jatpat / phpliteadmin

Automatically exported from code.google.com/p/phpliteadmin
0 stars 0 forks source link

escape character (\) wiped out from sql statements #168

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. Open a blank SQL Query view (?view=sql)
2. Having a table t1 with text field `info`
3. SELECT info FROM t1 WHERE info like '%\r\n%'

What is the expected output? What do you see instead?
I expect to see e.g. 'ala bala\r\nnica turska panica'
instead I see
'baba was concerned' (contains 'rn' in the string)

What version of the product are you using? On what operating system? Which
Database Extension (PDO/SQLiteDatabase/SQLiteDatabase3 - see Database
structure-tab in phpLiteAdmin)?
1.9.3.3 / linux / PHP 5.3 - PDO

Please provide any additional information below.

Aparantly the (\) character is wiped out from the statement before it is passed 
to sqlite.

Original issue reported on code.google.com by Mardiros...@gmail.com on 17 Jan 2013 at 3:55

GoogleCodeExporter commented 9 years ago
This looks like a duplicate of issue #114 and should be fixed in the 
development version 1.9.4 already. Could you please have a try whether the 
development version solves your issue? you can get it from svn here:
http://phpliteadmin.googlecode.com/svn/source/1.9.3/phpliteadmin.php

Original comment by crazy4ch...@gmail.com on 20 Jan 2013 at 10:31

GoogleCodeExporter commented 9 years ago
Thanks for reporting this issue. In fact, it was not a duplicate of issue #114, 
but related to it.
There were a couple of calls to stripslashes(). Stripslashes() does only make 
sense on input parameters iff Magic Quotes is enabled (which it should not be 
on servers any longer - deprecated feature, removed in PHP 5.4).

So I used the workaround from the php docu to stripslahses() of all parameters 
if Magic Quotes is turned on. And I removed all the other stripslahses().

You can find a fixed version in svn:
http://phpliteadmin.googlecode.com/svn/source/1.9.4/phpliteadmin.php
(sorry, I linked to the wrong version above!)

It would be great if you could confirm that the fix solves your issue.

Original comment by crazy4ch...@gmail.com on 27 Jan 2013 at 2:02