[Phpmyadmin-git] [SCM] phpMyAdmin branch, QA_3_4, updated. RELEASE_3_4_3RC1-7-g9e22418
Rouslan Placella
roccivic at users.sourceforge.net
Tue Jun 21 21:40:43 CEST 2011
The branch, QA_3_4 has been updated
via 9e224184d786068317b801291c8f960109f0bdc5 (commit)
via c2dd99965dea7756e9de5a58100c1c701ef83de3 (commit)
from 341dc1296f8e3fe6b80a9b5f5e752cfd868bdb10 (commit)
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 2 ++
libraries/sqlparser.lib.php | 4 ++--
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 9bb28a8..e12b271 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -17,6 +17,8 @@ phpMyAdmin - ChangeLog
- bug #3317293 [edit] Inline edit places HTML line breaks in edit area
- bug #3319466 [interface] Inline query edit does not escape special characters
- minor XSS (require a valid token)
+- bug #3323060 [parser] SQL parser breaks AJAX requests if query has unclosed quotes
+- bug #3323101 [parser] Invalid escape sequence in SQL parser
3.4.2.0 (2011-06-07)
- bug #3301249 [interface] Iconic table operations does not remove inline edit label
diff --git a/libraries/sqlparser.lib.php b/libraries/sqlparser.lib.php
index 2171560..0c13187 100644
--- a/libraries/sqlparser.lib.php
+++ b/libraries/sqlparser.lib.php
@@ -360,7 +360,7 @@ if (! defined('PMA_MINIMUM_COMMON')) {
$sql_array['raw'] = $sql;
$pos = $pos_quote_separator;
}
- if (class_exists('PMA_Message')) {
+ if (class_exists('PMA_Message') && $GLOBALS['is_ajax_request'] != true) {
PMA_Message::notice(__('Automatically appended backtick to the end of query!'))->display();
}
} else {
@@ -379,7 +379,7 @@ if (! defined('PMA_MINIMUM_COMMON')) {
// Checks for MySQL escaping using a \
// And checks for ANSI escaping using the $quotetype character
- if (($pos < $len) && PMA_STR_charIsEscaped($sql, $pos)) {
+ if (($pos < $len) && PMA_STR_charIsEscaped($sql, $pos) && $c != '`') {
$pos ++;
continue;
} elseif (($pos + 1 < $len) && ($GLOBALS['PMA_substr']($sql, $pos, 1) == $quotetype) && ($GLOBALS['PMA_substr']($sql, $pos + 1, 1) == $quotetype)) {
hooks/post-receive
--
phpMyAdmin
More information about the Git
mailing list