[Phpmyadmin-devel] Bug ID: 3340151 - Working SQL query exports error page
Hi all, While looking into a bug, I came across this piece of code in display_export.lib.php. // If the form data is being loaded from GET data, decode it foreach($_GET as $name => $value) { if(is_string($value)) { $_GET[urldecode($name)] = urldecode($value); } } Due to this $_GET is urldecoded twice and + signs in the sql query (which is passed inside $_GET) are replaced with spaces making it malformed. Any clue why this piece of code got in here? Or am I not seeing anything? -- Thanks and Regards, Madhura Jayaratne
Le 2011-07-01 14:52, Madhura Jayaratne a écrit :
Hi all,
While looking into a bug, I came across this piece of code in display_export.lib.php.
// If the form data is being loaded from GET data, decode it foreach($_GET as $name => $value) { if(is_string($value)) { $_GET[urldecode($name)] = urldecode($value); } }
Due to this $_GET is urldecoded twice and + signs in the sql query (which is passed inside $_GET) are replaced with spaces making it malformed. Any clue why this piece of code got in here? Or am I not seeing anything?
Madhura, this came from commit 03fdce14c4bb2ac1a91cfb17a4a63b454d811b2e by Lori Lee, a GSoC 2010 student. Maybe she remembers about it. -- Marc Delisle http://infomarc.info
On Sat, Jul 2, 2011 at 5:33 PM, Marc Delisle <marc@infomarc.info> wrote:
Le 2011-07-01 14:52, Madhura Jayaratne a écrit :
Hi all,
While looking into a bug, I came across this piece of code in display_export.lib.php.
// If the form data is being loaded from GET data, decode it foreach($_GET as $name => $value) { if(is_string($value)) { $_GET[urldecode($name)] = urldecode($value); } }
Due to this $_GET is urldecoded twice and + signs in the sql query (which is passed inside $_GET) are replaced with spaces making it malformed. Any clue why this piece of code got in here? Or am I not seeing anything?
Madhura, this came from commit 03fdce14c4bb2ac1a91cfb17a4a63b454d811b2e by Lori Lee, a GSoC 2010 student.
Maybe she remembers about it.
Yes Marc, having a look at the git history for the file I also noticed that. But I'm not sure why it needs to urldecode $_GET once again and infact it is causing the bug. Let's see if she replies.
-- Thanks and Regards, Madhura Jayaratne
Hi Dne Sat, 2 Jul 2011 23:03:00 +0530 Madhura Jayaratne <madhura.cj@gmail.com> napsal(a):
Yes Marc, having a look at the git history for the file I also noticed that. But I'm not sure why it needs to urldecode $_GET once again and infact it is causing the bug. Let's see if she replies.
In past (and maybe it still the case) some links contained urlencoded values (for whatever reason), what might lead to this need. The referenced commit only added is_string check, the originating code does come from 4482228f -- Michal Čihař | http://cihar.com | http://blog.cihar.com
participants (3)
-
Madhura Jayaratne -
Marc Delisle -
Michal Čihař