[Phpmyadmin-devel] Issue with event editing

Ayush Chaudhary ayushchd at gmail.com
Sun Aug 25 22:36:57 CEST 2013 

On Monday, 26 August 2013 at 1:39 AM, Ayush Chaudhary wrote:
> Hi,
>  
> On Monday, 26 August 2013 at 12:20 AM, Rouslan Placella wrote:
>  
> > On 08/25/2013 10:14 AM, Ayush Chaudhary wrote:
> > > Hi,
> > >  
> > > I was writing Selenium tests for editing an event. While creating an
> > > event, I created it with the clause 'EVERY 2 MINUTE_SECOND' and it
> > > worked fine. However, MySQL stores it as '0:2', so when I go to edit the
> > > event, the default value for interval field is '0:2', and then when I
> > > submit the edit form, our code takes the intval from 0:2 and forms the
> > > query 'EVERY 0 MINUTE_SECOND' and this creates an error.
> > >  
> > > Is there a specific reason why intval is being used in
> > > rte_events.lib.php on Line 585? If not, should I remove that and issue a
> > > pull request?  
> > >  
> >  
> >  
> > IIRC, intval was used there to sanitize user input. If you remove it,
> > you'll need to add something else to avoid sql injections.
> >  
> >  
> >  
>  
> Shouldn't addslashes be fine? And moreover, since the query will be executed via PMA_DatabaseInterface class, shouldn't that alone take care of sanitisation against sql injection?  
>  
>  

Just realised addslashes won't work either as the field value is not really 'assigned' anywhere in SQL but used as an independent entity like "CREATE EVENT …. EVERY '0:2' …." I am wondering what kind of sql injection vulnerability are we looking at here? I tried the most common sql injection that is  "'0:2'; DELETE FROM table; #" and MySQL returned an error.  
> >  
> > Bye,
> > Rouslan
> >  
> > ------------------------------------------------------------------------------
> > Introducing Performance Central, a new site from SourceForge and  
> > AppDynamics. Performance Central is your source for news, insights,  
> > analysis and resources for efficient Application Performance Management.  
> > Visit us today!
> > http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
> >  
> > _______________________________________________
> > Phpmyadmin-devel mailing list
> > Phpmyadmin-devel at lists.sourceforge.net (mailto:Phpmyadmin-devel at lists.sourceforge.net)
> > https://lists.sourceforge.net/lists/listinfo/phpmyadmin-devel
> >  
> >  
> >  
>  
>  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20130826/cb62a7a3/attachment.html>

More information about the Developers mailing list