[Phpmyadmin-devel] Bug ID: 3340151 - Working SQL query exports error page
Marc Delisle
marc at infomarc.info
Sat Jul 2 14:03:07 CEST 2011
Le 2011-07-01 14:52, Madhura Jayaratne a écrit :
> Hi all,
>
> While looking into a bug, I came across this piece of code in
> display_export.lib.php.
>
> // If the form data is being loaded from GET data, decode it
> foreach($_GET as $name => $value) {
> if(is_string($value)) {
> $_GET[urldecode($name)] = urldecode($value);
> }
> }
>
> Due to this $_GET is urldecoded twice and + signs in the sql query (which is
> passed inside $_GET) are replaced with spaces making it malformed.
> Any clue why this piece of code got in here? Or am I not seeing anything?
Madhura,
this came from commit 03fdce14c4bb2ac1a91cfb17a4a63b454d811b2e by Lori
Lee, a GSoC 2010 student.
Maybe she remembers about it.
--
Marc Delisle
http://infomarc.info
More information about the Developers
mailing list