From 8550db2d1163e9c2c0c5f3056e5a01f62f8fd667 Mon Sep 17 00:00:00 2001
From: Kamil Tekiela <tekiela246@gmail.com>
Date: Mon, 20 Mar 2023 16:09:32 +0000
Subject: [PATCH] Don't parse SQL if no tracking is in progress

Signed-off-by: Kamil Tekiela <tekiela246@gmail.com>
---
 libraries/classes/Tracker.php | 33 ++++++++++++++++++++++++++-------
 1 file changed, 26 insertions(+), 7 deletions(-)

diff --git a/libraries/classes/Tracker.php b/libraries/classes/Tracker.php
index fb97c6de329b..7eab74b63e43 100644
--- a/libraries/classes/Tracker.php
+++ b/libraries/classes/Tracker.php
@@ -7,6 +7,7 @@
 
 namespace PhpMyAdmin;
 
+use PhpMyAdmin\ConfigStorage\Features\TrackingFeature;
 use PhpMyAdmin\ConfigStorage\Relation;
 use PhpMyAdmin\Plugins\Export\ExportSql;
 use PhpMyAdmin\SqlParser\Parser;
@@ -836,8 +837,6 @@ public static function handleQuery($query): void
     {
         global $dbi;
 
-        $relation = new Relation($dbi);
-
         // If query is marked as untouchable, leave
         if (mb_strstr($query, '/*NOTRACK*/')) {
             return;
@@ -855,6 +854,16 @@ public static function handleQuery($query): void
             return;
         }
 
+        $relation = new Relation($GLOBALS['dbi']);
+        $trackingFeature = $relation->getRelationParameters()->trackingFeature;
+        if ($trackingFeature === null) {
+            return;
+        }
+
+        if (! self::isAnyTrackingInProgress($GLOBALS['dbi'], $trackingFeature, $dbname)) {
+            return;
+        }
+
         // Get some information about query
         $result = self::parseQuery($query);
 
@@ -917,11 +926,6 @@ public static function handleQuery($query): void
         // Add log information
         $query = self::getLogComment() . $query;
 
-        $trackingFeature = $relation->getRelationParameters()->trackingFeature;
-        if ($trackingFeature === null) {
-            return;
-        }
-
         // Mark it as untouchable
         $sqlQuery = sprintf(
             '/*NOTRACK*/' . "\n" . 'UPDATE %s.%s SET %s = CONCAT(%s, \'' . "\n" . '%s\'), `date_updated` = \'%s\'',
@@ -954,4 +958,19 @@ public static function handleQuery($query): void
 
         $dbi->queryAsControlUser($sqlQuery);
     }
+
+    private static function isAnyTrackingInProgress(
+        DatabaseInterface $dbi,
+        TrackingFeature $trackingFeature,
+        string $dbname
+    ): bool {
+        $sqlQuery = sprintf(
+            '/*NOTRACK*/ SELECT 1 FROM %s.%s WHERE tracking_active = 1 AND db_name = %s LIMIT 1',
+            Util::backquote($trackingFeature->database),
+            Util::backquote($trackingFeature->tracking),
+            "'" . $dbi->escapeString($dbname, DatabaseInterface::CONNECT_CONTROL) . "'"
+        );
+
+        return $dbi->queryAsControlUser($sqlQuery)->fetchValue() !== false;
+    }
 }