Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:71263 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 85927 invoked from network); 19 Jan 2014 02:52:32 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 19 Jan 2014 02:52:32 -0000 Authentication-Results: pb1.pair.com smtp.mail=willfitch@php.net; spf=unknown; sender-id=unknown Authentication-Results: pb1.pair.com header.from=willfitch@php.net; sender-id=unknown Received-SPF: unknown (pb1.pair.com: domain php.net does not designate 66.111.4.25 as permitted sender) X-PHP-List-Original-Sender: willfitch@php.net X-Host-Fingerprint: 66.111.4.25 out1-smtp.messagingengine.com Received: from [66.111.4.25] ([66.111.4.25:36182] helo=out1-smtp.messagingengine.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 47/84-61840-EED3BD25 for ; Sat, 18 Jan 2014 21:52:31 -0500 Received: from compute6.internal (compute6.nyi.mail.srv.osa [10.202.2.46]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id CA20620BE4; Sat, 18 Jan 2014 21:52:27 -0500 (EST) Received: from web6 ([10.202.2.216]) by compute6.internal (MEProxy); Sat, 18 Jan 2014 21:52:27 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:mime-version :content-transfer-encoding:content-type:in-reply-to:references :subject:date; s=smtpout; bh=uMjspynba0BisjMW7h/73LawXGE=; b=l9P Elaj7QMR8POisSyoOrEkFXr0uc4xbHUgcgsHo68iW6DslUTVHHcd7fw0TVH3nury jyKBx0bev4twGMoIMaX4Q5kw8SG8bjqI8eQl0ZEE75mIqraJejEjmH7+HCbY9YJa oJEIPN7QFaONfpPYTAXoi3xj8UabILrTgcPUlLSE= Received: by web6.nyi.mail.srv.osa (Postfix, from userid 99) id A66222969A5; Sat, 18 Jan 2014 21:52:27 -0500 (EST) Message-ID: <1390099947.26938.72538325.1FDD1F20@webmail.messagingengine.com> X-Sasl-Enc: HFG34rajDlmd6friKO9d+t2IW/kIG+2GrI2iBgHqQf3C 1390099947 To: Stas Malyshev , internals@lists.php.net MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-e8d433be In-Reply-To: <52DB310A.9040506@sugarcrm.com> References: <1390082096.14862.72482025.5D36E64F@webmail.messagingengine.com> <52DB2E4D.8000009@sugarcrm.com> <1390096353.18659.72527933.474C16A5@webmail.messagingengine.com> <52DB310A.9040506@sugarcrm.com> Date: Sat, 18 Jan 2014 18:52:27 -0800 Subject: Re: [PHP-DEV] Bug 62479 From: willfitch@php.net (Will Fitch) Hi! On Sat, Jan 18, 2014, at 05:57 PM, Stas Malyshev wrote: > Hi! > > > I see no comments from you. The only response I've seen from you was > > your asking me if the patch was ready (in comments on the bug). Can you > > please elaborate? > > The comment is right in the patch: > https://github.com/willfitch/php-src/commit/06170d344f6b3148d505afd8ae952d3439de9005 > but I have already repeated it here - from the code it follows that if > the password starts with ' or ends with ', it will not be encoded. Is > this correct behavior? My apologies for not seeing the comment in Github. I didn't get notified by email, so I didn't look. Starting with a quote would technically work, but ending would not (assuming you're throwing the password in from the DSN and not parameter). However, I'm not sure this edge is worth the CPU cycles for checking. Then again, I didn't expect to have a bug where single quotes are part of the password, so there's always a surprise. If you feel it's worth the overhead, I'll add in the additional logic. > -- > Stanislav Malyshev, Software Architect > SugarCRM: http://www.sugarcrm.com/ > (408)454-6900 ext. 227