[Phpmyadmin-devel] MAJOR Colourizer bug
Robin Johnson
robbat2 at fermi.orbis-terrarum.net
Tue Jun 18 18:51:04 CEST 2002
I've found a MAJOR bug in the colourizing SQL formatting. The Bug ID is
#570898.
Priority: 9
Severity: Blocker
(I've been using bugzilla a bit much)
Copy of bug report:
just from looking at the colourizing code, I wondered what would happen
with a specific query. So I tried it out with dire results:
SQL Query fragment:
CREATE TABLE bar1 (
bar text NOT NULL
) TYPE=MyISAM;
INSERT INTO bar1 VALUES ('I\'m a little teapot. Short and STOUT.
=_=.\r\n,,,,, commas ;;;;; semi-colons\r\nSELECT DATABASE TABLE DOUBLE
\r\n');
Output:
CREATE TABLE bar1 (
bar text NOT NULL
) TYPE=MyISAM;
INSERT
INTO bar1
VALUES (
'I\'malittleteapot.ShortandSTOUT.=_=.\r\n,,,,,commas;;;;;semi-colons\r\nSELECTDATABASETABLEDOUBLE\r\n'
)
This will TOTALLY strip the spaces in the displayed query, which destroys
the string that is displayed.
Part two:
Using the previous table, go to manually insert a row, and use this for
your data:
I'm a little teapot. Short and STOUT. =_=.
,,,,, commas ;;;;; semi-colons
SELECT DATABASE TABLE DOUBLE
Here is the output:
INSERT
INTO `bar1` ( `bar` )
VALUES ( ' ) ;
We have lost the ENTIRE string.
The flaw is a major design flaw in the code with regards to the way that
quotes ( ' " ` ) are handled.
At the moment the format parser breaks down the query at the start.
Instead of doing that, we need to work thru the query character by
character.
--
Robin Hugh Johnson
E-Mail : robbat2 at orbis-terrarum.net
Home Page : http://www.orbis-terrarum.net/?l=people.robbat2
ICQ# : 30269588 or 41961639
More information about the Developers
mailing list