[Phpmyadmin-devel] Big problem :(
loic-div at ifrance.com
Sat Jul 14 14:12:22 CEST 2001
I have to test it some more more time and with the 2.1.0 old release, but it
seems there is a big problem with the script: it uses everywhere the
'htmlspecialchars' function and then can returns valid rows from the db when
this rows contains one of these html special characters.
Ex: if one set a field with the value "<test>", he can't delete/modify it
links at the browse table because the parameter passed by url is "& lt;test
This is also the case with values stored in hidden form fields.
This is really annoying because if this problem is confirmed, it means near
of the scripts will have to be modified to fix it and we will restart
ifrance.com, l'email gratuit le plus complet de l'Internet !
vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...
More information about the Developers