Zend Framework

Zend_Db_Profiler::queryStart() uses unsafe method to examine query type.

Details

  • Type: Improvement Improvement
  • Status: Resolved Resolved
  • Priority: Minor Minor
  • Resolution: Fixed
  • Affects Version/s: None
  • Fix Version/s: 1.8.1
  • Component/s: Zend_Db_Profiler
  • Labels:
    None
  • Fix Version Priority:
    Nice to Have

Description

Zend_Db_Profiler::queryStart() takes the first 6 characters in the query string to determine which kind of query it is. This is unsafe because a query might for example start with a parenthesis.
Possible solution: check position of the words INSERT, DELETE, SELECT, and UPDATE. Whichever comes first decides what kind of query it is.

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Wil Sinclair added a comment -

Please categorize/fix as needed.

Show
Wil Sinclair added a comment - Please categorize/fix as needed.
Hide
Permalink
Wil Sinclair added a comment -

Reassigning as Ralph is the maintainer of Zend_Db

Show
Wil Sinclair added a comment - Reassigning as Ralph is the maintainer of Zend_Db
Hide
Permalink
Satoru Yoshida added a comment -

add ltrim() to queryText at SVN r15396 .

Show
Satoru Yoshida added a comment - add ltrim() to queryText at SVN r15396 .

People

Vote (0)
Watch (0)

Dates

  • Created:
    Updated:
    Resolved:

Time Tracking

Estimated:
10m
Original Estimate - 10 minutes
Remaining:
10m
Remaining Estimate - 10 minutes
Logged:
Not Specified
Time Spent - Not Specified
Atlassian JIRA (v4.4.3#663-r165197) | Report a problem
Powered by a free Atlassian JIRA open source license for Zend Framework. Try JIRA - bug tracking software for your team.