[Phpmyadmin-devel] Bug ID: 3340151 - Working SQL query exports error page

Madhura Jayaratne madhura.cj at gmail.com
Sat Jul 2 19:33:00 CEST 2011


On Sat, Jul 2, 2011 at 5:33 PM, Marc Delisle <marc at infomarc.info> wrote:

> Le 2011-07-01 14:52, Madhura Jayaratne a écrit :
> > Hi all,
> >
> > While looking into a bug, I came across this piece of code in
> > display_export.lib.php.
> >
> > // If the form data is being loaded from GET data, decode it
> > foreach($_GET as $name => $value) {
> >     if(is_string($value)) {
> >         $_GET[urldecode($name)] = urldecode($value);
> >     }
> > }
> >
> > Due to this $_GET is urldecoded twice and + signs in the sql query (which
> is
> > passed inside $_GET) are replaced with spaces making it malformed.
> > Any clue why this piece of code got in here? Or am I not seeing anything?
>
> Madhura,
> this came from commit 03fdce14c4bb2ac1a91cfb17a4a63b454d811b2e by Lori
> Lee, a GSoC 2010 student.
>
> Maybe she remembers about it.
>
> Yes Marc, having a look at the git history for the file I also noticed
that. But I'm not sure why it needs to urldecode $_GET once again and infact
it is causing the bug. Let's see if she replies.

-- 
Thanks and Regards,

Madhura Jayaratne
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20110702/d510a685/attachment.html>


More information about the Developers mailing list