[Phpmyadmin-devel] User configurability of SQL validator
michal at cihar.com
Tue Jul 27 15:49:21 CEST 2010
does it make sense to include SQL validator in user settings?
First it has some dependencies (SOAP) and it really does not make sense
to allow user to enable it unless they are satisfied (he will get only
The more important is that I believe this is something what admin
should control, as it makes connection to untrusted server, which could
be easily used to some exploit if exploitable bug is found in SOAP
extension or lower functions which SOAP extension do use. Also sending
queries to third party is again something admin might don't want but
user won't see it problematic.
So I think this option could be controlled by user only once admin has
Michal Čihař | http://cihar.com | http://blog.cihar.com
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 198 bytes
Desc: not available
More information about the Developers