Developers

developers@phpmyadmin.net

5 participants
7032 discussions

by Marc Delisle

Hi Martin, I suggest you pick a bug from the bug tracker (for example 442778), send a message to the list saying you are working on it, solve the bug, and put the patch in the patches tracker as a file, or in the specific bug thread. Marc Martin Marconcini a écrit: >Guys... I am "new". I've seen you working hard for this release. I am > willing to join the project and help if needed. Give me a task, and > evaluate the way I do it... but I don't want to just pick up any task > from the task list due the incoming release and the "features" > restriction. > > I am all ears. > > :)

23 years, 2 months

[Phpmyadmin-devel] Re: Using single quotes for better performances

by Loïc

Pete wrote >Yes I'm fine thanks I have been very busy, and you? I am currently very busy (I'm working on a economic draft... at 3:30 am!) >Why is 'htmlspecialchars' used for field editing? That's the question! The problem is to suppress the double quotes in the value statement of an html input tag, but using the 'htmlspecialchars' function here is not the solution: urlencode is far better (of course you have to urldecode that string in the script it has been passed to). [About Benjamin Gandon's message] ------ Fwd ------ >The current version (in lib.inc.php3 1.56) is exactly mine >(without my comments though :)) except one line that was added >and that introduces a bug : > > if($last_char == $in_string && $char == ")") $in_string = false; > >The bug appears if you try to exec 2 SQL queries like that >(from an uploaded file or directly in the query field because >both are handled by the same code) : > >INSERT INTO foo(id, text) VALUES ('1', 'I\'m sure that \')# will cause a bug'); >INSERT INTO foo(id, text) VALUES ('2', 'Indeed \'); that\'s the case'); Have fun ;) Loïc ______________________________________________________________________________ ifrance.com, l'email gratuit le plus complet de l'Internet ! vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP... http://www.ifrance.com/_reloc/email.emailif

23 years, 2 months

Re: [Phpmyadmin-devel] Re: Using single quotes for better performances

by Loïc

Hi Pete :) How are you? Thanks for your trick. I haven't test it yet because it it runs it helps to show the second part of the 'htmlspecialchars' bug :( Let's say we have: - build a table with one varchar(15) column; - enter the record 'say "hello"' in this table. Now we want to modify this record from 'say "hello"' to 'say "hello" to Pete' ;) We use the modify link from the browse table page, hopefully we can see the record and then append ' to Pete' at the end of the existing value. We enter the modification and browse the table again to see the change.... KABOOOM: it's new value is 'say & quot;hello& quot; to Pete' The only way to fix all the problem is to avoid the use the 'htmlspecialchars' to define the values of input form fields. Greets, Loïc ______________________________________________________________________________ ifrance.com, l'email gratuit le plus complet de l'Internet ! vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP... http://www.ifrance.com/_reloc/email.emailif

23 years, 2 months

[Phpmyadmin-devel] Re: Using single quotes for better performances

by Loïc

Hi Olivier & all! >No problem... so let's say rc3 for 22/07, and a -final against >beginning of august ? I will be for a few weeks in germany >after the 23/07, but I guess I'll find a phone plug there too, >so that won't be a problem :) Just updated the webpage. OK, that seems fine to me as soon as we all agree that the version I'm working on would be quite different from the current rc because, since I need to rewrite many lines of the code because the (in)famous 'htmlspeciachars' bug, I've decided to also ensure that: - the php code fits PEAR standards... - ...and generates valid XHTML1.0 code. It's a really huge work and I'm afraid it's difficult to share it. I've done about 60% of the work but I'll be out (for working puprose :() all the next week, so I'm not sure to have completed it before the end of July. Is it a problem or not? Regards, Loïc ______________________________________________________________________________ ifrance.com, l'email gratuit le plus complet de l'Internet ! vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP... http://www.ifrance.com/_reloc/email.emailif

23 years, 2 months

[Phpmyadmin-devel] your opinion: length of textfields and textareas

by Marc Delisle

Hi, Feature request 429771 talks about dynamic lenghts for editing records. - Should we get rid of $cfgMaxInputsize, which specifies a fixed maximum (in pixels), and works only in some browsers? I think going dynamic (max 40 characters) would be better. - For textareas, field length (max 40) would give usually 40 columns. Do you agree? Marc

23 years, 2 months

Re: [Phpmyadmin-devel] Using single quotes for better performances

by Loïc

Hi Benjamin! >I was told that php takes much less time to process a string >in single quotes because it does not parse it to replace >escape characters like \n, \t and variables by their value. Perfectly right ;) >Is it possible to revew the whole code ? Can anybody do that ? >(the danger is to make conflicts ; one should use locks to avoid >conflicts and warn all the mailing-list) I'm currently rewritting the whole code (because of a big bug with the use of htmlspecialchars in a wrong way) and pay attention to this. Regards, Loïc ______________________________________________________________________________ ifrance.com, l'email gratuit le plus complet de l'Internet ! vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP... http://www.ifrance.com/_reloc/email.emailif

23 years, 2 months

[Phpmyadmin-devel] Using single quotes for better performances

by Benjamin Gandon

Hi, I was told that php takes much less time to process a string in single quotes because it does not parse it to replace escape characters like \n, \t and variables by their value. I noticed that the phpMyAdmin code could be reviewed in a large way so that we use single quotes for every string which need not being parsed for escape characters. Could people wrinting/reviewing code pay attention to that point from now on ? Is it possible to revew the whole code ? Can anybody do that ? (the danger is to make conflicts ; one should use locks to avoid conflicts and warn all the mailing-list) By the way: who can add a news on source forge about the rc2 ? It looks like nobody did... Benjamin Gandon

23 years, 2 months

[Phpmyadmin-devel] Problems with tablenames like 1234

by Steve Alberty

Hi, phpMyAdmin have problem with table names like 1234, because the table names are not included in `` (!not '). i'm not sure if phpMyAdmin on windows systems works with this charactars. (`) can anybody test it and change the code? Regards, -- Steve Alberty [mailto:alberty@neptunlabs.de] NeptunLabs GbR ----------------------------------------------------Ende der Nachricht--

23 years, 2 months

[Phpmyadmin-devel] about German translation

by Marc Delisle

To all german-speaking developers, Can you comment on this? http://www.phpwizard.net/phorum/read.php?f=1&i=4187&t=4187 Marc

23 years, 2 months

Re: [Phpmyadmin-devel] A bit of story about split_string()...

by Loïc

Hi Benjamin! I was really happy to recieve your message because that's me who grabbed your 2.1.0.1 release a long time ago and suggested to Olivier to merge it with his own improvements. Then Olivier opened the phpMyAdmin SF account. But the url to grab your release were down at the time we've done this, so I can't found who you are and where to send you an e-mail. Now we may add credits for you and your initial release, great :) >I saw (in lib.inc.php3 rev 1.1) that you had tried to add >code to remove comments, but as far as I know, comments >can be left out because they don't interfeer, do they ? Well as far as I remenber comments are left out for execution only. They are still displayed on screen. >The current version (in lib.inc.php3 1.56) is exactly mine >(without my comments though :)) except one line that was >added and that introduces a bug : > if($last_char == $in_string && $char == ")") > $in_string = false; >The bug appears if you try to exec 2 SQL queries like that >(from an uploaded file or directly in the query field because >both are handled by the same code) : >INSERT INTO foo(id, text) VALUES ('1', 'I\'m sure that \')# will cause a bug'); >INSERT INTO foo(id, text) VALUES ('2', 'Indeed \'); that\'s the case'); Right :( The one who did most of the work on these functions is Pete. He has also build a complete test file you may grab from the closed bug #421889 at the patch tracker. He's the one you should talk with about this problem. >Another thing about fame and celebrity (just joking :)): >It would be nice if someone added my name in the >ChangeLog Of course, I'll do it tonight (I can't use CVS at work). >for version 2.1.0.1 ; at that time I didn't dare adding it >because the release was the very first unofficial one... >But it isn't anymore. :) And that's the reason why I can't add it before. Your fault, in a word :p Greets, Loïc ______________________________________________________________________________ ifrance.com, l'email gratuit le plus complet de l'Internet ! vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP... http://www.ifrance.com/_reloc/email.emailif

23 years, 2 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

Developers