[Phpmyadmin-devel] Create Database

Garvin Hicking phpmyadmin at supergarv.de
Fri Jun 4 12:26:04 CEST 2004


Hi Tom! :)

> Where it is the ereg($re0 . '%|_', $show_grants_dbname) parts that
> returns true (1).
>
> Now, I don't really know what this ereg() does, except for this part:
> $re0 = '(^|(\\\\\\\\)+|[^\])';
> Which I am sorry to say I don't understand.

AFAIR the regex is there to check if you have any grant for the user available
which contains wildcards for a DB name. PMA automagically displays the create
form if it detects that you have wildcard grants, because it's then possible for
the user to create one or multiple DBs.

As you are using an underscore in your grant, that one acts as a wildcard
character; thus your user is effectively able to create databases matching that
wildcard scheme.

See our FAQ 6.10 or this recent support request
https://sourceforge.net/tracker/?func=detail&atid=377408&aid=965109&group_id=23067
for more information on that issue.

Regards,
Garvin.

-- 
Garvin Hicking   | Web-Entwickler | Make me happy:
www.supergarv.de | #ICQ 21392242  | http://wishes.garv.info/





More information about the Developers mailing list