184,31 @@ struct sqlResult *sr; char **row; char query[256]; int rowOffset = hOffsetPastBin(database, seqName, table); int start = cartInt(cart, "o"); int majorCount = 0; int minorCount = 0; char *majorAllele = NULL; char *minorAllele = NULL; char popCode[4]; safencpy(popCode, sizeof(popCode), table + strlen("hapmapSnps"), 3); popCode[3] = '\0'; genericHeader(tdb, itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); row = sqlNextRow(sr); struct hapmapSnps *item = hapmapSnpsLoad(row+rowOffset); printf("<B>SNP rsId:</B> "); printDbSnpRsUrl(itemName, "%s", itemName); puts("<BR>"); printf("<B>Position:</B> <A HREF=\"%s&db=%s&position=%s%%3A%d-%d\">%s:%d-%d</A><BR>\n", hgTracksPathAndSettings(), database, item->chrom, item->chromStart+1, item->chromEnd, item->chrom, item->chromStart+1, item->chromEnd); printf("<B>Strand:</B> %s<BR>\n", item->strand); printf("<B>Polymorphism type:</B> %s<BR>\n", item->observed); if (item->homoCount1 >= item->homoCount2) { @@ -21255,31 +21251,31 @@ /* could assume just one match */ { char *table = tdb->table; struct hapmapAllelesOrtho *ortho; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int rowOffset = hOffsetPastBin(database, seqName, table); int start = cartInt(cart, "o"); char *otherDb = NULL; char *otherDbName = NULL; genericHeader(tdb, itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { ortho = hapmapAllelesOrthoLoad(row+rowOffset); printf("<B>Human Position:</B> " "<A HREF=\"%s&db=%s&position=%s%%3A%d-%d\">", hgTracksPathAndSettings(), database, ortho->chrom, ortho->chromStart+1, ortho->chromEnd); printf("%s:%d-%d</A><BR>\n", ortho->chrom, ortho->chromStart+1, ortho->chromEnd); printf("<B>Human Strand: </B> %s\n", ortho->strand); printf("<BR>"); printf("<B>Polymorphism type:</B> %s<BR>\n", ortho->observed); if (startsWith("hapmapAllelesChimp", table)) @@ -21327,79 +21323,79 @@ /* if found, print value */ { char tableName[512]; struct sqlConnection *conn = sqlConnect(orthoDb); char query[256]; struct sqlResult *sr; char **row = NULL; safef(tableName, sizeof(tableName), "snp%d%sorthoAllele", snpVersion, database); if (!hTableExists(orthoDb, tableName)) { sqlDisconnect(&conn); return; } -safef(query, sizeof(query), "select allele from %s where name = '%s'", tableName, rsId); +sqlSafef(query, sizeof(query), "select allele from %s where name = '%s'", tableName, rsId); sr = sqlGetResult(conn, query); row = sqlNextRow(sr); if (!row) { sqlDisconnect(&conn); return; } printf("<B>%s Allele:</B> %s<BR>\n", orthoDb, row[0]); sqlFreeResult(&sr); sqlDisconnect(&conn); } static char *fbgnFromCg(char *cgId) /* Given a BDGP ID, looks up its FBgn ID because FlyBase query no longer * supports BDGP IDs. Returns NULL if not found. * Do not free the statically allocated result. */ { static char result[32]; /* Ample -- FBgn ID's are 11 chars long. */ char query[512]; if (hTableExists(database, "flyBase2004Xref")) - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select fbgn from flyBase2004Xref where name = '%s';", cgId); else if (hTableExists(database, "bdgpGeneInfo")) - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select flyBaseId from bdgpGeneInfo where bdgpName = '%s';", cgId); else return NULL; struct sqlConnection *conn = hAllocConn(database); char *resultOrNULL = sqlQuickQuery(conn, query, result, sizeof(result)); hFreeConn(&conn); return resultOrNULL; } static void doPscreen(struct trackDb *tdb, char *item) /* P-Screen (BDGP Gene Disruption Project) P el. insertion locations/genes. */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char **row; int start = cartInt(cart, "o"); char fullTable[64]; boolean hasBin = FALSE; char query[512]; genericHeader(tdb, item); hFindSplitTable(database, seqName, tdb->table, fullTable, &hasBin); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and chromStart = %d and name = '%s'", fullTable, seqName, start, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { struct pscreen *psc = pscreenLoad(row+hasBin); int i; printCustomUrl(tdb, psc->name, FALSE); printPosOnChrom(psc->chrom, psc->chromStart, psc->chromEnd, psc->strand, FALSE, psc->name); if (psc->stockNumber != 0) printf("<B>Stock number:</B> " "<A HREF=\"http://flystocks.bio.indiana.edu/Reports/%d.html\" " "TARGET=_BLANK>%d</A><BR>\n", psc->stockNumber, psc->stockNumber); @@ -21449,31 +21445,31 @@ printf("<B>Sequence:</B> %s<BR>\n", oligo); printf("<B>Chromosome:</B> %s<BR>\n", seqName); printf("<B>Start:</B> %s<BR>\n", item+1); printf("<B>Strand:</B> %c<BR>\n", item[0]); webIncludeHelpFile(OLIGO_MATCH_TRACK_NAME, TRUE); } struct slName *cutterIsoligamers(struct cutter *myEnzyme) /* Find enzymes with same cut site. */ { struct sqlConnection *conn; struct cutter *cutters = NULL; struct slName *ret = NULL; conn = hAllocConn("hgFixed"); -cutters = cutterLoadByQuery(conn, "select * from cutters"); +cutters = cutterLoadByQuery(conn, "NOSQLINJ select * from cutters"); ret = findIsoligamers(myEnzyme, cutters); hFreeConn(&conn); cutterFreeList(&cutters); return ret; } void cutterPrintSite(struct cutter *enz) /* Print out the enzyme REBASE style. */ { int i; for (i = 0; i < enz->size+1; i++) { if (i == enz->cut) printf("^"); else if (i == enz->cut + enz->overhang) @@ -21485,64 +21481,64 @@ static void doCuttersEnzymeList(struct sqlConnection *conn, char *getBed, char *c, char *l, char *r) /* Print out list of enzymes (BED). This function will exit the program. */ { struct cutter *cut = NULL; char query[100]; struct dnaSeq *winDna; struct bed *bedList = NULL, *oneBed; int s, e; if (!c || !l || !r) errAbort("Bad Range"); s = atoi(l); e = atoi(r); winDna = hDnaFromSeq(database, c, s, e, dnaUpper); if (sameString(getBed, "all")) - safef(query, sizeof(query), "select * from cutters"); + sqlSafef(query, sizeof(query), "select * from cutters"); else - safef(query, sizeof(query), "select * from cutters where name=\'%s\'", getBed); + sqlSafef(query, sizeof(query), "select * from cutters where name=\'%s\'", getBed); cut = cutterLoadByQuery(conn, query); bedList = matchEnzymes(cut, winDna, s); puts("<HTML>\n<HEAD><TITLE>Enzyme Output</TITLE></HEAD>\n<BODY><PRE><TT>"); for (oneBed = bedList; oneBed != NULL; oneBed = oneBed->next) { freeMem(oneBed->chrom); oneBed->chrom = cloneString(c); bedTabOutN(oneBed, 6, stdout); } puts("</TT></PRE>\n"); cartFooter(); bedFreeList(&bedList); cutterFreeList(&cut); hFreeConn(&conn); exit(0); } static void doCutters(char *item) /* Print info about a restriction enzyme. */ { struct sqlConnection *conn; struct cutter *cut = NULL; char query[100]; char *doGetBed = cgiOptionalString("doGetBed"); char *c = cgiOptionalString("c"); char *l = cgiOptionalString("l"); char *r = cgiOptionalString("r"); conn = hAllocConn("hgFixed"); if (doGetBed) doCuttersEnzymeList(conn, doGetBed, c, l, r); -safef(query, sizeof(query), "select * from cutters where name=\'%s\'", item); +sqlSafef(query, sizeof(query), "select * from cutters where name=\'%s\'", item); cut = cutterLoadByQuery(conn, query); cartWebStart(cart, database, "Restriction Enzymes from REBASE"); if (cut) { char *o = cgiOptionalString("o"); char *t = cgiOptionalString("t"); struct slName *isoligs = cutterIsoligamers(cut); printf("<B>Enzyme Name:</B> %s<BR>\n", cut->name); /* Display position only if click came from hgTracks. */ if (c && o && t) { int left = atoi(o); int right = atoi(t); printPosOnChrom(c, left, right, NULL, FALSE, cut->name); } @@ -21561,31 +21557,31 @@ if (isoligs) { struct slName *cur; puts("<B>Isoligamers: </B>"); for (cur = isoligs; cur->next != NULL; cur = cur->next) printf("<A HREF=\"%s&g=%s&i=%s\">%s</A>, ", hgcPathAndSettings(), CUTTERS_TRACK_NAME, cur->name, cur->name); printf("<A HREF=\"%s&g=%s&i=%s\">%s</A><BR>\n", hgcPathAndSettings(), CUTTERS_TRACK_NAME, cur->name, cur->name); slFreeList(&isoligs); } if (cut->numRefs > 0) { int i, count = 1; char **row; struct sqlResult *sr; puts("<B>References:</B><BR>\n"); - safef(query, sizeof(query), "select * from rebaseRefs"); + sqlSafef(query, sizeof(query), "select * from rebaseRefs"); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { int refNum = atoi(row[0]); for (i = 0; i < cut->numRefs; i++) { if (refNum == cut->refs[i]) printf("%d. %s<BR>\n", count++, row[1]); } } sqlFreeResult(&sr); } if (c && o && t) { puts("<BR><B>Download BED of enzymes in this browser range:</B> "); @@ -21598,31 +21594,31 @@ hFreeConn(&conn); } static void doAnoEstTcl(struct trackDb *tdb, char *item) /* Print info about AnoEst uniquely-clustered item. */ { struct sqlConnection *conn = hAllocConn(database); int start = cartInt(cart, "o"); genericHeader(tdb, item); printCustomUrl(tdb, item, TRUE); genericBedClick(conn, tdb, item, start, 12); if (hTableExists(database, "anoEstExpressed")) { char query[512]; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select 1 from anoEstExpressed where name = '%s'", item); if (sqlQuickNum(conn, query)) puts("<B>Expressed:</B> yes<BR>"); else puts("<B>Expressed:</B> no<BR>"); } hFreeConn(&conn); printTrackHtml(tdb); } void mammalPsgTableRow(char *test, char *description, float pVal, unsigned isFdrSignificant) /* print single row of the overview table for mammal PSG track */ { char *start = ""; char *end = ""; @@ -21641,31 +21637,31 @@ start,pVal,end); } } void doMammalPsg(struct trackDb *tdb, char *itemName) /* create details page for mammalPsg track */ { struct mammalPsg *mammalPsg = NULL; char query[512]; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char *bayesianFiguresUrl = "../images/mammalPsg"; genericHeader(tdb, itemName); -sprintf(query, "select * from %s where name = '%s'", tdb->table, itemName); +sqlSafef(query, sizeof query, "select * from %s where name = '%s'", tdb->table, itemName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) mammalPsg = mammalPsgLoad(row); else errAbort("Can't find item '%s'", itemName); sqlFreeResult(&sr); /* first print the same thing that you would print for ordinary bed track */ bedPrintPos((struct bed *) mammalPsg,12,tdb); /* rows showing the results of individual likelihood ratio tests */ printf("<p><b>Likelihood ratio tests for positive selection:</b></p>\n"); printf("<p><table border=1>\n"); printf("<tr><th>Test</th><th>Description</th><th>P-value</th>"); @@ -21698,31 +21694,31 @@ hFreeConn(&conn); } void doDless(struct trackDb *tdb, char *itemName) /* create details page for DLESS */ { struct dless *dless = NULL; char query[512]; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; boolean approx; enum {CONS, GAIN, LOSS} elementType; genericHeader(tdb, itemName); -sprintf(query, "select * from %s where name = '%s'", tdb->table, itemName); +sqlSafef(query, sizeof query, "select * from %s where name = '%s'", tdb->table, itemName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) dless = dlessLoad(row); else errAbort("Can't find item '%s'", itemName); sqlFreeResult(&sr); approx = sameString(dless->condApprox, "approx"); if (sameString(dless->type, "conserved")) elementType = CONS; else if (sameString(dless->type, "gain")) elementType = GAIN; else elementType = LOSS; @@ -21792,31 +21788,31 @@ int tEnd = psl->tEnd; char tName[256]; struct dnaSeq *tSeq; char *tables[4] = {"luGene", "refGene", "mgcGenes", "luGene2"}; /* open file to write to */ trashDirFile(&indexTn, "index", "index", ".html"); trashDirFile(&bodyTn, "body", "body", ".html"); body = mustOpen(bodyTn.forCgi, "w"); /* get query genes struct info*/ for(i = 0; i < 4; i++) { if(sqlTableExists(conn, tables[i])) { - sprintf(query, "SELECT * FROM %s WHERE name = '%s'" + sqlSafef(query, sizeof query, "SELECT * FROM %s WHERE name = '%s'" "AND chrom = '%s' AND txStart <= %d " "AND txEnd >= %d", tables[i], geneName, psl->qName, qStart, qEnd); sr = sqlMustGetResult(conn, query); if((row = sqlNextRow(sr)) != NULL) { int hasBin = 0; if(hOffsetPastBin(database, psl->qName, tables[i])) hasBin=1; gene = genePredLoad(row+hasBin); break; } else sqlFreeResult(&sr); } @@ -21907,31 +21903,31 @@ int start = cgiInt("cStart"); int end = cgiInt("cEnd"); struct psl *psl = NULL; struct dnaSeq *qSeq = NULL; char *db = cgiString("db"); char name[64]; char query[256], fullTable[64]; char **row; boolean hasBin; struct sqlResult *sr = NULL; struct sqlConnection *conn = hAllocConn(database); hFindSplitTable(database, chrom, pslTable, fullTable, &hasBin); -sprintf(query, "SELECT * FROM %s WHERE " +sqlSafef(query, sizeof query, "SELECT * FROM %s WHERE " "tName = '%s' AND tStart = %d " "AND tEnd = %d", pslTable, chrom, start, end); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if(row != NULL) { psl = pslLoad(row+hasBin); } else { errAbort("No alignment infomation\n"); } qSeq = loadGenomePart(db, psl->qName, psl->qStart, psl->qEnd); sprintf(name, "%s in %s(%d-%d)", item,psl->qName, psl->qStart, psl->qEnd); @@ -21947,31 +21943,31 @@ struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; char **row, table[256], query[256], *parts[6]; struct putaInfo *info = NULL; struct psl *psl = NULL; int start = cartInt(cart, "o"), end = cartInt(cart, "t"); char *db = cgiString("db"); char *name = cartString(cart, "i"), *chr = cartString(cart, "c"); char pslTable[256]; char otherString[256], *tempName = NULL; int partCount; sprintf(table, "putaInfo"); sprintf(pslTable,"potentPsl"); cartWebStart(cart, database, "Putative Coding or Pseudo Fragments"); -sprintf(query, "SELECT * FROM %s WHERE name = '%s' " +sqlSafef(query, sizeof query, "SELECT * FROM %s WHERE name = '%s' " "AND chrom = '%s' AND chromStart = %d " "AND chromEnd = %d", table, name, chr, start, end); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if(row != NULL) { info = putaInfoLoad(row+1); } else { errAbort("Can't find information for %s in data base\n", name); } @@ -22014,31 +22010,31 @@ if(info->strand[0] == '+') printf("%d ",k+1); else printf("%d ", info->blockCount - k); } } printf("<BR>\n"); } /* show genome sequence */ hgcAnchorSomewhere("htcGeneInGenome", cgiEncode(info->name), tdb->track, seqName); printf("View DNA for this putative fragment</A><BR>\n"); /* show the detail alignment */ -sprintf(query, "SELECT * FROM %s WHERE " +sqlSafef(query, sizeof query, "SELECT * FROM %s WHERE " "tName = '%s' AND tStart = %d " "AND tEnd = %d AND strand = '%c%c'", pslTable, info->chrom, info->chromStart, info->chromEnd, parts[2][0], info->strand[0]); sr = sqlMustGetResult(conn, query); row = sqlNextRow(sr); if(row != NULL) { psl = pslLoad(row+1); sprintf(otherString, "&db=%s&pslTable=%s&chrom=%s&cStart=%d&cEnd=%d&strand=%s&qStrand=%s", database, pslTable, info->chrom,info->chromStart, info->chromEnd, info->strand, parts[2]); hgcAnchorSomewhere("potentPsl", cgiEncode(parts[0]), otherString, info->chrom); printf("<BR>View details of parts of alignment </A>.</BR>\n"); } sqlFreeResult(&sr); putaInfoFree(&info); @@ -22080,73 +22076,73 @@ struct sqlResult *sr, *sr2, *sr3, *sr4; char **row; char query[256], query2[256], query3[256], query4[256]; int rowOffset = hOffsetPastBin(database, seqName, table); int start = cartInt(cart, "o"); genericHeader(tdb, itemName); printf("<B>Item:</B> %s <BR>\n", itemName); printf("<B>Outside Link:</B> "); printf("<A HREF="); printSwissProtVariationUrl(stdout, itemName); printf(" Target=_blank> %s </A> <BR>\n", itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { dvBedStaticLoad(row+rowOffset, &dvBed); bedPrintPos((struct bed *)&dvBed, 3, tdb); } sqlFreeResult(&sr); -safef(query2, sizeof(query2), "select * from dv where varId = '%s' ", itemName); +sqlSafef(query2, sizeof(query2), "select * from dv where varId = '%s' ", itemName); sr2 = sqlGetResult(conn, query2); while ((row = sqlNextRow(sr2)) != NULL) { /* not using static load */ dv = dvLoad(row); printf("<B>Swiss-prot ID:</B> %s <BR>\n", dv->spID); printf("<B>Start:</B> %d <BR>\n", dv->start); printf("<B>Length:</B> %d <BR>\n", dv->len); printf("<B>Original:</B> %s <BR>\n", dv->orig); printf("<B>Variant:</B> %s <BR>\n", dv->variant); dvFree(&dv); } sqlFreeResult(&sr2); -safef(query3, sizeof(query3), "select * from dvXref2 where varId = '%s' ", itemName); +sqlSafef(query3, sizeof(query3), "select * from dvXref2 where varId = '%s' ", itemName); char *protDbName = hPdbFromGdb(database); struct sqlConnection *protDbConn = hAllocConn(protDbName); sr3 = sqlGetResult(protDbConn, query3); while ((row = sqlNextRow(sr3)) != NULL) { dvXref2 = dvXref2Load(row); if (sameString("MIM", dvXref2->extSrc)) { printf("<B>OMIM:</B> "); printf("<A HREF="); printOmimUrl(stdout, dvXref2->extAcc); printf(" Target=_blank> %s</A> \n", dvXref2->extAcc); /* nested query here */ if (hTableExists(database, "omimTitle")) { - safef(query4, sizeof(query4), "select * from omimTitle where omimId = '%s' ", dvXref2->extAcc); + sqlSafef(query4, sizeof(query4), "select * from omimTitle where omimId = '%s' ", dvXref2->extAcc); sr4 = sqlGetResult(conn, query4); while ((row = sqlNextRow(sr4)) != NULL) { omimTitle = omimTitleLoad(row); printf("%s\n", omimTitle->title); omimTitleFree(&omimTitle); } } printf("<BR>\n"); } dvXref2Free(&dvXref2); } sqlFreeResult(&sr3); hFreeConn(&protDbConn); @@ -22190,157 +22186,154 @@ } if (label == NULL) label = ""; /* no label */ printf("%s - <A HREF=\"%s\" TARGET=\"_BLANK\">%s</A>\n", label, url, link->attrAcc); } } void doOreganno(struct trackDb *tdb, char *itemName) { char *table = tdb->table; struct oreganno *r = NULL; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; -char *escName = NULL; char *prevLabel = NULL; int i = 0, listStarted = 0; //int start = cartInt(cart, "o"); genericHeader(tdb, itemName); /* postion, band, genomic size */ -escName = sqlEscapeString(itemName); -safef(query, sizeof(query), - "select * from %s where name = '%s'", table, escName); +sqlSafef(query, sizeof(query), + "select * from %s where name = '%s'", table, itemName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { r = oregannoLoad(row); printf("<B>ORegAnno ID:</B> %s <BR>\n", r->id); #if 0 // all the same as the ID for now printf("<B>ORegAnno name:</B> %s <BR>\n", r->name); #endif printf("<B>Strand:</B> %s<BR>\n", r->strand); bedPrintPos((struct bed *)r, 3, tdb); /* start html list for attributes */ printf("<DL>"); } sqlFreeResult(&sr); if (sameString(table, "oregannoOther")) { printf("<B>Attributes as described from other species</B><BR>\n"); } /* fetch and print the attributes */ for (i=0; i < oregannoAttrSize; i++) { int used = 0; char *tab; if (sameString(table, "oregannoOther")) tab = cloneString("oregannoOtherAttr"); else tab = cloneString("oregannoAttr"); /* names are quote safe, come from oregannoUi.c */ - safef(query, sizeof(query), "select * from %s where id = '%s' and attribute = '%s'", tab, r->id, oregannoAttributes[i]); + sqlSafef(query, sizeof(query), "select * from %s where id = '%s' and attribute = '%s'", tab, r->id, oregannoAttributes[i]); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { struct oregannoAttr attr; used++; if (used == 1) { if (!prevLabel || differentString(prevLabel, oregannoAttrLabel[i])) { if (listStarted == 0) listStarted = 1; else printf("</DD>"); printf("<DT><b>%s:</b></DT><DD>\n", oregannoAttrLabel[i]); freeMem(prevLabel); prevLabel = cloneString(oregannoAttrLabel[i]); } } oregannoAttrStaticLoad(row, &attr); printf("%s ", attr.attrVal); printf("<BR>\n"); } freeMem(tab); if (sameString(table, "oregannoOther")) tab = cloneString("oregannoOtherLink"); else tab = cloneString("oregannoLink"); - safef(query, sizeof(query), "select * from %s where id = '%s' and attribute = '%s'", tab, r->id, oregannoAttributes[i]); + sqlSafef(query, sizeof(query), "select * from %s where id = '%s' and attribute = '%s'", tab, r->id, oregannoAttributes[i]); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { struct oregannoLink link; used++; if (used == 1) { if (!prevLabel || differentString(prevLabel, oregannoAttrLabel[i])) { if (listStarted == 0) listStarted = 1; else printf("</DD>"); printf("<DT><b>%s:</b></DT><DD>\n", oregannoAttrLabel[i]); freeMem(prevLabel); prevLabel = cloneString(oregannoAttrLabel[i]); } } oregannoLinkStaticLoad(row, &link); printOregannoLink(&link); printf("<BR>\n"); } freeMem(tab); } if (listStarted > 0) printf("</DD></DL>"); oregannoFree(&r); freeMem(prevLabel); -freeMem(escName); printTrackHtml(tdb); hFreeConn(&conn); } void doSnpArray (struct trackDb *tdb, char *itemName, char *dataSource) { char *table = tdb->table; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int start = cartInt(cart, "o"); int end = 0; // char *chrom = cartString(cart, "c"); char nibName[HDB_MAX_PATH_STRING]; struct dnaSeq *seq; genericHeader(tdb, itemName); /* Affy uses their own identifiers */ if (sameString(dataSource, "Affy")) - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select chromEnd, strand, observed, rsId from %s where chrom = '%s' and chromStart=%d", table, seqName, start); else - safef(query, sizeof(query), "select chromEnd, strand, observed from %s where chrom = '%s' and chromStart=%d", table, seqName, start); + sqlSafef(query, sizeof(query), "select chromEnd, strand, observed from %s where chrom = '%s' and chromStart=%d", table, seqName, start); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { end = sqlUnsigned(row[0]); printPosOnChrom(seqName, start, end, row[1], FALSE, NULL); printf("<B>Polymorphism:</B> %s \n", row[2]); if (end == start + 1) { hNibForChrom(database, seqName, nibName); seq = hFetchSeq(nibName, seqName, start, end); touppers(seq->dna); if (sameString(row[1], "-")) reverseComplement(seq->dna, 1); @@ -22373,34 +22366,34 @@ /* Should be removed once Illumina comes up with a clear defintion of their strand data */ { char *table = tdb->table; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int start = cartInt(cart, "o"); int end = 0; char nibName[HDB_MAX_PATH_STRING]; struct dnaSeq *seq; genericHeader(tdb, itemName); /* Affy uses their own identifiers */ if (sameString(dataSource, "Affy")) - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select chromEnd, strand, observed, rsId from %s where chrom = '%s' and chromStart=%d", table, seqName, start); else - safef(query, sizeof(query), "select chromEnd, strand, observed from %s where chrom = '%s' and chromStart=%d", table, seqName, start); + sqlSafef(query, sizeof(query), "select chromEnd, strand, observed from %s where chrom = '%s' and chromStart=%d", table, seqName, start); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { end = sqlUnsigned(row[0]); /* force strand info to be blank for non-dbSnp entries, per Illumina's request */ printPosOnChrom(seqName, start, end, " ", FALSE, NULL); printf("<B>Polymorphism:</B> %s \n", row[2]); if (end == start + 1) { hNibForChrom(database, seqName, nibName); seq = hFetchSeq(nibName, seqName, start, end); touppers(seq->dna); @@ -22478,31 +22471,31 @@ hgReadRa(database, organism, rootDir, "links.ra", &linkInstructions); /* determine how to do link from .ra file */ thisLink = hashFindVal(linkInstructions, raKey); if (thisLink == NULL) return; /* no link found */ /* type determined by fields: url = external, dataSql = internal, others added later? */ /* need to print header here for some displays */ linktype = hashFindVal(thisLink, "dataSql"); label = hashFindVal(thisLink, "label"); if (label == NULL) label = ""; if (linktype != NULL) { - safef(query, sizeof(query), linktype, acc); + sqlSafef(query, sizeof(query), linktype, acc); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { /* should this print more than 1 column, get count from ra? */ if (row[0] != NULL) { /* print label and result */ printf("<B>%s</B> - %s", label, row[0]); /* check for link */ doubleEntry = hashFindVal(thisLink, "dataLink"); if (doubleEntry != NULL) { char url[512]; struct hash *newLink; char *accCol = NULL, *format = NULL; @@ -22547,56 +22540,56 @@ int printProtVarLink (char *id, int i) { struct protVarLink *link = NULL; struct hash *linkInstructions = NULL; struct hash *thisLink = NULL; struct sqlConnection *conn = hAllocConn(database); struct sqlConnection *conn2 = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; char *linktype, *label; char *doubleEntry = NULL; int attrCnt = 0; hgReadRa(database, organism, rootDir, "links.ra", &linkInstructions); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from protVarLink where id = '%s' and attrType = '%s'", id, gvAttrTypeKey[i]); /* attrType == gvAttrTypeKey should be quote safe */ sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { struct sqlResult *sr2; char **row2; attrCnt++; link = protVarLinkLoad(row); /* determine how to do link from .ra file */ thisLink = hashFindVal(linkInstructions, link->raKey); if (thisLink == NULL) continue; /* no link found */ /* type determined by fields: url = external, dataSql = internal, others added later? */ printGvAttrCatType(i); /* only print header if data */ linktype = hashFindVal(thisLink, "dataSql"); label = hashFindVal(thisLink, "label"); if (label == NULL) label = ""; if (linktype != NULL) { - safef(query, sizeof(query), linktype, link->acc); + sqlSafef(query, sizeof(query), linktype, link->acc); sr2 = sqlGetResult(conn2, query); while ((row2 = sqlNextRow(sr2)) != NULL) { /* should this print more than 1 column, get count from ra? */ if (row2[0] != NULL) { /* print label and result */ printf("<B>%s</B> - %s", label, row2[0]); /* check for link */ doubleEntry = hashFindVal(thisLink, "dataLink"); if (doubleEntry != NULL) { char url[512]; struct hash *newLink; char *accCol = NULL, *format = NULL; @@ -22644,56 +22637,56 @@ int printGvLink (char *id, int i) { struct gvLink *link = NULL; struct hash *linkInstructions = NULL; struct hash *thisLink = NULL; struct sqlConnection *conn = hAllocConn(database); struct sqlConnection *conn2 = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; char *linktype, *label; char *doubleEntry = NULL; int attrCnt = 0; hgReadRa(database, organism, rootDir, "links.ra", &linkInstructions); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from hgFixed.gvLink where id = '%s' and attrType = '%s'", id, gvAttrTypeKey[i]); /* attrType == gvAttrTypeKey should be quote safe */ sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { struct sqlResult *sr2; char **row2; attrCnt++; link = gvLinkLoad(row); /* determine how to do link from .ra file */ thisLink = hashFindVal(linkInstructions, link->raKey); if (thisLink == NULL) continue; /* no link found */ /* type determined by fields: url = external, dataSql = internal, others added later? */ printGvAttrCatType(i); /* only print header if data */ linktype = hashFindVal(thisLink, "dataSql"); label = hashFindVal(thisLink, "label"); if (label == NULL) label = ""; if (linktype != NULL) { - safef(query, sizeof(query), linktype, link->acc); + sqlSafef(query, sizeof(query), linktype, link->acc); sr2 = sqlGetResult(conn2, query); while ((row2 = sqlNextRow(sr2)) != NULL) { /* should this print more than 1 column, get count from ra? */ if (row2[0] != NULL) { /* print label and result */ printf("<B>%s</B> - %s", label, row2[0]); /* check for link */ doubleEntry = hashFindVal(thisLink, "dataLink"); if (doubleEntry != NULL) { char url[512]; struct hash *newLink; char *accCol = NULL, *format = NULL; @@ -22745,333 +22738,327 @@ } void doOmicia(struct trackDb *tdb, char *itemName) /* this prints the detail page for the Omicia track */ { struct omiciaLink *link = NULL; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; /* print generic bed start */ doBed6FloatScore(tdb, itemName); /* print links */ -safef(query, sizeof(query), "select * from omiciaLink where id = '%s'", itemName); +sqlSafef(query, sizeof(query), "select * from omiciaLink where id = '%s'", itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { link = omiciaLinkLoad(row); printLinksRaLink(link->acc, link->raKey, link->displayVal); } sqlFreeResult(&sr); printTrackHtml(tdb); } void doOmiciaOld (struct trackDb *tdb, char *itemName) /* this prints the detail page for the Omicia OMIM track */ { char *table = tdb->table; struct omiciaLink *link = NULL; struct omiciaAttr *attr = NULL; void *omim = NULL; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; int start = cartInt(cart, "o"); genericHeader(tdb, itemName); printf("<B>Name:</B> %s<BR>\n", itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " "chromStart = %d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { float score; struct omiciaAuto *om; if (sameString(table, "omiciaAuto")) omim = omiciaAutoLoad(row); else omim = omiciaHandLoad(row); om = (struct omiciaAuto *)omim; printPos(om->chrom, om->chromStart, om->chromEnd, om->strand, TRUE, om->name); /* print score separately, so can divide by 100 to retrieve original */ score = (float)om->score / 100.00; printf("<B>Confidence score:</B> %g<BR>\n", score); } sqlFreeResult(&sr); /* print links */ -safef(query, sizeof(query), "select * from omiciaLink where id = '%s'", itemName); +sqlSafef(query, sizeof(query), "select * from omiciaLink where id = '%s'", itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { link = omiciaLinkLoad(row); printLinksRaLink(link->acc, link->raKey, link->displayVal); } sqlFreeResult(&sr); /* print attributes */ -safef(query, sizeof(query), "select * from omiciaAttr where id = '%s' order by attrType", itemName); +sqlSafef(query, sizeof(query), "select * from omiciaAttr where id = '%s' order by attrType", itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { attr = omiciaAttrLoad(row); /* start with simple case print label and value */ printf("<B>%s:</B> %s<BR>\n", attr->attrType, attr->attrVal); } sqlFreeResult(&sr); printTrackHtml(tdb); } void doProtVar (struct trackDb *tdb, char *itemName) /* this prints the detail page for the UniProt variation track */ { char *table = tdb->table; struct protVarPos *mut = NULL; struct protVar *details = NULL; struct protVarAttr attr; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; -char *escName = NULL; int hasAttr = 0; int i; int start = cartInt(cart, "o"); /* official name, position, band, genomic size */ -escName = sqlEscapeString(itemName); -safef(query, sizeof(query), "select * from protVar where id = '%s'", escName); +sqlSafef(query, sizeof(query), "select * from protVar where id = '%s'", itemName); details = protVarLoadByQuery(conn, query); genericHeader(tdb, details->name); /* change label based on species */ if (sameString(organism, "Human")) printf("<B>HGVS name:</B> %s <BR>\n", details->name); else printf("<B>Official name:</B> %s <BR>\n", details->name); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " - "chromStart=%d and name = '%s'", table, seqName, start, escName); + "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { mut = protVarPosLoad(row); printPos(mut->chrom, mut->chromStart, mut->chromEnd, mut->strand, TRUE, mut->name); } sqlFreeResult(&sr); printf("*Note the DNA retrieved by the above link is the genomic sequence.<br>"); /* print location and mutation type fields */ printf("<B>location:</B> %s<BR>\n", details->location); printf("<B>type:</B> %s<BR>\n", details->baseChangeType); /* add note here about exactness of coordinates */ if (details->coordinateAccuracy == 0) { printf("<B>note:</B> The coordinates for this mutation are only estimated.<BR>\n"); } printf("<DL>"); /* loop through attributes (uses same lists as gv*) */ for(i=0; i<gvAttrSize; i++) { /* check 2 attribute tables for each type */ - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from protVarAttr where id = '%s' and attrType = '%s'", - escName, gvAttrTypeKey[i]); + itemName, gvAttrTypeKey[i]); /* attrType == gvAttrTypeKey should be quote safe */ sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { hasAttr++; protVarAttrStaticLoad(row, &attr); printGvAttrCatType(i); /* only print header, if data */ /* print value */ printf("%s<BR>", attr.attrVal); } sqlFreeResult(&sr); - hasAttr += printProtVarLink(escName, i); + hasAttr += printProtVarLink(itemName, i); } if (hasAttr > 0) printf("</DD>"); printf("</DL>\n"); protVarPosFree(&mut); -freeMem(escName); freeMem(gvPrevCat); freeMem(gvPrevType); printTrackHtml(tdb); hFreeConn(&conn); } void doGv(struct trackDb *tdb, char *itemName) /* this prints the detail page for the Genome variation track */ { char *table = tdb->table; struct gvPos *mut = NULL; struct gv *details = NULL; struct gvAttr attr; struct gvAttrLong attrLong; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[256]; -char *escName = NULL; int hasAttr = 0; int i; int start = cartInt(cart, "o"); /* official name, position, band, genomic size */ -escName = sqlEscapeString(itemName); -safef(query, sizeof(query), "select * from hgFixed.gv where id = '%s'", escName); +sqlSafef(query, sizeof(query), "select * from hgFixed.gv where id = '%s'", itemName); details = gvLoadByQuery(conn, query); genericHeader(tdb, details->name); /* change label based on species */ if (sameString(organism, "Human")) printf("<B>HGVS name:</B> %s <BR>\n", details->name); else printf("<B>Official name:</B> %s <BR>\n", details->name); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where chrom = '%s' and " - "chromStart=%d and name = '%s'", table, seqName, start, escName); + "chromStart=%d and name = '%s'", table, seqName, start, itemName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { char *strand = NULL; mut = gvPosLoad(row); strand = mut->strand; printPos(mut->chrom, mut->chromStart, mut->chromEnd, strand, TRUE, mut->name); } sqlFreeResult(&sr); if (mut == NULL) - errAbort("Couldn't find variant %s at %s %d", escName, seqName, start); + errAbort("Couldn't find variant %s at %s %d", itemName, seqName, start); printf("*Note the DNA retrieved by the above link is the genomic sequence.<br>"); /* fetch and print the source */ -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from hgFixed.gvSrc where srcId = '%s'", details->srcId); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { struct gvSrc *src = gvSrcLoad(row); printf("<B>source:</B> %s", src->lsdb); printf("<BR>\n"); } sqlFreeResult(&sr); /* print location and mutation type fields */ printf("<B>location:</B> %s<BR>\n", details->location); printf("<B>type:</B> %s<BR>\n", details->baseChangeType); /* add note here about exactness of coordinates */ if (details->coordinateAccuracy == 0) { printf("<B>note:</B> The coordinates for this mutation are only estimated.<BR>\n"); } printf("<DL>"); /* loop through attributes */ for(i=0; i<gvAttrSize; i++) { /* check all 3 attribute tables for each type */ - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from hgFixed.gvAttrLong where id = '%s' and attrType = '%s'", - escName, gvAttrTypeKey[i]); + itemName, gvAttrTypeKey[i]); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { hasAttr++; gvAttrLongStaticLoad(row, &attrLong); printGvAttrCatType(i); /* only print header, if data */ /* print value */ printf("%s<BR>", attrLong.attrVal); } sqlFreeResult(&sr); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from hgFixed.gvAttr where id = '%s' and attrType = '%s'", - escName, gvAttrTypeKey[i]); + itemName, gvAttrTypeKey[i]); /* attrType == gvAttrTypeKey should be quote safe */ sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { hasAttr++; gvAttrStaticLoad(row, &attr); printGvAttrCatType(i); /* only print header, if data */ /* print value */ printf("%s<BR>", attr.attrVal); } sqlFreeResult(&sr); - hasAttr += printGvLink(escName, i); + hasAttr += printGvLink(itemName, i); } if (hasAttr > 0) printf("</DD>"); printf("</DL>\n"); /* split code from printTrackHtml */ printTBSchemaLink(tdb); printDataVersion(tdb); printOrigAssembly(tdb); printUpdateTime(database, tdb, NULL); if (tdb->html != NULL && tdb->html[0] != 0) { htmlHorizontalLine(); puts(tdb->html); } hPrintf("<BR>\n"); gvPosFree(&mut); -freeMem(escName); freeMem(gvPrevCat); freeMem(gvPrevType); //printTrackHtml(tdb); hFreeConn(&conn); } void doPgSnp(struct trackDb *tdb, char *itemName, struct customTrack *ct) /* print detail page for personal genome track (pgSnp) */ { char *table; struct sqlConnection *conn; -char *escName = sqlEscapeString(itemName); struct sqlResult *sr; char **row; char query[256]; if (ct == NULL) { table = tdb->table; conn = hAllocConn(database); } else { table = ct->dbTableName; conn = hAllocConn(CUSTOM_TRASH); //ct->tdb } genericHeader(tdb, itemName); -safef(query, sizeof(query), "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", table, escName, seqName, cartInt(cart, "o")); +sqlSafef(query, sizeof(query), "select * from %s where name = '%s' and chrom = '%s' and chromStart = %d", + table, itemName, seqName, cartInt(cart, "o")); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { struct pgSnp *el = pgSnpLoad(row); char *all[8]; char *freq[8]; char *score[8]; char *name = cloneString(el->name); char *fr = NULL; char *sc = NULL; char *siftTab = trackDbSetting(tdb, "pgSiftPredTab"); char *polyTab = trackDbSetting(tdb, "pgPolyphenPredTab"); int i = 0; printPos(el->chrom, el->chromStart, el->chromEnd, "+", TRUE, el->name); printf("Alleles are relative to forward strand of reference genome:<br>\n"); @@ -23110,81 +23097,81 @@ hFreeConn(&conn); } void doPgPhenoAssoc(struct trackDb *tdb, char *itemName) { char *table = tdb->table; struct pgPhenoAssoc *pheno = NULL; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; struct dyString *query = dyStringNew(512); int start = cartInt(cart, "o"); genericHeader(tdb, itemName); -dyStringPrintf(query, "select * from %s where chrom = '%s' and ", +sqlDyStringPrintf(query, "select * from %s where chrom = '%s' and ", table, seqName); -dyStringPrintf(query, "name = '%s' and chromStart = %d", itemName, start); +sqlDyStringPrintf(query, "name = '%s' and chromStart = %d", itemName, start); sr = sqlGetResult(conn, query->string); while ((row = sqlNextRow(sr)) != NULL) { pheno = pgPhenoAssocLoad(row); bedPrintPos((struct bed *)pheno, 4, tdb); printf("Personal Genome phenotype: <a href=\"%s\">link to phenotype source</a><BR>\n", pheno->srcUrl); } printTrackHtml(tdb); } void doAllenBrain(struct trackDb *tdb, char *itemName) /* Put up page for Allen Brain Atlas. */ { char *table = tdb->table; struct psl *pslList; int start = cartInt(cart, "o"); struct sqlConnection *conn = hAllocConn(database); char *url, query[512]; genericHeader(tdb, itemName); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select url from allenBrainUrl where name = '%s'", itemName); url = sqlQuickString(conn, query); printf("<H3><A HREF=\"%s\" target=_blank>", url); printf("Click here to open Allen Brain Atlas on this probe.</A></H3><BR>"); pslList = getAlignments(conn, table, itemName); puts("<H3>Probe/Genome Alignments</H3>"); printAlignments(pslList, start, "htcCdnaAli", table, itemName); printTrackHtml(tdb); hFreeConn(&conn); } void doExaptedRepeats(struct trackDb *tdb, char *itemName) /* Respond to click on the exaptedRepeats track. */ { struct sqlConnection *conn = hAllocConn(database); char query[256]; struct sqlResult *sr; char **row; char *chr, *name; unsigned int chromStart, chromEnd; boolean blastzAln; cartWebStart(cart, database, "%s", itemName); -sprintf(query, "select * from %s where name = '%s'", tdb->table, itemName); +sqlSafef(query, sizeof query, "select * from %s where name = '%s'", tdb->table, itemName); selectOneRow(conn, tdb->table, query, &sr, &row); chr = cloneString(row[0]); chromStart = sqlUnsigned(row[1]); chromEnd = sqlUnsigned(row[2]); name = cloneString(row[3]); blastzAln = (sqlUnsigned(row[4])==1); printPos(chr, chromStart, chromEnd, NULL, TRUE, name); printf("<B>Item:</B> %s<BR>\n", name); if(blastzAln){printf("<B>Alignment to the repeat consensus verified with blastz:</B> yes<BR>\n");} else{printf("<B>Alignment to repeat consensus verified with blastz:</B> no<BR>\n");} sqlFreeResult(&sr); hFreeConn(&conn); printTrackHtml(tdb); @@ -23204,35 +23191,35 @@ else source++; genericHeader(tdb, name); printf("<B>Source:</B> %s<BR>\n", source); printCustomUrl(tdb, name, TRUE); if (startsWith("psl", tdb->type)) { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr = NULL; struct dyString *query = dyStringNew(512); char **row = NULL; int rowOffset = hOffsetPastBin(database, seqName, tdb->table); int start = cartInt(cart, "o"); int end = cartInt(cart, "t"); - dyStringPrintf(query, "select * from %s where tName = '%s' and ", + sqlDyStringPrintf(query, "select * from %s where tName = '%s' and ", tdb->table, seqName); if (rowOffset) hAddBinToQuery(start, end, query); - dyStringPrintf(query, "tStart = %d and qName = '%s'", start, itemName); + sqlDyStringPrintf(query, "tStart = %d and qName = '%s'", start, itemName); sr = sqlGetResult(conn, query->string); if ((row = sqlNextRow(sr)) != NULL) { struct psl *psl = pslLoad(row+rowOffset); printPos(psl->tName, psl->tStart, psl->tEnd, psl->strand, TRUE, psl->qName); if (hGenBankHaveSeq(database, itemName, NULL)) { printf("<H3>%s/Genomic Alignments</H3>", name); printAlignments(psl, start, "htcCdnaAli", tdb->table, encodedName); } else { printf("<B>Alignment details:</B>\n"); @@ -23249,31 +23236,31 @@ } void doRdmr(struct trackDb *tdb, char *item) /* details page for rdmr track */ { struct sqlConnection *conn = hAllocConn(database); char query[512]; struct sqlResult *sr; char **row; int ii; char *chrom,*chromStart,*chromEnd,*fibroblast,*iPS,*absArea,*gene,*dist2gene,*relation2gene,*dist2island,*relation2island,*fdr; genericHeader(tdb, item); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select chrom,chromStart,chromEnd,fibroblast,iPS,absArea,gene,dist2gene,relation2gene,dist2island,relation2island,fdr from rdmrRaw where gene = '%s'", item); sr = sqlGetResult(conn, query); row = sqlNextRow(sr); ii = 0; chrom = row[ii];ii++; chromStart = row[ii];ii++; chromEnd = row[ii];ii++; fibroblast = row[ii];ii++; iPS = row[ii];ii++; absArea = row[ii];ii++; gene = row[ii];ii++; dist2gene = row[ii];ii++; relation2gene = row[ii];ii++; @@ -23299,40 +23286,40 @@ void doKomp(struct trackDb *tdb, char *item) /* KnockOut Mouse Project */ { struct sqlConnection *conn = hAllocConn(database); char query[512]; struct sqlResult *sr; char **row; genericHeader(tdb, item); char defaultExtra[HDB_MAX_TABLE_STRING]; safef(defaultExtra, sizeof(defaultExtra), "%sExtra", tdb->table); char *extraTable = trackDbSettingOrDefault(tdb, "xrefTable", defaultExtra); boolean gotExtra = sqlTableExists(conn, extraTable); if (gotExtra) { char mgiId[256]; - safef(query, sizeof(query), "select alias from %s where name = '%s'", + sqlSafef(query, sizeof(query), "select alias from %s where name = '%s'", extraTable, item); sqlQuickQuery(conn, query, mgiId, sizeof(mgiId)); char *ptr = strchr(mgiId, ','); if (!startsWith("MGI:", mgiId) || ptr == NULL) errAbort("Where is the MGI ID?: '%s'", mgiId); else *ptr = '\0'; // Use the MGI ID to show all centers that are working on this gene: - safef(query, sizeof(query), "select name,alias from %s where alias like '%s,%%'", + sqlSafef(query, sizeof(query), "select name,alias from %s where alias like '%s,%%'", extraTable, mgiId); sr = sqlGetResult(conn, query); char lastMgiId[16]; lastMgiId[0] = '\0'; puts("<TABLE BORDERWIDTH=0 CELLPADDING=0>"); while ((row = sqlNextRow(sr)) != NULL) { char *words[3]; int wordCount = chopCommas(row[1], words); if (wordCount >= 3) { char *mgiId = words[0], *center = words[1], *status = words[2]; if (!sameString(mgiId, lastMgiId)) { printf("<TR><TD colspan=2>"); @@ -23354,31 +23341,31 @@ productStr = strdup(status); chp = strstr(productStr, "vailable"); chp--; chp--; *chp = '\0'; printf(" (<A HREF=\"http://www.knockoutmouse.org/search_results?criteria=%s\" target=_blank>", ++ptr); printf("order %s)", productStr);fflush(stdout); } printf("</TD></TR>\n"); } } puts("<TR><TD colspan=2>"); sqlFreeResult(&sr); } -safef(query, sizeof(query), "select chrom,chromStart,chromEnd from %s " +sqlSafef(query, sizeof(query), "select chrom,chromStart,chromEnd from %s " "where name = '%s'", tdb->table, item); sr = sqlGetResult(conn, query); char lastChr[32]; int lastStart = -1; int lastEnd = -1; lastChr[0] = '\0'; while ((row = sqlNextRow(sr)) != NULL) { char *chr = row[0]; int start = atoi(row[1]), end = atoi(row[2]); if (!sameString(chr, lastChr) || start != lastStart || end != lastEnd) printPos(chr, start, end, NULL, TRUE, item); safecpy(lastChr, sizeof(lastChr), chr); lastStart = start; lastEnd = end; @@ -23395,45 +23382,45 @@ { struct sqlConnection *conn = hAllocConn(database); char query[512]; struct sqlResult *sr; char **row; genericHeader(tdb, item); char defaultExtra[HDB_MAX_TABLE_STRING]; safef(defaultExtra, sizeof(defaultExtra), "%sExtra", tdb->table); char *extraTable = trackDbSettingOrDefault(tdb, "xrefTable", defaultExtra); boolean gotExtra = sqlTableExists(conn, extraTable); if (gotExtra) { char mgiId[256]; char *designId; - safef(query, sizeof(query), "select alias from %s where name = '%s'", + sqlSafef(query, sizeof(query), "select alias from %s where name = '%s'", extraTable, item); sqlQuickQuery(conn, query, mgiId, sizeof(mgiId)); char *ptr = strchr(mgiId, ','); if (!startsWith("MGI:", mgiId) || ptr == NULL) errAbort("Where is the MGI ID?: '%s'", mgiId); else *ptr = '\0'; ptr++; designId = ptr; ptr = strchr(ptr, ','); *ptr = '\0'; // Show entries with the MGI ID and design ID - safef(query, sizeof(query), "select name,alias from %s where alias like '%s,%s%%'", + sqlSafef(query, sizeof(query), "select name,alias from %s where alias like '%s,%s%%'", extraTable, mgiId, designId); sr = sqlGetResult(conn, query); char lastMgiId[16]; lastMgiId[0] = '\0'; puts("<TABLE BORDERWIDTH=0 CELLPADDING=0>"); while ((row = sqlNextRow(sr)) != NULL) { char *words[4]; int wordCount = chopCommas(row[1], words); if (wordCount >= 3) { char *mgiId = words[0], *center = words[2], *status = words[3]; if (!sameString(mgiId, lastMgiId)) { printf("<TR><TD colspan=2>"); @@ -23455,31 +23442,31 @@ productStr = strdup(status); chp = strstr(productStr, "vailable"); chp--; chp--; *chp = '\0'; printf(" (<A HREF=\"http://www.komp.org/geneinfo.php?project=%s\" target=_blank>", ++ptr); printf("order %s)", productStr);fflush(stdout); } printf("</TD></TR>\n"); } } puts("<TR><TD colspan=2>"); sqlFreeResult(&sr); } -safef(query, sizeof(query), "select chrom,chromStart,chromEnd from %s " +sqlSafef(query, sizeof(query), "select chrom,chromStart,chromEnd from %s " "where name = '%s'", tdb->table, item); sr = sqlGetResult(conn, query); char lastChr[32]; int lastStart = -1; int lastEnd = -1; lastChr[0] = '\0'; while ((row = sqlNextRow(sr)) != NULL) { char *chr = row[0]; int start = atoi(row[1]), end = atoi(row[2]); if (!sameString(chr, lastChr) || start != lastStart || end != lastEnd) printPos(chr, start, end, NULL, TRUE, item); safecpy(lastChr, sizeof(lastChr), chr); lastStart = start; lastEnd = end; @@ -23502,198 +23489,198 @@ char *cliniTable=NULL, *key=NULL; char query[256]; struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr, *startSr; char **row; if (sameString(table, "CGHBreastCancerUCSF") || sameString(table, "expBreastCancerUCSF")) { cliniTable = "phenBreastTumors"; key = "id"; /* er, pr */ printf("<BR>"); printf("<TABLE BORDER=1>\n"); printf("<TR><TH>ER</TH> <TH>PR</TH></TR>\n"); - safef(query, sizeof(query), "select er, pr from %s where %s = '%s' ", cliniTable, key, item); + sqlSafef(query, sizeof(query), "select er, pr from %s where %s = '%s' ", cliniTable, key, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { printf("<TR>"); printf("<TD>%s</TD>", row[0]); printf("<TD>%s</TD>", row[1]); printf("</TR>"); } printf("</TABLE>\n"); sqlFreeResult(&sr); /* subEuc, subCor */ printf("<BR>"); printf("<TABLE BORDER=1>\n"); printf("<TR><TH>subEuc</TH> <TH>subCor</TH></TR>\n"); - safef(query, sizeof(query), "select subEuc, subCor from %s where %s = '%s' ", cliniTable, key, item); + sqlSafef(query, sizeof(query), "select subEuc, subCor from %s where %s = '%s' ", cliniTable, key, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { printf("<TR>"); printf("<TD>%s</TD>", row[0]); printf("<TD>%s</TD>", row[1]); printf("</TR>"); } printf("</TABLE>\n"); sqlFreeResult(&sr); /* subtypes */ printf("<BR>"); printf("<TABLE BORDER=1>\n"); printf("<TR><TH>subtype2</TH> <TH>subtype3</TH> <TH>subtype4</TH> <TH>subtype5</TH></TR>\n"); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select subtype2, subtype3, subtype4, subtype5 from %s where %s = '%s' ", cliniTable, key, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { printf("<TR>"); printf("<TD>%s</TD>", row[0]); printf("<TD>%s</TD>", row[1]); printf("<TD>%s</TD>", row[2]); printf("<TD>%s</TD>", row[3]); printf("</TR>"); } printf("</TABLE>\n"); sqlFreeResult(&sr); /* stage, size, nodalStatus, SBRGrade */ printf("<BR>"); printf("<TABLE BORDER=1>\n"); printf("<TR><TH>Stage</TH> <TH>Size</TH> <TH>Nodal status</TH> <TH>SBR Grade</TH></TR>\n"); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select stage, size, nodalStatus, SBRGrade from %s where %s = '%s' ", cliniTable, key, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { printf("<TR>"); printf("<TD>%s</TD>", row[0]); printf("<TD>%s</TD>", row[1]); printf("<TD>%s</TD>", row[2]); printf("<TD>%s</TD>", row[3]); printf("</TR>"); } printf("</TABLE>\n"); sqlFreeResult(&sr); /* race, familyHistory, ageDx */ printf("<BR>"); printf("<TABLE BORDER=1>\n"); printf("<TR><TH>Race</TH> <TH>Family history</TH> <TH>Age of Diagnosis</TH> </TR>\n"); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select race, familyHistory, ageDx from %s where %s = '%s' ", cliniTable, key, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { printf("<TR>"); printf("<TD>%s</TD>", row[0]); printf("<TD>%s</TD>", row[1]); printf("<TD>%s</TD>", row[2]); printf("</TR>"); } printf("</TABLE>\n"); sqlFreeResult(&sr); /* rad, chemo, horm, erb, p53, ki67 */ printf("<BR>"); printf("<TABLE BORDER=1>\n"); printf("<TR><TH>Rad</TH> <TH>Chemo</TH> <TH>Horm</TH> <TH>ERB</TH> <TH>p53</TH>"); printf("<TH>ki67</TH></TR>\n"); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select rad, chemo, horm, erb, p53, ki67 from %s where %s = '%s' ", cliniTable, key, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { printf("<TR>"); printf("<TD>%s</TD>", row[0]); printf("<TD>%s</TD>", row[1]); printf("<TD>%s</TD>", row[2]); printf("<TD>%s</TD>", row[3]); printf("<TD>%s</TD>", row[4]); printf("<TD>%s</TD>", row[5]); printf("</TR>"); } printf("</TABLE>\n"); sqlFreeResult(&sr); /* T/N/M */ printf("<BR>"); printf("<TABLE BORDER=1>\n"); printf("<TR><TH>T</TH> <TH>N</TH> <TH>M</TH></TR>\n"); - safef(query, sizeof(query), "select T, N, M from %s where %s = '%s' ", cliniTable, key, item); + sqlSafef(query, sizeof(query), "select T, N, M from %s where %s = '%s' ", cliniTable, key, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { printf("<TR>"); printf("<TD>%s</TD>", row[0]); printf("<TD>%s</TD>", row[1]); printf("<TD>%s</TD>", row[2]); printf("</TR>"); } printf("</TABLE>\n"); sqlFreeResult(&sr); /* times */ printf("<BR><B>Times:</B><BR>\n"); printf("<TABLE BORDER=1>\n"); printf("<TR><TH>Type</TH> <TH>Binary</TH> <TH>Value</TH></TR>\n"); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select overallBinary, overallTime, diseaseBinary, diseaseTime, " "allrecBinary, allrecTime, distrecBinary, distrecTime from %s where %s = '%s' ", cliniTable, key, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { printf("<TR><TD>Overall</TD> <TD>%s</TD> <TD>%s</TD></TR>", row[0], row[1]); printf("<TR><TD>Disease</TD> <TD>%s</TD> <TD>%s</TD></TR>", row[2], row[3]); printf("<TR><TD>Allrec</TD> <TD>%s</TD> <TD>%s</TD></TR>", row[4], row[5]); printf("<TR><TD>Distrec</TD> <TD>%s</TD> <TD>%s</TD></TR>", row[6], row[7]); } printf("</TABLE>\n"); sqlFreeResult(&sr); /* affyChipId */ printf("<BR>"); - safef(query, sizeof(query), "select affyChipId from %s where %s = '%s' ", cliniTable, key, item); + sqlSafef(query, sizeof(query), "select affyChipId from %s where %s = '%s' ", cliniTable, key, item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { printf("<B>Affy Chip ID:</B> %s\n", row[0]); } printf("</TABLE>\n"); sqlFreeResult(&sr); return; } else if ( sameString(table, "cnvLungBroadv2")) { cliniTable = "tspLungClinical"; key = "tumorID"; } else return; htmlHorizontalLine(); -safef(query, sizeof(query), +sqlSafef(query, sizeof(query), "select * from %s where %s = '%s' ", cliniTable, key,item); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { startSr = sr; int numFields = sqlCountColumns(sr); int i; char *fieldName=NULL, *value=NULL; for (i=0; i< numFields; i++) { fieldName = sqlFieldName(sr); value = row[i]; printf("%s: <B>%s</B><BR>\n", fieldName, value); @@ -23710,31 +23697,31 @@ struct dyString *dy = dyStringNew(1024); struct sqlConnection *conn = hAllocConn(database); struct itemConf *cf; char confTable[128]; /* create name for confidence table containing posterior probability and false discovery rate (FDR). */ safef(confTable, sizeof(confTable), "%sConf", tdb->table); if (sqlTableExists(conn, confTable)) { /* print the posterior probability and FDR if available */ struct sqlResult *sr; char query[256], **row; - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select * from %s where id = '%s'", confTable, item); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { cf = itemConfLoad(row); dyStringPrintf(dy, "<B>Posterior Probability:</B> %.4g<BR>\n", cf->probability); dyStringPrintf(dy, "<B>False Discovery Rate (FDR):</B> %.2f<BR>\n", cf->fdr); itemConfFree(&cf); } sqlFreeResult(&sr); } hFreeConn(&conn); genericClickHandlerPlus(tdb, item, NULL, dy->string); dyStringFree(&dy); } @@ -23748,31 +23735,31 @@ if (isNotEmpty(ncbiAccXref) && hTableExists(database, ncbiAccXref)) { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char *cloneName = cloneString(item); char *postUnderscore = strchr(cloneName, '_'); char query[512]; /* In kiddEichlerDiscG248, all clone names have a WIBR2-\w+_ prefix * before the G248\w+ clone name given in the files used to make this * table, e.g. WIBR2-1962P18_G248P85919H9,transchrm_chr4 -- skip that * prefix. Then strip all kiddEichlerDisc* names' ,.* suffixes. */ if (startsWith("WIBR2-", cloneName) && postUnderscore != NULL) cloneName = postUnderscore+1; chopPrefixAt(cloneName, ','); - safef(query, sizeof(query), + sqlSafef(query, sizeof(query), "select cloneAcc, endF, endR from %s where name = '%s'", ncbiAccXref, cloneName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { if (isNotEmpty(row[0])) printf("<B>Clone Report and Sequence (NCBI Nucleotide): </B>" "<A HREF=\"%s\" TARGET=_BLANK>%s</A><BR>\n", getEntrezNucleotideUrl(row[0]), row[0]); char *endUrlFormat = trackDbSetting(tdb, "pairedEndUrlFormat"); /* Truncate cloneName to get library name: ABC* are followed by _, * G248 are not. */ char *libId = cloneName; if (startsWith("G248", libId)) libId[strlen("G248")] = '\0'; @@ -23796,42 +23783,41 @@ sqlFreeResult(&sr); hFreeConn(&conn); } } void doKiddEichlerDisc(struct trackDb *tdb, char *item) /* Discordant clone end mappings from Kidd..Eichler 2008. */ { struct sqlConnection *conn = hAllocConn(database); char query[512]; struct sqlResult *sr; char **row; boolean hasBin; struct bed *bed; boolean firstTime = TRUE; -char *escapedName = sqlEscapeString(item); int start = cartInt(cart, "o"); genericHeader(tdb, item); if (! startsWith(KIDD_EICHLER_DISC_PREFIX, tdb->table)) errAbort("track tableName must begin with "KIDD_EICHLER_DISC_PREFIX " but instead it is %s", tdb->table); hasBin = hOffsetPastBin(database, seqName, tdb->table); /* We don't need to add bin to this because name is indexed: */ -safef(query, sizeof(query), "select * from %s where name = '%s' " +sqlSafef(query, sizeof(query), "select * from %s where name = '%s' " "and chrom = '%s' and chromStart = %d", - tdb->table, escapedName, seqName, start); + tdb->table, item, seqName, start); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { if (firstTime) firstTime = FALSE; else htmlHorizontalLine(); bed = bedLoadN(row+hasBin, 12); int lastBlk = bed->blockCount - 1; int endForUrl = (bed->chromStart + bed->chromStarts[lastBlk] + bed->blockSizes[lastBlk]); char *endFudge = trackDbSetting(tdb, "endFudge"); if (endFudge && !strstr(bed->name, "OEA")) endForUrl += atoi(endFudge); char sampleName[16]; @@ -23853,74 +23839,72 @@ } void doBedDetail(struct trackDb *tdb, struct customTrack *ct, char *itemName) /* generate the detail page for a custom track of bedDetail type */ { char *table; struct bedDetail *r = NULL; struct sqlConnection *conn; struct sqlResult *sr; char **row; char query[256]; char *chrom = cartString(cart,"c"); /* don't assume name is unique */ int start = cgiInt("o"); int end = cgiInt("t"); int bedPart = 4; -char *escName = NULL; if (ct == NULL) { char *words[3]; int cnt = chopLine(cloneString(tdb->type), words); if (cnt > 1) bedPart = atoi(words[1]) - 2; table = tdb->table; conn = hAllocConn(database); genericHeader(tdb, itemName); } else { table = ct->dbTableName; conn = hAllocConn(CUSTOM_TRASH); bedPart = ct->fieldCount - 2; /* header handled by custom track handler */ } /* postion, band, genomic size */ -escName = sqlEscapeString(itemName); -safef(query, sizeof(query), - "select * from %s where chrom = '%s' and chromStart = %d and chromEnd = %d and name = '%s'", table, chrom, start, end, escName); +sqlSafef(query, sizeof(query), + "select * from %s where chrom = '%s' and chromStart = %d and chromEnd = %d and name = '%s'", + table, chrom, start, end, itemName); sr = sqlGetResult(conn, query); if ((row = sqlNextRow(sr)) != NULL) { r = bedDetailLoadWithGaps(row, bedPart+2); bedPrintPos((struct bed*)r, bedPart, tdb); if (r->id != NULL) { if (!sameString("qPcrPrimers", table)) printf("<B>ID:</B> %s <BR>\n", r->id); printCustomUrl(tdb, r->id, TRUE); } if (isNotEmpty(r->description)) printf("%s <BR>\n", r->description); } sqlFreeResult(&sr); /* do not print this for custom tracks, they do this later */ if (ct == NULL) printTrackHtml(tdb); bedDetailFree(&r); -freeMem(escName); hFreeConn(&conn); } struct trackDb *tdbForTableArg() /* get trackDb for track passed in table arg */ { char *table = cartString(cart, "table"); struct trackDb *tdb = hashFindVal(trackHash, table); if (tdb == NULL) errAbort("no trackDb entry for %s", table); return tdb; } void doGeneReviews(struct trackDb *tdb, char *itemName) /* generate the detail page for geneReviews */ @@ -23939,33 +23923,33 @@ } void prGeneReviews(struct sqlConnection *conn, char *itemName) /* print GeneReviews associated to this item Note: this print function has been replaced by addGeneReviewToBed.pl which print the same information to the field 5 of bigBed file */ { struct sqlResult *sr; char **row; char query[512]; int i; char *clickMsg = "Click link(s) below to search GeneReviews and GeneTests"; boolean firstTime = TRUE; -if (!sqlTablesExist(conn, "geneReviewsRefGene")) return; +if (!sqlTableExists(conn, "geneReviewsRefGene")) return; -safef(query, sizeof(query), "select grShort, diseaseID, diseaseName from geneReviewsRefGene where geneSymbol='%s'", itemName); +sqlSafef(query, sizeof(query), "select grShort, diseaseID, diseaseName from geneReviewsRefGene where geneSymbol='%s'", itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { char *grShort = *row++; char *diseaseID = *row++; char *diseaseName = *row++; if (firstTime) { printf("<BR><B> GeneReview(s) available for %s:</B> (%s)<BR>",itemName,clickMsg); firstTime = FALSE; printf("<PRE><TT>"); // #123456789-123456789-123456789-123456789-123456789-123456789- printf("Short name Disease ID GeneTests disease name<BR>"); @@ -23984,33 +23968,33 @@ } /* end while */ printf("</TT></PRE>"); sqlFreeResult(&sr); } /* end of prGeneReviews */ void prGRShortRefGene(char *itemName) /* print GeneReviews short label associated to this refGene item */ { struct sqlConnection *conn = hAllocConn(database); struct sqlResult *sr; char **row; char query[512]; boolean firstTime = TRUE; -if (!sqlTablesExist(conn, "geneReviewsRefGene")) return; +if (!sqlTableExists(conn, "geneReviewsRefGene")) return; -safef(query, sizeof(query), "select grShort, diseaseName from geneReviewsRefGene where geneSymbol='%s'", itemName); +sqlSafef(query, sizeof(query), "select grShort, diseaseName from geneReviewsRefGene where geneSymbol='%s'", itemName); sr = sqlGetResult(conn, query); while ((row = sqlNextRow(sr)) != NULL) { char *grShort = *row++; char *diseaseName = *row++; if (firstTime) { printf("<B>Related GeneReview(s) and GeneTests disease(s): </B>"); firstTime = FALSE; printf("<A HREF=\"http://www.ncbi.nlm.nih.gov/books/n/gene/%s\" TARGET=_blank><B>%s</B></A>", grShort, grShort); printf(" ("); printf("<A HREF=\"http://www.ncbi.nlm.nih.gov/sites/GeneTests/review/disease/%s?db=genetests&search_param=contains\" TARGET=_blank>%s</A>", diseaseName, diseaseName); printf(")"); } else { printf(", ");