Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

mysql_escape bug?

Discussion in 'General Discussion' started by Echelon17, Jun 5, 2006.

  1. Echelon17

    Echelon17 Well-Known Member

    Joined:
    May 21, 2006
    Messages:
    72
    Likes Received:
    0
    Trophy Points:
    156
    Hi guys,

    Using the Accounting PHP module I've got it setup so accounts are automatically created.
    However we've come across a potential bug.

    User specifies the password: random-!"#
    Account gets created.

    For some reason Cpanel appears to have stored it in the database as follows:

    random-!\"#

    Note the escape string before the double-quotes.
    Now, the user obviously originally entered it WITHOUT the quote, but in order to login they have to enter the password with the quote included.

    What gives?
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice