escape character (\) wiped out from sql statements
Issue #168
resolved
Originally reported on Google Code with ID 168
What steps will reproduce the problem?
1. Open a blank SQL Query view (?view=sql)
2. Having a table t1 with text field `info`
3. SELECT info FROM t1 WHERE info like '%\r\n%'
What is the expected output? What do you see instead?
I expect to see e.g. 'ala bala\r\nnica turska panica'
instead I see
'baba was concerned' (contains 'rn' in the string)
What version of the product are you using? On what operating system? Which
Database Extension (PDO/SQLiteDatabase/SQLiteDatabase3 - see Database
structure-tab in phpLiteAdmin)?
1.9.3.3 / linux / PHP 5.3 - PDO
Please provide any additional information below.
Aparantly the (\) character is wiped out from the statement before it is passed to
sqlite.
Reported by Mardirossian
on 2013-01-17 15:55:27
Comments (2)
-
-
Thanks for reporting this issue. In fact, it was not a duplicate of issue #114, but related to it. There were a couple of calls to stripslashes(). Stripslashes() does only make sense on input parameters iff Magic Quotes is enabled (which it should not be on servers any longer - deprecated feature, removed in PHP 5.4). So I used the workaround from the php docu to stripslahses() of all parameters if Magic Quotes is turned on. And I removed all the other stripslahses(). You can find a fixed version in svn: http://phpliteadmin.googlecode.com/svn/source/1.9.4/phpliteadmin.php (sorry, I linked to the wrong version above!) It would be great if you could confirm that the fix solves your issue.
Reported by
crazy4chrissi
on 2013-01-27 14:02:46 - Status changed:Fixed
- Log in to comment
Reported by
crazy4chrissi
on 2013-01-20 22:31:55