[Phpmyadmin-devel] Re: Using single quotes for better performances
Loïc
loic-div at ifrance.com
Fri Jul 20 02:29:24 CEST 2001
Hi Pete :)
How are you?
Thanks for your trick. I haven't test it yet because it it runs it helps to
show
the second part of the 'htmlspecialchars' bug :(
Let's say we have:
- build a table with one varchar(15) column;
- enter the record 'say "hello"' in this table.
Now we want to modify this record from 'say "hello"' to 'say "hello" to
Pete' ;)
We use the modify link from the browse table page, hopefully we can see the
record and then append ' to Pete' at the end of the existing value.
We enter the modification and browse the table again to see the change....
KABOOOM: it's new value is 'say & quot;hello& quot; to Pete'
The only way to fix all the problem is to avoid the use the
'htmlspecialchars'
to define the values of input form fields.
Greets,
Loïc
______________________________________________________________________________
ifrance.com, l'email gratuit le plus complet de l'Internet !
vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...
http://www.ifrance.com/_reloc/email.emailif
More information about the Developers
mailing list