Good idea!
Loic, are you working on this? Maybe the htmlspecialchars I added in db_readdump.php3 and lib.inc.php3 should be removed?
"Fournier Jocelyn [Presence-PC]" a écrit :
Why not trying :
$variable = preg_replace("/&/","&",$variable);
?
Jocelyn Fournier Presence-PC www.presence-pc.com
----- Original Message ----- From: "Marc Delisle" DelislMa@CollegeSherbrooke.qc.ca To: phpmyadmin-devel@lists.sourceforge.net Sent: Friday, July 13, 2001 2:43 PM Subject: Re: [Phpmyadmin-devel] Two big bugs
Yes I added the htmlspecialchars to handle bug 439565, but maybe it's not a good fix.
Marc
Loïc a écrit :
Hi All!
Here are two really annoying bugs I've been reported:
- select * from aTable where afield <123 select * from aTable where afield like "arg"
Before these kind of queries are submitted to MySQL, the
'htmlspecialchars'
function is applied on them (db_readdump.php3, line 62). Then the '<' and '"' characters are replaced by their html entities and, of course, MySQL fails to run the transformed query.
The question is: does anyone of you knows why the 'htmlspecialchars' funtion is applied at this stage? I've just tried to comment this line and can't face any problem!
Phpmyadmin-devel mailing list Phpmyadmin-devel@lists.sourceforge.net http://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel
Phpmyadmin-devel mailing list Phpmyadmin-devel@lists.sourceforge.net http://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel