[Phpmyadmin-devel] Big problem :(

Loïc loic-div at ifrance.com
Sat Jul 14 14:12:22 CEST 2001

Hi all!

I have to test it some more more time and with the 2.1.0 old release, but it
seems there is a big problem with the script: it uses everywhere the
'htmlspecialchars' function and then can returns valid rows from the db when
this rows contains one of these html special characters.

Ex: if one set a field with the value "<test>", he can't delete/modify it
from the
links at the browse table because the parameter passed by url is "& lt;test
This is also the case with values stored in hidden form fields.

This is really annoying because if this problem is confirmed, it means near
of the scripts will have to be modified to fix it and we will restart
testings from
scartch :(

Loïc, disapointed!

ifrance.com, l'email gratuit le plus complet de l'Internet !
vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...

More information about the Developers mailing list