Menu
▾
▴
#3155 (ok 3.4.0-rc2) data containing single quotes prevents sync
if a row in the source table contains data containing single quotes, it will not be synchronized.
e.g, the following statement is displayed, but not executed:
INSERT INTO ... (..., organization, ...) VALUES(... ,'Universita' degli Studi di Udine' ,...);
I was unable to reproduce this, can you provide details of your server setup (see below)?
Can anyone else reproduce this?
Tested with :
Server :
PMA 3.3.9-dev (QA_3_3)
Apache 2.2.9
PHP 5.2.6
MySQL server 5.0.51a-24+lenny4
MySQL client 5.0.51a
PHP extension : mysqli
Browser : Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101206 Ubuntu/10.10 (maverick) Firefox/3.6.13 GTB7.1
I have some more questions :
* Do you get an error message? If yes, what is it?
* If you insert 'Universita' degli Studi di Udine' in a field of a table (using the PMA insert form), is it added then?
View and moderate all "bugs Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Bugs"
hi ruleant,
sorry for answering so late,
and apologies for not giving all the necessary info in the first report.
Environment:
server: Microsoft-IIS/5.1
PHP 5.3.3
mysqlnd 5.0.7
browser: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
I tried to reproduce from scratch the bug, and I noticed that it doesn't appear during the first synchronization (when the target table is created), but only during the subsequent synchronizations.
Steps to reproduce it:
Step 1.
- The target table does not exists
- Execute the synchronization
- Log:
Target database has been synchronized with source database
The following queries have been executed:
CREATE TABLE `test_export`.`test_table` ( `ID` int(11) NOT NULL auto_increment, `c1` varchar(255) default NULL, `c2` varchar(255) default NULL, PRIMARY KEY (`ID`) ) ENGINE=MyISAM AUTO_INCREMENT=3 DEFAULT CHARSET=utf8
- browse the table:
SQL query: SELECT * FROM `test_table` LIMIT 0, 30 ;
Rows: 2
ID c1 c2
1 r1 does work
2 r2 doesn't work
- it's ok.
Step 2.
- empty the target table
- Log:
Table test_table has been emptied
Step 3.
- execute the synchronization once again
- Log:
Target database has been synchronized with source database
The following queries have been executed:
INSERT INTO `test_export`.`test_table` (ID, c1, c2) VALUES('1' ,'r1' ,'does work');
INSERT INTO `test_export`.`test_table` (ID, c1, c2) VALUES('2' ,'r2' ,'doesn't work');
- browse the table:
SQL query: SELECT * FROM `test_table` LIMIT 0, 30 ;
Rows: 1
ID c1 c2
1 r1 does work
- it's not ok anymore, the second row is missing now :-(
I don't have an IIS webserver available at the moment, but I'll try to reproduce the bug following the steps you outlined on my setup (linux/apache).
View and moderate all "bugs Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Bugs"
I am using phpMyAdmin 3.3.8.1.
In libraries\server_synchronize.lib.php I replaced in line 574:
$insert_query .= "'" . $result[0] . "'";
with
$insert_query .= "'" . str_replace("'","\'",$result[0]) . "'";
and in line 578
$insert_query .= "'" . $result[0][$table_fields[$matching_table_index][$field_index]] . "'";
with
$insert_query .= "'" . str_replace("'","\'",$result[0][$table_fields[$matching_table_index][$field_index]]) . "'";
and now it seems to be ok
It seems to work with the proposed patch.
But in my case, it was working without the patch as well. I would just like to understand why...
View and moderate all "bugs Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Bugs"
In order to perform the synchronization, phpMyAdmin generates a set of queries. The bug arises when, by chance, you get an INSERT INTO query containing a string containing a not escaped single quote char (e.g. 'doesn't work'):
INSERT INTO `test_export`.`test_table` (ID, c1, c2) VALUES('2' ,'r2', 'doesn't work');
Not every synchronization necessarily generates an INSERT INTO query like this, so maybe this is the reason you cannot reproduce the bug.
Does your tests (that you say that are working) generates a query like this? (Pls see the steps I described below for generating the bug.)
Anyway, I think that the above query is syntactically incorrect, and in a string enclosed within single quotes any single quote char should be escaped.
Fixed by using PMA_sqlAddslashes() on the data.
View and moderate all "bugs Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Bugs"
I am experiencing the same issue:
Mac OS 10.6.7 using MAMP Pro
Apache 2.2.17
PHP 5.3.2
MySQL Server version: 5.1.44
MySQL client version: 5.1.44
MySQL charset: UTF-8 Unicode (utf8)
PHP extension: mysql
View and moderate all "bugs Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Bugs"
BTW, I'm using phpMyAdmin 3.3.10
The target of this fix is the 3.4 family, not the 3.3 family. This is why you see "ok 3.4.0-rc2)" in the subject.
As you can see this bug was fixed in the latest development version.
You will have to wait for version 3.4.0 of phpMyAdmin to come out, then you will no longer have this problem.