[Phpmyadmin-devel] Big problem :(
Loïc
loic-div at ifrance.com
Sat Jul 14 14:12:22 CEST 2001
Hi all!
I have to test it some more more time and with the 2.1.0 old release, but it
seems there is a big problem with the script: it uses everywhere the
'htmlspecialchars' function and then can returns valid rows from the db when
this rows contains one of these html special characters.
Ex: if one set a field with the value "<test>", he can't delete/modify it
from the
links at the browse table because the parameter passed by url is "& lt;test
>".
This is also the case with values stored in hidden form fields.
This is really annoying because if this problem is confirmed, it means near
all
of the scripts will have to be modified to fix it and we will restart
testings from
scartch :(
Loïc, disapointed!
______________________________________________________________________________
ifrance.com, l'email gratuit le plus complet de l'Internet !
vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...
http://www.ifrance.com/_reloc/email.emailif
More information about the Developers
mailing list