[Phpmyadmin-devel] regexp question
Marc Delisle
Marc.Delisle at cegepsherbrooke.qc.ca
Sat Mar 18 06:07:17 CET 2006
Sebastian Mendel a écrit :
> Marc Delisle schrieb:
>
>> Sebastian Mendel a écrit :
>>
>>> Marc Delisle schrieb:
>>>
>>>> Hi,
>>>> in this line:
>>>> $is_gotofile = preg_replace('@^([^?]+).*$@', '\\1', $goto);
>>>>
>>>> does the character class [^?] mean "a character different than the
>>>> question mark" ?
>>>
>>>
>>> yes
>>>
>>>> What's the goal of this line?
>>>
>>>
>>> all after first '?' is removed
>>>
>>>
>>> script.php?var=1&var2=44
>>>
>>> becomes
>>>
>>> script.php
>>
>>
>> Ok, in the bug I'm working on, instead of a "?" it's a "%3F" so the
>> test does not work. I'll check if it would be safe to always
>> urldecode() at this point.
>
>
> check PMA_checkPageValidity() for a solution
>
Good point Sebastian, but it's not exactly what I'm looking for because
even if this function makes correctly the check in the $goto_whitelist,
it does not return the "cleaned" $goto with URL parameters removed, that
I need for a require().
Maybe I can add an option to this function to do this supplemental work
but I'll wait a bit. I still cannot reproduce the bug 1451185 under
PHP 5 and am waiting for some tracing data.
Marc
More information about the Developers
mailing list