cde03431a6a4f1f6eb256b3e0c2521c2dd77869b
galt
  Wed May 4 14:16:12 2016 -0700
Oops sql injection fixes.

diff --git src/hg/hgTracks/simpleTracks.c src/hg/hgTracks/simpleTracks.c
index 45dd53e..fac00a6 100644
--- src/hg/hgTracks/simpleTracks.c
+++ src/hg/hgTracks/simpleTracks.c
@@ -5656,32 +5656,31 @@
 
 if (class != NULL)
     return TRUE;
 return FALSE;
 }
 
 static void loadFrames(struct sqlConnection *conn, struct linkedFeatures *lf)
 /* Load the CDS part of a genePredExt for codon display */
 {
 char query[4096];
 
 for(; lf; lf = lf->next)
     {
     struct genePred *gp = lf->original;
     gp->optFields |= genePredExonFramesFld | genePredCdsStatFld | genePredCdsStatFld;
-    safef(query, sizeof query, NOSQLINJ "select * from knownCds where name=\"%s\"",
-	gp->name);
+    sqlSafef(query, sizeof query, "select * from knownCds where name=\"%s\"", gp->name);
 
     struct sqlResult *sr = sqlMustGetResult(conn, query);
     char **row = NULL;
     int sizeOne;
 
     while ((row = sqlNextRow(sr)) != NULL)
 	{
 	gp->cdsStartStat = parseCdsStat(row[1]);
 	gp->cdsEndStat = parseCdsStat(row[2]);
 	int exonCount = sqlUnsigned(row[3]);
 	if (exonCount != gp->exonCount)
 	    errAbort("loadFrames: %s number of exonFrames (%d) != number of exons (%d)",
 		     gp->name, exonCount, gp->exonCount);
 	sqlSignedDynamicArray(row[4], &gp->exonFrames, &sizeOne);
 	if (sizeOne != gp->exonCount)