21a6584e8ecdbba6d802ab30f3ec564c08b7dcc3 galt Sat Jun 29 02:11:16 2013 -0700 fixing callers of sqlGetField to use sqlSafeFrag diff --git src/hg/lib/hgFind.c src/hg/lib/hgFind.c index 11f6432..57538a2 100644 --- src/hg/lib/hgFind.c +++ src/hg/lib/hgFind.c @@ -1863,31 +1863,31 @@ dyStringClear(ds); sqlDyStringPrintf(ds, "select * from knownGene where name = '%s'", kl->kgID); sr = sqlGetResult(conn, ds->string); while ((row = sqlNextRow(sr)) != NULL) { gp = genePredLoad(row); AllocVar(pos); slAddHead(&table->posList, pos); pos->name = cloneString(kl->alias); #if UNUSED pos->browserName = cloneString(kl->alias); // highlight change #endif pos->browserName = cloneString(kl->kgID); - safef(cond_str, sizeof(cond_str), "kgID = '%s'", kl->kgID); + sqlSafefFrag(cond_str, sizeof(cond_str), "kgID = '%s'", kl->kgID); answer = sqlGetField(db, "kgXref", "description", cond_str); if (answer != NULL) { desc = answer; } else { desc = kl->alias; } dyStringClear(ds); dyStringPrintf(ds, "(%s) %s", kl->kgID, desc); pos->description = cloneString(ds->string); pos->chrom = hgOfficialChromName(db, gp->chrom); pos->chromStart = gp->txStart; @@ -1949,31 +1949,31 @@ hashAdd(hash, kl->kgID, kl); dyStringClear(ds); sqlDyStringPrintf(ds, "select * from knownGene where name = '%s'", kl->kgID); sr = sqlGetResult(conn, ds->string); while ((row = sqlNextRow(sr)) != NULL) { gp = genePredLoad(row); AllocVar(pos); slAddHead(&table->posList, pos); pos->name = cloneString(kl->alias); /* pos->browserName = cloneString(kl->alias); highlight change */ pos->browserName = cloneString(kl->kgID); - safef(cond_str, sizeof(cond_str), "kgID = '%s'", kl->kgID); + sqlSafefFrag(cond_str, sizeof(cond_str), "kgID = '%s'", kl->kgID); answer = sqlGetField(db, "kgXref", "description", cond_str); if (answer != NULL) { desc = answer; } else { desc = kl->alias; } dyStringClear(ds); dyStringPrintf(ds, "(%s) %s", kl->displayID, desc); pos->description = cloneString(ds->string); pos->chrom = hgOfficialChromName(db, gp->chrom); pos->chromStart = gp->txStart;