The branch, QA_3_3 has been updated
via a3a47a429d674bfbac81890c9d24626ed5d3da47 (commit)
from f57a5cfdf91262e63f2e8a9649412d6fec2dbf54 (commit)
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 1 +
libraries/import.lib.php | 2 +-
2 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index cb8090f..f816c2b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,7 @@ $Id$
$HeadURL:
https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/… $
3.3.4.0 (not yet released)
+- bug #2996161 [import] properly escape import value
3.3.3.0 (not yet released)
- patch #2982480 [navi] Do not group if there would be one table in group,
diff --git a/libraries/import.lib.php b/libraries/import.lib.php
index 2f50c5d..202d91b 100644
--- a/libraries/import.lib.php
+++ b/libraries/import.lib.php
@@ -998,7 +998,7 @@ function PMA_buildSQL($db_name, &$tables, &$analyses = NULL,
&$additional_sql =
}
$tempSQLStr .= (($is_varchar) ? "'" : "");
- $tempSQLStr .= (str_replace("'", "\'",
(string)$tables[$i][ROWS][$j][$k]));
+ $tempSQLStr .= PMA_sqlAddslashes((string)$tables[$i][ROWS][$j][$k]);
$tempSQLStr .= (($is_varchar) ? "'" : "");
if ($k != ($num_cols - 1)) {
hooks/post-receive
--
phpMyAdmin