Skip to content

Commit b061096

Browse files
committed
Avoid not neeedded urlencode/urldecode steps in multi submits
Signed-off-by: Michal Čihař <michal@cihar.com>
1 parent 6d4bd77 commit b061096

File tree

3 files changed

+5
-5
lines changed

3 files changed

+5
-5
lines changed

Diff for: libraries/DisplayResults.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -2788,7 +2788,7 @@ private function _getTableBody(
27882788
$whereClauseMap[$row_no][$this->__get('table')] = $where_clause;
27892789
$this->__set('whereClauseMap', $whereClauseMap);
27902790

2791-
$where_clause_html = urlencode($where_clause);
2791+
$where_clause_html = htmlspecialchars($where_clause);
27922792

27932793
// 1.2.1 Modify link(s) - update row case
27942794
if ($displayParts['edit_lnk'] == self::UPDATE_ROW) {

Diff for: libraries/mult_submits.lib.php

+2-2
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ function PMA_getUrlParams(
4444
if ($what == 'row_delete') {
4545
$_url_params['selected'][] = 'DELETE FROM '
4646
. PMA\libraries\Util::backquote($table)
47-
. ' WHERE ' . urldecode($sval) . ' LIMIT 1;';
47+
. ' WHERE ' . $sval . ' LIMIT 1;';
4848
} else {
4949
$_url_params['selected'][] = $sval;
5050
}
@@ -495,7 +495,7 @@ function PMA_getQueryFromSelected($what, $table, $selected, $views)
495495
// (it's not binlog friendly).
496496
// We don't need the clause because the calling panel permits
497497
// this feature only when there is a unique index.
498-
. ' WHERE ' . urldecode(htmlspecialchars($sval))
498+
. ' WHERE ' . htmlspecialchars($sval)
499499
. ';<br />';
500500
break;
501501
case 'drop_db':

Diff for: tbl_row_action.php

+2-2
Original file line numberDiff line numberDiff line change
@@ -86,7 +86,7 @@
8686
&& is_array($_REQUEST['rows_to_delete'])
8787
) {
8888
foreach ($_REQUEST['rows_to_delete'] as $i => $i_where_clause) {
89-
$where_clause[] = urldecode($i_where_clause);
89+
$where_clause[] = $i_where_clause;
9090
}
9191
}
9292
$active_page = 'tbl_change.php';
@@ -106,7 +106,7 @@
106106
&& is_array($_REQUEST['rows_to_delete'])
107107
) {
108108
foreach ($_REQUEST['rows_to_delete'] as $i => $i_where_clause) {
109-
$where_clause[] = urldecode($i_where_clause);
109+
$where_clause[] = $i_where_clause;
110110
}
111111
}
112112
$active_page = 'tbl_export.php';

0 commit comments

Comments
 (0)