[Phpmyadmin-devel] whats on with $rs in common.lib.php?

[Marc Delisle]

Sebastian Mendel a écrit :
> Sebastian Mendel schrieb:
> 
>> Garvin Hicking wrote:
>>
>>> Hi Sebastian!
>>>
>>>> can some pls check for $rs and make the code a little bit more clear 
>>>> about this
>>>> variable?
>>>
>>>
>>> $rs holds the variable reference to the Database connection handler 
>>> (=ressource)
>>> of the executed query statement.
>>>
>>>> i have given up trying to fully understand whats going with this 
>>>> variable ...
>>>
>>>
>>> What exactly are you trying to understand? Maybe we can give you a 
>>> better clue
>>> then?
>>
>>
>>  - the name could be more descriptive
>>  - its only set inside an if statement but used always, so this could 
>> lead to unset variable notice
>>  - its send to the function even if empty
>>
>> at least: can it be unset at the end?
>>
>>
>> this all makes it hard to 'read' the code
>>
>> im talking mainly about the code on lines 1498 to 1547
> 
> 
> $rs is a mysql result resource, but its allways freed with free result!
> 
> but also given to function PMA_safe_db_list(), why? what is the sense 
> behind this?

Sebastian,
you are right, IMO this is a bug. We should remove the 4th parameter 
($rs) from the call.

There is another problem: When I removed (in phpMyAdmin 2.6.1) the 
requirement that the controluser must have rights to the "mysql" db (for 
MySQL >= 4.1.2), I was thinking about the login process only. I just saw 
that PMA_safe_db_list() uses $controllink (formerly called $dbh), so 
work has to be done to avoid this use (if MySQL >= 4.1.2) by proper use 
of "SHOW GRANTS".

Looks like this feature (wildcarding in only_db) is not used much.

I'll try to work on this for 2.7.1.

Marc