Hi all,
I've written a php script, called test.php, consisting of the following
statements:
<?php
error_reporting (E_ALL);
$query = $_GET['sql'];
echo $query;
?>
Using the script with 'small' values for the parameter sql works fine.
Although, using the script with the sql query as specified below
http://localhost/test.php?sql="S ELECT orders_id, customers_id,
customers_name, customers_compa ny, customers_stree t_address,
customers_subur b, customers_city, customers_postc ode, customers_state ,
customers_count ry, customers_telep hone, customers_email _address,
customers_addre ss_format_id, delivery_name, delivery_compan y,
delivery_street _address, delivery_suburb , delivery_city, delivery_postco de,
delivery_state, delivery_countr y, delivery_addres s_format_id, billing_name,
billing_company , billing_street_ address, billing_suburb, billing_city,
billing_postcod e, billing_state, billing_country , billing_address _format_id,
payment_method, cc_type, cc_owner, cc_number, cc_expires, last_modified,
date_purchased, orders_status, orders_date_fin ished, currency,
currency_value FROM orders where ((date_purchase d >= 18991230 and
last_modified is null) or last_modified >= 18991230 ) and orders_status in
(1,2,3) and ((date_purchase d <= 20071201203454 and last_modified is null) or
last_modified <= 20071201203454 ) and orders_id = 2 order by
date_purchased"
results in the following:
\"SELECT orders_id, customers_id, customers_name, customers_compa ny,
customers_stree t_address, customers_subur b, customers_city,
customers_postc ode, customers_state , customers_count ry, customers_telep hone,
customers_email _address, customers_addre ss_format_id, delivery_name,
delivery_compan y, delivery_street _address, delivery_suburb , delivery_city,
delivery_postco de, delivery_state, delivery_countr y,
delivery_addres s_format_id, billing_name, billing_company ,
billing_street_ address, billing_suburb, billing_city, billing_postcod e,
billing_state, billing_country , billing_address _format_id, payment_method,
cc_type, cc_owner, cc_number, cc_expires, last_modified, date_purchased,
orders_status, orders_date_fin ished, currency, currency_value FROM orders
where ((date_purchase d >= 18991230 and last_modified is null) or
last_modified >= 18991230 ) and orders_status in (1,2,3) and%2ÃnÃ
I do not understand why the value of the sql parameter is truncated. Any
help is appreciated!!
Thanks in advance!
I've written a php script, called test.php, consisting of the following
statements:
<?php
error_reporting (E_ALL);
$query = $_GET['sql'];
echo $query;
?>
Using the script with 'small' values for the parameter sql works fine.
Although, using the script with the sql query as specified below
http://localhost/test.php?sql="S ELECT orders_id, customers_id,
customers_name, customers_compa ny, customers_stree t_address,
customers_subur b, customers_city, customers_postc ode, customers_state ,
customers_count ry, customers_telep hone, customers_email _address,
customers_addre ss_format_id, delivery_name, delivery_compan y,
delivery_street _address, delivery_suburb , delivery_city, delivery_postco de,
delivery_state, delivery_countr y, delivery_addres s_format_id, billing_name,
billing_company , billing_street_ address, billing_suburb, billing_city,
billing_postcod e, billing_state, billing_country , billing_address _format_id,
payment_method, cc_type, cc_owner, cc_number, cc_expires, last_modified,
date_purchased, orders_status, orders_date_fin ished, currency,
currency_value FROM orders where ((date_purchase d >= 18991230 and
last_modified is null) or last_modified >= 18991230 ) and orders_status in
(1,2,3) and ((date_purchase d <= 20071201203454 and last_modified is null) or
last_modified <= 20071201203454 ) and orders_id = 2 order by
date_purchased"
results in the following:
\"SELECT orders_id, customers_id, customers_name, customers_compa ny,
customers_stree t_address, customers_subur b, customers_city,
customers_postc ode, customers_state , customers_count ry, customers_telep hone,
customers_email _address, customers_addre ss_format_id, delivery_name,
delivery_compan y, delivery_street _address, delivery_suburb , delivery_city,
delivery_postco de, delivery_state, delivery_countr y,
delivery_addres s_format_id, billing_name, billing_company ,
billing_street_ address, billing_suburb, billing_city, billing_postcod e,
billing_state, billing_country , billing_address _format_id, payment_method,
cc_type, cc_owner, cc_number, cc_expires, last_modified, date_purchased,
orders_status, orders_date_fin ished, currency, currency_value FROM orders
where ((date_purchase d >= 18991230 and last_modified is null) or
last_modified >= 18991230 ) and orders_status in (1,2,3) and%2ÃnÃ
I do not understand why the value of the sql parameter is truncated. Any
help is appreciated!!
Thanks in advance!
Comment