Skip to content
Browse files

Change escape_string to quote

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@747 7c3ca157-0c34-0410-bff1-cbf682f78f5c
  • Loading branch information...
1 parent e905f85 commit 36a36560890bdce0a321a3ecf7e1559ef2435aa9 jakubvrana committed Jun 22, 2009
View
12 adminer/create.inc.php
@@ -32,20 +32,20 @@
$fields[] = "\n" . (!strlen($_GET["create"]) ? " " : (strlen($field["orig"]) ? "CHANGE " . idf_escape($field["orig"]) . " " : "ADD "))
. idf_escape($field["field"]) . process_type($field)
. ($field["null"] ? " NULL" : " NOT NULL") // NULL for timestamp
- . (strlen($_GET["create"]) && strlen($field["orig"]) && isset($orig_fields[$field["orig"]]["default"]) && $field["type"] != "timestamp" ? " DEFAULT '" . $dbh->escape_string($orig_fields[$field["orig"]]["default"]) . "'" : "") //! timestamp
+ . (strlen($_GET["create"]) && strlen($field["orig"]) && isset($orig_fields[$field["orig"]]["default"]) && $field["type"] != "timestamp" ? " DEFAULT " . $dbh->quote($orig_fields[$field["orig"]]["default"]) : "") //! timestamp
. ($key == $_POST["auto_increment_col"] ? " AUTO_INCREMENT$auto_increment_index" : "")
- . " COMMENT '" . $dbh->escape_string($field["comment"]) . "'"
+ . " COMMENT " . $dbh->quote($field["comment"])
. (strlen($_GET["create"]) ? " $after" : "")
;
$after = "AFTER " . idf_escape($field["field"]);
} elseif (strlen($field["orig"])) {
$fields[] = "\nDROP " . idf_escape($field["orig"]);
}
}
- $status = ($_POST["Engine"] ? "ENGINE='" . $dbh->escape_string($_POST["Engine"]) . "'" : "")
- . ($_POST["Collation"] ? " COLLATE '" . $dbh->escape_string($_POST["Collation"]) . "'" : "")
+ $status = ($_POST["Engine"] ? "ENGINE=" . $dbh->quote($_POST["Engine"]) : "")
+ . ($_POST["Collation"] ? " COLLATE " . $dbh->quote($_POST["Collation"]) : "")
. (strlen($_POST["Auto_increment"]) ? " AUTO_INCREMENT=" . intval($_POST["Auto_increment"]) : "")
- . " COMMENT='" . $dbh->escape_string($_POST["Comment"]) . "'"
+ . " COMMENT=" . $dbh->quote($_POST["Comment"])
;
if (in_array($_POST["partition_by"], $partition_by)) {
$partitions = array();
@@ -92,7 +92,7 @@
$row["name"] = $_GET["create"];
$row["fields"] = array_values($orig_fields);
if ($dbh->server_info >= 5.1) {
- $from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = '" . $dbh->escape_string($_GET["db"]) . "' AND TABLE_NAME = '" . $dbh->escape_string($_GET["create"]) . "'";
+ $from = "FROM information_schema.PARTITIONS WHERE TABLE_SCHEMA = " . $dbh->quote($_GET["db"]) . " AND TABLE_NAME = " . $dbh->quote($_GET["create"]);
$result = $dbh->query("SELECT PARTITION_METHOD, PARTITION_ORDINAL_POSITION, PARTITION_EXPRESSION $from ORDER BY PARTITION_ORDINAL_POSITION DESC LIMIT 1");
list($row["partition_by"], $row["partitions"], $row["partition"]) = $result->fetch_row();
$result->free();
View
4 adminer/database.inc.php
@@ -10,7 +10,7 @@
$failed = false;
foreach ($dbs as $db) {
if (count($dbs) == 1 || strlen($db)) { // ignore empty lines but always try to create single database
- if (!queries("CREATE DATABASE " . idf_escape($db) . ($_POST["collation"] ? " COLLATE '" . $dbh->escape_string($_POST["collation"]) . "'" : ""))) {
+ if (!queries("CREATE DATABASE " . idf_escape($db) . ($_POST["collation"] ? " COLLATE " . $dbh->quote($_POST["collation"]) : ""))) {
$failed = true;
}
$last = $db;
@@ -34,7 +34,7 @@
if (!$_POST["collation"]) {
redirect(substr($SELF, 0, -1));
}
- query_redirect("ALTER DATABASE " . idf_escape($_POST["name"]) . " COLLATE '" . $dbh->escape_string($_POST["collation"]) . "'", substr($SELF, 0, -1), lang('Database has been altered.'));
+ query_redirect("ALTER DATABASE " . idf_escape($_POST["name"]) . " COLLATE " . $dbh->quote($_POST["collation"]), substr($SELF, 0, -1), lang('Database has been altered.'));
}
}
page_header(strlen($_GET["db"]) ? lang('Alter database') : lang('Create database'), $error, array(), $_GET["db"]);
View
2 adminer/db.inc.php
@@ -80,7 +80,7 @@
if ($dbh->server_info >= 5) {
echo '<p><a href="' . htmlspecialchars($SELF) . 'createv=">' . lang('Create view') . "</a></p>\n";
echo "<h3>" . lang('Routines') . "</h3>\n";
- $result = $dbh->query("SELECT * FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA = '" . $dbh->escape_string($_GET["db"]) . "'");
+ $result = $dbh->query("SELECT * FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA = " . $dbh->quote($_GET["db"]));
if ($result->num_rows) {
echo "<table cellspacing='0'>\n";
while ($row = $result->fetch_assoc()) {
View
14 adminer/dump.inc.php
@@ -12,7 +12,7 @@ function tar_file($filename, $contents) {
function dump_triggers($table, $style) {
global $dbh;
if ($_POST["format"] != "csv" && $style && $dbh->server_info >= 5) {
- $result = $dbh->query("SHOW TRIGGERS LIKE '" . $dbh->escape_string(addcslashes($table, "%_")) . "'");
+ $result = $dbh->query("SHOW TRIGGERS LIKE " . $dbh->quote(addcslashes($table, "%_")));
if ($result->num_rows) {
echo "\nDELIMITER ;;\n";
while ($row = $result->fetch_assoc()) {
@@ -30,7 +30,7 @@ function dump_triggers($table, $style) {
if ($_POST["format"] != "csv") {
echo "SET NAMES utf8;\n";
echo "SET foreign_key_checks = 0;\n";
- echo "SET time_zone = '" . $dbh->escape_string($dbh->result($dbh->query("SELECT @@time_zone"))) . "';\n";
+ echo "SET time_zone = " . $dbh->quote($dbh->result($dbh->query("SELECT @@time_zone"))) . ";\n";
echo "\n";
}
@@ -50,7 +50,7 @@ function dump_triggers($table, $style) {
$out = "";
if ($dbh->server_info >= 5) {
foreach (array("FUNCTION", "PROCEDURE") as $routine) {
- $result = $dbh->query("SHOW $routine STATUS WHERE Db = '" . $dbh->escape_string($db) . "'");
+ $result = $dbh->query("SHOW $routine STATUS WHERE Db = " . $dbh->quote($db));
while ($row = $result->fetch_assoc()) {
$out .= ($style != 'DROP+CREATE' ? "DROP $routine IF EXISTS " . idf_escape($row["Name"]) . ";;\n" : "")
. $dbh->result($dbh->query("SHOW CREATE $routine " . idf_escape($row["Name"])), 2) . ";;\n\n";
@@ -121,11 +121,11 @@ function dump_triggers($table, $style) {
CASE _table_name<?php
$result = $dbh->query($query);
while ($row = $result->fetch_assoc()) {
- $comment = $dbh->escape_string($row["ENGINE"] == "InnoDB" ? preg_replace('~(?:(.+); )?InnoDB free: .*~', '\\1', $row["TABLE_COMMENT"]) : $row["TABLE_COMMENT"]);
+ $comment = $dbh->quote($row["ENGINE"] == "InnoDB" ? preg_replace('~(?:(.+); )?InnoDB free: .*~', '\\1', $row["TABLE_COMMENT"]) : $row["TABLE_COMMENT"]);
echo "
- WHEN '" . $dbh->escape_string($row["TABLE_NAME"]) . "' THEN
- " . (isset($row["ENGINE"]) ? "IF _engine != '$row[ENGINE]' OR _table_collation != '$row[TABLE_COLLATION]' OR _table_comment != '$comment' THEN
- ALTER TABLE " . idf_escape($row["TABLE_NAME"]) . " ENGINE=$row[ENGINE] COLLATE=$row[TABLE_COLLATION] COMMENT='$comment';
+ WHEN " . $dbh->quote($row["TABLE_NAME"]) . " THEN
+ " . (isset($row["ENGINE"]) ? "IF _engine != '$row[ENGINE]' OR _table_collation != '$row[TABLE_COLLATION]' OR _table_comment != $comment THEN
+ ALTER TABLE " . idf_escape($row["TABLE_NAME"]) . " ENGINE=$row[ENGINE] COLLATE=$row[TABLE_COLLATION] COMMENT=$comment;
END IF" : "BEGIN END") . ";";
}
$result->free();
View
14 adminer/event.inc.php
@@ -7,18 +7,18 @@
query_redirect("DROP EVENT " . idf_escape($_GET["event"]), substr($SELF, 0, -1), lang('Event has been dropped.'));
} elseif (in_array($_POST["INTERVAL_FIELD"], $intervals) && in_array($_POST["STATUS"], $statuses)) {
$schedule = "\nON SCHEDULE " . ($_POST["INTERVAL_VALUE"]
- ? "EVERY '" . $dbh->escape_string($_POST["INTERVAL_VALUE"]) . "' $_POST[INTERVAL_FIELD]"
- . ($_POST["STARTS"] ? " STARTS '" . $dbh->escape_string($_POST["STARTS"]) . "'" : "")
- . ($_POST["ENDS"] ? " ENDS '" . $dbh->escape_string($_POST["ENDS"]) . "'" : "") //! ALTER EVENT doesn't drop ENDS - MySQL bug #39173
- : "AT '" . $dbh->escape_string($_POST["STARTS"]) . "'"
+ ? "EVERY " . $dbh->quote($_POST["INTERVAL_VALUE"]) . " $_POST[INTERVAL_FIELD]"
+ . ($_POST["STARTS"] ? " STARTS " . $dbh->quote($_POST["STARTS"]) : "")
+ . ($_POST["ENDS"] ? " ENDS " . $dbh->quote($_POST["ENDS"]) : "") //! ALTER EVENT doesn't drop ENDS - MySQL bug #39173
+ : "AT " . $dbh->quote($_POST["STARTS"])
) . " ON COMPLETION" . ($_POST["ON_COMPLETION"] ? "" : " NOT") . " PRESERVE"
;
query_redirect((strlen($_GET["event"])
? "ALTER EVENT " . idf_escape($_GET["event"]) . $schedule
. ($_GET["event"] != $_POST["EVENT_NAME"] ? "\nRENAME TO " . idf_escape($_POST["EVENT_NAME"]) : "")
: "CREATE EVENT " . idf_escape($_POST["EVENT_NAME"]) . $schedule
- ) . "\n$_POST[STATUS] COMMENT '" . $dbh->escape_string($_POST["EVENT_COMMENT"])
- . "' DO\n$_POST[EVENT_DEFINITION]"
+ ) . "\n$_POST[STATUS] COMMENT " . $dbh->quote($_POST["EVENT_COMMENT"])
+ . " DO\n$_POST[EVENT_DEFINITION]"
, substr($SELF, 0, -1), (strlen($_GET["event"]) ? lang('Event has been altered.') : lang('Event has been created.')));
}
}
@@ -28,7 +28,7 @@
if ($_POST) {
$row = $_POST;
} elseif (strlen($_GET["event"])) {
- $result = $dbh->query("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = '" . $dbh->escape_string($_GET["db"]) . "' AND EVENT_NAME = '" . $dbh->escape_string($_GET["event"]) . "'");
+ $result = $dbh->query("SELECT * FROM information_schema.EVENTS WHERE EVENT_SCHEMA = " . $dbh->quote($_GET["db"]) . " AND EVENT_NAME = " . $dbh->quote($_GET["event"]));
$row = $result->fetch_assoc();
$row["STATUS"] = $statuses[$row["STATUS"]];
$result->free();
View
18 adminer/include/editing.inc.php
@@ -73,29 +73,29 @@ function process_input($name, $field) {
} elseif ($field["type"] == "enum" || $field["auto_increment"] ? !strlen($value) : $function == "NULL") {
return "NULL";
} elseif ($field["type"] == "enum") {
- return (isset($_GET["default"]) ? "'" . $dbh->escape_string($value) . "'" : intval($value));
+ return (isset($_GET["default"]) ? $dbh->quote($value) : intval($value));
} elseif ($field["type"] == "set") {
- return (isset($_GET["default"]) ? "'" . implode(",", array_map(array($dbh, 'escape_string'), (array) $value)) . "'" : array_sum((array) $value));
+ return (isset($_GET["default"]) ? "'" . implode(",", array_map('escape_string', (array) $value)) . "'" : array_sum((array) $value));
} elseif (preg_match('~binary|blob~', $field["type"])) {
$file = get_file($idf);
if (!is_string($file)) {
return false; //! report errors
}
- return "_binary'" . (is_string($file) ? $dbh->escape_string($file) : "") . "'";
+ return "_binary" . (is_string($file) ? $dbh->quote($file) : "");
} elseif ($field["type"] == "timestamp" && $value == "CURRENT_TIMESTAMP") {
return $value;
} elseif (preg_match('~^(now|uuid)$~', $function)) {
return "$function()";
} elseif (preg_match('~^[+-]$~', $function)) {
- return idf_escape($name) . " $function '" . $dbh->escape_string($value) . "'";
+ return idf_escape($name) . " $function " . $dbh->quote($value);
} elseif (preg_match('~^[+-] interval$~', $function)) {
- return idf_escape($name) . " $function " . (preg_match("~^([0-9]+|'[0-9.: -]') [A-Z_]+$~i", $value) ? $value : "'" . $dbh->escape_string($value) . "'");
+ return idf_escape($name) . " $function " . (preg_match("~^([0-9]+|'[0-9.: -]') [A-Z_]+$~i", $value) ? $value : $dbh->quote($value));
} elseif (preg_match('~^(addtime|subtime)$~', $function)) {
- return "$function(" . idf_escape($name) . ", '" . $dbh->escape_string($value) . "')";
+ return "$function(" . idf_escape($name) . ", " . $dbh->quote($value) . ")";
} elseif (preg_match('~^(md5|sha1|password)$~', $function)) {
- return "$function('" . $dbh->escape_string($value) . "')";
+ return "$function(" . $dbh->quote($value) . ")";
} else {
- return "'" . $dbh->escape_string($value) . "'";
+ return $dbh->quote($value);
}
}
@@ -116,7 +116,7 @@ function process_type($field, $collate = "COLLATE") {
return " $field[type]"
. ($field["length"] && !preg_match('~^date|time$~', $field["type"]) ? "(" . process_length($field["length"]) . ")" : "")
. (preg_match('~int|float|double|decimal~', $field["type"]) && in_array($field["unsigned"], $unsigned) ? " $field[unsigned]" : "")
- . (preg_match('~char|text|enum|set~', $field["type"]) && $field["collation"] ? " $collate '" . $dbh->escape_string($field["collation"]) . "'" : "")
+ . (preg_match('~char|text|enum|set~', $field["type"]) && $field["collation"] ? " $collate " . $dbh->quote($field["collation"]) : "")
;
}
View
60 adminer/include/export.inc.php
@@ -27,7 +27,7 @@ function dump_table($table, $style, $is_view = false) {
}
if ($style == "CREATE+ALTER" && !$is_view) {
// create procedure which iterates over original columns and adds new and removes old
- $query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = '" . $dbh->escape_string($table) . "' ORDER BY ORDINAL_POSITION";
+ $query = "SELECT COLUMN_NAME, COLUMN_DEFAULT, IS_NULLABLE, COLLATION_NAME, COLUMN_TYPE, EXTRA, COLUMN_COMMENT FROM information_schema.COLUMNS WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = " . $dbh->quote($table) . " ORDER BY ORDINAL_POSITION";
?>
DELIMITER ;;
CREATE PROCEDURE adminer_alter () BEGIN
@@ -38,27 +38,27 @@ function dump_table($table, $style, $is_view = false) {
DECLARE _column_comment varchar(255);
DECLARE done, set_after bool DEFAULT 0;
DECLARE add_columns text DEFAULT '<?php
-$fields = array();
-$result = $dbh->query($query);
-$after = "";
-while ($row = $result->fetch_assoc()) {
- $row["default"] = (isset($row["COLUMN_DEFAULT"]) ? "'" . $dbh->escape_string($row["COLUMN_DEFAULT"]) . "'" : "NULL");
- $row["after"] = $dbh->escape_string($after); //! rgt AFTER lft, lft AFTER id doesn't work
- $row["alter"] = $dbh->escape_string(idf_escape($row["COLUMN_NAME"])
- . " $row[COLUMN_TYPE]"
- . ($row["COLLATION_NAME"] ? " COLLATE $row[COLLATION_NAME]" : "")
- . (isset($row["COLUMN_DEFAULT"]) ? " DEFAULT $row[default]" : "")
- . ($row["IS_NULLABLE"] == "YES" ? "" : " NOT NULL")
- . ($row["EXTRA"] ? " $row[EXTRA]" : "")
- . ($row["COLUMN_COMMENT"] ? " COMMENT '" . $dbh->escape_string($row["COLUMN_COMMENT"]) . "'" : "")
- . ($after ? " AFTER " . idf_escape($after) : " FIRST")
- );
- echo ", ADD $row[alter]";
- $fields[] = $row;
- $after = $row["COLUMN_NAME"];
-}
-$result->free();
-?>';
+ $fields = array();
+ $result = $dbh->query($query);
+ $after = "";
+ while ($row = $result->fetch_assoc()) {
+ $row["default"] = (isset($row["COLUMN_DEFAULT"]) ? $dbh->quote($row["COLUMN_DEFAULT"]) : "NULL");
+ $row["after"] = $dbh->quote($after); //! rgt AFTER lft, lft AFTER id doesn't work
+ $row["alter"] = escape_string(idf_escape($row["COLUMN_NAME"])
+ . " $row[COLUMN_TYPE]"
+ . ($row["COLLATION_NAME"] ? " COLLATE $row[COLLATION_NAME]" : "")
+ . (isset($row["COLUMN_DEFAULT"]) ? " DEFAULT $row[default]" : "")
+ . ($row["IS_NULLABLE"] == "YES" ? "" : " NOT NULL")
+ . ($row["EXTRA"] ? " $row[EXTRA]" : "")
+ . ($row["COLUMN_COMMENT"] ? " COMMENT " . $dbh->quote($row["COLUMN_COMMENT"]) : "")
+ . ($after ? " AFTER " . idf_escape($after) : " FIRST")
+ );
+ echo ", ADD $row[alter]";
+ $fields[] = $row;
+ $after = $row["COLUMN_NAME"];
+ }
+ $result->free();
+ ?>';
DECLARE columns CURSOR FOR <?php echo $query; ?>;
DECLARE CONTINUE HANDLER FOR NOT FOUND SET done = 1;
SET @alter_table = '';
@@ -68,15 +68,15 @@ function dump_table($table, $style, $is_view = false) {
IF NOT done THEN
SET set_after = 1;
CASE _column_name<?php
-foreach ($fields as $row) {
- echo "
- WHEN '" . $dbh->escape_string($row["COLUMN_NAME"]) . "' THEN
+ foreach ($fields as $row) {
+ echo "
+ WHEN " . $dbh->quote($row["COLUMN_NAME"]) . " THEN
SET add_columns = REPLACE(add_columns, ', ADD $row[alter]', '');
- IF NOT (_column_default <=> $row[default]) OR _is_nullable != '$row[IS_NULLABLE]' OR _collation_name != '$row[COLLATION_NAME]' OR _column_type != '$row[COLUMN_TYPE]' OR _extra != '$row[EXTRA]' OR _column_comment != '" . $dbh->escape_string($row["COLUMN_COMMENT"]) . "' OR after != '$row[after]' THEN
+ IF NOT (_column_default <=> $row[default]) OR _is_nullable != '$row[IS_NULLABLE]' OR _collation_name != '$row[COLLATION_NAME]' OR _column_type != '$row[COLUMN_TYPE]' OR _extra != '$row[EXTRA]' OR _column_comment != " . $dbh->quote($row["COLUMN_COMMENT"]) . " OR after != $row[after] THEN
SET @alter_table = CONCAT(@alter_table, ', MODIFY $row[alter]');
END IF;"; //! don't replace in comment
-}
-?>
+ }
+ ?>
ELSE
SET @alter_table = CONCAT(@alter_table, ', DROP ', _column_name);
@@ -121,12 +121,12 @@ function dump_data($table, $style, $select = "") {
$insert = "INSERT INTO " . idf_escape($table) . " (" . implode(", ", array_map('idf_escape', array_keys($row))) . ") VALUES";
$row2 = array();
foreach ($row as $key => $val) {
- $row2[$key] = (isset($val) ? "'" . $dbh->escape_string($val) . "'" : "NULL");
+ $row2[$key] = (isset($val) ? $dbh->quote($val) : "NULL");
}
if ($style == "INSERT+UPDATE") {
$set = array();
foreach ($row as $key => $val) {
- $set[] = idf_escape($key) . " = " . (isset($val) ? "'" . $dbh->escape_string($val) . "'" : "NULL");
+ $set[] = idf_escape($key) . " = " . (isset($val) ? $dbh->quote($val) : "NULL");
}
echo "$insert (" . implode(", ", $row2) . ") ON DUPLICATE KEY UPDATE " . implode(", ", $set) . ";\n";
} else {
View
2 adminer/include/functions.inc.php
@@ -67,7 +67,7 @@ function where($where) {
$return = array();
foreach ((array) $where["where"] as $key => $val) {
$key = bracket_escape($key, "back");
- $return[] = (preg_match('~^[A-Z0-9_]+\\(`(?:[^`]+|``)+`\\)$~', $key) ? $key : idf_escape($key)) . " = BINARY '" . $dbh->escape_string($val) . "'"; //! enum and set, columns looking like functions
+ $return[] = (preg_match('~^[A-Z0-9_]+\\(`(?:[^`]+|``)+`\\)$~', $key) ? $key : idf_escape($key)) . " = BINARY " . $dbh->quote($val); //! enum and set, columns looking like functions
}
foreach ((array) $where["null"] as $key) {
$key = bracket_escape($key, "back");
View
23 adminer/include/mysql.inc.php
@@ -28,6 +28,10 @@ function result($result, $field = 0) {
return $row[$field];
}
+ function quote($string) {
+ return "'" . parent::escape_string($string) . "'";
+ }
+
// minification compatibility start
function select_db($database) {
return parent::select_db($database);
@@ -51,10 +55,6 @@ function store_result() {
function next_result() {
return parent::next_result();
}
-
- function escape_string($string) {
- return parent::escape_string($string);
- }
}
class Min_Result {
@@ -103,6 +103,10 @@ function connect($server, $username, $password) {
return (bool) $this->_link;
}
+ function quote($string) {
+ return "'" . mysql_real_escape_string($string, $this->_link) . "'";
+ }
+
function select_db($database) {
return mysql_select_db($database, $this->_link);
}
@@ -138,10 +142,6 @@ function result($result, $field = 0) {
}
return mysql_result($result->_result, 0, $field);
}
-
- function escape_string($string) {
- return mysql_real_escape_string($string, $this->_link);
- }
}
class Min_Result {
@@ -224,7 +224,7 @@ function get_databases() {
function table_status($table) {
global $dbh;
- $result = $dbh->query("SHOW TABLE STATUS LIKE '" . $dbh->escape_string(addcslashes($table, "%_")) . "'");
+ $result = $dbh->query("SHOW TABLE STATUS LIKE " . $dbh->quote(addcslashes($table, "%_")));
$return = $result->fetch_assoc(); // ()-> is not supported in PHP 4
$result->free();
return $return;
@@ -320,6 +320,11 @@ function collations() {
return $return;
}
+function escape_string($val) {
+ global $dbh;
+ return substr($dbh->quote($val), 1, -1);
+}
+
function table_comment(&$row) {
if ($row["Engine"] == "InnoDB") {
// ignore internal comment, unnecessary since MySQL 5.1.21
View
4 adminer/include/pdo.inc.php
@@ -55,8 +55,8 @@ function result($result, $field = 0) {
return $row[$field];
}
- function escape_string($string) {
- return substr($this->quote($string), 1, -1);
+ function quote($string) {
+ return parent::quote($string);
}
}
View
8 adminer/select.inc.php
@@ -34,16 +34,16 @@
$where = array(); // where expressions - will be joined by AND
foreach ($indexes as $i => $index) {
if ($index["type"] == "FULLTEXT" && strlen($_GET["fulltext"][$i])) {
- $where[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST ('" . $dbh->escape_string($_GET["fulltext"][$i]) . "'" . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")";
+ $where[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST (" . $dbh->quote($_GET["fulltext"][$i]) . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")";
}
}
foreach ((array) $_GET["where"] as $val) {
if (strlen("$val[col]$val[val]") && in_array($val["op"], $operators)) {
if ($val["op"] == "AGAINST") {
- $where[] = "MATCH (" . idf_escape($val["col"]) . ") AGAINST ('" . $dbh->escape_string($val["val"]) . "' IN BOOLEAN MODE)";
+ $where[] = "MATCH (" . idf_escape($val["col"]) . ") AGAINST (" . $dbh->quote($val["val"]) . " IN BOOLEAN MODE)";
} else {
$in = process_length($val["val"]);
- $cond = " $val[op]" . (ereg('NULL$', $val["op"]) ? "" : (ereg('IN$', $val["op"]) ? " (" . (strlen($in) ? $in : "NULL") . ")" : " '" . $dbh->escape_string($val["val"]) . "'")); //! this searches in numeric values too
+ $cond = " $val[op]" . (ereg('NULL$', $val["op"]) ? "" : (ereg('IN$', $val["op"]) ? " (" . (strlen($in) ? $in : "NULL") . ")" : " " . $dbh->quote($val["val"]))); //! this searches in numeric values too
if (strlen($val["col"])) {
$where[] = idf_escape($val["col"]) . $cond;
} else {
@@ -133,7 +133,7 @@
$cols = " (" . implode(", ", array_map('idf_escape', $matches2[1])) . ")";
} else {
foreach ($matches2[1] as $col) {
- $row[] = (!strlen($col) ? "NULL" : "'" . $dbh->escape_string(str_replace('""', '"', preg_replace('~^".*"$~s', '', $col))) . "'");
+ $row[] = (!strlen($col) ? "NULL" : $dbh->quote(str_replace('""', '"', preg_replace('~^".*"$~s', '', $col))));
}
$rows[] = "\n(" . implode(", ", $row) . ")";
}
View
2 adminer/table.inc.php
@@ -63,7 +63,7 @@
if ($dbh->server_info >= 5) {
echo "<h3>" . lang('Triggers') . "</h3>\n";
- $result = $dbh->query("SHOW TRIGGERS LIKE '" . $dbh->escape_string(addcslashes($_GET["table"], "%_")) . "'");
+ $result = $dbh->query("SHOW TRIGGERS LIKE " . $dbh->quote(addcslashes($_GET["table"], "%_")));
if ($result->num_rows) {
echo "<table cellspacing='0'>\n";
while ($row = $result->fetch_assoc()) {
View
2 adminer/trigger.inc.php
@@ -19,7 +19,7 @@
if ($_POST) {
$row = $_POST;
} elseif (strlen($_GET["name"])) {
- $result = $dbh->query("SHOW TRIGGERS WHERE `Trigger` = '" . $dbh->escape_string($_GET["name"]) . "'");
+ $result = $dbh->query("SHOW TRIGGERS WHERE `Trigger` = " . $dbh->quote($_GET["name"]));
$row = $result->fetch_assoc();
$result->free();
}
View
24 adminer/user.inc.php
@@ -35,7 +35,7 @@ function grant($grant, $columns) {
}
$grants = array();
$old_pass = "";
-if (isset($_GET["host"]) && ($result = $dbh->query("SHOW GRANTS FOR '" . $dbh->escape_string($_GET["user"]) . "'@'" . $dbh->escape_string($_GET["host"]) . "'"))) { //! Use information_schema for MySQL 5 - column names in column privileges are not escaped
+if (isset($_GET["host"]) && ($result = $dbh->query("SHOW GRANTS FOR " . $dbh->quote($_GET["user"]) . "@" . $dbh->quote($_GET["host"])))) { //! Use information_schema for MySQL 5 - column names in column privileges are not escaped
while ($row = $result->fetch_row()) {
if (preg_match('~GRANT (.*) ON (.*) TO ~', $row[0], $match) && preg_match_all('~ *([^(,]*[^ ,(])( *\\([^)]+\\))?~', $match[1], $matches, PREG_SET_ORDER)) { //! escape the part between ON and TO
foreach ($matches as $val) {
@@ -53,16 +53,16 @@ function grant($grant, $columns) {
}
if ($_POST && !$error) {
- $old_user = (isset($_GET["host"]) ? $dbh->escape_string($_GET["user"]) . "'@'" . $dbh->escape_string($_GET["host"]) : "");
- $new_user = $dbh->escape_string($_POST["user"]) . "'@'" . $dbh->escape_string($_POST["host"]);
- $pass = $dbh->escape_string($_POST["pass"]);
+ $old_user = (isset($_GET["host"]) ? $dbh->quote($_GET["user"]) . "@" . $dbh->quote($_GET["host"]) : "''");
+ $new_user = $dbh->quote($_POST["user"]) . "@" . $dbh->quote($_POST["host"]);
+ $pass = $dbh->quote($_POST["pass"]);
if ($_POST["drop"]) {
- query_redirect("DROP USER '$old_user'", $SELF . "privileges=", lang('User has been dropped.'));
+ query_redirect("DROP USER $old_user", $SELF . "privileges=", lang('User has been dropped.'));
} else {
if ($old_user == $new_user) {
- queries("SET PASSWORD FOR '$new_user' = " . ($_POST["hashed"] ? "'$pass'" : "PASSWORD('$pass')"));
+ queries("SET PASSWORD FOR $new_user = " . ($_POST["hashed"] ? $pass : "PASSWORD($pass)"));
} else {
- $error = !queries(($dbh->server_info < 5 ? "GRANT USAGE ON *.* TO" : "CREATE USER") . " '$new_user' IDENTIFIED BY" . ($_POST["hashed"] ? " PASSWORD" : "") . " '$pass'");
+ $error = !queries(($dbh->server_info < 5 ? "GRANT USAGE ON *.* TO" : "CREATE USER") . " $new_user IDENTIFIED BY" . ($_POST["hashed"] ? " PASSWORD" : "") . " $pass");
}
if (!$error) {
$revoke = array();
@@ -81,8 +81,8 @@ function grant($grant, $columns) {
unset($grants[$object]);
}
if (preg_match('~^(.+)\\s*(\\(.*\\))?$~U', $object, $match) && (
- ($grant && !queries("GRANT " . grant($grant, $match[2]) . " ON $match[1] TO '$new_user'")) //! SQL injection
- || ($revoke && !queries("REVOKE " . grant($revoke, $match[2]) . " ON $match[1] FROM '$new_user'"))
+ ($grant && !queries("GRANT " . grant($grant, $match[2]) . " ON $match[1] TO $new_user")) //! SQL injection
+ || ($revoke && !queries("REVOKE " . grant($revoke, $match[2]) . " ON $match[1] FROM $new_user"))
)) {
$error = true;
break;
@@ -91,18 +91,18 @@ function grant($grant, $columns) {
}
if (!$error && isset($_GET["host"])) {
if ($old_user != $new_user) {
- queries("DROP USER '$old_user'");
+ queries("DROP USER $old_user");
} elseif (!isset($_GET["grant"])) {
foreach ($grants as $object => $revoke) {
if (preg_match('~^(.+)(\\(.*\\))?$~U', $object, $match)) {
- queries("REVOKE " . grant(array_keys($revoke), $match[2]) . " ON $match[1] FROM '$new_user'");
+ queries("REVOKE " . grant(array_keys($revoke), $match[2]) . " ON $match[1] FROM $new_user");
}
}
}
}
query_redirect(queries(), $SELF . "privileges=", (isset($_GET["host"]) ? lang('User has been altered.') : lang('User has been created.')), !$error, false, $error);
if ($old_user != $new_user) {
- $dbh->query("DROP USER '$new_user'");
+ $dbh->query("DROP USER $new_user");
}
}
}

0 comments on commit 36a3656

Please sign in to comment.
Something went wrong with that request. Please try again.