Hi Michal, I am trying to fix some issues with dbconfig-common before the freeze... (Hope I can get it to work).
On Mon, 16 Nov 2009 14:36:38 +0100 Michal Čihař <ni...@debian.org> wrote: > it looks like dbconfig-common does not escape database name. When user > enters something like foo-bar as database name, it is passed to MySQL > without escaping and it fails: > > mysql said: ERROR 1064 (42000) at line 1: You have an error in your SQL > syntax; check the manual that corresponds to your MySQL server version > for the right syntax to use near '-bar' at line 1 Is phpmyadmin (I assume you caught this error in that package) using a custom template or is it using the dbconfig-common templates? In the former case, this might be related or the same as bug 716841. Do you know how this field should be escaped (not only "-" but maybe other chars as well)? Do you know if other fields should be escaped? Are your strings quoted in the template? Paul
signature.asc
Description: OpenPGP digital signature
