HTML in exports getting corrupted

[pma-import]

Summary:

If session cookies are not available for any reason, then an export of a database or table, containing HTML with anchors and forms, will get transparent session IDs inserted into it, effectvely corrupting the export.

Here are more details and a fix (a copy of an e-mail sent in earlier):

---

I have found a fix for this problem, and will be posting it to the phpMyAdmin project as a bug. It is a problem with all versions, so far as I can see, but the fix is simple and makes logical sense.

Basically, when running through Plesk, and perhaps because I am going in and out of phpMyAdmin under different accounts, something goes wrong with the sessions. I am finding that my browser is sending different session cookies all called 'phpMyAdmin', and the phpmyadmin application is sending my browser multiple cookies. Why that happens is by-the-by, but the end result is that trans_sid session IDs are being added to the URLs in the page, because the cookies are not being picked up correctly (this can also be replicated simply by setting the browser to refuse all cookies).

The settings within phpMyAdmin allow it to use these trans sids (transparent sessions IDs) if necessary, but (and this is the key thing) they do not get turned off when exporting a tables to a file. It works fine when exporting to the web page, because the export is inserted into a form field, which in turn is in a fieldset, and trans_sid is set to ignore html within fieldsets.

So to the solution. This is the easy bit:

/phpMyAdmin/export.php line 332 add this:

ini_set("url_rewriter.tags", "");

This tells PHP to rewrite no tags in the output. This only gets executed when the export goes to a file.

So far as I can see, this is a problem with every version of phpMyAdmin, including the very latest. Basically, if session cookies are not working for any reason (which my be because they are turned off in the browser, or may be because Plesk is messing then up) then an export of a database to a file will always have its HTML messed up by these trans sids.

I don't think Plesk can fix this: it is entirely down to phpMyAdmin. I have added that one line to my install in the VPS (./usr/local/psa/admin/htdocs/domains/databases/phpMyAdmin/export.php) and it works flawlessly. I realise the change is likely to be overwritten on any upgrades, so I'll install my own version of phpMyAdmin somewhere else for a longer-term fix.

So to replicate, turn off cookies in your browser, then export a database with tables containing HTML anchors and forms, to a file. It must be exported to a file and not to the page.

The fix looks like this:

/**

• Send headers depending on whether the user chose to download a dump file
• or not */ if (!$save_on_server) { if ($asfile ) { // Download ini_set("url_rewriter.tags", ""); // THE FIX if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); } header('Content-Type: ' . $mime_type); header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT');

---

• Original URL: "https://sourceforge.net/p/phpmyadmin/bugs/2701/":https://sourceforge.net/p/phpmyadmin/bugs/2701/
• Original author: jasonjudge
• Found in version: 2.11.6

[pma-import]

Logged In: YES user_id=567606 Originator: YES

That fix works in PHP5. I don't know whether it works with earlier versions, or whether it should really be placed before any sessions are started.

---

• Original author: jasonjudge

[pma-import]

• assigned_to: nobody --> lem9

---

• Original author: lem9

[pma-import]

Logged In: YES user_id=210714 Originator: NO

Fixed in subversion, thanks for reporting.

---

• Original author: lem9

[pma-import]

• priority: 5 --> 1
• summary: HTML in exports getting corrupted --> (ok 2.11.7) HTML in exports getting corrupted
• status: open --> open-fixed

---

• Original author: lem9

[pma-import]

• status: open-fixed --> closed-fixed

---

• Original author: lem9

[pma-import]

Logged In: YES user_id=2140464 Originator: NO

I think I have the same problem and was about to log a bug. I am using version 2.8.2.4 of phpMyAdmin on Plesk. My comments are as follows:

When exporting Drupal database content is being added to HTML columns. For example, the URL parameter phpMyAdmin is being added.

This content... (see below for the result)

INSERT INTO boxes (bid, body, info, format) VALUES (1, '<dl>\r\n <dt id="fast"><a href="#fast">Fast</a></dt>\r\n <dd>\r\n <div>\r\n <ul>\r\n <li>Enable your CRM in minutes, not days or months </li>\r\n <li>Quickly set up new users for your organization</li>\r\n <li>Simple sign up process with the ability to cancel anytime </li>\r\n </ul>\r\n </div>\r\n \r\n </dd>\r\n <dt id="easy"><a href="#">Easy</a></dt>\r\n <dd>\r\n <div>\r\n <ul>\r\n <li>Built-in Higher Education processes and data </li>\r\n <li>Intuitive navigation makes tasks simple </li>\r\n <li>Elegant, innovative, and configurable user interface </li>\r\n </ul>\r\n </div>\r\n </dd>\r\n <dt id="affordable"><a href="#">Affordable</a></dt>\r\n <dd>\r\n <div>\r\n <ul>\r\n <li>Starts from $100 a month for full CRM functionality </li>\r\n <li>Pricing that scales, with attractive discounts</li>\r\n <li>No implementation costs </li>\r\n </ul>\r\n </div>\r\n </dd>\r\n</dl>\r\n<script type="text/javascript">\r\n<!--\r\n var vertical = new InfoTabManager( ''icons'', { \r\n triggerSelector: ''#icons dt'',\r\n slideBaseWrapper: ''dd'',\r\n action: ''mouseover'',\r\n noFollow: true,\r\n horizontalConstrain: true,\r\n horizontalLeftOffset: 138,\r\n effect: true,\r\n mode: ''tooltip''\r\n } );\r\n//-->\r\n</script>\r\n<div id="icons-tour">\r\n <p><a href="/?q=Tour">Take the Tour</a></p>\r\n</div>\r\n', 'Fast, Easy, Affordable Icons - Home', 4)

Becomes this...

INSERT INTO boxes (bid, body, info, format) VALUES (1, '<dl>\r\n <dt id="fast"><a href="#fast">Fast</a></dt>\r\n <dd>\r\n <div>\r\n <ul>\r\n <li>Enable your CRM in minutes, not days or months </li>\r\n <li>Quickly set up new users for your organization</li>\r\n <li>Simple sign up process with the ability to cancel anytime </li>\r\n </ul>\r\n </div>\r\n \r\n </dd>\r\n <dt id="easy"><a href="#">Easy</a></dt>\r\n <dd>\r\n <div>\r\n <ul>\r\n <li>Built-in Higher Education processes and data </li>\r\n <li>Intuitive navigation makes tasks simple </li>\r\n <li>Elegant, innovative, and configurable user interface </li>\r\n </ul>\r\n </div>\r\n </dd>\r\n <dt id="affordable"><a href="#">Affordable</a></dt>\r\n <dd>\r\n <div>\r\n <ul>\r\n <li>Starts from $100 a month for full CRM functionality </li>\r\n <li>Pricing that scales, with attractive discounts</li>\r\n <li>No implementation costs </li>\r\n </ul>\r\n </div>\r\n </dd>\r\n</dl>\r\n<script type="text/javascript">\r\n<!--\r\n var vertical = new InfoTabManager( ''icons'', { \r\n triggerSelector: ''#icons dt'',\r\n slideBaseWrapper: ''dd'',\r\n action: ''mouseover'',\r\n noFollow: true,\r\n horizontalConstrain: true,\r\n horizontalLeftOffset: 138,\r\n effect: true,\r\n mode: ''tooltip''\r\n } );\r\n//-->\r\n</script>\r\n<div id="icons-tour">\r\n <p><a href="/?q=Tour&phpMyAdmin=495c4873821at4e2fcff0">Take the Tour</a></p>\r\n</div>\r\n', 'Fast, Easy, Affordable Icons - Home', 4)

---

• Original author: karlsnyder

[pma-import]

Logged In: YES user_id=2140464 Originator: NO

...and I'll download the latest version. :)

---

• Original author: karlsnyder

[pma-import]

• Status: closed-fixed --> fixed

---

• Original author: nijel