[Phpmyadmin-devel] Table Search: expected behavior

[Kasun Chathuranga]

On Fri, Apr 5, 2013 at 8:01 PM, Marc Delisle <marc at infomarc.info> wrote:

> Kasun Chathuranga a écrit :
> > Hi all,
> >
> > I'm trying to fix bug #3865[1] and I have some queries regarding the
> > expected behavior that I'd like to get clarified.
>
> Hi,
> I have not yet tried to reproduce this bug, have you?
>

Yes, I was able to reproduce the bug.

>
> >
> > MySQL LIKE clause takes a regular expression as its argument[2].
>
> Not exactly; it takes a "SQL simple regular expression" which is not the
> same as a regular expression.
>

Thanks for the clarification.

>
>
>  > In the
> > table search interface phpMyAdmin facilitate querying a field with a LIKE
> > clause by letting the user select the option from a drop down.
> >
> > So I'd like to know whether phpMyAdmin should consider the text entered
> by
> > the user to be a regular expression (and pass it as it is) or consider it
> > to be the text to match (and do the necessary escaping)?
> >
> > If we are to escape the user entered text following are some of the
> > replacements that should be done
> > % => \%
> > _ => \_
> > \ => \\ (at the end of the text) or \\\\ (any where else in the text)
> > \n => \\n
> >
> > If we escape the user entered text, user cannot query with MySQL
> wildcards
> > % and _, limiting the full power of MySQL pattern matching.
>
> Users expect to be able to enter MySQL wildcards, so this behavior must
> be maintained.
>
> There is an optional boolean parameter named $is_like in the
PMA_Util::sqlAddSlashes() method to indicate whether the slash added text
is used inside a LIKE clause; just that it has not been used in this case.
I will fix this and submit a pull request.

--
Regards
Kasun Chathuranga
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20130406/0c670a79/attachment.html>