[Phpmyadmin-git] [SCM] phpMyAdmin branch, QA_3_3, updated. RELEASE_3_3_2-32-ga3a47a4

Mon May 3 23:26:25 CEST 2010

The branch, QA_3_3 has been updated
       via  a3a47a429d674bfbac81890c9d24626ed5d3da47 (commit)
      from  f57a5cfdf91262e63f2e8a9649412d6fec2dbf54 (commit)


- Log -----------------------------------------------------------------
-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                |    1 +
 libraries/import.lib.php |    2 +-
 2 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index cb8090f..f816c2b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,7 @@ $Id$
 $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyAdmin/ChangeLog $
 
 3.3.4.0 (not yet released)
+- bug #2996161 [import] properly escape import value
 
 3.3.3.0 (not yet released)
 - patch #2982480 [navi] Do not group if there would be one table in group,
diff --git a/libraries/import.lib.php b/libraries/import.lib.php
index 2f50c5d..202d91b 100644
--- a/libraries/import.lib.php
+++ b/libraries/import.lib.php
@@ -998,7 +998,7 @@ function PMA_buildSQL($db_name, &$tables, &$analyses = NULL, &$additional_sql =
                 }
                 
                 $tempSQLStr .= (($is_varchar) ? "'" : "");
-				$tempSQLStr .= (str_replace("'", "\'", (string)$tables[$i][ROWS][$j][$k]));
+				$tempSQLStr .= PMA_sqlAddslashes((string)$tables[$i][ROWS][$j][$k]);
 				$tempSQLStr .= (($is_varchar) ? "'" : "");
                 
 				if ($k != ($num_cols - 1)) {


hooks/post-receive
-- 
phpMyAdmin


