[Phpmyadmin-devel] Issue with event editing

Rouslan Placella rouslan at placella.com
Sun Aug 25 20:50:40 CEST 2013

On 08/25/2013 10:14 AM, Ayush Chaudhary wrote:
> Hi,
> I was writing Selenium tests for editing an event. While creating an
> event, I created it with the clause 'EVERY 2 MINUTE_SECOND' and it
> worked fine. However, MySQL stores it as '0:2', so when I go to edit the
> event, the default value for interval field is '0:2', and then when I
> submit the edit form, our code takes the intval from 0:2 and forms the
> query 'EVERY 0 MINUTE_SECOND' and this creates an error.
> Is there a specific reason why intval is being used in
> rte_events.lib.php on Line 585? If not, should I remove that and issue a
> pull request? 

IIRC, intval was used there to sanitize user input. If you remove it,
you'll need to add something else to avoid sql injections.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20130825/7e3aff81/attachment.sig>

More information about the Developers mailing list