Data not escaped in "Query Database" section

[Alexander Obuhovich]

In-Portal "Tools -> Query Database" section where administrator can perform simple database queries and see result right away.

I've noticed that this text from database "test_&_test" is displayed as "test_&_test" on that page. This means, that data isn't escaped before being displayed on a page.

--
Best Regards,

http://www.in-portal.com
http://www.alex-time.com

[Dmitry A.]

Hi,

Yes, this seems to the the bug.

Also, I think we can plugin the same SQL highlight engine as used in newer PMA - I think it was - http://codemirror.net/ - that would be nice.

DA

[Alexander Obuhovich]

Yes, this seems to the the bug.

OK. Here is the task: http://tracker.in-portal.org/view.php?id=1417

Also, I think we can plugin the same SQL highlight engine as used in newer PMA - I think it was - http://codemirror.net/ - that would be nice.

We already have this proposition in https://groups.google.com/d/topic/in-portal-dev/2Pm335je5ps/discussion discussion.

--
You received this message because you are subscribed to the Google Groups "In-Portal Bugs Team" group.
To view this discussion on the web visit https://groups.google.com/d/msg/in-portal-bugs/-/yK-HQoxbcTYJ.
To post to this group, send email to in-port...@googlegroups.com.
To unsubscribe from this group, send email to in-portal-bug...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/in-portal-bugs?hl=en.