[Phpmyadmin-devel] Bug ID: 3340151 - Working SQL query exports error page
Madhura Jayaratne
madhura.cj at gmail.com
Fri Jul 1 20:52:40 CEST 2011
Hi all,
While looking into a bug, I came across this piece of code in
display_export.lib.php.
// If the form data is being loaded from GET data, decode it
foreach($_GET as $name => $value) {
if(is_string($value)) {
$_GET[urldecode($name)] = urldecode($value);
}
}
Due to this $_GET is urldecoded twice and + signs in the sql query (which is
passed inside $_GET) are replaced with spaces making it malformed.
Any clue why this piece of code got in here? Or am I not seeing anything?
--
Thanks and Regards,
Madhura Jayaratne
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20110702/98422aaf/attachment.html>
More information about the Developers
mailing list