Skip to content
Browse files

Allow editing values with significant binary column (bug #3572781)

  • Loading branch information...
1 parent 8c91fd5 commit 2703eb960a61cc6b0d676816d33d82f45ba99be8 @vrana committed Dec 11, 2012
View
3 adminer/download.inc.php
@@ -1,6 +1,7 @@
<?php
$TABLE = $_GET["download"];
+$fields = fields($TABLE);
header("Content-Type: application/octet-stream");
header("Content-Disposition: attachment; filename=" . friendly_url("$TABLE-" . implode("_", $_GET["where"])) . "." . friendly_url($_GET["field"]));
-echo $connection->result("SELECT" . limit(idf_escape($_GET["field"]) . " FROM " . table($TABLE), " WHERE " . where($_GET), 1));
+echo $connection->result("SELECT" . limit(idf_escape($_GET["field"]) . " FROM " . table($TABLE), " WHERE " . where($_GET, $fields), 1));
exit; // don't output footer
View
2 adminer/drivers/mysql.inc.php
@@ -968,7 +968,7 @@ function convert_field($field) {
*/
function unconvert_field($field, $return) {
if (ereg("binary", $field["type"])) {
- $return = "unhex($return)";
+ $return = "UNHEX($return)";
}
if (ereg("geometry|point|linestring|polygon", $field["type"])) {
$return = "GeomFromText($return)";
View
4 adminer/edit.inc.php
@@ -1,8 +1,8 @@
<?php
$TABLE = $_GET["edit"];
-$where = (isset($_GET["select"]) ? (count($_POST["check"]) == 1 ? where_check($_POST["check"][0]) : "") : where($_GET));
-$update = (isset($_GET["select"]) ? $_POST["edit"] : $where);
$fields = fields($TABLE);
+$where = (isset($_GET["select"]) ? (count($_POST["check"]) == 1 ? where_check($_POST["check"][0], $fields) : "") : where($_GET, $fields));
+$update = (isset($_GET["select"]) ? $_POST["edit"] : $where);
foreach ($fields as $name => $field) {
if (!isset($field["privileges"][$update ? "update" : "insert"]) || $adminer->fieldName($field) == "") {
unset($fields[$name]);
View
10 adminer/include/functions.inc.php
@@ -329,14 +329,15 @@ function unique_array($row, $indexes) {
/** Create SQL condition from parsed query string
* @param array parsed query string
+* @param array
* @return string
*/
-function where($where) {
+function where($where, $fields = array()) {
global $jush;
$return = array();
foreach ((array) $where["where"] as $key => $val) {
$return[] = idf_escape(bracket_escape($key, 1)) // 1 - back
- . (($jush == "sql" && ereg('\\.', $val)) || $jush == "mssql" ? " LIKE " . exact_value(addcslashes($val, "%_\\")) : " = " . exact_value($val)) // LIKE because of floats, but slow with ints, in MS SQL because of text
+ . (($jush == "sql" && ereg('\\.', $val)) || $jush == "mssql" ? " LIKE " . exact_value(addcslashes($val, "%_\\")) : " = " . unconvert_field($fields[$key], exact_value($val))) // LIKE because of floats, but slow with ints, in MS SQL because of text
; //! enum and set
}
foreach ((array) $where["null"] as $key) {
@@ -347,12 +348,13 @@ function where($where) {
/** Create SQL condition from query string
* @param string
+* @param array
* @return string
*/
-function where_check($val) {
+function where_check($val, $fields = array()) {
parse_str($val, $check);
remove_slashes(array(&$check));
- return where($check);
+ return where($check, $fields);
}
/** Create query string where condition from value
View
8 adminer/select.inc.php
@@ -46,7 +46,7 @@
header("Content-Type: text/plain; charset=utf-8");
foreach ($_GET["val"] as $unique_idf => $row) {
$as = convert_field($fields[key($row)]);
- echo $connection->result("SELECT" . limit(($as ? $as : idf_escape(key($row))) . " FROM " . table($TABLE), " WHERE " . where_check($unique_idf) . ($where ? " AND " . implode(" AND ", $where) : "") . ($order ? " ORDER BY " . implode(", ", $order) : ""), 1));
+ echo $connection->result("SELECT" . limit(($as ? $as : idf_escape(key($row))) . " FROM " . table($TABLE), " WHERE " . where_check($unique_idf, $fields) . ($where ? " AND " . implode(" AND ", $where) : "") . ($order ? " ORDER BY " . implode(", ", $order) : ""), 1));
}
exit;
}
@@ -80,7 +80,7 @@
$union = array();
foreach ($_POST["check"] as $val) {
// where is not unique so OR can't be used
- $union[] = "(SELECT" . limit($from, "\nWHERE " . ($where ? implode(" AND ", $where) . " AND " : "") . where_check($val) . $group_by, 1) . ")";
+ $union[] = "(SELECT" . limit($from, "\nWHERE " . ($where ? implode(" AND ", $where) . " AND " : "") . where_check($val, $fields) . $group_by, 1) . ")";
}
$query = implode(" UNION ALL ", $union);
}
@@ -122,7 +122,7 @@
} else {
foreach ((array) $_POST["check"] as $val) {
// where is not unique so OR can't be used
- $result = queries($command . limit1($query, "\nWHERE " . where_check($val)));
+ $result = queries($command . limit1($query, "\nWHERE " . where_check($val, $fields)));
if (!$result) {
break;
}
@@ -152,7 +152,7 @@
$set[] = idf_escape($key) . " = " . (ereg('char|text', $fields[$key]["type"]) || $val != "" ? $adminer->processInput($fields[$key], $val) : "NULL");
}
$query = table($TABLE) . " SET " . implode(", ", $set);
- $where2 = " WHERE " . where_check($unique_idf) . ($where ? " AND " . implode(" AND ", $where) : "");
+ $where2 = " WHERE " . where_check($unique_idf, $fields) . ($where ? " AND " . implode(" AND ", $where) : "");
$result = queries("UPDATE" . ($is_group ? " $query$where2" : limit1($query, $where2))); // can change row on a different page without unique key
if (!$result) {
break;

0 comments on commit 2703eb9

Please sign in to comment.
Something went wrong with that request. Please try again.