[Phpmyadmin-devel] whats on with $rs in common.lib.php?
Marc.Delisle at cegepsherbrooke.qc.ca
Mon Nov 28 10:22:01 CET 2005
Sebastian Mendel a écrit :
> Sebastian Mendel schrieb:
>> Garvin Hicking wrote:
>>> Hi Sebastian!
>>>> can some pls check for $rs and make the code a little bit more clear
>>>> about this
>>> $rs holds the variable reference to the Database connection handler
>>> of the executed query statement.
>>>> i have given up trying to fully understand whats going with this
>>>> variable ...
>>> What exactly are you trying to understand? Maybe we can give you a
>>> better clue
>> - the name could be more descriptive
>> - its only set inside an if statement but used always, so this could
>> lead to unset variable notice
>> - its send to the function even if empty
>> at least: can it be unset at the end?
>> this all makes it hard to 'read' the code
>> im talking mainly about the code on lines 1498 to 1547
> $rs is a mysql result resource, but its allways freed with free result!
> but also given to function PMA_safe_db_list(), why? what is the sense
> behind this?
you are right, IMO this is a bug. We should remove the 4th parameter
($rs) from the call.
There is another problem: When I removed (in phpMyAdmin 2.6.1) the
requirement that the controluser must have rights to the "mysql" db (for
MySQL >= 4.1.2), I was thinking about the login process only. I just saw
that PMA_safe_db_list() uses $controllink (formerly called $dbh), so
work has to be done to avoid this use (if MySQL >= 4.1.2) by proper use
of "SHOW GRANTS".
Looks like this feature (wildcarding in only_db) is not used much.
I'll try to work on this for 2.7.1.
More information about the Developers