On Fri, Apr 5, 2013 at 8:01 PM, Marc Delisle marc@infomarc.info wrote:
Kasun Chathuranga a écrit :
Hi all,
I'm trying to fix bug #3865[1] and I have some queries regarding the expected behavior that I'd like to get clarified.
Hi, I have not yet tried to reproduce this bug, have you?
Yes, I was able to reproduce the bug.
MySQL LIKE clause takes a regular expression as its argument[2].
Not exactly; it takes a "SQL simple regular expression" which is not the same as a regular expression.
Thanks for the clarification.
In the table search interface phpMyAdmin facilitate querying a field with a LIKE clause by letting the user select the option from a drop down.
So I'd like to know whether phpMyAdmin should consider the text entered
by
the user to be a regular expression (and pass it as it is) or consider it to be the text to match (and do the necessary escaping)?
If we are to escape the user entered text following are some of the replacements that should be done % => % _ => _ \ => \ (at the end of the text) or \\ (any where else in the text) \n => \n
If we escape the user entered text, user cannot query with MySQL
wildcards
% and _, limiting the full power of MySQL pattern matching.
Users expect to be able to enter MySQL wildcards, so this behavior must be maintained.
There is an optional boolean parameter named $is_like in the
PMA_Util::sqlAddSlashes() method to indicate whether the slash added text is used inside a LIKE clause; just that it has not been used in this case. I will fix this and submit a pull request.
-- Regards Kasun Chathuranga