diff options
| author | Marc Delisle <marc@infomarc.info> | 2006-05-17 14:33:23 +0400 |
|---|---|---|
| committer | Marc Delisle <marc@infomarc.info> | 2006-05-17 14:33:23 +0400 |
| commit | fde2f613ad402e442a3b54d628ad85444faaeabe (patch) | |
| tree | 8412029ec81fe5c93970da856573b4e83af27441 | |
| parent | 1159c2ca7844e30aa221d0bb1416b709c2dbe922 (diff) | |
bug #1478812, Add new user, password containing backslash
| -rwxr-xr-x | ChangeLog | 4 | ||||
| -rw-r--r-- | server_privileges.php | 9 |
2 files changed, 7 insertions, 6 deletions
@@ -5,6 +5,10 @@ phpMyAdmin - ChangeLog $Id$ $Source$ +2006-05-17 Marc Delisle <lem9@users.sourceforge.net> + * server_privileges.php: bug #1478812, Add user (password containing + a backslash); also minor optimization + 2006-05-15 Marc Delisle <lem9@users.sourceforge.net> * libraries/Table.class.php: bug #1475949, removing the default value diff --git a/server_privileges.php b/server_privileges.php index 3f6a310985..aa887c76b0 100644 --- a/server_privileges.php +++ b/server_privileges.php @@ -764,15 +764,12 @@ if (!empty($adduser_submit) || !empty($change_copy)) { 'GRANT ' . join(', ', PMA_extractPrivInfo()) . ' ON *.* TO \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\''; if ($pred_password != 'none' && $pred_password != 'keep') { - $pma_pw_hidden = ''; - for ($i = 0; $i < strlen($pma_pw); $i++) { - $pma_pw_hidden .= '*'; - } + $pma_pw_hidden = str_repeat('*', strlen($pma_pw)); $sql_query = $real_sql_query . ' IDENTIFIED BY \'' . $pma_pw_hidden . '\''; - $real_sql_query .= ' IDENTIFIED BY \'' . $pma_pw . '\''; + $real_sql_query .= ' IDENTIFIED BY \'' . PMA_sqlAddslashes($pma_pw) . '\''; if ( isset( $create_user_real ) ) { $create_user_show = $create_user_real . ' IDENTIFIED BY \'' . $pma_pw_hidden . '\''; - $create_user_real .= ' IDENTIFIED BY \'' . $pma_pw . '\''; + $create_user_real .= ' IDENTIFIED BY \'' . PMA_sqlAddslashes($pma_pw) . '\''; } } else { if ($pred_password == 'keep' && !empty($password)) { |