Developers

developers@phpmyadmin.net

5 participants
7032 discussions

[Phpmyadmin-devel] A bit of story about split_string()...

by Benjamin Gandon

Hi everybody, Well, the version 2.1.0.1 was by me and I'm glad to see after a whole year that you included my fixes to start this branch on sourceforge. I saw in ChangeLog (2001-04-28) and in the archive of this list (Olivier 2001-04-28) that you had problems with split_string() that is now renamed split_sql_file()... I saw (in lib.inc.php3 rev 1.1) that you had tried to add code to remove comments, but as far as I know, comments can be left out because they don't interfeer, do they ? The current version (in lib.inc.php3 1.56) is exactly mine (without my comments though :)) except one line that was added and that introduces a bug : if($last_char == $in_string && $char == ")") $in_string = false; The bug appears if you try to exec 2 SQL queries like that (from an uploaded file or directly in the query field because both are handled by the same code) : INSERT INTO foo(id, text) VALUES ('1', 'I\'m sure that \')# will cause a bug'); INSERT INTO foo(id, text) VALUES ('2', 'Indeed \'); that\'s the case'); ChangeLog says it's the last revewers are : - 2001-05-30 Pete Kelly for #421889 - 2001-07-02 Marc Delisle for #436108 So what did they mean to do with the line of code ? Another thing about fame and celebrity (just joking :)): It would be nice if someone added my name in the ChangeLog for version 2.1.0.1 ; at that time I didn't dare adding it because the release was the very first unofficial one... But it isn't anymore. :) Benjamin Gandon

23 years, 2 months

[Phpmyadmin-devel] Re: Problems with tablenames like 1234

by Loïc

Hi again! >phpMyAdmin have problem with table names like 1234, >because the table names are not included in >`` (!not '). Yep, there is some inconstencies all among the scripts: sometimes backtits are used for database and table names, sometimes not. And they aren't used for fields names. I'm also fixing this while rewriting the scripts to fix the "big annoying bug". >i'm not sure if phpMyAdmin on windows systems works >with this charactars. (`) Yep, it does. >can anybody test it and change the code? I'm afraid too many changes are required to fix this bug now :( Regards, Loïc

23 years, 2 months

[Phpmyadmin-devel] Re: Problem with binary data

by Loïc

Hi Stevae & list! >we have another new problem with binary data inside of >fields. >Older phpMyAdmin Versions without the 'htmlspecialchars' >changes works fine (pre5). Arg.... >i think it's a problem with 'primary_key' building. >In lib.inc.php3 we use currently >addslashes(htmlspecialchars($row[$i])) >instead of addslashes($row[$i]) ... Yep, we need some kind of transformations because a primary key name may contains "annoying" characters, but htmlspecialchars is not the good function to use: it's urlencode. And this means lots of changes all among the scripts (I'm currently working on). >I hope we have enough time to fix all current problems ... Well, I'm afraid not if the dead-line is the next week-end :( Regards, Loïc

23 years, 2 months

[Phpmyadmin-devel] Problem with binary data

by Steve Alberty

Hi, we have another new problem with binary data inside of fields. Older phpMyAdmin Versions without the 'htmlspecialchars' changes works fine (pre5). i think it's a problem with 'primary_key' building. In lib.inc.php3 we use currently addslashes(htmlspecialchars($row[$i])) instead of addslashes($row[$i]) ... to retrace the problem look at the follow code. first, create this table: ---snip--- CREATE TABLE `Universal_Cache` ( `CID` int(10) unsigned NOT NULL default '0', `Type` enum('Nexus') NOT NULL default 'Nexus', `Num` tinyint(3) unsigned NOT NULL default '0', `LastModify` timestamp(14) NOT NULL, `Cache` blob NOT NULL ) TYPE=MyISAM COMMENT='Cache'; ---snap--- in the second place try to execute this code, to insert a column with all characters (0-255) ---snip--- for ($all="",$i=0;$i<=255;$i++,$all.=chr($i)){} $query="insert into Universal_Cache (Cache) values('".AddSlashes($all)."')"; $result=mysql_query($query); ---snap--- this row a now unselectable with phpMyAdmin ... :-( the current version produce the follow corrupt link: http://serade/phpMyAdmin/tbl_change.php3?primary_key=+CID+%3D+%270%27+AND+Ty pe+%3D+%27Nexus%27+AND+Num+%3D+%270%27+AND+LastModify+%3D+%2720010627110806% 27+AND+Cache+%3D+%27%5C0%01%02%03%04%05%06%07%08%09%0A%0B%0C%0D%0E%0F%10%11% 12%13%14%15%16%17%18%19%1A%1B%1C%1D%1E%1F+%21%26quot%3B%23%24%25%26amp%3B%5C %27%28%29%2A%2B%2C-.%2F0123456789%3A%3B%26lt%3B%3D%26gt%3B%3F%40ABCDEFGHIJKL MNOPQRSTUVWXYZ%5B%5C%5C%5D%5E_%60abcdefghijklmnopqrstuvwxyz%7B%7C%7D%7E%7F%8 0%81%82%83%84%85%86%87%88%89%8A%8B%8C%8D%8E%8F%90%91%92%93%94%95%96%97%98%99 %9A%9B%9C%9D%9E%9F%A0%A1%A2%A3%A4%A5%A6%A7%A8%A9%AA%AB%AC%AD%AE%AF%B0%B1%B2% B3%B4%B5%B6%B7%B8%B9%BA%BB%BC%BD%BE%BF%C0%C1%C2%C3%C4%C5%C6%C7%C8%C9%CA%CB%C C%CD%CE%CF%D0%D1%D2%D3%D4%D5%D6%D7%D8%D9%DA%DB%DC%DD%DE%DF%E0%E1%E2%E3%E4%E5 %E6%E7%E8%E9%EA%EB%EC%ED%EE%EF%F0%F1%F2%F3%F4%F5%F6%F7%F8%F9%FA%FB%FC%FD%FE% FF%27+&server=1&lang=de&db=Katalogsystem_Main&table=Universal_Cache&pos=0&sq l_query=SELECT+%2A+FROM+Universal_Cache&goto=tbl_properties.php3 old version: http://serade/phpMyAdmin/tbl_change.php3?primary_key=+CID+%3D+%270%27+AND+Ty pe+%3D+%27Nexus%27+AND+Num+%3D+%270%27+AND+LastModify+%3D+%2720010627110806% 27+AND+Cache+%3D+%27%5C0%01%02%03%04%05%06%07%08%09%0A%0B%0C%0D%0E%0F%10%11% 12%13%14%15%16%17%18%19%1A%1B%1C%1D%1E%1F+%21%5C%22%23%24%25%26%5C%27%28%29% 2A%2B%2C-.%2F0123456789%3A%3B%3C%3D%3E%3F%40ABCDEFGHIJKLMNOPQRSTUVWXYZ%5B%5C %5C%5D%5E_%60abcdefghijklmnopqrstuvwxyz%7B%7C%7D%7E%7F%80%81%82%83%84%85%86% 87%88%89%8A%8B%8C%8D%8E%8F%90%91%92%93%94%95%96%97%98%99%9A%9B%9C%9D%9E%9F%A 0%A1%A2%A3%A4%A5%A6%A7%A8%A9%AA%AB%AC%AD%AE%AF%B0%B1%B2%B3%B4%B5%B6%B7%B8%B9 %BA%BB%BC%BD%BE%BF%C0%C1%C2%C3%C4%C5%C6%C7%C8%C9%CA%CB%CC%CD%CE%CF%D0%D1%D2% D3%D4%D5%D6%D7%D8%D9%DA%DB%DC%DD%DE%DF%E0%E1%E2%E3%E4%E5%E6%E7%E8%E9%EA%EB%E C%ED%EE%EF%F0%F1%F2%F3%F4%F5%F6%F7%F8%F9%FA%FB%FC%FD%FE%FF%27+&server=1&lang =de&db=Katalogsystem_Main&table=Universal_Cache&pos=0&sql_query=SELECT+%2A+F ROM+Universal_Cache&goto=tbl_properties.php3 I hope we have enough time to fix all current problems ... Regards, -- Steve

23 years, 2 months

[Phpmyadmin-devel] 23'000 downloads in 12 days :)

by Olivier M.

Just seen under http://sourceforge.net/project/showfiles.php?group_id=23067: 2.2.0rc1 2001-07-04 17:00 phpMyAdmin-2.2.0rc1.tar.gz 128432 8,181 phpMyAdmin-2.2.0rc1.zip 193737 14,967 ========== 23'148 Wow, more than 23'000 downloads for the rc1, what will it be with the final version :-). Conclusion: we'd better prepare a "perfect" release! Cheers, Olivier -- _________________________________________________________________ Olivier Mueller - om(a)8304.ch - PGPkeyID: 0E84D2EA - Switzerland qmail projects: http://omail.omnis.ch - http://webmail.omnis.ch

23 years, 2 months

[Phpmyadmin-devel] [phpMyAdmin] Re: Multi-language support

by Loïc

On Sun, 6 May 2001, Robin wrote: >For the majority of my recent projects I have validating >against the XHTML 1.0 Transitional DTD, and I find it >renders nicely in the great majority of browsers out there, >bar a few really old netscapes and IE's. >Having a DTD and conforming to it 100% would be a >majority improvment to our code. You have my fully agreement on this point :) >I would suggest: >/stylesheet.php >/css/common.css >/css/(charset|language|some-identifer).css >Stylesheet.php should include common and the correct >other stylesheet. >And it would be called as: ><link rel="STYLESHEET" type="text/css" href="/stylesheet.php?charset=en" /> Well the only things that may differ inside the stylesheet from one language to another are the font face and the font size. Then I'm not sure three file are required. Moreover you know how crappy is NN4 with CSS: for example a child selector rarely inherit the rules applied to its parent. In our case it means the font face may have to be repeated inside each of the selector defnition. With this is mind, I'm unfortunatly not sure a common css can be used. Actually we faced the problem with phpMyChat, that's the reason why I can detail. My suggestion is only one file (let's say 'stylesheet.php') called this way: <?php $css_url = urlencode("/stylesheet.php?fontFace=$strFontFace& textDirection=$strTextDirection"); ?> <link rel="stylesheet" type="text/css" href="<?php echo $css_url; ?>" /> >Veni, Vidi, Conferotuli Veni, Vidi, Vinci... quid nomino leo :p (I came, I saw, I won... because I'm the Lion) ______________________________________________________________________________ ifrance.com, l'email gratuit le plus complet de l'Internet ! vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP... http://www.ifrance.com/_reloc/email.emailif

23 years, 2 months

[Phpmyadmin-devel] [announce] phpMyAdmin 2.2.0rc2 released

by Olivier M.

Hello, bonsoir, The second Release Candidate for version 2.2.0 is available from: http://phpmyadmin.sourceforge.net/ ChangeLog (huge!): http://phpmyadmin.sourceforge.net/ChangeLog.txt Final release is scheduled on the 22. July, so that's the last moment to submit your bug reports on the sourceforge trackers! Thanks in advance. Regards, Olivier/swix, for the devel team. -- _________________________________________________________________ Olivier Mueller - om(a)8304.ch - PGPkeyID: 0E84D2EA - Switzerland qmail projects: http://omail.omnis.ch - http://webmail.omnis.ch

23 years, 2 months

Re: [Phpmyadmin-devel] rc2-ready ?

by Loïc

Hi Olivier & list! >Just came back from week-end. Is the cvs tree "rc2-ready", >or should I rather wait until the "Big Problem-bug" is solved ? :) I'm afraid the "Big Problem-bug" won't be solved in the 2.2.0 release: it requires too much work to be fixed within a few days :( So roll the rc2 BUT before it would be nice that someone with a *x OS removes all the remaining "^M" characters at the end of some lines among the scripts. Greets, Loïc ______________________________________________________________________________ ifrance.com, l'email gratuit le plus complet de l'Internet ! vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP... http://www.ifrance.com/_reloc/email.emailif

23 years, 2 months

[Phpmyadmin-devel] rc2-ready ?

by Olivier M.

Hallo, Just came back from week-end. Is the cvs tree "rc2-ready", or should I rather wait until the "Big Problem-bug" is solved ? :) Greetings from a 200% rainy day in Switzerland, Olivier -- _________________________________________________________________ Olivier Mueller - om(a)8304.ch - PGPkeyID: 0E84D2EA - Switzerland qmail projects: http://omail.omnis.ch - http://webmail.omnis.ch

23 years, 2 months

[Phpmyadmin-devel] Re: Big problem :(

by Loïc

Hi Jocelyn! >In this case, why not trying : >$variable=preg_replace("/&#/","&#",$variable); >I think it's a good turnaround for the < and > problem. Well that's not really the problem: using 'htmlspecialchars' each time a field value is passed by url or by a form means that (from the php manual): '&' (ampersand) becomes '&' '"' (double quote) becomes '"' when ENT_NOQUOTES is not set. ''' (single quote) becomes ''' only when ENT_QUOTES is set. '<' (less than) becomes '<' '>' (greater than) becomes '>' As you can see the result is that, depending on some configuration settings (first annoyance), cetrains values will contain '&#', others '&' only. But there is a second problem: if you submit from the dedicated textarea the query: "DELETE from a_table WHERE a_field = '<test>'" .... it won't be applied the 'htmlspecialchars' function, but the hidden field defines in the same form does! So a patch for the problem we are facing must take into account the way the query has been submitted. Here is the scheme of what has to be done : 1. since...: - ... the only problem with these html special characters is actually the double quotes when they are contained in the value of a form input... - ... and ENT_NOQUOTES may be set... ... no long use htmlspecialchars but "str_replace('"', '"', $the_value)" and this only if $the_value is used as the value of a form input. 2. When 'sql.php3' is run and for each of the variables this script is sent, detect if the variable has been submitted as a predefined value of a form and, in this case, do a "str_replace('"', '"', $the_value)" to use this value in the SQL query. As you may imagine, that's not so trivial to do! Loïc ______________________________________________________________________________ ifrance.com, l'email gratuit le plus complet de l'Internet ! vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP... http://www.ifrance.com/_reloc/email.emailif

23 years, 2 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

Developers