src/hg/inc/landmark.h 080a160c7b9595d516c9c70e83689a09b60839d0

080a160c7b9595d516c9c70e83689a09b60839d0
galt
  Mon Jun 3 12:16:53 2013 -0700
fix SQL Injection
diff --git src/hg/inc/landmark.h src/hg/inc/landmark.h
index fe7d1a9..e5b9a73 100644
--- src/hg/inc/landmark.h
+++ src/hg/inc/landmark.h
@@ -44,42 +44,31 @@
 /* Load all landmark from tab separated file.
  * Dispose of this with landmarkFreeList(). */
 
 struct landmark *landmarkLoadByQuery(struct sqlConnection *conn, char *query);
 /* Load all landmark from table that satisfy the query given.  
  * Where query is of the form 'select * from example where something=something'
  * or 'select example.* from example, anotherTable where example.something = 
  * anotherTable.something'.
  * Dispose of this with landmarkFreeList(). */
 
 void landmarkSaveToDb(struct sqlConnection *conn, struct landmark *el, char *tableName, int updateSize);
 /* Save landmark as a row to the table specified by tableName. 
  * As blob fields may be arbitrary size updateSize specifies the approx size
  * of a string that would contain the entire query. Arrays of native types are
  * converted to comma separated strings and loaded as such, User defined types are
- * inserted as NULL. Note that strings must be escaped to allow insertion into the database.
- * For example "autosql's features include" --> "autosql\'s features include" 
- * If worried about this use landmarkSaveToDbEscaped() */
-
-void landmarkSaveToDbEscaped(struct sqlConnection *conn, struct landmark *el, char *tableName, int updateSize);
-/* Save landmark as a row to the table specified by tableName. 
- * As blob fields may be arbitrary size updateSize specifies the approx size.
- * of a string that would contain the entire query. Automatically 
- * escapes all simple strings (not arrays of string) but may be slower than landmarkSaveToDb().
- * For example automatically copies and converts: 
- * "autosql's features include" --> "autosql\'s features include" 
- * before inserting into database. */ 
+ * inserted as NULL. Strings are automatically escaped to allow insertion into the database. */
 
 struct landmark *landmarkCommaIn(char **pS, struct landmark *ret);
 /* Create a landmark out of a comma separated string. 
  * This will fill in ret if non-null, otherwise will
  * return a new landmark */
 
 void landmarkFree(struct landmark **pEl);
 /* Free a single dynamically allocated landmark such as created
  * with landmarkLoad(). */
 
 void landmarkFreeList(struct landmark **pList);
 /* Free a list of dynamically allocated landmark's */
 
 void landmarkOutput(struct landmark *el, FILE *f, char sep, char lastSep);
 /* Print out landmark.  Separate fields with sep. Follow last field with lastSep. */
@@ -122,42 +111,31 @@
 /* Load all landmarkAttr from tab separated file.
  * Dispose of this with landmarkAttrFreeList(). */
 
 struct landmarkAttr *landmarkAttrLoadByQuery(struct sqlConnection *conn, char *query);
 /* Load all landmarkAttr from table that satisfy the query given.  
  * Where query is of the form 'select * from example where something=something'
  * or 'select example.* from example, anotherTable where example.something = 
  * anotherTable.something'.
  * Dispose of this with landmarkAttrFreeList(). */
 
 void landmarkAttrSaveToDb(struct sqlConnection *conn, struct landmarkAttr *el, char *tableName, int updateSize);
 /* Save landmarkAttr as a row to the table specified by tableName. 
  * As blob fields may be arbitrary size updateSize specifies the approx size
  * of a string that would contain the entire query. Arrays of native types are
  * converted to comma separated strings and loaded as such, User defined types are
- * inserted as NULL. Note that strings must be escaped to allow insertion into the database.
- * For example "autosql's features include" --> "autosql\'s features include" 
- * If worried about this use landmarkAttrSaveToDbEscaped() */
-
-void landmarkAttrSaveToDbEscaped(struct sqlConnection *conn, struct landmarkAttr *el, char *tableName, int updateSize);
-/* Save landmarkAttr as a row to the table specified by tableName. 
- * As blob fields may be arbitrary size updateSize specifies the approx size.
- * of a string that would contain the entire query. Automatically 
- * escapes all simple strings (not arrays of string) but may be slower than landmarkAttrSaveToDb().
- * For example automatically copies and converts: 
- * "autosql's features include" --> "autosql\'s features include" 
- * before inserting into database. */ 
+ * inserted as NULL. Strings are automatically escaped to allow insertion into the database. */
 
 struct landmarkAttr *landmarkAttrCommaIn(char **pS, struct landmarkAttr *ret);
 /* Create a landmarkAttr out of a comma separated string. 
  * This will fill in ret if non-null, otherwise will
  * return a new landmarkAttr */
 
 void landmarkAttrFree(struct landmarkAttr **pEl);
 /* Free a single dynamically allocated landmarkAttr such as created
  * with landmarkAttrLoad(). */
 
 void landmarkAttrFreeList(struct landmarkAttr **pList);
 /* Free a list of dynamically allocated landmarkAttr's */
 
 void landmarkAttrOutput(struct landmarkAttr *el, FILE *f, char sep, char lastSep);
 /* Print out landmarkAttr.  Separate fields with sep. Follow last field with lastSep. */
@@ -200,42 +178,31 @@
 /* Load all landmarkAttrLink from tab separated file.
  * Dispose of this with landmarkAttrLinkFreeList(). */
 
 struct landmarkAttrLink *landmarkAttrLinkLoadByQuery(struct sqlConnection *conn, char *query);
 /* Load all landmarkAttrLink from table that satisfy the query given.  
  * Where query is of the form 'select * from example where something=something'
  * or 'select example.* from example, anotherTable where example.something = 
  * anotherTable.something'.
  * Dispose of this with landmarkAttrLinkFreeList(). */
 
 void landmarkAttrLinkSaveToDb(struct sqlConnection *conn, struct landmarkAttrLink *el, char *tableName, int updateSize);
 /* Save landmarkAttrLink as a row to the table specified by tableName. 
  * As blob fields may be arbitrary size updateSize specifies the approx size
  * of a string that would contain the entire query. Arrays of native types are
  * converted to comma separated strings and loaded as such, User defined types are
- * inserted as NULL. Note that strings must be escaped to allow insertion into the database.
- * For example "autosql's features include" --> "autosql\'s features include" 
- * If worried about this use landmarkAttrLinkSaveToDbEscaped() */
-
-void landmarkAttrLinkSaveToDbEscaped(struct sqlConnection *conn, struct landmarkAttrLink *el, char *tableName, int updateSize);
-/* Save landmarkAttrLink as a row to the table specified by tableName. 
- * As blob fields may be arbitrary size updateSize specifies the approx size.
- * of a string that would contain the entire query. Automatically 
- * escapes all simple strings (not arrays of string) but may be slower than landmarkAttrLinkSaveToDb().
- * For example automatically copies and converts: 
- * "autosql's features include" --> "autosql\'s features include" 
- * before inserting into database. */ 
+ * inserted as NULL. Strings are automatically escaped to allow insertion into the database. */
 
 struct landmarkAttrLink *landmarkAttrLinkCommaIn(char **pS, struct landmarkAttrLink *ret);
 /* Create a landmarkAttrLink out of a comma separated string. 
  * This will fill in ret if non-null, otherwise will
  * return a new landmarkAttrLink */
 
 void landmarkAttrLinkFree(struct landmarkAttrLink **pEl);
 /* Free a single dynamically allocated landmarkAttrLink such as created
  * with landmarkAttrLinkLoad(). */
 
 void landmarkAttrLinkFreeList(struct landmarkAttrLink **pList);
 /* Free a list of dynamically allocated landmarkAttrLink's */
 
 void landmarkAttrLinkOutput(struct landmarkAttrLink *el, FILE *f, char sep, char lastSep);
 /* Print out landmarkAttrLink.  Separate fields with sep. Follow last field with lastSep. */