[Phpmyadmin-devel] Grid editing and escaping

Marc Delisle marc at infomarc.info
Fri Aug 19 14:00:31 CEST 2011

Aris Feryanto a écrit :
> On 19 Agu 2011, at 15:36, Aris Feryanto <aris_feryanto at yahoo.com>
> wrote:
>> Hi Michal,
>>> From: Michal Čihař <michal at cihar.com>
>>> Hi
>>> it looks like grid editing does not properly handle escaping HTML
>>>  entities. Just try importing test/test_data/exploit_test.sql and
>>> edit any row in exploit_test.evil_content.
>> Thank you for pointing this out. I fixed this in my git.

Ok but I believe I've seen a recent commit by Michal that fixed this 
kind of problem in a quicker way; it was about using .html(x) instead of 
.text(x) or the reverse :)

Michal, can you enlighten us?

> I also change the way of grid editing a bit. For normal text, the
> grid editing is shown without 'edit area' (bigger editing area under
> the edited cell) anymore. I think this is better than having two
> input field for one edited cell.

Yes it's better. Will merge later; waiting to see if there is a better 
fix for the HTML entities escaping.

> -- Aris Feryanto
> ------------------------------------------------------------------------------
>  Get a FREE DOWNLOAD! and learn more about uberSVN rich system, user
> administration capabilities and model configuration. Take the hassle
> out of deploying and managing Subversion and the tools developers use
> with it. http://p.sf.net/sfu/wandisco-d2d-2 
> _______________________________________________ Phpmyadmin-devel
> mailing list Phpmyadmin-devel at lists.sourceforge.net 
> https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel

Marc Delisle

More information about the Developers mailing list