[Phpmyadmin-devel] Inserting known invalid data

Isaac Bennetch bennetch at gmail.com
Sat May 4 16:54:17 CEST 2013


Can I get some thoughts on [1]? The way the code exists currently, you can
insert bad data (you'll get a standard MySQL warning after the insert). For
example, inserting the output of the MD5() function in to a TINYINT column.
This pull request implements the AES_ENCRYPT function, but silently fails
to show the salt form field in the event the user tries to insert to an
invalid column type...so it looks broken in the case the user is trying to
do something that's a bad idea.

In keeping with the current system, I thought it should always show the
salt field and proceed with the insert regardless of the column type,
however that isn't the most user-friendly idea. To keep users most happy, I
wondered if we should implement some sanity checks for some column types
and show an inline warning as needed (similar to the recently merged
warning when creating a new user with the same username). Some of the
functions require or suggest certain column types which we could easily
check, but I'm not sure it's phpMyAdmin's responsibility to constantly warn
the user in this case.

Regardless, the question at hand is whether this pull request can be merged
as-is or if we should change the behavior in the case of an invalid column

1 - https://github.com/phpmyadmin/phpmyadmin/pull/290#issuecomment-17281963
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20130504/c71dd772/attachment.html>

More information about the Developers mailing list